Vulnerability-Lookup - Search a vulnerability

Vulnerability from fkie_nvd

Published

2024-10-23 18:15

Modified

2025-08-01 18:41

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Summary

A vulnerability in the TLS cryptography functionality of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to improper data validation during the TLS 1.3 handshake. An attacker could exploit this vulnerability by sending a crafted TLS 1.3 packet to an affected system through a TLS 1.3-enabled listening socket. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. Note: This vulnerability can also impact the integrity of a device by causing VPN HostScan communication failures or file transfer failures when Cisco ASA Software is upgraded using Cisco Adaptive Security Device Manager (ASDM).

References

▼	URL	Tags
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-tls-CWY6zXB	Vendor Advisory, Mitigation

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance_software	9.19.1
cisco	adaptive_security_appliance_software	9.19.1.5
cisco	adaptive_security_appliance_software	9.19.1.9
cisco	adaptive_security_appliance_software	9.19.1.12
cisco	adaptive_security_appliance_software	9.19.1.18
cisco	adaptive_security_appliance_software	9.19.1.22
cisco	adaptive_security_appliance_software	9.19.1.24
cisco	adaptive_security_appliance_software	9.19.1.27
cisco	adaptive_security_appliance_software	9.19.1.28
cisco	adaptive_security_appliance_software	9.19.1.31
cisco	adaptive_security_appliance_software	9.20.1
cisco	adaptive_security_appliance_software	9.20.1.5
cisco	adaptive_security_appliance_software	9.20.2
cisco	adaptive_security_appliance_software	9.20.2.10
cisco	adaptive_security_appliance_software	9.20.2.21
cisco	adaptive_security_appliance_software	9.20.2.22
cisco	adaptive_security_appliance_software	9.20.3
cisco	firepower_threat_defense	7.3.0
cisco	firepower_threat_defense	7.3.1
cisco	firepower_threat_defense	7.3.1.1
cisco	firepower_threat_defense	7.3.1.2
cisco	firepower_threat_defense	7.4.0
cisco	firepower_threat_defense	7.4.1
cisco	firepower_threat_defense	7.4.1.1
cisco	firepower_threat_defense	7.4.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEE52F59-AABA-4069-A909-64AD5DFD2B18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "20D7966E-B02B-48C8-BF96-723DD6C25314",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA618249-E76F-4104-9326-C9F2DC8DE3D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C925E1F-6BD9-4CD1-8AC4-4263A9094786",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5EE76D9-6D18-4823-B6B0-E1394A4D140C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F635946-586D-4DE2-927B-300CE569C596",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "459C11B9-ABA1-472A-8CDA-9C7B4E48E943",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.27:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA060112-E2D8-4EC5-8400-D8D189A119B5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3888BB0-B529-486C-8563-392BD1C5DFD5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.31:*:*:*:*:*:*:*",
              "matchCriteriaId": "43FE3FA7-8281-4BD9-A08B-8C79D369480E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B25468E3-03F9-4C2A-B82A-F87F4FCD57E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EC6F412-4A30-4E9A-B8DF-C4BF80E5C4B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA47E8EA-29F2-40F3-826E-E7295FFAD8C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.2.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4D303F8-E6AA-4F1C-9988-055EECD0A902",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.2.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DCBBA66-6D00-4D8B-86FE-81EF431A7806",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.2.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB768AFD-64C1-4AD4-8194-2A1D428BAC67",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B6648F1-B019-4A67-A1D6-9B8FD522E393",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBC0C3DC-4761-488A-90A9-6EA45EE61526",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "62EE065B-F8B6-4125-8486-B2EE0566B27A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5245DEF8-64BE-47C9-AA3C-DF3F7F92A89F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5A52991-802D-46FB-A508-5616BA1CEB78",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3E08AAC-9C5E-4D18-817C-C466D1D6C4DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "724A3B6F-DDAB-4A2F-8430-9E1F352D755F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.4.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDBF14DD-0654-47F3-A698-020397A1EAA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "8920FFA0-1F84-44FE-A776-4FFA654D8419",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the TLS cryptography functionality of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition.\r\n\r This vulnerability is due to improper data validation during the TLS 1.3 handshake. An attacker could exploit this vulnerability by sending a crafted TLS 1.3 packet to an affected system through a TLS 1.3-enabled listening socket. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.\r\n\r Note: This vulnerability can also impact the integrity of a device by causing VPN HostScan communication failures or file transfer failures when Cisco ASA Software is upgraded using Cisco Adaptive Security Device Manager (ASDM)."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la funcionalidad de criptograf\u00eda TLS del software Cisco Adaptive Security Appliance (ASA) y del software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir que un atacante remoto no autenticado haga que el dispositivo se recargue inesperadamente, lo que da como resultado una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Esta vulnerabilidad se debe a una validaci\u00f3n de datos incorrecta durante el protocolo de enlace TLS 1.3. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando un paquete TLS 1.3 manipulado a un sistema afectado a trav\u00e9s de un socket de escucha habilitado para TLS 1.3. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante haga que el dispositivo se recargue, lo que da como resultado una condici\u00f3n de denegaci\u00f3n de servicio. Nota: Esta vulnerabilidad tambi\u00e9n puede afectar la integridad de un dispositivo al provocar fallas de comunicaci\u00f3n de VPN HostScan o fallas de transferencia de archivos cuando se actualiza el software Cisco ASA mediante Cisco Adaptive Security Device Manager (ASDM)."
    }
  ],
  "id": "CVE-2024-20494",
  "lastModified": "2025-08-01T18:41:49.030",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-10-23T18:15:12.783",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory",
        "Mitigation"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-tls-CWY6zXB"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-1287"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2018-06-07 12:29

Modified

2025-01-27 21:31

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. It is also possible on certain software releases that the ASA will not reload, but an attacker could view sensitive system information without authentication by using directory traversal techniques. The vulnerability is due to lack of proper input validation of the HTTP URL. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. An exploit could allow the attacker to cause a DoS condition or unauthenticated disclosure of information. This vulnerability applies to IPv4 and IPv6 HTTP traffic. This vulnerability affects Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software that is running on the following Cisco products: 3000 Series Industrial Security Appliance (ISA), ASA 1000V Cloud Firewall, ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4100 Series Security Appliance, Firepower 9300 ASA Security Module, FTD Virtual (FTDv). Cisco Bug IDs: CSCvi16029.

References

URL	Tags
psirt@cisco.com	http://packetstormsecurity.com/files/154017/Cisco-Adaptive-Security-Appliance-Path-Traversal.html	Exploit, Third Party Advisory, VDB Entry
psirt@cisco.com	http://www.securityfocus.com/bid/104612	Third Party Advisory, VDB Entry
psirt@cisco.com	http://www.securitytracker.com/id/1041076	Third Party Advisory, VDB Entry
psirt@cisco.com	https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01	Third Party Advisory, US Government Resource
psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-asaftd	Vendor Advisory
psirt@cisco.com	https://www.exploit-db.com/exploits/44956/	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/154017/Cisco-Adaptive-Security-Appliance-Path-Traversal.html	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/104612	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1041076	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01	Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-asaftd	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.exploit-db.com/exploits/44956/	Exploit, Third Party Advisory, VDB Entry

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	8.1\(2.5\)
cisco	adaptive_security_appliance_software	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	6.2.3
cisco	firepower_threat_defense	6.2.3-85.02
cisco	firepower_threat_defense	6.2.3-851
cisco	firepower_threat_defense	6.2.3.1

JSON

To clipboard

{
  "cisaActionDue": "2022-05-03",
  "cisaExploitAdd": "2021-11-03",
  "cisaRequiredAction": "Apply updates per vendor instructions.",
  "cisaVulnerabilityName": "Cisco Adaptive Security Appliance (ASA) Denial-of-Service Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A35FC013-99CA-492C-BC76-9E59B2AECF6F",
              "versionEndExcluding": "9.1.7.29",
              "versionStartIncluding": "9.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "25E6D453-0A91-404A-8F6B-D142919ADB32",
              "versionEndExcluding": "9.2.4.33",
              "versionStartIncluding": "9.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "642ED379-43A2-4CA8-803F-7E63BABAF8E4",
              "versionEndExcluding": "9.4.4.18",
              "versionStartIncluding": "9.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1054B7C-1543-465C-A1B5-8D5DBC831245",
              "versionEndExcluding": "9.6.4.8",
              "versionStartIncluding": "9.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E17B131E-C405-4972-A048-860FBCDACE1A",
              "versionEndExcluding": "9.8.2.28",
              "versionStartIncluding": "9.8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "83AA09E7-73BA-49DD-B640-D25F0D87E9DD",
              "versionEndExcluding": "9.9.2.1",
              "versionStartIncluding": "9.9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance_software:8.1\\(2.5\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "196DA613-6892-4C8E-BD44-33E37278BB1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB1C340C-4DE6-4319-9273-E7E4D24183BE",
              "versionEndExcluding": "9.7.1.24",
              "versionStartIncluding": "9.7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5FC5F57-0626-4647-BAEF-2DDF95668277",
              "versionEndExcluding": "6.1.0",
              "versionStartIncluding": "6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "75879D6D-7583-4944-9B7B-41E4B9341A3F",
              "versionEndExcluding": "6.2.2.3",
              "versionStartIncluding": "6.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D726F07-06F1-4B0A-B010-E607E0C2A280",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3-85.02:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5B856A1-A199-4B35-BFCA-874CC3250DAF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3-851:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0E0AB23-AD0D-40B8-A16A-DB12EAD8E054",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FAD2427-82A3-4E64-ADB5-FA4F40B568F9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. It is also possible on certain software releases that the ASA will not reload, but an attacker could view sensitive system information without authentication by using directory traversal techniques. The vulnerability is due to lack of proper input validation of the HTTP URL. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. An exploit could allow the attacker to cause a DoS condition or unauthenticated disclosure of information. This vulnerability applies to IPv4 and IPv6 HTTP traffic. This vulnerability affects Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software that is running on the following Cisco products: 3000 Series Industrial Security Appliance (ISA), ASA 1000V Cloud Firewall, ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4100 Series Security Appliance, Firepower 9300 ASA Security Module, FTD Virtual (FTDv). Cisco Bug IDs: CSCvi16029."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la interfaz web de Cisco Adaptive Security Appliance (ASA) podr\u00eda permitir que un atacante remoto sin autenticar haga que el dispositivo afectado se reinicie inesperadamente y provoque una denegaci\u00f3n de servicio (DoS) como consecuencia. Tambi\u00e9n es posible en ciertas versiones del software que ASA no se recargue, pero un atacante podr\u00eda ver informaci\u00f3n sensible del sistema sin autenticaci\u00f3n mediante el uso de t\u00e9cnicas de salto de directorio. Esta vulnerabilidad se debe a la falta de validaci\u00f3n de entradas adecuada de la URL HTTP. Un atacante podr\u00eda explotar esta vulnerabilidad enviando una petici\u00f3n HTTP manipulada a un dispositivo afectado. Su explotaci\u00f3n podr\u00eda permitir a un atacante provocar una denegaci\u00f3n de servicio o la divulgaci\u00f3n no autenticada de informaci\u00f3n. Esta vulnerabilidad aplica al tr\u00e1fico HTTP IPv4 y IPv6. Esta vulnerabilidad afecta a las versiones de Cisco ASA Software y Cisco Firepower Threat Defense (FTD) Software que se ejecutan en los siguientes productos de Cisco: 3000 Series Industrial Security Appliance (ISA), ASA 1000V Cloud Firewall, ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4100 Series Security Appliance, Firepower 9300 ASA Security Module y FTD Virtual (FTDv). Cisco Bug IDs: CSCvi16029."
    }
  ],
  "id": "CVE-2018-0296",
  "lastModified": "2025-01-27T21:31:23.687",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-06-07T12:29:00.403",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/154017/Cisco-Adaptive-Security-Appliance-Path-Traversal.html"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/104612"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1041076"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-asaftd"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/44956/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/154017/Cisco-Adaptive-Security-Appliance-Path-Traversal.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/104612"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1041076"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-asaftd"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/44956/"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-05-06 17:15

Modified

2024-11-26 16:09

Severity ?

4.9 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

Summary

A vulnerability in the Image Signature Verification feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker with administrator-level credentials to install a malicious software patch on an affected device. The vulnerability is due to improper verification of digital signatures for patch images. An attacker could exploit this vulnerability by crafting an unsigned software patch to bypass signature checks and loading it on an affected device. A successful exploit could allow the attacker to boot a malicious software patch image.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sigbypass-FcvPPCeP	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sigbypass-FcvPPCeP	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	secure_firewall_management_center	6.2.2
cisco	secure_firewall_management_center	6.2.3

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBAC1652-DD0B-451A-B8CA-D55677918DE6",
              "versionEndExcluding": "6.2.2.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B5233F7-5743-467C-9C59-F5C51B47184A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "6175407A-207E-4844-B150-EA0129C4CBBD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the Image Signature Verification feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker with administrator-level credentials to install a malicious software patch on an affected device. The vulnerability is due to improper verification of digital signatures for patch images. An attacker could exploit this vulnerability by crafting an unsigned software patch to bypass signature checks and loading it on an affected device. A successful exploit could allow the attacker to boot a malicious software patch image."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la funcionalidad Image Signature Verification del Cisco Firepower Threat Defense (FTD) Software, podr\u00eda permitir a un atacante remoto autenticado con credenciales de nivel de administrador instalar un parche de software malicioso sobre un dispositivo afectado. La vulnerabilidad es debido a una verificaci\u00f3n inapropiada de firmas digitales para im\u00e1genes de parches. Un atacante podr\u00eda explotar esta vulnerabilidad al dise\u00f1ar un parche de software sin firmar para omitir las comprobaciones de firmas y cargarlo sobre un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir a un atacante iniciar una imagen de parche de software malicioso."
    }
  ],
  "id": "CVE-2020-3308",
  "lastModified": "2024-11-26T16:09:02.407",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "NONE",
          "baseScore": 4.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.9,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 3.6,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.9,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-05-06T17:15:13.387",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sigbypass-FcvPPCeP"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sigbypass-FcvPPCeP"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-347"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-347"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2023-11-01 18:15

Modified

2024-11-21 07:40

Severity ?

5.0 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Summary

A vulnerability in the remote access SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to bypass a configured multiple certificate authentication policy and connect using only a valid username and password. This vulnerability is due to improper error handling during remote access VPN authentication. An attacker could exploit this vulnerability by sending crafted requests during remote access VPN session establishment. A successful exploit could allow the attacker to bypass the configured multiple certificate authentication policy while retaining the privileges and permissions associated with the original connection profile.

References

▼	URL	Tags
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-multi-cert-dzA3h5PT	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-multi-cert-dzA3h5PT	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance_software	9.8.1
cisco	adaptive_security_appliance_software	9.8.1.5
cisco	adaptive_security_appliance_software	9.8.1.7
cisco	adaptive_security_appliance_software	9.8.2
cisco	adaptive_security_appliance_software	9.8.2.8
cisco	adaptive_security_appliance_software	9.8.2.14
cisco	adaptive_security_appliance_software	9.8.2.15
cisco	adaptive_security_appliance_software	9.8.2.17
cisco	adaptive_security_appliance_software	9.8.2.20
cisco	adaptive_security_appliance_software	9.8.2.24
cisco	adaptive_security_appliance_software	9.8.2.26
cisco	adaptive_security_appliance_software	9.8.2.28
cisco	adaptive_security_appliance_software	9.8.2.33
cisco	adaptive_security_appliance_software	9.8.2.35
cisco	adaptive_security_appliance_software	9.8.2.38
cisco	adaptive_security_appliance_software	9.8.3
cisco	adaptive_security_appliance_software	9.8.3.8
cisco	adaptive_security_appliance_software	9.8.3.11
cisco	adaptive_security_appliance_software	9.8.3.14
cisco	adaptive_security_appliance_software	9.8.3.16
cisco	adaptive_security_appliance_software	9.8.3.18
cisco	adaptive_security_appliance_software	9.8.3.21
cisco	adaptive_security_appliance_software	9.8.3.26
cisco	adaptive_security_appliance_software	9.8.3.29
cisco	adaptive_security_appliance_software	9.8.4.8
cisco	adaptive_security_appliance_software	9.8.4.10
cisco	adaptive_security_appliance_software	9.8.4.12
cisco	adaptive_security_appliance_software	9.8.4.15
cisco	adaptive_security_appliance_software	9.8.4.17
cisco	adaptive_security_appliance_software	9.8.4.20
cisco	adaptive_security_appliance_software	9.8.4.22
cisco	adaptive_security_appliance_software	9.8.4.25
cisco	adaptive_security_appliance_software	9.8.4.26
cisco	adaptive_security_appliance_software	9.8.4.29
cisco	adaptive_security_appliance_software	9.8.4.32
cisco	adaptive_security_appliance_software	9.8.4.33
cisco	adaptive_security_appliance_software	9.8.4.34
cisco	adaptive_security_appliance_software	9.8.4.35
cisco	adaptive_security_appliance_software	9.8.4.39
cisco	adaptive_security_appliance_software	9.8.4.40
cisco	adaptive_security_appliance_software	9.8.4.41
cisco	adaptive_security_appliance_software	9.8.4.43
cisco	adaptive_security_appliance_software	9.8.4.44
cisco	adaptive_security_appliance_software	9.8.4.45
cisco	adaptive_security_appliance_software	9.8.4.46
cisco	adaptive_security_appliance_software	9.8.4.48
cisco	adaptive_security_appliance_software	9.12.1
cisco	adaptive_security_appliance_software	9.12.1.2
cisco	adaptive_security_appliance_software	9.12.1.3
cisco	adaptive_security_appliance_software	9.12.2
cisco	adaptive_security_appliance_software	9.12.2.1
cisco	adaptive_security_appliance_software	9.12.2.4
cisco	adaptive_security_appliance_software	9.12.2.5
cisco	adaptive_security_appliance_software	9.12.2.9
cisco	adaptive_security_appliance_software	9.12.3
cisco	adaptive_security_appliance_software	9.12.3.2
cisco	adaptive_security_appliance_software	9.12.3.7
cisco	adaptive_security_appliance_software	9.12.3.9
cisco	adaptive_security_appliance_software	9.12.3.12
cisco	adaptive_security_appliance_software	9.12.4
cisco	adaptive_security_appliance_software	9.12.4.2
cisco	adaptive_security_appliance_software	9.12.4.4
cisco	adaptive_security_appliance_software	9.12.4.7
cisco	adaptive_security_appliance_software	9.12.4.8
cisco	adaptive_security_appliance_software	9.12.4.10
cisco	adaptive_security_appliance_software	9.12.4.13
cisco	adaptive_security_appliance_software	9.12.4.18
cisco	adaptive_security_appliance_software	9.12.4.24
cisco	adaptive_security_appliance_software	9.12.4.26
cisco	adaptive_security_appliance_software	9.12.4.29
cisco	adaptive_security_appliance_software	9.12.4.30
cisco	adaptive_security_appliance_software	9.12.4.35
cisco	adaptive_security_appliance_software	9.12.4.37
cisco	adaptive_security_appliance_software	9.12.4.38
cisco	adaptive_security_appliance_software	9.12.4.39
cisco	adaptive_security_appliance_software	9.12.4.40
cisco	adaptive_security_appliance_software	9.12.4.41
cisco	adaptive_security_appliance_software	9.12.4.47
cisco	adaptive_security_appliance_software	9.12.4.48
cisco	adaptive_security_appliance_software	9.12.4.50
cisco	adaptive_security_appliance_software	9.12.4.52
cisco	adaptive_security_appliance_software	9.12.4.54
cisco	adaptive_security_appliance_software	9.12.4.55
cisco	adaptive_security_appliance_software	9.12.4.56
cisco	adaptive_security_appliance_software	9.12.4.58
cisco	adaptive_security_appliance_software	9.14.1
cisco	adaptive_security_appliance_software	9.14.1.6
cisco	adaptive_security_appliance_software	9.14.1.10
cisco	adaptive_security_appliance_software	9.14.1.15
cisco	adaptive_security_appliance_software	9.14.1.19
cisco	adaptive_security_appliance_software	9.14.1.30
cisco	adaptive_security_appliance_software	9.14.2
cisco	adaptive_security_appliance_software	9.14.2.4
cisco	adaptive_security_appliance_software	9.14.2.8
cisco	adaptive_security_appliance_software	9.14.2.13
cisco	adaptive_security_appliance_software	9.14.2.15
cisco	adaptive_security_appliance_software	9.14.3
cisco	adaptive_security_appliance_software	9.14.3.1
cisco	adaptive_security_appliance_software	9.14.3.9
cisco	adaptive_security_appliance_software	9.14.3.11
cisco	adaptive_security_appliance_software	9.14.3.13
cisco	adaptive_security_appliance_software	9.14.3.15
cisco	adaptive_security_appliance_software	9.14.3.18
cisco	adaptive_security_appliance_software	9.14.4
cisco	adaptive_security_appliance_software	9.14.4.6
cisco	adaptive_security_appliance_software	9.14.4.7
cisco	adaptive_security_appliance_software	9.14.4.12
cisco	adaptive_security_appliance_software	9.14.4.13
cisco	adaptive_security_appliance_software	9.14.4.14
cisco	adaptive_security_appliance_software	9.14.4.15
cisco	adaptive_security_appliance_software	9.14.4.17
cisco	adaptive_security_appliance_software	9.14.4.22
cisco	adaptive_security_appliance_software	9.14.4.23
cisco	adaptive_security_appliance_software	9.15.1
cisco	adaptive_security_appliance_software	9.15.1.1
cisco	adaptive_security_appliance_software	9.15.1.7
cisco	adaptive_security_appliance_software	9.15.1.10
cisco	adaptive_security_appliance_software	9.15.1.15
cisco	adaptive_security_appliance_software	9.15.1.16
cisco	adaptive_security_appliance_software	9.15.1.17
cisco	adaptive_security_appliance_software	9.15.1.21
cisco	adaptive_security_appliance_software	9.16.1
cisco	adaptive_security_appliance_software	9.16.1.28
cisco	adaptive_security_appliance_software	9.16.2
cisco	adaptive_security_appliance_software	9.16.2.3
cisco	adaptive_security_appliance_software	9.16.2.7
cisco	adaptive_security_appliance_software	9.16.2.11
cisco	adaptive_security_appliance_software	9.16.2.13
cisco	adaptive_security_appliance_software	9.16.2.14
cisco	adaptive_security_appliance_software	9.16.3
cisco	adaptive_security_appliance_software	9.16.3.3
cisco	adaptive_security_appliance_software	9.16.3.14
cisco	adaptive_security_appliance_software	9.16.3.15
cisco	adaptive_security_appliance_software	9.16.3.19
cisco	adaptive_security_appliance_software	9.16.3.23
cisco	adaptive_security_appliance_software	9.16.4
cisco	adaptive_security_appliance_software	9.16.4.9
cisco	adaptive_security_appliance_software	9.16.4.14
cisco	adaptive_security_appliance_software	9.16.4.18
cisco	adaptive_security_appliance_software	9.16.4.19
cisco	adaptive_security_appliance_software	9.17.1
cisco	adaptive_security_appliance_software	9.17.1.7
cisco	adaptive_security_appliance_software	9.17.1.9
cisco	adaptive_security_appliance_software	9.17.1.10
cisco	adaptive_security_appliance_software	9.17.1.11
cisco	adaptive_security_appliance_software	9.17.1.13
cisco	adaptive_security_appliance_software	9.17.1.15
cisco	adaptive_security_appliance_software	9.17.1.20
cisco	adaptive_security_appliance_software	9.17.1.30
cisco	adaptive_security_appliance_software	9.18.1
cisco	adaptive_security_appliance_software	9.18.1.3
cisco	adaptive_security_appliance_software	9.18.2
cisco	adaptive_security_appliance_software	9.18.2.5
cisco	adaptive_security_appliance_software	9.18.2.7
cisco	adaptive_security_appliance_software	9.18.2.8
cisco	adaptive_security_appliance_software	9.18.3
cisco	adaptive_security_appliance_software	9.18.3.39
cisco	adaptive_security_appliance_software	9.18.3.46
cisco	adaptive_security_appliance_software	9.19.1
cisco	adaptive_security_appliance_software	9.19.1.5
cisco	adaptive_security_appliance_software	9.19.1.9
cisco	adaptive_security_appliance_software	9.19.1.12
cisco	firepower_threat_defense	6.2.3
cisco	firepower_threat_defense	6.2.3.1
cisco	firepower_threat_defense	6.2.3.2
cisco	firepower_threat_defense	6.2.3.3
cisco	firepower_threat_defense	6.2.3.4
cisco	firepower_threat_defense	6.2.3.5
cisco	firepower_threat_defense	6.2.3.6
cisco	firepower_threat_defense	6.2.3.7
cisco	firepower_threat_defense	6.2.3.8
cisco	firepower_threat_defense	6.2.3.9
cisco	firepower_threat_defense	6.2.3.10
cisco	firepower_threat_defense	6.2.3.11
cisco	firepower_threat_defense	6.2.3.12
cisco	firepower_threat_defense	6.2.3.13
cisco	firepower_threat_defense	6.2.3.14
cisco	firepower_threat_defense	6.2.3.15
cisco	firepower_threat_defense	6.2.3.16
cisco	firepower_threat_defense	6.2.3.17
cisco	firepower_threat_defense	6.2.3.18
cisco	firepower_threat_defense	6.4.0.5
cisco	firepower_threat_defense	6.4.0.6
cisco	firepower_threat_defense	6.4.0.7
cisco	firepower_threat_defense	6.4.0.8
cisco	firepower_threat_defense	6.4.0.9
cisco	firepower_threat_defense	6.4.0.10
cisco	firepower_threat_defense	6.4.0.11
cisco	firepower_threat_defense	6.4.0.12
cisco	firepower_threat_defense	6.4.0.13
cisco	firepower_threat_defense	6.4.0.14
cisco	firepower_threat_defense	6.4.0.15
cisco	firepower_threat_defense	6.4.0.16
cisco	firepower_threat_defense	6.6.0
cisco	firepower_threat_defense	6.6.0.1
cisco	firepower_threat_defense	6.6.1
cisco	firepower_threat_defense	6.6.3
cisco	firepower_threat_defense	6.6.4
cisco	firepower_threat_defense	6.6.5
cisco	firepower_threat_defense	6.6.5.1
cisco	firepower_threat_defense	6.6.5.2
cisco	firepower_threat_defense	6.6.7
cisco	firepower_threat_defense	6.6.7.1
cisco	firepower_threat_defense	6.7.0
cisco	firepower_threat_defense	6.7.0.1
cisco	firepower_threat_defense	6.7.0.2
cisco	firepower_threat_defense	6.7.0.3
cisco	firepower_threat_defense	7.0.0
cisco	firepower_threat_defense	7.0.0.1
cisco	firepower_threat_defense	7.0.1
cisco	firepower_threat_defense	7.0.1.1
cisco	firepower_threat_defense	7.0.2
cisco	firepower_threat_defense	7.0.2.1
cisco	firepower_threat_defense	7.0.3
cisco	firepower_threat_defense	7.0.4
cisco	firepower_threat_defense	7.0.5
cisco	firepower_threat_defense	7.1.0
cisco	firepower_threat_defense	7.1.0.1
cisco	firepower_threat_defense	7.1.0.2
cisco	firepower_threat_defense	7.1.0.3
cisco	firepower_threat_defense	7.2.0
cisco	firepower_threat_defense	7.2.0.1
cisco	firepower_threat_defense	7.2.1
cisco	firepower_threat_defense	7.2.2
cisco	firepower_threat_defense	7.2.3
cisco	firepower_threat_defense	7.2.4
cisco	firepower_threat_defense	7.3.0
cisco	firepower_threat_defense	7.3.1
cisco	firepower_threat_defense	7.3.1.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D482F818-0A8E-49D7-8E3E-0958019FA629",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E7BFB57-BC02-4930-A02F-83583E6A0FC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "026F1960-C879-4611-A60A-96311B63CCA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAF8B33E-0C95-467D-A865-0A234E69D0CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFF144F5-D933-4DE4-818C-001BD9E3958A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "00112ED3-FE7B-425B-9A28-1E5F2BC8BB01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDD491D5-FAAB-493F-91A6-D2F3B5F5970E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "1519F49D-588F-4B70-B38F-EF4F3E13FEAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "15354443-5EB7-4712-B2DE-61DB33830759",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "248D6B44-E134-4DEC-A947-636824E3FDFA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "0820A79C-F3EF-407F-9AC7-DCAB4CD39C89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D3E8805-85D2-4345-8076-039513209A31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "14BB907B-D75A-4F5E-B20D-5457A71A70EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "F118B803-4C55-436A-A136-0C1FEA49858F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.38:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A272121-408E-45F6-A2A1-0BA6EBC060A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "980CEA3B-5A81-4E8C-BEA3-DD31BE7DA2CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3910211-D4DB-4CA7-BBEA-DD8246FF10ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "C260BF30-7A33-4C70-9509-404856C93666",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF894850-39EC-4B57-BBFF-F1AB4F8389A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1FAFCF9-0ABE-483E-9604-329762BB7870",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "83DB4278-3126-4765-97C4-6C0A8C78DA78",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "174E631B-6099-47DE-8790-BBF4B7FDB8CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FE3538B-F612-4105-BFDE-A4B594482DCF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "3143B0FF-C855-485E-A908-E48974B1643C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "454DEA31-A607-4054-82D3-24A4FEB7358F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "57F0B213-8187-4465-84F1-FB8D92B36020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "E540771E-BA0B-42D1-8251-B576B0F142C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEC2A833-BECF-4000-A592-6113A84C2D20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "077F1416-924A-4D25-9CEE-3BD66A96A019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BDC8D92-D6E0-40EE-B190-D2B32C7DEB75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "23CD5619-E534-4F40-998D-39DC19FA0451",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5D0EB11-14B1-44B3-8D46-B9DD872F772C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FA399CF-12DB-42E0-A66F-14508B52A453",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B5A7608-E737-420E-9B5E-836600DAC701",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.32:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7EB6801-336D-4F41-ADE7-1C58C63C3F6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "8413DA41-02A5-4269-8C88-9DD5076AF91B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.34:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA00285F-6914-4749-8A47-FC4EDAFFF3C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "4AA4D367-32B9-4F54-8352-A959F61A1FDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "2259FF9E-0C8B-440F-B1AC-51BDE3F60E68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C522B55-904D-4C08-B73E-1457D877C0AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "4483056A-FBF3-4E00-81EB-1E97334EF240",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.43:*:*:*:*:*:*:*",
              "matchCriteriaId": "48677330-06AB-4C7F-B2AD-F7E465A9632A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.44:*:*:*:*:*:*:*",
              "matchCriteriaId": "7AEA80D2-5DB8-4334-9A88-7DDE395832C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.45:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB1C38A5-1028-4AD3-8CC7-A00091091E76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.46:*:*:*:*:*:*:*",
              "matchCriteriaId": "848147B2-C49A-43F6-9069-FC8885BDFDA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.48:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6FEF0DA-741E-4361-8143-068EB47D6520",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F002FD55-F881-450E-BC1B-8073E188F47E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA940C4F-13BB-465F-BB8D-CBD0109BF012",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B0434F5-9A50-4B57-9C5B-E09415D098C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE727035-06CB-4E37-A9D2-96BD54502120",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FE52B81-2CF8-48E5-A7BA-A163A25A669B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8E8D7C9-5272-40E6-869B-B33959F9F0CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE8D5D71-5C85-4644-8A84-F073549ADB50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "0790DDC2-7BA0-42DC-A157-754C0CBBE178",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "882394EA-70C8-4D86-9AEF-5D273D8E518C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "855AD3CC-F404-48C5-80D2-7F2765D16D72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "26B6BF72-9124-4213-B3C0-BD31B46E8C91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE8FBE89-8FDA-4B9B-BA1A-90FFD482A585",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "149C3872-8DA9-48DD-ADD0-2E84C1A76A40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2D33E8C-294A-4C43-8DB6-9DA9F61F0B3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E23ACB0-DF8B-4672-A819-4DCD3104CE4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4723B88-62BA-40E6-AA89-BAC02D6A036F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C698819-3C8E-4A16-8F52-42FF1E54C076",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D3CE74E-59E7-448A-8417-18F97C05C798",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "0986C171-0E75-4F6F-A9BD-276830104E5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "66A2777A-7831-4324-AEB2-5D93B5F6C04B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "37045680-9189-4B7F-A4F7-4E682FE20A09",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6C9F37B-CF3C-4861-A969-C7CF4946274A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A1DAF21-3FED-4691-9D4C-8FD8CEA7FB3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB938E58-4963-4A31-8836-88E958592B30",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E317897-EE97-44F3-96BB-E54228D72A7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EF7FAB2-158D-4C48-9246-E7AD3BF1D801",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.37:*:*:*:*:*:*:*",
              "matchCriteriaId": "056D43AE-ECDB-40D2-A196-18DDCD02629E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.38:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3E555F3-3580-4D71-8D8D-92FE72763D62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "93013503-8B9A-4160-AF7E-277958FA6E9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3B009FD-0F2B-4511-8EDF-C3E670623F89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "52579D8D-E855-42B3-B406-32DD1C39F721",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.47:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7E44FC6-12A2-4F76-A095-28F3804B619F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.48:*:*:*:*:*:*:*",
              "matchCriteriaId": "42917E5E-E362-4B40-B2B2-3C77BA35641C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.50:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF317FA3-EBF3-49BB-A9E6-0D4295FA3F60",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.52:*:*:*:*:*:*:*",
              "matchCriteriaId": "F98B1683-914F-43D3-AE1C-311D3A90BE8C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.54:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8D24656-CAB1-4A98-A440-482927FEDD16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.55:*:*:*:*:*:*:*",
              "matchCriteriaId": "E504557C-DA5D-4D0F-A813-4CE7D5109F15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.56:*:*:*:*:*:*:*",
              "matchCriteriaId": "04D2A067-C717-4921-BBF5-3EFBE02736EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.58:*:*:*:*:*:*:*",
              "matchCriteriaId": "36DDEC5B-4BEA-499C-9F34-BB3D39B7A963",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "52D83C3A-ED0B-42D5-A08A-97D27E189875",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "A649E319-D408-4AA2-8293-C9E37AF14BA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4187EFE-4D7E-4493-A6E0-24C98256CF79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "6730194F-5069-40AB-AE66-871D3992560C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E257F98-D1A0-4D28-9504-1749CC090D49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FF1A5FC-73BE-4218-86D9-2E81FA64EABD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E492943-6EC0-4E34-9DBC-DD1C2CF1CDCC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "589E46F3-8038-4B87-8C40-55C6268B82F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F3B73F6-139E-42DC-B895-DDD17B5A1138",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A2590E7-FE04-4B29-B36B-AABAA5F3B9AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E4FD5E3-7E82-4294-8B05-D2045D857029",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E998A4A-5346-4CFA-A617-FD1106C6B7A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "91265549-A16E-4A00-A031-4F1EB8D6881C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA3C316B-5485-4CDD-A1A1-6C0A9CB4719F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECE6D033-7B8B-4F61-B653-0C0EF13466EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "14441650-DAD5-4959-83DF-4D6F3D6A05FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B21ABC9-A64B-43E4-8951-1E6C0F427DBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "A48EC041-322F-422D-B95B-0FC07BDA2B6B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE0D50C0-DADB-4747-8649-8A5257111FE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEE2699F-353F-44CB-A778-981783DDC31F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D8E50BD-1FBD-483B-9C27-70E95C732E55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "F46E5E4F-787C-4C05-B1E7-C39BB9125D16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6A29312-38E7-456B-94DD-4D7329691114",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "27F7BB31-C733-4C32-BF0F-33B5AF020156",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC313568-33A6-435B-98FF-8A7091D9C451",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F85710A-28CE-4913-8523-356461908FBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6069950-016B-419A-B754-D58956CB6D14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A2F3FEC-624F-47C5-B056-836861BB038A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA0B9B73-A9E6-4924-9EAE-B57E534938FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "012812C4-EFF8-465F-A771-134BEB617CC9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "E06141A9-8C37-445A-B58A-45739AFE7D4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "7EDC09E5-51D3-4672-B910-B34A9CBD6128",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "71ED7A71-81CB-444C-A4ED-EA4A58D5E73C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "CAD13331-0EB8-4C8D-85CC-D96CA9F829AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "7137F22B-F993-4620-9378-9412DAEA9EF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "923A40E8-6456-4288-B9AB-DBF5F9C4246A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "13F57A86-6284-4269-823E-B30C57185D14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.1.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6560447-039C-40FA-A24D-C8994AC2743B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "378ED826-F5FE-40BA-9FC0-9C185A13518B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "130B6FD9-764D-4EF8-91AA-37E52AE9B3E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "225861CE-FFF8-4AFA-A07B-CB8D5BC9C361",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD08C4E8-3ADB-4048-9B3C-4F0385201523",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4875811-F209-49ED-B310-8377B2F87FF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "99C52C7B-B626-4A3C-A2EC-28A20E7FA95F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "08CCBF5E-257A-4A1F-8930-3643A9588838",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "782BC9ED-1395-472B-9F34-DED812AA5BFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "153449C0-B93F-49A2-8A6A-BE84305E8D2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "853A002C-839A-4372-8485-750A86E9F6E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "C62BB5D6-CE75-4C83-82DC-4148EF8CB1F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "D32F1365-EAF8-4570-B2FF-45E47E8586F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFD07F9B-6BB3-4423-8DBE-4E89A6478E65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "34FE4F28-B704-4325-AE8A-C790163FEE71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "E832BC0C-8439-4779-9064-C2D93F231031",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA99DF94-D031-4375-9A16-306606FE28F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC149D03-5609-46E6-A1B3-F4D91F282B49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "27ACBA2A-87A7-4836-A474-AFD7D22F820D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "C73E0B2E-BABF-4998-A1D7-4E803F9D78AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "59306ADF-FAA6-4970-ADFB-C5D9A5AEF1AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "959107AC-E9EC-467C-901B-A3164E3762E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F944F8F-0255-42BE-BD44-D21EC9F0FFC4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F39C535-5A41-47CE-A9CF-B360998D4BF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9CEAEFC-7B82-41F9-A09D-C86A3A60A4FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "40FAC31D-19C0-4BA0-A019-C7E7A0BA0B5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "6CAAFE0F-416F-4BCA-BA37-30EAEADA8AFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BA16A6D-2747-4DAC-A30A-166F1FD906FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "289F9874-FC01-4809-9BDA-1AF583FB60B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "74EDFC67-E4EE-4D2C-BF9F-5881C987C662",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "826869BE-4874-4BBA-9392-14851560BA10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF52D477-3045-45D1-9FD3-12F396266463",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "88E310BF-F1F6-4124-A875-81967B9B531E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B330F8F-F0DA-472C-A932-AD1D232C7DB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BF59DAA-268C-4FCF-A0AA-7967128AEBC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.46:*:*:*:*:*:*:*",
              "matchCriteriaId": "140ED95D-173C-4ADB-A2E6-97F0D595D1AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEE52F59-AABA-4069-A909-64AD5DFD2B18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "20D7966E-B02B-48C8-BF96-723DD6C25314",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA618249-E76F-4104-9326-C9F2DC8DE3D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C925E1F-6BD9-4CD1-8AC4-4263A9094786",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D726F07-06F1-4B0A-B010-E607E0C2A280",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FAD2427-82A3-4E64-ADB5-FA4F40B568F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "08D5A647-AC21-40AC-8B3C-EE5D3EDA038A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BAE999A-5244-46CF-8C12-D68E789BDEE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6468D3D-C5A7-4FAE-B4B9-AD862CD11055",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6E4808D-592E-46A6-A83A-A46227D817B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AB45136-ACCD-4230-8975-0EBB30D5B375",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2C39AC1-1B96-4253-9FC8-4CC26D6261F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE9102C8-F211-4E50-967F-FD51C7FC904F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4933642-89E5-4909-AD3C-862CD3B77790",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9A6C776-79B3-47ED-B013-100B8F08E1C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "E504F28A-44CE-4B3E-9330-6A98728E3AEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEA0DD43-D206-4C1C-8B17-DA47F96B3BAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "1983172D-4F52-479F-BF14-A84B92D36864",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "4122D982-A57A-4249-A8DC-CE9FC6C98803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "96464380-F665-4266-B0AD-693E078C9F82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C230B8A-570D-4F58-83E1-AFA50B813EA4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD3F39CB-C4C2-4B13-94F0-9E44322314BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "59A71873-0EB2-418F-AE33-8474A1010FA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7026F0E-72A7-4CDF-BADC-E34FE6FADC51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "63B85369-FBAE-456C-BC99-5418B043688A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "86434346-D5F0-49BA-803E-244C3266E361",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2FA7B3C-002D-4755-B323-CA24B770A5B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1CB7EBC-F3D5-4855-A8D8-BA5AB21FD719",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2A5530C-DF29-421B-9712-3454C1769446",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "41170977-FEEA-4B51-BF98-8493096CD691",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "B05791F9-0B31-4C4C-A9BA-9268CAA45FB2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D975CBA-7F01-4A4C-991B-9571410C4F07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6D7AF29-4E08-4BFD-AFE0-994309E66F08",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2EFA476-5021-4A00-859E-1643009D6156",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6E3A5DC-A237-46E4-A4E5-F135482F984A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCD69468-8067-4A5D-B2B0-EC510D889AA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "20AE4051-FA3B-4F0B-BD3D-083A14269FF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "46A42D07-FF3E-41B4-BA39-3A5BDA4E0E61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3985EA37-2B77-45F2-ABA5-5CCC7B35CA2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "67FB5ABE-3C40-4C58-B91F-0621C2180FAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "53909FD6-EC74-4D2F-99DA-26E70400B53F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "55FE024D-0D43-40AD-9645-8C54ECF17824",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC411A8D-CD39-46F5-B8FC-6753E618FAEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "D46E2E00-BA86-4002-B67B-2C1A6C1AAAE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "91AD8BA2-EB8D-4D8B-B707-AF5C2A831998",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "85F22403-B4EE-4303-9C94-915D3E0AC944",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "828E3DE1-B62E-4FEC-AAD3-EB0E452C9CBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "596EC5DD-D7F4-44C8-B4B5-E2DC142FC486",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C356E0E6-5B87-40CF-996E-6FFEDFD82A31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBCA75A6-0A3E-4393-8884-9F3CE190641E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F3C12D3-7662-46C5-9E88-D1BE6CF605E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "046B53A0-6BC1-461A-9C28-C534CE12C4BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA889E1-4E8F-4ECE-88AC-7A240D5CBF0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D1C767F-3E06-43B7-A0CC-D51D97A053EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "43A950B0-A7CA-4CE7-A393-A18C8C41B08E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7E221CB-BD0F-4AEE-8646-998B75647714",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "225382DE-2919-48F4-9CC0-DE685EAAFDF4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBA2DFE7-F478-46EC-9832-4B2C738FC879",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D619BF54-1BA9-45D0-A876-92D7010088A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "469EA365-DED5-4436-AAC2-5553529DE700",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D94F400-5A35-41F5-B37F-E9DA6F87ED8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5364CB94-BEA3-4E9A-A2F9-EE96A2D7F8AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FD5D12-CF1A-4990-99B3-1840EFBA5611",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCD2D11D-FF08-44E4-BF67-D8DD1E701FCD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F788D156-1F1F-4A08-848B-257BC4CCE000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "795ED164-7800-4D50-8E37-665BE30190D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B0664B8-1670-4F47-A01E-089D05A9618A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6826018-5620-4924-BE92-6A245378F610",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBC0C3DC-4761-488A-90A9-6EA45EE61526",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "62EE065B-F8B6-4125-8486-B2EE0566B27A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5245DEF8-64BE-47C9-AA3C-DF3F7F92A89F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the remote access SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to bypass a configured multiple certificate authentication policy and connect using only a valid username and password. This vulnerability is due to improper error handling during remote access VPN authentication. An attacker could exploit this vulnerability by sending crafted requests during remote access VPN session establishment. A successful exploit could allow the attacker to bypass the configured multiple certificate authentication policy while retaining the privileges and permissions associated with the original connection profile."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la funci\u00f3n VPN SSL de acceso remoto del software Cisco Adaptive Security Appliance (ASA) y el software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir a un atacante remoto autenticado omita una pol\u00edtica de autenticaci\u00f3n de m\u00faltiples certificados configurada y conectarse usando solo un nombre de usuario v\u00e1lido y contrase\u00f1a. Esta vulnerabilidad se debe a un manejo inadecuado de errores durante la autenticaci\u00f3n de VPN de acceso remoto. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando solicitudes manipuladas durante el establecimiento de una sesi\u00f3n VPN de acceso remoto. Un exploit exitoso podr\u00eda permitir al atacante omitir la pol\u00edtica de autenticaci\u00f3n de m\u00faltiples certificados configurada y al mismo tiempo conservar los privilegios y permisos asociados con el perfil de conexi\u00f3n original."
    }
  ],
  "id": "CVE-2023-20247",
  "lastModified": "2024-11-21T07:40:59.200",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.1,
        "impactScore": 1.4,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-11-01T18:15:09.643",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-multi-cert-dzA3h5PT"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-multi-cert-dzA3h5PT"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-288"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2022-08-10 17:15

Modified

2024-11-21 06:43

Severity ?

4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Summary

A vulnerability in the VPN web client services component of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct browser-based attacks against users of an affected device. This vulnerability is due to improper validation of input that is passed to the VPN web client services component before being returned to the browser that is in use. An attacker could exploit this vulnerability by persuading a user to visit a website that is designed to pass malicious requests to a device that is running Cisco ASA Software or Cisco FTD Software and has web services endpoints supporting VPN features enabled. A successful exploit could allow the attacker to reflect malicious input from the affected device to the browser that is in use and conduct browser-based attacks, including cross-site scripting attacks. The attacker could not directly impact the affected device.

References

▼	URL	Tags
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-webvpn-LOeKsNmO	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-webvpn-LOeKsNmO	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	6.2.3
cisco	firepower_threat_defense	6.2.3.1
cisco	firepower_threat_defense	6.2.3.2
cisco	firepower_threat_defense	6.2.3.3
cisco	firepower_threat_defense	6.2.3.4
cisco	firepower_threat_defense	6.2.3.5
cisco	firepower_threat_defense	6.2.3.6
cisco	firepower_threat_defense	6.2.3.7
cisco	firepower_threat_defense	6.2.3.8
cisco	firepower_threat_defense	6.2.3.9
cisco	firepower_threat_defense	6.2.3.10
cisco	firepower_threat_defense	6.2.3.11
cisco	firepower_threat_defense	6.2.3.12
cisco	firepower_threat_defense	6.2.3.13
cisco	firepower_threat_defense	6.2.3.14
cisco	firepower_threat_defense	6.2.3.15
cisco	firepower_threat_defense	6.2.3.16
cisco	firepower_threat_defense	6.2.3.17
cisco	firepower_threat_defense	6.2.3.18
cisco	firepower_threat_defense	6.4.0
cisco	firepower_threat_defense	6.4.0.1
cisco	firepower_threat_defense	6.4.0.2
cisco	firepower_threat_defense	6.4.0.3
cisco	firepower_threat_defense	6.4.0.4
cisco	firepower_threat_defense	6.4.0.5
cisco	firepower_threat_defense	6.4.0.6
cisco	firepower_threat_defense	6.4.0.7
cisco	firepower_threat_defense	6.4.0.8
cisco	firepower_threat_defense	6.4.0.9
cisco	firepower_threat_defense	6.4.0.10
cisco	firepower_threat_defense	6.4.0.11
cisco	firepower_threat_defense	6.4.0.12
cisco	firepower_threat_defense	6.4.0.13
cisco	firepower_threat_defense	6.4.0.14
cisco	firepower_threat_defense	6.4.0.15
cisco	firepower_threat_defense	6.4.0.16
cisco	firepower_threat_defense	6.6.0
cisco	firepower_threat_defense	6.6.0.1
cisco	firepower_threat_defense	6.6.1
cisco	firepower_threat_defense	6.6.3
cisco	firepower_threat_defense	6.6.4
cisco	firepower_threat_defense	6.6.5
cisco	firepower_threat_defense	6.6.5.1
cisco	firepower_threat_defense	6.6.5.2
cisco	firepower_threat_defense	6.6.7
cisco	firepower_threat_defense	6.6.7.1
cisco	firepower_threat_defense	6.7.0
cisco	firepower_threat_defense	6.7.0.1
cisco	firepower_threat_defense	6.7.0.2
cisco	firepower_threat_defense	6.7.0.3
cisco	firepower_threat_defense	7.0.0
cisco	firepower_threat_defense	7.0.0.1
cisco	firepower_threat_defense	7.0.1
cisco	firepower_threat_defense	7.0.1.1
cisco	firepower_threat_defense	7.0.2
cisco	firepower_threat_defense	7.0.2.1
cisco	firepower_threat_defense	7.0.3
cisco	firepower_threat_defense	7.0.4
cisco	firepower_threat_defense	7.0.5
cisco	firepower_threat_defense	7.1.0
cisco	firepower_threat_defense	7.1.0.1
cisco	firepower_threat_defense	7.1.0.2
cisco	firepower_threat_defense	7.1.0.3
cisco	firepower_threat_defense	7.2.0
cisco	firepower_threat_defense	7.2.0.1
cisco	firepower_threat_defense	7.2.1
cisco	firepower_threat_defense	7.2.2
cisco	firepower_threat_defense	7.2.3
cisco	firepower_threat_defense	7.3.0
cisco	firepower_threat_defense	7.3.1
cisco	firepower_threat_defense	7.3.1.1
cisco	adaptive_security_appliance_software	9.8.1
cisco	adaptive_security_appliance_software	9.8.1.5
cisco	adaptive_security_appliance_software	9.8.1.7
cisco	adaptive_security_appliance_software	9.8.2
cisco	adaptive_security_appliance_software	9.8.2.8
cisco	adaptive_security_appliance_software	9.8.2.14
cisco	adaptive_security_appliance_software	9.8.2.15
cisco	adaptive_security_appliance_software	9.8.2.17
cisco	adaptive_security_appliance_software	9.8.2.20
cisco	adaptive_security_appliance_software	9.8.2.24
cisco	adaptive_security_appliance_software	9.8.2.26
cisco	adaptive_security_appliance_software	9.8.2.28
cisco	adaptive_security_appliance_software	9.8.2.33
cisco	adaptive_security_appliance_software	9.8.2.35
cisco	adaptive_security_appliance_software	9.8.2.38
cisco	adaptive_security_appliance_software	9.8.3
cisco	adaptive_security_appliance_software	9.8.3.8
cisco	adaptive_security_appliance_software	9.8.3.11
cisco	adaptive_security_appliance_software	9.8.3.14
cisco	adaptive_security_appliance_software	9.8.3.16
cisco	adaptive_security_appliance_software	9.8.3.18
cisco	adaptive_security_appliance_software	9.8.3.21
cisco	adaptive_security_appliance_software	9.8.3.26
cisco	adaptive_security_appliance_software	9.8.3.29
cisco	adaptive_security_appliance_software	9.8.4
cisco	adaptive_security_appliance_software	9.8.4.3
cisco	adaptive_security_appliance_software	9.8.4.7
cisco	adaptive_security_appliance_software	9.8.4.8
cisco	adaptive_security_appliance_software	9.8.4.10
cisco	adaptive_security_appliance_software	9.8.4.12
cisco	adaptive_security_appliance_software	9.8.4.15
cisco	adaptive_security_appliance_software	9.8.4.17
cisco	adaptive_security_appliance_software	9.8.4.20
cisco	adaptive_security_appliance_software	9.8.4.22
cisco	adaptive_security_appliance_software	9.8.4.25
cisco	adaptive_security_appliance_software	9.8.4.26
cisco	adaptive_security_appliance_software	9.8.4.29
cisco	adaptive_security_appliance_software	9.8.4.32
cisco	adaptive_security_appliance_software	9.8.4.33
cisco	adaptive_security_appliance_software	9.8.4.34
cisco	adaptive_security_appliance_software	9.8.4.35
cisco	adaptive_security_appliance_software	9.8.4.39
cisco	adaptive_security_appliance_software	9.8.4.40
cisco	adaptive_security_appliance_software	9.8.4.41
cisco	adaptive_security_appliance_software	9.8.4.43
cisco	adaptive_security_appliance_software	9.8.4.44
cisco	adaptive_security_appliance_software	9.8.4.45
cisco	adaptive_security_appliance_software	9.8.4.46
cisco	adaptive_security_appliance_software	9.12.1
cisco	adaptive_security_appliance_software	9.12.1.2
cisco	adaptive_security_appliance_software	9.12.1.3
cisco	adaptive_security_appliance_software	9.12.2
cisco	adaptive_security_appliance_software	9.12.2.1
cisco	adaptive_security_appliance_software	9.12.2.4
cisco	adaptive_security_appliance_software	9.12.2.5
cisco	adaptive_security_appliance_software	9.12.2.9
cisco	adaptive_security_appliance_software	9.12.3
cisco	adaptive_security_appliance_software	9.12.3.2
cisco	adaptive_security_appliance_software	9.12.3.7
cisco	adaptive_security_appliance_software	9.12.3.9
cisco	adaptive_security_appliance_software	9.12.3.12
cisco	adaptive_security_appliance_software	9.12.4
cisco	adaptive_security_appliance_software	9.12.4.2
cisco	adaptive_security_appliance_software	9.12.4.4
cisco	adaptive_security_appliance_software	9.12.4.7
cisco	adaptive_security_appliance_software	9.12.4.8
cisco	adaptive_security_appliance_software	9.12.4.10
cisco	adaptive_security_appliance_software	9.12.4.13
cisco	adaptive_security_appliance_software	9.12.4.18
cisco	adaptive_security_appliance_software	9.12.4.24
cisco	adaptive_security_appliance_software	9.12.4.26
cisco	adaptive_security_appliance_software	9.12.4.29
cisco	adaptive_security_appliance_software	9.12.4.30
cisco	adaptive_security_appliance_software	9.12.4.35
cisco	adaptive_security_appliance_software	9.12.4.37
cisco	adaptive_security_appliance_software	9.12.4.38
cisco	adaptive_security_appliance_software	9.12.4.39
cisco	adaptive_security_appliance_software	9.12.4.40
cisco	adaptive_security_appliance_software	9.12.4.41
cisco	adaptive_security_appliance_software	9.12.4.47
cisco	adaptive_security_appliance_software	9.12.4.48
cisco	adaptive_security_appliance_software	9.12.4.50
cisco	adaptive_security_appliance_software	9.12.4.52
cisco	adaptive_security_appliance_software	9.12.4.54
cisco	adaptive_security_appliance_software	9.12.4.55
cisco	adaptive_security_appliance_software	9.14.1
cisco	adaptive_security_appliance_software	9.14.1.6
cisco	adaptive_security_appliance_software	9.14.1.10
cisco	adaptive_security_appliance_software	9.14.1.15
cisco	adaptive_security_appliance_software	9.14.1.19
cisco	adaptive_security_appliance_software	9.14.1.30
cisco	adaptive_security_appliance_software	9.14.2
cisco	adaptive_security_appliance_software	9.14.2.4
cisco	adaptive_security_appliance_software	9.14.2.8
cisco	adaptive_security_appliance_software	9.14.2.13
cisco	adaptive_security_appliance_software	9.14.2.15
cisco	adaptive_security_appliance_software	9.14.3
cisco	adaptive_security_appliance_software	9.14.3.1
cisco	adaptive_security_appliance_software	9.14.3.9
cisco	adaptive_security_appliance_software	9.14.3.11
cisco	adaptive_security_appliance_software	9.14.3.13
cisco	adaptive_security_appliance_software	9.14.3.15
cisco	adaptive_security_appliance_software	9.14.3.18
cisco	adaptive_security_appliance_software	9.14.4
cisco	adaptive_security_appliance_software	9.14.4.6
cisco	adaptive_security_appliance_software	9.14.4.7
cisco	adaptive_security_appliance_software	9.14.4.12
cisco	adaptive_security_appliance_software	9.14.4.13
cisco	adaptive_security_appliance_software	9.14.4.14
cisco	adaptive_security_appliance_software	9.14.4.15
cisco	adaptive_security_appliance_software	9.14.4.17
cisco	adaptive_security_appliance_software	9.15.1
cisco	adaptive_security_appliance_software	9.15.1.1
cisco	adaptive_security_appliance_software	9.15.1.7
cisco	adaptive_security_appliance_software	9.15.1.10
cisco	adaptive_security_appliance_software	9.15.1.15
cisco	adaptive_security_appliance_software	9.15.1.16
cisco	adaptive_security_appliance_software	9.15.1.17
cisco	adaptive_security_appliance_software	9.15.1.21
cisco	adaptive_security_appliance_software	9.16.1
cisco	adaptive_security_appliance_software	9.16.1.28
cisco	adaptive_security_appliance_software	9.16.2
cisco	adaptive_security_appliance_software	9.16.2.3
cisco	adaptive_security_appliance_software	9.16.2.7
cisco	adaptive_security_appliance_software	9.16.2.11
cisco	adaptive_security_appliance_software	9.16.2.13
cisco	adaptive_security_appliance_software	9.16.2.14
cisco	adaptive_security_appliance_software	9.16.3
cisco	adaptive_security_appliance_software	9.16.3.3
cisco	adaptive_security_appliance_software	9.16.3.14
cisco	adaptive_security_appliance_software	9.16.3.15
cisco	adaptive_security_appliance_software	9.16.3.19
cisco	adaptive_security_appliance_software	9.16.3.23
cisco	adaptive_security_appliance_software	9.16.4
cisco	adaptive_security_appliance_software	9.16.4.9
cisco	adaptive_security_appliance_software	9.17.1
cisco	adaptive_security_appliance_software	9.17.1.7
cisco	adaptive_security_appliance_software	9.17.1.9
cisco	adaptive_security_appliance_software	9.17.1.10
cisco	adaptive_security_appliance_software	9.17.1.11
cisco	adaptive_security_appliance_software	9.17.1.13
cisco	adaptive_security_appliance_software	9.17.1.15
cisco	adaptive_security_appliance_software	9.17.1.20
cisco	adaptive_security_appliance_software	9.18.1
cisco	adaptive_security_appliance_software	9.18.1.3
cisco	adaptive_security_appliance_software	9.18.2
cisco	adaptive_security_appliance_software	9.18.2.5
cisco	adaptive_security_appliance_software	9.18.2.7
cisco	adaptive_security_appliance_software	9.18.2.8
cisco	adaptive_security_appliance_software	9.19.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D726F07-06F1-4B0A-B010-E607E0C2A280",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FAD2427-82A3-4E64-ADB5-FA4F40B568F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "08D5A647-AC21-40AC-8B3C-EE5D3EDA038A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BAE999A-5244-46CF-8C12-D68E789BDEE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6468D3D-C5A7-4FAE-B4B9-AD862CD11055",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6E4808D-592E-46A6-A83A-A46227D817B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AB45136-ACCD-4230-8975-0EBB30D5B375",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2C39AC1-1B96-4253-9FC8-4CC26D6261F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE9102C8-F211-4E50-967F-FD51C7FC904F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4933642-89E5-4909-AD3C-862CD3B77790",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9A6C776-79B3-47ED-B013-100B8F08E1C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "E504F28A-44CE-4B3E-9330-6A98728E3AEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEA0DD43-D206-4C1C-8B17-DA47F96B3BAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "1983172D-4F52-479F-BF14-A84B92D36864",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "4122D982-A57A-4249-A8DC-CE9FC6C98803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "96464380-F665-4266-B0AD-693E078C9F82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C230B8A-570D-4F58-83E1-AFA50B813EA4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD3F39CB-C4C2-4B13-94F0-9E44322314BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "59A71873-0EB2-418F-AE33-8474A1010FA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2DF0B07-8C2A-4341-8AFF-DE7E5E5B3A43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E6BD0EE-649E-4ED6-A09C-8364335DEF52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AE11554-FE3C-4C8B-8986-5D88E4967342",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1C11983-22A8-4859-A240-571A7815FF54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "24CD0B0A-2B91-45DD-9522-8D1D3850CC9B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7026F0E-72A7-4CDF-BADC-E34FE6FADC51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "63B85369-FBAE-456C-BC99-5418B043688A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "86434346-D5F0-49BA-803E-244C3266E361",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2FA7B3C-002D-4755-B323-CA24B770A5B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1CB7EBC-F3D5-4855-A8D8-BA5AB21FD719",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2A5530C-DF29-421B-9712-3454C1769446",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "41170977-FEEA-4B51-BF98-8493096CD691",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "B05791F9-0B31-4C4C-A9BA-9268CAA45FB2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D975CBA-7F01-4A4C-991B-9571410C4F07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6D7AF29-4E08-4BFD-AFE0-994309E66F08",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2EFA476-5021-4A00-859E-1643009D6156",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6E3A5DC-A237-46E4-A4E5-F135482F984A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCD69468-8067-4A5D-B2B0-EC510D889AA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "20AE4051-FA3B-4F0B-BD3D-083A14269FF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "46A42D07-FF3E-41B4-BA39-3A5BDA4E0E61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3985EA37-2B77-45F2-ABA5-5CCC7B35CA2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "67FB5ABE-3C40-4C58-B91F-0621C2180FAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "53909FD6-EC74-4D2F-99DA-26E70400B53F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "55FE024D-0D43-40AD-9645-8C54ECF17824",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC411A8D-CD39-46F5-B8FC-6753E618FAEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "D46E2E00-BA86-4002-B67B-2C1A6C1AAAE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "91AD8BA2-EB8D-4D8B-B707-AF5C2A831998",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "85F22403-B4EE-4303-9C94-915D3E0AC944",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "828E3DE1-B62E-4FEC-AAD3-EB0E452C9CBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "596EC5DD-D7F4-44C8-B4B5-E2DC142FC486",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C356E0E6-5B87-40CF-996E-6FFEDFD82A31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBCA75A6-0A3E-4393-8884-9F3CE190641E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F3C12D3-7662-46C5-9E88-D1BE6CF605E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "046B53A0-6BC1-461A-9C28-C534CE12C4BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA889E1-4E8F-4ECE-88AC-7A240D5CBF0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D1C767F-3E06-43B7-A0CC-D51D97A053EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "43A950B0-A7CA-4CE7-A393-A18C8C41B08E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7E221CB-BD0F-4AEE-8646-998B75647714",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "225382DE-2919-48F4-9CC0-DE685EAAFDF4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBA2DFE7-F478-46EC-9832-4B2C738FC879",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D619BF54-1BA9-45D0-A876-92D7010088A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "469EA365-DED5-4436-AAC2-5553529DE700",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D94F400-5A35-41F5-B37F-E9DA6F87ED8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5364CB94-BEA3-4E9A-A2F9-EE96A2D7F8AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FD5D12-CF1A-4990-99B3-1840EFBA5611",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCD2D11D-FF08-44E4-BF67-D8DD1E701FCD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F788D156-1F1F-4A08-848B-257BC4CCE000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "795ED164-7800-4D50-8E37-665BE30190D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B0664B8-1670-4F47-A01E-089D05A9618A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBC0C3DC-4761-488A-90A9-6EA45EE61526",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "62EE065B-F8B6-4125-8486-B2EE0566B27A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5245DEF8-64BE-47C9-AA3C-DF3F7F92A89F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D482F818-0A8E-49D7-8E3E-0958019FA629",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E7BFB57-BC02-4930-A02F-83583E6A0FC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "026F1960-C879-4611-A60A-96311B63CCA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAF8B33E-0C95-467D-A865-0A234E69D0CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFF144F5-D933-4DE4-818C-001BD9E3958A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "00112ED3-FE7B-425B-9A28-1E5F2BC8BB01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDD491D5-FAAB-493F-91A6-D2F3B5F5970E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "1519F49D-588F-4B70-B38F-EF4F3E13FEAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "15354443-5EB7-4712-B2DE-61DB33830759",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "248D6B44-E134-4DEC-A947-636824E3FDFA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "0820A79C-F3EF-407F-9AC7-DCAB4CD39C89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D3E8805-85D2-4345-8076-039513209A31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "14BB907B-D75A-4F5E-B20D-5457A71A70EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "F118B803-4C55-436A-A136-0C1FEA49858F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.38:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A272121-408E-45F6-A2A1-0BA6EBC060A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "980CEA3B-5A81-4E8C-BEA3-DD31BE7DA2CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3910211-D4DB-4CA7-BBEA-DD8246FF10ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "C260BF30-7A33-4C70-9509-404856C93666",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF894850-39EC-4B57-BBFF-F1AB4F8389A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1FAFCF9-0ABE-483E-9604-329762BB7870",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "83DB4278-3126-4765-97C4-6C0A8C78DA78",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "174E631B-6099-47DE-8790-BBF4B7FDB8CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FE3538B-F612-4105-BFDE-A4B594482DCF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "3143B0FF-C855-485E-A908-E48974B1643C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "26DD9992-6D98-4E03-9599-ECF38A186FBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "24DCEAE6-355B-40AE-A7C8-AF744FCA8A86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "2097E81E-B422-4B93-AF09-F300A0E8AF71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "454DEA31-A607-4054-82D3-24A4FEB7358F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "57F0B213-8187-4465-84F1-FB8D92B36020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "E540771E-BA0B-42D1-8251-B576B0F142C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEC2A833-BECF-4000-A592-6113A84C2D20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "077F1416-924A-4D25-9CEE-3BD66A96A019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BDC8D92-D6E0-40EE-B190-D2B32C7DEB75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "23CD5619-E534-4F40-998D-39DC19FA0451",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5D0EB11-14B1-44B3-8D46-B9DD872F772C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FA399CF-12DB-42E0-A66F-14508B52A453",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B5A7608-E737-420E-9B5E-836600DAC701",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.32:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7EB6801-336D-4F41-ADE7-1C58C63C3F6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "8413DA41-02A5-4269-8C88-9DD5076AF91B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.34:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA00285F-6914-4749-8A47-FC4EDAFFF3C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "4AA4D367-32B9-4F54-8352-A959F61A1FDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "2259FF9E-0C8B-440F-B1AC-51BDE3F60E68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C522B55-904D-4C08-B73E-1457D877C0AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "4483056A-FBF3-4E00-81EB-1E97334EF240",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.43:*:*:*:*:*:*:*",
              "matchCriteriaId": "48677330-06AB-4C7F-B2AD-F7E465A9632A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.44:*:*:*:*:*:*:*",
              "matchCriteriaId": "7AEA80D2-5DB8-4334-9A88-7DDE395832C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.45:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB1C38A5-1028-4AD3-8CC7-A00091091E76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.46:*:*:*:*:*:*:*",
              "matchCriteriaId": "848147B2-C49A-43F6-9069-FC8885BDFDA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F002FD55-F881-450E-BC1B-8073E188F47E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA940C4F-13BB-465F-BB8D-CBD0109BF012",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B0434F5-9A50-4B57-9C5B-E09415D098C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE727035-06CB-4E37-A9D2-96BD54502120",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FE52B81-2CF8-48E5-A7BA-A163A25A669B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8E8D7C9-5272-40E6-869B-B33959F9F0CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE8D5D71-5C85-4644-8A84-F073549ADB50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "0790DDC2-7BA0-42DC-A157-754C0CBBE178",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "882394EA-70C8-4D86-9AEF-5D273D8E518C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "855AD3CC-F404-48C5-80D2-7F2765D16D72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "26B6BF72-9124-4213-B3C0-BD31B46E8C91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE8FBE89-8FDA-4B9B-BA1A-90FFD482A585",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "149C3872-8DA9-48DD-ADD0-2E84C1A76A40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2D33E8C-294A-4C43-8DB6-9DA9F61F0B3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E23ACB0-DF8B-4672-A819-4DCD3104CE4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4723B88-62BA-40E6-AA89-BAC02D6A036F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C698819-3C8E-4A16-8F52-42FF1E54C076",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D3CE74E-59E7-448A-8417-18F97C05C798",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "0986C171-0E75-4F6F-A9BD-276830104E5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "66A2777A-7831-4324-AEB2-5D93B5F6C04B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "37045680-9189-4B7F-A4F7-4E682FE20A09",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6C9F37B-CF3C-4861-A969-C7CF4946274A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A1DAF21-3FED-4691-9D4C-8FD8CEA7FB3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB938E58-4963-4A31-8836-88E958592B30",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E317897-EE97-44F3-96BB-E54228D72A7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EF7FAB2-158D-4C48-9246-E7AD3BF1D801",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.37:*:*:*:*:*:*:*",
              "matchCriteriaId": "056D43AE-ECDB-40D2-A196-18DDCD02629E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.38:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3E555F3-3580-4D71-8D8D-92FE72763D62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "93013503-8B9A-4160-AF7E-277958FA6E9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3B009FD-0F2B-4511-8EDF-C3E670623F89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "52579D8D-E855-42B3-B406-32DD1C39F721",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.47:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7E44FC6-12A2-4F76-A095-28F3804B619F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.48:*:*:*:*:*:*:*",
              "matchCriteriaId": "42917E5E-E362-4B40-B2B2-3C77BA35641C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.50:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF317FA3-EBF3-49BB-A9E6-0D4295FA3F60",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.52:*:*:*:*:*:*:*",
              "matchCriteriaId": "F98B1683-914F-43D3-AE1C-311D3A90BE8C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.54:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8D24656-CAB1-4A98-A440-482927FEDD16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.55:*:*:*:*:*:*:*",
              "matchCriteriaId": "E504557C-DA5D-4D0F-A813-4CE7D5109F15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "52D83C3A-ED0B-42D5-A08A-97D27E189875",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "A649E319-D408-4AA2-8293-C9E37AF14BA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4187EFE-4D7E-4493-A6E0-24C98256CF79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "6730194F-5069-40AB-AE66-871D3992560C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E257F98-D1A0-4D28-9504-1749CC090D49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FF1A5FC-73BE-4218-86D9-2E81FA64EABD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E492943-6EC0-4E34-9DBC-DD1C2CF1CDCC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "589E46F3-8038-4B87-8C40-55C6268B82F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F3B73F6-139E-42DC-B895-DDD17B5A1138",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A2590E7-FE04-4B29-B36B-AABAA5F3B9AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E4FD5E3-7E82-4294-8B05-D2045D857029",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E998A4A-5346-4CFA-A617-FD1106C6B7A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "91265549-A16E-4A00-A031-4F1EB8D6881C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA3C316B-5485-4CDD-A1A1-6C0A9CB4719F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECE6D033-7B8B-4F61-B653-0C0EF13466EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "14441650-DAD5-4959-83DF-4D6F3D6A05FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B21ABC9-A64B-43E4-8951-1E6C0F427DBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "A48EC041-322F-422D-B95B-0FC07BDA2B6B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE0D50C0-DADB-4747-8649-8A5257111FE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEE2699F-353F-44CB-A778-981783DDC31F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D8E50BD-1FBD-483B-9C27-70E95C732E55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "F46E5E4F-787C-4C05-B1E7-C39BB9125D16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6A29312-38E7-456B-94DD-4D7329691114",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "27F7BB31-C733-4C32-BF0F-33B5AF020156",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC313568-33A6-435B-98FF-8A7091D9C451",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F85710A-28CE-4913-8523-356461908FBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA0B9B73-A9E6-4924-9EAE-B57E534938FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "012812C4-EFF8-465F-A771-134BEB617CC9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "E06141A9-8C37-445A-B58A-45739AFE7D4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "7EDC09E5-51D3-4672-B910-B34A9CBD6128",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "71ED7A71-81CB-444C-A4ED-EA4A58D5E73C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "CAD13331-0EB8-4C8D-85CC-D96CA9F829AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "7137F22B-F993-4620-9378-9412DAEA9EF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "923A40E8-6456-4288-B9AB-DBF5F9C4246A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "13F57A86-6284-4269-823E-B30C57185D14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.1.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6560447-039C-40FA-A24D-C8994AC2743B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "378ED826-F5FE-40BA-9FC0-9C185A13518B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "130B6FD9-764D-4EF8-91AA-37E52AE9B3E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "225861CE-FFF8-4AFA-A07B-CB8D5BC9C361",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD08C4E8-3ADB-4048-9B3C-4F0385201523",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4875811-F209-49ED-B310-8377B2F87FF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "99C52C7B-B626-4A3C-A2EC-28A20E7FA95F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "08CCBF5E-257A-4A1F-8930-3643A9588838",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "782BC9ED-1395-472B-9F34-DED812AA5BFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "153449C0-B93F-49A2-8A6A-BE84305E8D2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "853A002C-839A-4372-8485-750A86E9F6E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "C62BB5D6-CE75-4C83-82DC-4148EF8CB1F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "D32F1365-EAF8-4570-B2FF-45E47E8586F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFD07F9B-6BB3-4423-8DBE-4E89A6478E65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "34FE4F28-B704-4325-AE8A-C790163FEE71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "27ACBA2A-87A7-4836-A474-AFD7D22F820D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "C73E0B2E-BABF-4998-A1D7-4E803F9D78AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "59306ADF-FAA6-4970-ADFB-C5D9A5AEF1AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "959107AC-E9EC-467C-901B-A3164E3762E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F944F8F-0255-42BE-BD44-D21EC9F0FFC4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F39C535-5A41-47CE-A9CF-B360998D4BF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9CEAEFC-7B82-41F9-A09D-C86A3A60A4FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "40FAC31D-19C0-4BA0-A019-C7E7A0BA0B5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BA16A6D-2747-4DAC-A30A-166F1FD906FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "289F9874-FC01-4809-9BDA-1AF583FB60B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "74EDFC67-E4EE-4D2C-BF9F-5881C987C662",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "826869BE-4874-4BBA-9392-14851560BA10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF52D477-3045-45D1-9FD3-12F396266463",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "88E310BF-F1F6-4124-A875-81967B9B531E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEE52F59-AABA-4069-A909-64AD5DFD2B18",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the VPN web client services component of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct browser-based attacks against users of an affected device. This vulnerability is due to improper validation of input that is passed to the VPN web client services component before being returned to the browser that is in use. An attacker could exploit this vulnerability by persuading a user to visit a website that is designed to pass malicious requests to a device that is running Cisco ASA Software or Cisco FTD Software and has web services endpoints supporting VPN features enabled. A successful exploit could allow the attacker to reflect malicious input from the affected device to the browser that is in use and conduct browser-based attacks, including cross-site scripting attacks. The attacker could not directly impact the affected device."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el componente Clientless SSL VPN (WebVPN) del software Cisco Adaptive Security Appliance (ASA) podr\u00eda permitir a un atacante remoto no autenticado conducir ataques basados en el navegador. Esta vulnerabilidad es debido a que no son comprobadas apropiadamente las entradas que son pasadas al componente Clientless SSL VPN. Un atacante podr\u00eda explotar esta vulnerabilidad al convencer a un usuario objetivo para que visite un sitio web que pueda pasar peticiones maliciosas a un dispositivo ASA que tenga habilitada la funci\u00f3n Clientless SSL VPN. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante llevar a cabo ataques basados en el navegador, incluyendo ataques de tipo cross-site scripting, contra el usuario objetivo"
    }
  ],
  "id": "CVE-2022-20713",
  "lastModified": "2024-11-21T06:43:23.407",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 1.4,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.1,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 2.7,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-08-10T17:15:08.423",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-webvpn-LOeKsNmO"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-webvpn-LOeKsNmO"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-444"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2022-04-21 19:15

Modified

2024-11-21 06:43

Severity ?

5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

A vulnerability in the implementation of the Datagram TLS (DTLS) protocol in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause high CPU utilization, resulting in a denial of service (DoS) condition. This vulnerability is due to suboptimal processing that occurs when establishing a DTLS tunnel as part of an AnyConnect SSL VPN connection. An attacker could exploit this vulnerability by sending a steady stream of crafted DTLS traffic to an affected device. A successful exploit could allow the attacker to exhaust resources on the affected VPN headend device. This could cause existing DTLS tunnels to stop passing traffic and prevent new DTLS tunnels from establishing, resulting in a DoS condition. Note: When the attack traffic stops, the device recovers gracefully.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vpndtls-dos-TunzLEV	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vpndtls-dos-TunzLEV	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance	*
cisco	adaptive_security_appliance_software	*
cisco	asa_5505	-
cisco	asa_5512-x	-
cisco	asa_5515-x	-
cisco	asa_5525-x	-
cisco	asa_5545-x	-
cisco	asa_5555-x	-
cisco	asa_5580	-
cisco	asa_5585-x	-
cisco	asa_for_nexus_1000v	-
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_1010	-
cisco	firepower_1120	-
cisco	firepower_1140	-
cisco	firepower_1150	-
cisco	firepower_2110	-
cisco	firepower_2120	-
cisco	firepower_2130	-
cisco	firepower_2140	-
cisco	firepower_4110	-
cisco	firepower_4112	-
cisco	firepower_4115	-
cisco	firepower_4120	-
cisco	firepower_4125	-
cisco	firepower_4140	-
cisco	firepower_4145	-
cisco	firepower_4150	-
cisco	firepower_9300	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "05FF8791-FAEC-4E4C-8CF2-8AF41E461E82",
              "versionEndIncluding": "9.16.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "86E0342A-7459-4A0E-B046-AB2F1F04D5FA",
              "versionEndIncluding": "9.17.1.9",
              "versionStartIncluding": "9.17.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E6A8BB7-2000-4CA2-9DD7-89573CE4C73A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08F0F160-DAD2-48D4-B7B2-4818B2526F35",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "977D597B-F6DE-4438-AB02-06BE64D71EBE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB71EB29-0115-4307-A9F7-262394FD9FB0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5545-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57179F60-E330-4FF0-9664-B1E4637FF210",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5535C936-391B-4619-AA03-B35265FC15D7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1E828B8-5ECC-4A09-B2AD-DEDC558713DE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16AE20C2-C77E-4E04-BF13-A48696E52426",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_for_nexus_1000v:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A198A68E-78A8-477F-B6D4-79AAB2C7BE22",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8D80E3B-DD36-45E8-9F7F-38111B7FF5E2",
              "versionEndIncluding": "7.0.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "23670904-7E82-4434-A011-2462A56AB56E",
              "versionEndIncluding": "7.1.0.1",
              "versionStartIncluding": "7.1.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FFE3880-4B85-4E23-9836-70875D5109F7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "727A02E8-40A1-4DFE-A3A2-91D628D3044F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1140:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "19F6546E-28F4-40DC-97D6-E0E023FE939B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB3B0EC3-4654-4D90-9D41-7EC2AD1DDF99",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "52D96810-5F79-4A83-B8CA-D015790FCF72",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FE2945-4975-4003-AE48-7E134E167A7F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2130:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCE7122A-5AA7-4ECD-B024-E27C9D0CFB7B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2140:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "976901BF-C52C-4F81-956A-711AF8A60140",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "957D64EB-D60E-4775-B9A8-B21CA48ED3B1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A694AD51-9008-4AE6-8240-98B17AB527EE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "38AE6DC0-2B03-4D36-9856-42530312CC46",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71DCEF22-ED20-4330-8502-EC2DD4C9838F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3DB2822B-B752-4CD9-A178-934957E306B4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "81F4868A-6D62-479C-9C19-F9AABDBB6B24",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "65378F3A-777C-4AE2-87FB-1E7402F9EA1B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "07DAFDDA-718B-4B69-A524-B0CEB80FE960",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the implementation of the Datagram TLS (DTLS) protocol in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause high CPU utilization, resulting in a denial of service (DoS) condition. This vulnerability is due to suboptimal processing that occurs when establishing a DTLS tunnel as part of an AnyConnect SSL VPN connection. An attacker could exploit this vulnerability by sending a steady stream of crafted DTLS traffic to an affected device. A successful exploit could allow the attacker to exhaust resources on the affected VPN headend device. This could cause existing DTLS tunnels to stop passing traffic and prevent new DTLS tunnels from establishing, resulting in a DoS condition. Note: When the attack traffic stops, the device recovers gracefully."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la implementaci\u00f3n del protocolo Datagram TLS (DTLS) en el software Cisco Adaptive Security Appliance (ASA) y el software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir a un atacante remoto no autenticado causar un alto uso de la CPU, resultando en una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Esta vulnerabilidad es debido al procesamiento sub\u00f3ptimo que es producido cuando es establecido un t\u00fanel DTLS como parte de una conexi\u00f3n VPN SSL AnyConnect. Un atacante podr\u00eda aprovechar esta vulnerabilidad mediante el env\u00edo de un flujo constante de tr\u00e1fico DTLS dise\u00f1ado a un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante agotar los recursos del dispositivo de encabezado VPN afectado. Esto podr\u00eda causar que los t\u00faneles DTLS existentes dejaran de pasar tr\u00e1fico e impedir que se establecieran nuevos t\u00faneles DTLS, resultando en una condici\u00f3n de DoS. Nota: Cuando el tr\u00e1fico de ataque es detenido, el dispositivo es recuperado con elegancia"
    }
  ],
  "id": "CVE-2022-20795",
  "lastModified": "2024-11-21T06:43:34.283",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 5.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-04-21T19:15:08.740",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vpndtls-dos-TunzLEV"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vpndtls-dos-TunzLEV"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-345"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-345"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2021-04-29 18:15

Modified

2024-11-21 05:44

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges on the underlying operating system of an affected device that is running in multi-instance mode. This vulnerability is due to insufficient validation of user-supplied command arguments. An attacker could exploit this vulnerability by submitting crafted input to the affected command. A successful exploit could allow the attacker to execute commands on the underlying operating system with root privileges.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-cmdinj-vWY5wqZT	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-cmdinj-vWY5wqZT	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_4110	-
cisco	firepower_4112	-
cisco	firepower_4115	-
cisco	firepower_4120	-
cisco	firepower_4125	-
cisco	firepower_4140	-
cisco	firepower_4145	-
cisco	firepower_4150	-
cisco	firepower_9300	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "53C69C8B-5A19-4613-8861-683CF21806B7",
              "versionEndExcluding": "6.4.0.10",
              "versionStartIncluding": "6.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3ED0E59C-146C-494F-AD46-F6FB43F9C575",
              "versionEndExcluding": "6.5.0.5",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "754010DE-2C33-4BA1-9567-90C46309B664",
              "versionEndExcluding": "6.6.1",
              "versionStartIncluding": "6.6.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "957D64EB-D60E-4775-B9A8-B21CA48ED3B1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A694AD51-9008-4AE6-8240-98B17AB527EE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "38AE6DC0-2B03-4D36-9856-42530312CC46",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71DCEF22-ED20-4330-8502-EC2DD4C9838F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3DB2822B-B752-4CD9-A178-934957E306B4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "81F4868A-6D62-479C-9C19-F9AABDBB6B24",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "65378F3A-777C-4AE2-87FB-1E7402F9EA1B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "07DAFDDA-718B-4B69-A524-B0CEB80FE960",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges on the underlying operating system of an affected device that is running in multi-instance mode. This vulnerability is due to insufficient validation of user-supplied command arguments. An attacker could exploit this vulnerability by submitting crafted input to the affected command. A successful exploit could allow the attacker to execute commands on the underlying operating system with root privileges."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la CLI del software Cisco Firepower Threat Defense (FTD), podr\u00eda permitir a un atacante autenticado local ejecutar comandos arbitrarios con privilegios root en el sistema operativo subyacente de un dispositivo afectado que es ejecutado en modo multi-instance.\u0026#xa0;Esta vulnerabilidad es debido a una comprobaci\u00f3n insuficiente de los argumentos de los comandos suministrados por el usuario.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de una entrada dise\u00f1ada al comando afectado.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante ejecutar comandos en el sistema operativo subyacente con privilegios root"
    }
  ],
  "id": "CVE-2021-1448",
  "lastModified": "2024-11-21T05:44:23.240",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-04-29T18:15:09.007",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-cmdinj-vWY5wqZT"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-cmdinj-vWY5wqZT"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2021-10-27 19:15

Modified

2024-11-21 06:11

Severity ?

8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Summary

A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to perform a directory traversal attack on an affected device. The attacker would require valid device credentials. The vulnerability is due to insufficient input validation of the HTTPS URL by the web-based management interface. An attacker could exploit this vulnerability by sending a crafted HTTPS request that contains directory traversal character sequences to an affected device. A successful exploit could allow the attacker to read or write arbitrary files on the device.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-dir-traversal-95UyW5tk	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-dir-traversal-95UyW5tk	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_management_center_virtual_appliance	6.2.3
cisco	firepower_management_center_virtual_appliance	6.4.0
cisco	firepower_management_center_virtual_appliance	6.5.0
cisco	firepower_management_center_virtual_appliance	6.6.1
cisco	firepower_management_center_virtual_appliance	6.6.2
cisco	firepower_management_center_virtual_appliance	6.6.3
cisco	firepower_management_center_virtual_appliance	6.6.4
cisco	firepower_management_center_virtual_appliance	6.7.0
cisco	firepower_management_center_virtual_appliance	7.0.0
cisco	firepower_management_center_virtual_appliance	7.1.0
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	sourcefire_defense_center	6.2.3
cisco	sourcefire_defense_center	6.4.0
cisco	sourcefire_defense_center	6.5.0
cisco	sourcefire_defense_center	6.6.1
cisco	sourcefire_defense_center	6.6.2
cisco	sourcefire_defense_center	6.6.3
cisco	sourcefire_defense_center	6.6.4
cisco	sourcefire_defense_center	7.0.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F75D9CB4-406B-4FBF-BC7A-35C2CCEFD8B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C0FC62F-65AD-4855-953A-DA5BBFC1B2E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "28629BA3-B1ED-409B-9FB1-E2159D95D975",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B11AE299-AE40-42EB-9C0B-3865C932E766",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C001C143-323E-4820-B5FC-4841E85B5EB8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "CABDCBEE-439D-448C-B836-D216A74C4C7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F42A059-CCCC-4629-AC03-6E90E7731C48",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA792E5D-7270-4C23-A8D6-22EB00CB21A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CB38685-4255-4565-98AA-234B9DEEADE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CF689E1-22FF-467F-B5A7-59833D77971E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5429F29E-BEE8-4989-B5F3-A9BABBF64D31",
              "versionEndExcluding": "6.4.0.13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "18589C74-19D2-44F0-AF26-68910E26655D",
              "versionEndExcluding": "6.6.5",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "98DEDDAB-B8C5-4753-A208-94638E694FC1",
              "versionEndExcluding": "6.7.0.3",
              "versionStartIncluding": "6.7.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B2F537A-A488-45B6-AD4B-48B7064AE84C",
              "versionEndExcluding": "7.0.1",
              "versionStartIncluding": "7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E4A3574-53DC-4328-A229-87795AE4F7AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2EBC6544-6ADF-4F95-A969-A8D953D11B3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "04DF03B7-9C70-4BEE-8AE4-6AA134322C0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B02800C-6420-4758-89CF-66F47B4FCA19",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B44F266-3C0C-4411-B0B1-B7614DB5BDEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B52CA450-676D-404C-AE02-4DDD1A1ED759",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "923193EF-083C-4CB7-920E-1B2163783CCD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "52ED507A-5075-4444-A2D1-F5657453AD3F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to perform a directory traversal attack on an affected device. The attacker would require valid device credentials. The vulnerability is due to insufficient input validation of the HTTPS URL by the web-based management interface. An attacker could exploit this vulnerability by sending a crafted HTTPS request that contains directory traversal character sequences to an affected device. A successful exploit could allow the attacker to read or write arbitrary files on the device."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en la web del software Cisco Firepower Management Center (FMC) podr\u00eda permitir a un atacante remoto autenticado llevar a cabo un ataque de salto de directorio en un dispositivo afectado. El atacante necesitar\u00eda credenciales v\u00e1lidas del dispositivo. La vulnerabilidad es debido a una insuficiente comprobaci\u00f3n de entrada de la URL HTTPS por parte de la interfaz de administraci\u00f3n basada en web. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de una petici\u00f3n HTTPS dise\u00f1ada que contenga secuencias de caracteres de salto de directorio a un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante leer o escribir archivos arbitrarios en el dispositivo"
    }
  ],
  "id": "CVE-2021-34762",
  "lastModified": "2024-11-21T06:11:08.593",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "NONE",
          "baseScore": 5.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 4.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 8.1,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.2,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 8.1,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.2,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-10-27T19:15:08.060",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-dir-traversal-95UyW5tk"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-dir-traversal-95UyW5tk"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-26"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2019-02-21 20:29

Modified

2024-11-21 04:37

Severity ?

5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

Summary

A vulnerability in the detection engine of Cisco Firepower Threat Defense Software could allow an unauthenticated, remote attacker to cause the unexpected restart of the SNORT detection engine, resulting in a denial of service (DoS) condition. The vulnerability is due to the incomplete error handling of the SSL or TLS packet header during the connection establishment. An attacker could exploit this vulnerability by sending a crafted SSL or TLS packet during the connection handshake. An exploit could allow the attacker to cause the SNORT detection engine to unexpectedly restart, resulting in a partial DoS condition while the detection engine restarts. Versions prior to 6.2.3.4 are affected.

References

URL	Tags
psirt@cisco.com	http://www.securityfocus.com/bid/107099	Third Party Advisory, VDB Entry
psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-fpwr-ssltls-dos	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/107099	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-fpwr-ssltls-dos	Vendor Advisory

Impacted products

	Vendor	Product	Version
	cisco	firepower_threat_defense	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D74B9AA-955B-4DE4-9915-4EADCDBA3434",
              "versionEndExcluding": "6.2.3.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the detection engine of Cisco Firepower Threat Defense Software could allow an unauthenticated, remote attacker to cause the unexpected restart of the SNORT detection engine, resulting in a denial of service (DoS) condition. The vulnerability is due to the incomplete error handling of the SSL or TLS packet header during the connection establishment. An attacker could exploit this vulnerability by sending a crafted SSL or TLS packet during the connection handshake. An exploit could allow the attacker to cause the SNORT detection engine to unexpectedly restart, resulting in a partial DoS condition while the detection engine restarts. Versions prior to 6.2.3.4 are affected."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el motor de detecci\u00f3n del software Firepower Threat Defense de Cisco podr\u00eda permitir a un atacante remoto no autenticado provocar el reinicio inesperado del motor de detecci\u00f3n SNORT, conduciendo a una Denegaci\u00f3n de Servicio (DoS).  Esta vulnerabilidad se debe a la gesti\u00f3n de errores incompleta de la cabecera del paquete SSL o TLS durante el establecimiento de una conexi\u00f3n. Un atacante podr\u00eda explotar esta vulnerabilidad enviando un paquete SSL o TLS manipulado durante el handshake de conexi\u00f3n. Si se explota con \u00e9xito, podr\u00eda permitir que el atacante consiga que el motor de detecci\u00f3n SNORT se reinicie inesperadamente, conduciendo a una condici\u00f3n DoS parcial durante el reinicio del motor de detecci\u00f3n. Las versiones anteriores a la 6.2.3.4 se ven afectadas."
    }
  ],
  "id": "CVE-2019-1691",
  "lastModified": "2024-11-21T04:37:06.627",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 5.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 5.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-02-21T20:29:00.417",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/107099"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-fpwr-ssltls-dos"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/107099"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-fpwr-ssltls-dos"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-755"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2019-10-02 19:15

Modified

2024-11-21 04:23

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

A vulnerability in the FTP inspection engine of Cisco Adaptive Security (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient validation of FTP data. An attacker could exploit this vulnerability by sending malicious FTP traffic through an affected device. A successful exploit could allow the attacker to cause a DoS condition on the affected device.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-dos	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-dos	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	asa_5505	-
cisco	asa_5510	-
cisco	asa_5512-x	-
cisco	asa_5515-x	-
cisco	asa_5520	-
cisco	asa_5525-x	-
cisco	asa_5550	-
cisco	asa_5555-x	-
cisco	asa_5580	-
cisco	asa_5585-x	-
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FE0076B-25F9-4A04-93F2-1B283C27882B",
              "versionEndExcluding": "9.6.4.34",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B25DFB28-C8FF-47B8-B619-CDA94ED9AFFF",
              "versionEndExcluding": "9.8.4.10",
              "versionStartIncluding": "9.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3118855-5066-4FB7-B63E-EB694D6E00FA",
              "versionEndExcluding": "9.9.2.56",
              "versionStartIncluding": "9.9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADA230E4-4D7F-4186-842A-27B3741EE468",
              "versionEndExcluding": "9.10.1.30",
              "versionStartIncluding": "9.10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7DC67CB-104C-4E29-8E4F-D1E577D36876",
              "versionEndExcluding": "9.12.2.5",
              "versionStartIncluding": "9.12",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E6A8BB7-2000-4CA2-9DD7-89573CE4C73A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B091B9BA-D4CA-435B-8D66-602B45F0E0BD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08F0F160-DAD2-48D4-B7B2-4818B2526F35",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "977D597B-F6DE-4438-AB02-06BE64D71EBE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5520:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B387F62-6341-434D-903F-9B72E7F84ECB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB71EB29-0115-4307-A9F7-262394FD9FB0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5550:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6287D95-F564-44B7-A0F9-91396D7C2C4E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5535C936-391B-4619-AA03-B35265FC15D7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1E828B8-5ECC-4A09-B2AD-DEDC558713DE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16AE20C2-C77E-4E04-BF13-A48696E52426",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "885E5B33-1658-4B86-9B47-D89CA3FA2EF6",
              "versionEndExcluding": "6.3.0.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "17D8647E-1FA8-486E-B150-1EEFE52C31BB",
              "versionEndExcluding": "6.4.0.4",
              "versionStartIncluding": "6.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the FTP inspection engine of Cisco Adaptive Security (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient validation of FTP data. An attacker could exploit this vulnerability by sending malicious FTP traffic through an affected device. A successful exploit could allow the attacker to cause a DoS condition on the affected device."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el motor de inspecci\u00f3n FTP del Software Cisco Adaptive Security (ASA) y el Software Cisco Firepower Threat Defense (FTD), podr\u00eda permitir a un atacante remoto no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado. La vulnerabilidad es debido a una comprobaci\u00f3n insuficiente de los datos de FTP. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de tr\u00e1fico FTP malicioso por medio de un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar una condici\u00f3n DoS sobre el dispositivo afectado."
    }
  ],
  "id": "CVE-2019-12673",
  "lastModified": "2024-11-21T04:23:19.777",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-10-02T19:15:12.077",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-dos"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-dos"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2021-12-10 10:15

Modified

2025-08-08 18:52

Severity ?

10.0 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
10.0 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Summary

Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects.

References

URL	Tags
security@apache.org	http://packetstormsecurity.com/files/165225/Apache-Log4j2-2.14.1-Remote-Code-Execution.html	Third Party Advisory, VDB Entry
security@apache.org	http://packetstormsecurity.com/files/165260/VMware-Security-Advisory-2021-0028.html	Third Party Advisory, VDB Entry
security@apache.org	http://packetstormsecurity.com/files/165261/Apache-Log4j2-2.14.1-Information-Disclosure.html	Exploit, Third Party Advisory, VDB Entry
security@apache.org	http://packetstormsecurity.com/files/165270/Apache-Log4j2-2.14.1-Remote-Code-Execution.html	Exploit, Third Party Advisory, VDB Entry
security@apache.org	http://packetstormsecurity.com/files/165281/Log4j2-Log4Shell-Regexes.html	Third Party Advisory, VDB Entry
security@apache.org	http://packetstormsecurity.com/files/165282/Log4j-Payload-Generator.html	Third Party Advisory, VDB Entry
security@apache.org	http://packetstormsecurity.com/files/165306/L4sh-Log4j-Remote-Code-Execution.html	Third Party Advisory, VDB Entry
security@apache.org	http://packetstormsecurity.com/files/165307/Log4j-Remote-Code-Execution-Word-Bypassing.html	Third Party Advisory, VDB Entry
security@apache.org	http://packetstormsecurity.com/files/165311/log4j-scan-Extensive-Scanner.html	Third Party Advisory, VDB Entry, Broken Link
security@apache.org	http://packetstormsecurity.com/files/165371/VMware-Security-Advisory-2021-0028.4.html	Exploit, Third Party Advisory, VDB Entry
security@apache.org	http://packetstormsecurity.com/files/165532/Log4Shell-HTTP-Header-Injection.html	Exploit, Third Party Advisory, VDB Entry
security@apache.org	http://packetstormsecurity.com/files/165642/VMware-vCenter-Server-Unauthenticated-Log4Shell-JNDI-Injection-Remote-Code-Execution.html	Exploit, Third Party Advisory, VDB Entry
security@apache.org	http://packetstormsecurity.com/files/165673/UniFi-Network-Application-Unauthenticated-Log4Shell-Remote-Code-Execution.html	Exploit, Third Party Advisory, VDB Entry
security@apache.org	http://packetstormsecurity.com/files/167794/Open-Xchange-App-Suite-7.10.x-Cross-Site-Scripting-Command-Injection.html	Third Party Advisory, VDB Entry
security@apache.org	http://packetstormsecurity.com/files/167917/MobileIron-Log4Shell-Remote-Command-Execution.html	Exploit, Third Party Advisory, VDB Entry
security@apache.org	http://packetstormsecurity.com/files/171626/AD-Manager-Plus-7122-Remote-Code-Execution.html	Third Party Advisory, VDB Entry
security@apache.org	http://seclists.org/fulldisclosure/2022/Dec/2	Exploit, Mailing List, Third Party Advisory
security@apache.org	http://seclists.org/fulldisclosure/2022/Jul/11	Mailing List, Third Party Advisory
security@apache.org	http://seclists.org/fulldisclosure/2022/Mar/23	Mailing List, Third Party Advisory
security@apache.org	http://www.openwall.com/lists/oss-security/2021/12/10/1	Mailing List, Mitigation, Third Party Advisory
security@apache.org	http://www.openwall.com/lists/oss-security/2021/12/10/2	Mailing List, Mitigation, Third Party Advisory
security@apache.org	http://www.openwall.com/lists/oss-security/2021/12/10/3	Mailing List, Third Party Advisory
security@apache.org	http://www.openwall.com/lists/oss-security/2021/12/13/1	Mailing List, Third Party Advisory
security@apache.org	http://www.openwall.com/lists/oss-security/2021/12/13/2	Mailing List, Third Party Advisory
security@apache.org	http://www.openwall.com/lists/oss-security/2021/12/14/4	Mailing List, Third Party Advisory
security@apache.org	http://www.openwall.com/lists/oss-security/2021/12/15/3	Mailing List, Third Party Advisory
security@apache.org	https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf	Third Party Advisory
security@apache.org	https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf	Third Party Advisory
security@apache.org	https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf	Third Party Advisory
security@apache.org	https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf	Third Party Advisory
security@apache.org	https://github.com/cisagov/log4j-affected-db	Third Party Advisory
security@apache.org	https://github.com/cisagov/log4j-affected-db/blob/develop/SOFTWARE-LIST.md	Broken Link, Product, US Government Resource
security@apache.org	https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-44228	Exploit, Third Party Advisory
security@apache.org	https://lists.debian.org/debian-lts-announce/2021/12/msg00007.html	Mailing List, Third Party Advisory
security@apache.org	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M5CSVUNV4HWZZXGOKNSK6L7RPM7BOKIB/	Release Notes
security@apache.org	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VU57UJDCFIASIO35GC55JMKSRXJMCDFM/	Release Notes
security@apache.org	https://logging.apache.org/log4j/2.x/security.html	Release Notes, Vendor Advisory
security@apache.org	https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/	Patch, Third Party Advisory, Vendor Advisory
security@apache.org	https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032	Third Party Advisory
security@apache.org	https://security.netapp.com/advisory/ntap-20211210-0007/	Third Party Advisory
security@apache.org	https://support.apple.com/kb/HT213189	Third Party Advisory
security@apache.org	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd	Third Party Advisory
security@apache.org	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd	Third Party Advisory
security@apache.org	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd	Third Party Advisory
security@apache.org	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd	Third Party Advisory
security@apache.org	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd	Third Party Advisory
security@apache.org	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd	Third Party Advisory
security@apache.org	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd	Third Party Advisory
security@apache.org	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd	Third Party Advisory
security@apache.org	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd	Third Party Advisory
security@apache.org	https://twitter.com/kurtseifried/status/1469345530182455296	Broken Link, Exploit, Third Party Advisory
security@apache.org	https://www.bentley.com/en/common-vulnerability-exposure/be-2022-0001	Third Party Advisory
security@apache.org	https://www.debian.org/security/2021/dsa-5020	Mailing List, Third Party Advisory
security@apache.org	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html	Third Party Advisory
security@apache.org	https://www.kb.cert.org/vuls/id/930724	Third Party Advisory, US Government Resource
security@apache.org	https://www.nu11secur1ty.com/2021/12/cve-2021-44228.html	Exploit, Third Party Advisory
security@apache.org	https://www.oracle.com/security-alerts/alert-cve-2021-44228.html	Third Party Advisory
security@apache.org	https://www.oracle.com/security-alerts/cpuapr2022.html	Patch, Third Party Advisory
security@apache.org	https://www.oracle.com/security-alerts/cpujan2022.html	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/165225/Apache-Log4j2-2.14.1-Remote-Code-Execution.html	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/165260/VMware-Security-Advisory-2021-0028.html	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/165261/Apache-Log4j2-2.14.1-Information-Disclosure.html	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/165270/Apache-Log4j2-2.14.1-Remote-Code-Execution.html	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/165281/Log4j2-Log4Shell-Regexes.html	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/165282/Log4j-Payload-Generator.html	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/165306/L4sh-Log4j-Remote-Code-Execution.html	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/165307/Log4j-Remote-Code-Execution-Word-Bypassing.html	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/165311/log4j-scan-Extensive-Scanner.html	Third Party Advisory, VDB Entry, Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/165371/VMware-Security-Advisory-2021-0028.4.html	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/165532/Log4Shell-HTTP-Header-Injection.html	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/165642/VMware-vCenter-Server-Unauthenticated-Log4Shell-JNDI-Injection-Remote-Code-Execution.html	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/165673/UniFi-Network-Application-Unauthenticated-Log4Shell-Remote-Code-Execution.html	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/167794/Open-Xchange-App-Suite-7.10.x-Cross-Site-Scripting-Command-Injection.html	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/167917/MobileIron-Log4Shell-Remote-Command-Execution.html	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/171626/AD-Manager-Plus-7122-Remote-Code-Execution.html	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://seclists.org/fulldisclosure/2022/Dec/2	Exploit, Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://seclists.org/fulldisclosure/2022/Jul/11	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://seclists.org/fulldisclosure/2022/Mar/23	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2021/12/10/1	Mailing List, Mitigation, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2021/12/10/2	Mailing List, Mitigation, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2021/12/10/3	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2021/12/13/1	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2021/12/13/2	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2021/12/14/4	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2021/12/15/3	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/cisagov/log4j-affected-db	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/cisagov/log4j-affected-db/blob/develop/SOFTWARE-LIST.md	Broken Link, Product, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-44228	Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.debian.org/debian-lts-announce/2021/12/msg00007.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M5CSVUNV4HWZZXGOKNSK6L7RPM7BOKIB/	Release Notes
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VU57UJDCFIASIO35GC55JMKSRXJMCDFM/	Release Notes
af854a3a-2127-422b-91ae-364da2661108	https://logging.apache.org/log4j/2.x/security.html	Release Notes, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/	Patch, Third Party Advisory, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://security.netapp.com/advisory/ntap-20211210-0007/	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://support.apple.com/kb/HT213189	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://twitter.com/kurtseifried/status/1469345530182455296	Broken Link, Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.bentley.com/en/common-vulnerability-exposure/be-2022-0001	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.debian.org/security/2021/dsa-5020	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.kb.cert.org/vuls/id/930724	Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	https://www.nu11secur1ty.com/2021/12/cve-2021-44228.html	Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.oracle.com/security-alerts/alert-cve-2021-44228.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.oracle.com/security-alerts/cpuapr2022.html	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.oracle.com/security-alerts/cpujan2022.html	Patch, Third Party Advisory

Impacted products

Vendor	Product	Version
siemens	6bk1602-0aa12-0tp0_firmware	*
siemens	6bk1602-0aa12-0tp0	-
siemens	6bk1602-0aa22-0tp0_firmware	*
siemens	6bk1602-0aa22-0tp0	-
siemens	6bk1602-0aa32-0tp0_firmware	*
siemens	6bk1602-0aa32-0tp0	-
siemens	6bk1602-0aa42-0tp0_firmware	*
siemens	6bk1602-0aa42-0tp0	-
siemens	6bk1602-0aa52-0tp0_firmware	*
siemens	6bk1602-0aa52-0tp0	-
apache	log4j	*
apache	log4j	*
apache	log4j	*
apache	log4j	2.0
apache	log4j	2.0
apache	log4j	2.0
apache	log4j	2.0
siemens	sppa-t3000_ses3000_firmware	*
siemens	sppa-t3000_ses3000	-
siemens	capital	*
siemens	capital	2019.1
siemens	capital	2019.1
siemens	comos	*
siemens	desigo_cc_advanced_reports	3.0
siemens	desigo_cc_advanced_reports	4.0
siemens	desigo_cc_advanced_reports	4.1
siemens	desigo_cc_advanced_reports	4.2
siemens	desigo_cc_advanced_reports	5.0
siemens	desigo_cc_advanced_reports	5.1
siemens	desigo_cc_info_center	5.0
siemens	desigo_cc_info_center	5.1
siemens	e-car_operation_center	*
siemens	energy_engage	3.1
siemens	energyip	8.5
siemens	energyip	8.6
siemens	energyip	8.7
siemens	energyip	9.0
siemens	energyip_prepay	*
siemens	gma-manager	*
siemens	head-end_system_universal_device_integration_system	*
siemens	industrial_edge_management	*
siemens	industrial_edge_management_hub	*
siemens	logo\!_soft_comfort	*
siemens	mendix	*
siemens	mindsphere	*
siemens	navigator	*
siemens	nx	*
siemens	opcenter_intelligence	*
siemens	operation_scheduler	*
siemens	sentron_powermanager	4.1
siemens	sentron_powermanager	4.2
siemens	siguard_dsa	*
siemens	sipass_integrated	2.80
siemens	sipass_integrated	2.85
siemens	siveillance_command	*
siemens	siveillance_control_pro	*
siemens	siveillance_identity	1.5
siemens	siveillance_identity	1.6
siemens	siveillance_vantage	*
siemens	siveillance_viewpoint	*
siemens	solid_edge_cam_pro	*
siemens	solid_edge_harness_design	*
siemens	solid_edge_harness_design	2020
siemens	solid_edge_harness_design	2020
siemens	solid_edge_harness_design	2020
siemens	spectrum_power_4	*
siemens	spectrum_power_4	4.70
siemens	spectrum_power_4	4.70
siemens	spectrum_power_4	4.70
siemens	spectrum_power_7	*
siemens	spectrum_power_7	2.30
siemens	spectrum_power_7	2.30
siemens	spectrum_power_7	2.30
siemens	teamcenter	*
siemens	vesys	*
siemens	vesys	2019.1
siemens	vesys	2019.1
siemens	vesys	2019.1
siemens	vesys	2020.1
siemens	vesys	2021.1
siemens	xpedition_enterprise	-
siemens	xpedition_package_integrator	-
intel	computer_vision_annotation_tool	-
intel	datacenter_manager	*
intel	genomics_kernel_library	-
intel	oneapi_sample_browser	-
intel	secure_device_onboard	-
intel	system_studio	-
debian	debian_linux	9.0
debian	debian_linux	10.0
debian	debian_linux	11.0
fedoraproject	fedora	34
fedoraproject	fedora	35
sonicwall	email_security	*
netapp	active_iq_unified_manager	-
netapp	active_iq_unified_manager	-
netapp	active_iq_unified_manager	-
netapp	brocade_san_navigator	-
netapp	cloud_insights	-
netapp	cloud_manager	-
netapp	cloud_secure_agent	-
netapp	oncommand_insight	-
netapp	ontap_tools	-
netapp	snapcenter	-
netapp	solidfire_\&_hci_storage_node	-
netapp	solidfire_enterprise_sds	-
cisco	advanced_malware_protection_virtual_private_cloud_appliance	*
cisco	automated_subsea_tuning	*
cisco	broadworks	*
cisco	business_process_automation	*
cisco	business_process_automation	*
cisco	business_process_automation	*
cisco	cloud_connect	*
cisco	cloudcenter	*
cisco	cloudcenter_cost_optimizer	*
cisco	cloudcenter_suite_admin	*
cisco	cloudcenter_workload_manager	*
cisco	common_services_platform_collector	*
cisco	common_services_platform_collector	*
cisco	connected_mobile_experiences	-
cisco	contact_center_domain_manager	*
cisco	contact_center_management_portal	*
cisco	crosswork_data_gateway	*
cisco	crosswork_data_gateway	3.0.0
cisco	crosswork_network_controller	*
cisco	crosswork_network_controller	3.0.0
cisco	crosswork_optimization_engine	*
cisco	crosswork_optimization_engine	3.0.0
cisco	crosswork_platform_infrastructure	*
cisco	crosswork_platform_infrastructure	4.1.0
cisco	crosswork_zero_touch_provisioning	*
cisco	crosswork_zero_touch_provisioning	3.0.0
cisco	customer_experience_cloud_agent	*
cisco	cyber_vision_sensor_management_extension	*
cisco	data_center_network_manager	*
cisco	data_center_network_manager	11.3\(1\)
cisco	dna_center	*
cisco	dna_center	*
cisco	dna_center	*
cisco	dna_spaces\	_connector
cisco	emergency_responder	*
cisco	enterprise_chat_and_email	*
cisco	evolved_programmable_network_manager	*
cisco	finesse	*
cisco	finesse	12.6\(1\)
cisco	fog_director	-
cisco	identity_services_engine	*
cisco	identity_services_engine	2.4.0
cisco	integrated_management_controller_supervisor	*
cisco	intersight_virtual_appliance	*
cisco	iot_operations_dashboard	-
cisco	network_assurance_engine	*
cisco	network_services_orchestrator	*
cisco	network_services_orchestrator	*
cisco	network_services_orchestrator	*
cisco	network_services_orchestrator	*
cisco	nexus_dashboard	*
cisco	nexus_insights	*
cisco	optical_network_controller	*
cisco	packaged_contact_center_enterprise	*
cisco	packaged_contact_center_enterprise	11.6\(1\)
cisco	paging_server	*
cisco	prime_service_catalog	*
cisco	sd-wan_vmanage	*
cisco	sd-wan_vmanage	*
cisco	sd-wan_vmanage	*
cisco	sd-wan_vmanage	*
cisco	smart_phy	*
cisco	ucs_central	*
cisco	ucs_director	*
cisco	unified_communications_manager	*
cisco	unified_communications_manager	*
cisco	unified_communications_manager	11.5\(1\)
cisco	unified_communications_manager	11.5\(1\)
cisco	unified_communications_manager	11.5\(1\)
cisco	unified_communications_manager	11.5\(1\)su3
cisco	unified_communications_manager_im_and_presence_service	*
cisco	unified_communications_manager_im_and_presence_service	11.5\(1\)
cisco	unified_contact_center_enterprise	*
cisco	unified_contact_center_enterprise	11.6\(2\)
cisco	unified_contact_center_express	*
cisco	unified_customer_voice_portal	*
cisco	unified_customer_voice_portal	11.6
cisco	unified_customer_voice_portal	12.0
cisco	unified_customer_voice_portal	12.5
cisco	unified_intelligence_center	*
cisco	unity_connection	*
cisco	video_surveillance_operations_manager	*
cisco	virtual_topology_system	*
cisco	virtualized_infrastructure_manager	*
cisco	virtualized_infrastructure_manager	*
cisco	virtualized_voice_browser	*
cisco	wan_automation_engine	*
cisco	webex_meetings_server	*
cisco	webex_meetings_server	3.0
cisco	webex_meetings_server	3.0
cisco	webex_meetings_server	3.0
cisco	webex_meetings_server	3.0
cisco	webex_meetings_server	3.0
cisco	webex_meetings_server	3.0
cisco	webex_meetings_server	3.0
cisco	webex_meetings_server	3.0
cisco	webex_meetings_server	3.0
cisco	webex_meetings_server	3.0
cisco	webex_meetings_server	4.0
cisco	webex_meetings_server	4.0
cisco	webex_meetings_server	4.0
cisco	webex_meetings_server	4.0
cisco	workload_optimization_manager	*
cisco	unified_sip_proxy	*
cisco	unified_workforce_optimization	*
cisco	firepower_1010	-
cisco	firepower_1120	-
cisco	firepower_1140	-
cisco	firepower_1150	-
cisco	firepower_2110	-
cisco	firepower_2120	-
cisco	firepower_2130	-
cisco	firepower_2140	-
cisco	firepower_4110	-
cisco	firepower_4112	-
cisco	firepower_4115	-
cisco	firepower_4120	-
cisco	firepower_4125	-
cisco	firepower_4140	-
cisco	firepower_4145	-
cisco	firepower_4150	-
cisco	firepower_9300	-
cisco	fxos	6.2.3
cisco	fxos	6.3.0
cisco	fxos	6.4.0
cisco	fxos	6.5.0
cisco	fxos	6.6.0
cisco	fxos	6.7.0
cisco	fxos	7.0.0
cisco	fxos	7.1.0
cisco	automated_subsea_tuning	02.01.00
cisco	broadworks	-
cisco	cloudcenter_suite	4.10\(0.15\)
cisco	cloudcenter_suite	5.3\(0\)
cisco	cloudcenter_suite	5.4\(1\)
cisco	cloudcenter_suite	5.5\(0\)
cisco	cloudcenter_suite	5.5\(1\)
cisco	common_services_platform_collector	002.009\(000.000\)
cisco	common_services_platform_collector	002.009\(000.001\)
cisco	common_services_platform_collector	002.009\(000.002\)
cisco	common_services_platform_collector	002.009\(001.000\)
cisco	common_services_platform_collector	002.009\(001.001\)
cisco	common_services_platform_collector	002.009\(001.002\)
cisco	common_services_platform_collector	002.010\(000.000\)
cisco	connected_analytics_for_network_deployment	006.004.000.003
cisco	connected_analytics_for_network_deployment	006.005.000.
cisco	connected_analytics_for_network_deployment	006.005.000.000
cisco	connected_analytics_for_network_deployment	007.000.001
cisco	connected_analytics_for_network_deployment	007.001.000
cisco	connected_analytics_for_network_deployment	007.002.000
cisco	connected_analytics_for_network_deployment	7.3
cisco	connected_analytics_for_network_deployment	007.003.000
cisco	connected_analytics_for_network_deployment	007.003.001.001
cisco	connected_analytics_for_network_deployment	007.003.003
cisco	connected_analytics_for_network_deployment	008.000.000
cisco	connected_analytics_for_network_deployment	008.000.000.000.004
cisco	crosswork_network_automation	-
cisco	crosswork_network_automation	2.0.0
cisco	crosswork_network_automation	3.0.0
cisco	crosswork_network_automation	4.1.0
cisco	crosswork_network_automation	4.1.1
cisco	cx_cloud_agent	001.012
cisco	cyber_vision	4.0.2
cisco	cyber_vision_sensor_management_extension	4.0.2
cisco	dna_center	2.2.2.8
cisco	dna_spaces	-
cisco	dna_spaces_connector	-
cisco	emergency_responder	11.5
cisco	emergency_responder	11.5\(4.65000.14\)
cisco	emergency_responder	11.5\(4.66000.14\)
cisco	enterprise_chat_and_email	12.0\(1\)
cisco	enterprise_chat_and_email	12.5\(1\)
cisco	enterprise_chat_and_email	12.6\(1\)
cisco	evolved_programmable_network_manager	3.0
cisco	evolved_programmable_network_manager	3.1
cisco	evolved_programmable_network_manager	4.0
cisco	evolved_programmable_network_manager	4.1
cisco	evolved_programmable_network_manager	5.0
cisco	evolved_programmable_network_manager	5.1
cisco	finesse	12.5\(1\)
cisco	finesse	12.5\(1\)
cisco	finesse	12.6\(1\)
cisco	finesse	12.6\(1\)
cisco	finesse	12.6\(1\)
cisco	finesse	12.6\(1\)
cisco	firepower_threat_defense	6.2.3
cisco	firepower_threat_defense	6.3.0
cisco	firepower_threat_defense	6.4.0
cisco	firepower_threat_defense	6.5.0
cisco	firepower_threat_defense	6.6.0
cisco	firepower_threat_defense	6.7.0
cisco	firepower_threat_defense	7.0.0
cisco	firepower_threat_defense	7.1.0
cisco	identity_services_engine	002.004\(000.914\)
cisco	identity_services_engine	002.006\(000.156\)
cisco	identity_services_engine	002.007\(000.356\)
cisco	identity_services_engine	003.000\(000.458\)
cisco	identity_services_engine	003.001\(000.518\)
cisco	identity_services_engine	003.002\(000.116\)
cisco	integrated_management_controller_supervisor	002.003\(002.000\)
cisco	integrated_management_controller_supervisor	2.3.2.0
cisco	intersight_virtual_appliance	1.0.9-343
cisco	mobility_services_engine	-
cisco	network_assurance_engine	6.0\(2.1912\)
cisco	network_dashboard_fabric_controller	11.0\(1\)
cisco	network_dashboard_fabric_controller	11.1\(1\)
cisco	network_dashboard_fabric_controller	11.2\(1\)
cisco	network_dashboard_fabric_controller	11.3\(1\)
cisco	network_dashboard_fabric_controller	11.4\(1\)
cisco	network_dashboard_fabric_controller	11.5\(1\)
cisco	network_dashboard_fabric_controller	11.5\(2\)
cisco	network_dashboard_fabric_controller	11.5\(3\)
cisco	network_insights_for_data_center	6.0\(2.1914\)
cisco	network_services_orchestrator	-
cisco	optical_network_controller	1.1
cisco	paging_server	8.3\(1\)
cisco	paging_server	8.4\(1\)
cisco	paging_server	8.5\(1\)
cisco	paging_server	9.0\(1\)
cisco	paging_server	9.0\(2\)
cisco	paging_server	9.1\(1\)
cisco	paging_server	12.5\(2\)
cisco	paging_server	14.0\(1\)
cisco	prime_service_catalog	12.1
cisco	sd-wan_vmanage	20.3
cisco	sd-wan_vmanage	20.4
cisco	sd-wan_vmanage	20.5
cisco	sd-wan_vmanage	20.6
cisco	sd-wan_vmanage	20.6.1
cisco	sd-wan_vmanage	20.7
cisco	sd-wan_vmanage	20.8
cisco	smart_phy	3.1.2
cisco	smart_phy	3.1.3
cisco	smart_phy	3.1.4
cisco	smart_phy	3.1.5
cisco	smart_phy	3.2.1
cisco	smart_phy	21.3
cisco	ucs_central_software	2.0
cisco	ucs_central_software	2.0\(1a\)
cisco	ucs_central_software	2.0\(1b\)
cisco	ucs_central_software	2.0\(1c\)
cisco	ucs_central_software	2.0\(1d\)
cisco	ucs_central_software	2.0\(1e\)
cisco	ucs_central_software	2.0\(1f\)
cisco	ucs_central_software	2.0\(1g\)
cisco	ucs_central_software	2.0\(1h\)
cisco	ucs_central_software	2.0\(1k\)
cisco	ucs_central_software	2.0\(1l\)
cisco	unified_communications_manager	11.5\(1.17900.52\)
cisco	unified_communications_manager	11.5\(1.18119.2\)
cisco	unified_communications_manager	11.5\(1.18900.97\)
cisco	unified_communications_manager	11.5\(1.21900.40\)
cisco	unified_communications_manager	11.5\(1.22900.28\)
cisco	unified_communications_manager_im_\&_presence_service	11.5\(1\)
cisco	unified_communications_manager_im_\&_presence_service	11.5\(1.22900.6\)
cisco	unified_computing_system	006.008\(001.000\)
cisco	unified_contact_center_enterprise	11.6\(2\)
cisco	unified_contact_center_enterprise	12.0\(1\)
cisco	unified_contact_center_enterprise	12.5\(1\)
cisco	unified_contact_center_enterprise	12.6\(1\)
cisco	unified_contact_center_enterprise	12.6\(2\)
cisco	unified_contact_center_express	12.5\(1\)
cisco	unified_contact_center_express	12.5\(1\)
cisco	unified_contact_center_express	12.6\(1\)
cisco	unified_contact_center_express	12.6\(2\)
cisco	unified_contact_center_management_portal	12.6\(1\)
cisco	unified_customer_voice_portal	11.6\(1\)
cisco	unified_customer_voice_portal	12.0\(1\)
cisco	unified_customer_voice_portal	12.5\(1\)
cisco	unified_customer_voice_portal	12.6\(1\)
cisco	unified_intelligence_center	12.6\(1\)
cisco	unified_intelligence_center	12.6\(1\)
cisco	unified_intelligence_center	12.6\(1\)
cisco	unified_intelligence_center	12.6\(2\)
cisco	unified_sip_proxy	010.000\(000\)
cisco	unified_sip_proxy	010.000\(001\)
cisco	unified_sip_proxy	010.002\(000\)
cisco	unified_sip_proxy	010.002\(001\)
cisco	unified_workforce_optimization	11.5\(1\)
cisco	unity_connection	11.5
cisco	unity_connection	11.5\(1.10000.6\)
cisco	video_surveillance_manager	7.14\(1.26\)
cisco	video_surveillance_manager	7.14\(2.26\)
cisco	video_surveillance_manager	7.14\(3.025\)
cisco	video_surveillance_manager	7.14\(4.018\)
cisco	virtual_topology_system	2.6.6
cisco	wan_automation_engine	7.1.3
cisco	wan_automation_engine	7.2.1
cisco	wan_automation_engine	7.2.2
cisco	wan_automation_engine	7.2.3
cisco	wan_automation_engine	7.3
cisco	wan_automation_engine	7.4
cisco	wan_automation_engine	7.5
cisco	wan_automation_engine	7.6
cisco	webex_meetings_server	3.0
cisco	webex_meetings_server	4.0
snowsoftware	snow_commander	*
snowsoftware	vm_access_proxy	*
bentley	synchro	*
bentley	synchro_4d	*
percussion	rhythmyx	*
apple	xcode	*

JSON

To clipboard

{
  "cisaActionDue": "2021-12-24",
  "cisaExploitAdd": "2021-12-10",
  "cisaRequiredAction": "For all affected software assets for which updates exist, the only acceptable remediation actions are: 1) Apply updates; OR 2) remove affected assets from agency networks. Temporary mitigations using one of the measures provided at https://www.cisa.gov/uscert/ed-22-02-apache-log4j-recommended-mitigation-measures are only acceptable until updates are available.",
  "cisaVulnerabilityName": "Apache Log4j2 Remote Code Execution Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:6bk1602-0aa12-0tp0_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD64FC36-CC7B-4FD7-9845-7EA1DDB0E627",
              "versionEndExcluding": "2.7.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:6bk1602-0aa12-0tp0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF99FE8F-40D0-48A8-9A40-43119B259535",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:6bk1602-0aa22-0tp0_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0012304-B1C8-460A-B891-42EBF96504F5",
              "versionEndExcluding": "2.7.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:6bk1602-0aa22-0tp0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3F61BCB-64FA-463C-8B95-8868995EDBC0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:6bk1602-0aa32-0tp0_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B02BCF56-D9D3-4BF3-85A2-D445E997F5EC",
              "versionEndExcluding": "2.7.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:6bk1602-0aa32-0tp0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5A189B7-DDBF-4B84-997F-637CEC5FF12B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:6bk1602-0aa42-0tp0_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A2DB5BA-1065-467A-8FB6-81B5EC29DC0C",
              "versionEndExcluding": "2.7.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:6bk1602-0aa42-0tp0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "035AFD6F-E560-43C8-A283-8D80DAA33025",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:6bk1602-0aa52-0tp0_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "809EB87E-561A-4DE5-9FF3-BBEE0FA3706E",
              "versionEndExcluding": "2.7.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:6bk1602-0aa52-0tp0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4594FF76-A1F8-4457-AE90-07D051CD0DCB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "03FA5E81-F9C0-403E-8A4B-E4284E4E7B72",
              "versionEndExcluding": "2.3.1",
              "versionStartIncluding": "2.0.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AED3D5EC-DAD5-4E5F-8BBD-B4E3349D84FC",
              "versionEndExcluding": "2.12.2",
              "versionStartIncluding": "2.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D31D423D-FC4D-428A-B863-55AF472B80DC",
              "versionEndExcluding": "2.15.0",
              "versionStartIncluding": "2.13.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:log4j:2.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "17854E42-7063-4A55-BF2A-4C7074CC2D60",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:log4j:2.0:beta9:*:*:*:*:*:*",
              "matchCriteriaId": "53F32FB2-6970-4975-8BD0-EAE12E9AD03A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:log4j:2.0:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "B773ED91-1D39-42E6-9C52-D02210DE1A94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:log4j:2.0:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "EF24312D-1A62-482E-8078-7EC24758B710",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sppa-t3000_ses3000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8320869-CBF4-4C92-885C-560C09855BFA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sppa-t3000_ses3000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "755BA221-33DD-40A2-A517-8574D042C261",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:capital:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9AAF12D5-7961-4344-B0CC-BE1C673BFE1F",
              "versionEndExcluding": "2019.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:capital:2019.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "19CB7B44-1877-4739-AECB-3E995ED03FC9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:capital:2019.1:sp1912:*:*:*:*:*:*",
              "matchCriteriaId": "A883D9C2-F2A4-459F-8000-EE288DC0DD17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:comos:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9CD4AC6F-B8D3-4588-B3BD-55C9BAF4AAAC",
              "versionEndExcluding": "10.4.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:desigo_cc_advanced_reports:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8AFD64AC-0826-48FB-91B0-B8DF5ECC8775",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:desigo_cc_advanced_reports:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB524B33-68E7-46A2-B5CE-BCD9C3194B8B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:desigo_cc_advanced_reports:4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F852C6D-44A0-4CCE-83C7-4501CAD73F9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:desigo_cc_advanced_reports:4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA61161C-C2E7-4852-963E-E2D3DFBFDC7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:desigo_cc_advanced_reports:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A76AA04A-BB43-4027-895E-D1EACFCDF41B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:desigo_cc_advanced_reports:5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A6B60F3-327B-49B7-B5E4-F1C60896C9BB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:desigo_cc_info_center:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4BCF281E-B0A2-49E2-AEF8-8691BDCE08D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:desigo_cc_info_center:5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A87EFCC4-4BC1-4FEA-BAA4-8FF221838EBD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:e-car_operation_center:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B678380B-E95E-4A8B-A49D-D13B62AA454E",
              "versionEndExcluding": "2021-12-13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:energy_engage:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4557476B-0157-44C2-BB50-299E7C7E1E72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:energyip:8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "991B2959-5AA3-4B68-A05A-42D9860FAA9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:energyip:8.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E5948A0-CA31-41DF-85B6-1E6D09E5720B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:energyip:8.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C08D302-EEAC-45AA-9943-3A5F09E29FAB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:energyip:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D53BA68C-B653-4507-9A2F-177CF456960F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:energyip_prepay:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "536C7527-27E6-41C9-8ED8-564DD0DC4EA0",
              "versionEndExcluding": "3.8.0.12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:gma-manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E180527-5C36-4158-B017-5BEDC0412FD6",
              "versionEndExcluding": "8.6.2j-398",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:head-end_system_universal_device_integration_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AFDADA98-1CD0-45DA-9082-BFC383F7DB97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:industrial_edge_management:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E33D707F-100E-4DE7-A05B-42467DE75EAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:industrial_edge_management_hub:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD3EAC80-44BE-41D2-8D57-0EE3DBA1E1B1",
              "versionEndExcluding": "2021-12-13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:logo\\!_soft_comfort:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AC8AB52-F4F4-440D-84F5-2776BFE1957A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:mendix:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6AF6D774-AC8C-49CA-A00B-A2740CA8FA91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:mindsphere:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "25FADB1B-988D-4DB9-9138-7542AFDEB672",
              "versionEndExcluding": "2021-12-16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:navigator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "48C6A61B-2198-4B9E-8BCF-824643C81EC3",
              "versionEndExcluding": "2021-12-13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:nx:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEE2F7A1-8281-48F1-8BFB-4FE0D7E1AEF4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:opcenter_intelligence:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C07AFA19-21AE-4C7E-AA95-69599834C0EC",
              "versionEndExcluding": "3.5",
              "versionStartIncluding": "3.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:operation_scheduler:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "74D1F4AD-9A60-4432-864F-4505B3C60659",
              "versionEndIncluding": "1.1.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:sentron_powermanager:4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7ABA5332-8D1E-4129-A557-FCECBAC12827",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:sentron_powermanager:4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C3AA865-5570-4C8B-99DE-431AD7B163F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:siguard_dsa:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A4B950B-4527-491B-B111-046DB1CCC037",
              "versionEndExcluding": "4.4.1",
              "versionStartIncluding": "4.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:sipass_integrated:2.80:*:*:*:*:*:*:*",
              "matchCriteriaId": "83E77D85-0AE8-41D6-AC0C-983A8B73C831",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:sipass_integrated:2.85:*:*:*:*:*:*:*",
              "matchCriteriaId": "02B28A44-3708-480D-9D6D-DDF8C21A15EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:siveillance_command:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FC0A575-F771-4B44-A0C6-6A5FD98E5134",
              "versionEndIncluding": "4.16.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:siveillance_control_pro:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D1D6B61-1F17-4008-9DFB-EF419777768E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:siveillance_identity:1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "9772EE3F-FFC5-4611-AD9A-8AD8304291BB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:siveillance_identity:1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF524892-278F-4373-A8A3-02A30FA1AFF4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:siveillance_vantage:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F30DE588-9479-46AA-8346-EA433EE83A5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:siveillance_viewpoint:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4941EAD6-8759-4C72-ABA6-259C0E838216",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:solid_edge_cam_pro:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BF2708F-0BD9-41BF-8CB1-4D06C4EFB777",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:solid_edge_harness_design:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0762031C-DFF1-4962-AE05-0778B27324B9",
              "versionEndExcluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:solid_edge_harness_design:2020:*:*:*:*:*:*:*",
              "matchCriteriaId": "96271088-1D1B-4378-8ABF-11DAB3BB4DDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:solid_edge_harness_design:2020:-:*:*:*:*:*:*",
              "matchCriteriaId": "2595AD24-2DF2-4080-B780-BC03F810B9A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:solid_edge_harness_design:2020:sp2002:*:*:*:*:*:*",
              "matchCriteriaId": "88096F08-F261-4E3E-9EEB-2AB0225CD6F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:spectrum_power_4:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "044994F7-8127-4F03-AA1A-B2AB41D68AF5",
              "versionEndExcluding": "4.70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:spectrum_power_4:4.70:-:*:*:*:*:*:*",
              "matchCriteriaId": "A6CB3A8D-9577-41FB-8AC4-0DF8DE6A519C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:spectrum_power_4:4.70:sp7:*:*:*:*:*:*",
              "matchCriteriaId": "17B7C211-6339-4AF2-9564-94C7DE52EEB7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:spectrum_power_4:4.70:sp8:*:*:*:*:*:*",
              "matchCriteriaId": "DBCCBBBA-9A4F-4354-91EE-10A1460BBA3F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:spectrum_power_7:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "12F81F6B-E455-4367-ADA4-8A5EC7F4754A",
              "versionEndExcluding": "2.30",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:spectrum_power_7:2.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5EF509E-3799-4718-B361-EFCBA17AEEF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:spectrum_power_7:2.30:-:*:*:*:*:*:*",
              "matchCriteriaId": "8CA31645-29FC-4432-9BFC-C98A808DB8CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:spectrum_power_7:2.30:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "BB424991-0B18-4FFC-965F-FCF4275F56C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:teamcenter:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B209EFE-77F2-48CD-A880-ABA0A0A81AB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:vesys:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "72D238AB-4A1F-458D-897E-2C93DCD7BA6C",
              "versionEndExcluding": "2019.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:vesys:2019.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9778339A-EA93-4D18-9A03-4EB4CBD25459",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:vesys:2019.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "1747F127-AB45-4325-B9A1-F3D12E69FFC8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:vesys:2019.1:sp1912:*:*:*:*:*:*",
              "matchCriteriaId": "18BBEF7C-F686-4129-8EE9-0F285CE38845",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:vesys:2020.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "264C7817-0CD5-4370-BC39-E1DF3E932E16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:vesys:2021.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "C7442C42-D493-46B9-BCC2-2C62EAD5B945",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:xpedition_enterprise:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD525494-2807-48EA-AED0-11B9CB5A6A9B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:xpedition_package_integrator:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EDCBF98-A857-48BC-B04D-6F36A1975AA5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:intel:computer_vision_annotation_tool:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "12A06BF8-E4DC-4389-8A91-8AC7598E0009",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:datacenter_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAD1E1F3-F06B-4D17-8854-2CDA7E6D872D",
              "versionEndExcluding": "5.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:genomics_kernel_library:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "18989EBC-E1FB-473B-83E0-48C8896C2E96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:oneapi_sample_browser:-:*:*:*:*:eclipse:*:*",
              "matchCriteriaId": "EDE66B6C-25E5-49AE-B35F-582130502222",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:secure_device_onboard:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "22BEE177-D117-478C-8EAD-9606DEDF9FD5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:system_studio:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC619106-991C-413A-809D-C2410EBA4CDB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
              "matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
              "matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:sonicwall:email_security:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA7D45EF-18F7-43C6-9B51-ABAB7B0CA3CD",
              "versionEndExcluding": "10.0.13",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:linux:*:*",
              "matchCriteriaId": "F3E0B672-3E06-4422-B2A4-0BD073AEC2A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*",
              "matchCriteriaId": "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*",
              "matchCriteriaId": "B55E8D50-99B4-47EC-86F9-699B67D473CE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:brocade_san_navigator:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "25FA7A4D-B0E2-423E-8146-E221AE2D6120",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:cloud_insights:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "26FCA75B-4282-4E0F-95B4-640A82C8E91C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:cloud_manager:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "197D0D80-6702-4B61-B681-AFDBA7D69067",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:cloud_secure_agent:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0F202E8-97E6-4BBB-A0B6-4CA3F5803C08",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:ontap_tools:-:*:*:*:*:vmware_vsphere:*:*",
              "matchCriteriaId": "CBCC384C-5DF0-41AB-B17B-6E9B6CAE8065",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:vmware_vsphere:*:*",
              "matchCriteriaId": "F3A48D58-4291-4D3C-9CEA-BF12183468A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:solidfire_\\\u0026_hci_storage_node:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D452B464-1200-4B72-9A89-42DC58486191",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:solidfire_enterprise_sds:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D18075A-E8D6-48B8-A7FA-54E336A434A2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:advanced_malware_protection_virtual_private_cloud_appliance:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E52AF19-0158-451B-8E36-02CB6406083F",
              "versionEndExcluding": "3.5.4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:automated_subsea_tuning:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB21CFB4-4492-4C5D-BD07-FFBE8B5D92B6",
              "versionEndExcluding": "2.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:broadworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "97426511-9B48-46F5-AC5C-F9781F1BAE2F",
              "versionEndExcluding": "2021.11_1.162",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:business_process_automation:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "82306B9F-AE97-4E29-A8F7-2E5BA52998A7",
              "versionEndExcluding": "3.0.000.115",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:business_process_automation:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C903C85-DC0F-47D8-B8BE-7A666877B017",
              "versionEndExcluding": "3.1.000.044",
              "versionStartIncluding": "3.1.000.000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:business_process_automation:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4C6F9E0-5DCE-431D-AE7E-B680AC1F9332",
              "versionEndExcluding": "3.2.000.009",
              "versionStartIncluding": "3.2.000.000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cloud_connect:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "52CF6199-8028-4076-952B-855984F30129",
              "versionEndExcluding": "12.6\\(1\\)",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cloudcenter:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "622BB8D9-AC81-4C0F-A5C5-C5E51F0BC0D1",
              "versionEndExcluding": "4.10.0.16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cloudcenter_cost_optimizer:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "38FB3CE1-5F62-4798-A825-4E3DB07E868F",
              "versionEndExcluding": "5.5.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cloudcenter_suite_admin:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "29CDB878-B085-448E-AB84-25B1E2D024F8",
              "versionEndExcluding": "5.3.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cloudcenter_workload_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C25FDA96-9490-431F-B8B6-CC2CC272670E",
              "versionEndExcluding": "5.5.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:common_services_platform_collector:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "51CD9E4C-9385-435C-AD18-6C36C8DF7B65",
              "versionEndExcluding": "2.9.1.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:common_services_platform_collector:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC0AC4C1-CB06-4084-BFBB-5B702C384C53",
              "versionEndExcluding": "2.10.0.1",
              "versionStartIncluding": "2.10.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:connected_mobile_experiences:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3871EBD2-F270-435A-B98C-A282E1C52693",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:contact_center_domain_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D4DF34B-E8C2-41C8-90E2-D119B50E4E7E",
              "versionEndExcluding": "12.5\\(1\\)",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:contact_center_management_portal:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8EF64DA-73E4-4E5E-8F9A-B837C947722E",
              "versionEndExcluding": "12.5\\(1\\)",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:crosswork_data_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "66E1E4FC-0B6E-4CFA-B003-91912F8785B2",
              "versionEndExcluding": "2.0.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:crosswork_data_gateway:3.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B2390C3-C319-4F05-8CF0-0D30F9931507",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:crosswork_network_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C154491E-06C7-48B0-AC1D-89BBDBDB902E",
              "versionEndExcluding": "2.0.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:crosswork_network_controller:3.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E98EC48-0CED-4E02-9CCB-06EF751F2BDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:crosswork_optimization_engine:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C569DC2A-CFF6-4E13-A50C-E215A4F96D99",
              "versionEndExcluding": "2.0.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:crosswork_optimization_engine:3.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "258A51AC-6649-4F67-A842-48A7AE4DCEE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:crosswork_platform_infrastructure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DC22505-DE11-4A1B-8C06-1E306419B031",
              "versionEndExcluding": "4.0.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:crosswork_platform_infrastructure:4.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E31AC54-B928-48B5-8293-F5F4A7A8C293",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:crosswork_zero_touch_provisioning:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B8AE870-6FD0-40D2-958B-548E2D7A7B75",
              "versionEndExcluding": "2.0.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:crosswork_zero_touch_provisioning:3.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "68E7D83B-B6AC-45B1-89A4-D18D7A6018DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:customer_experience_cloud_agent:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "17660B09-47AA-42A2-B5FF-8EBD8091C661",
              "versionEndExcluding": "1.12.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision_sensor_management_extension:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBEF9A82-16AE-437A-B8CF-CC7E9B6C4E44",
              "versionEndExcluding": "4.0.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:data_center_network_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "843147AE-8117-4FE9-AE74-4E1646D55642",
              "versionEndExcluding": "11.3\\(1\\)",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:data_center_network_manager:11.3\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "7EB871C9-CA14-4829-AED3-CC2B35E99E92",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:dna_center:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FF8A83D-A282-4661-B133-213A8838FB27",
              "versionEndExcluding": "2.1.2.8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:dna_center:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "139CDAA5-63E9-4E56-AF72-745BD88E4B49",
              "versionEndExcluding": "2.2.2.8",
              "versionStartIncluding": "2.2.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:dna_center:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "01FD99C4-BCB1-417E-ADCE-73314AD2E857",
              "versionEndExcluding": "2.2.3.4",
              "versionStartIncluding": "2.2.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:dna_spaces\\:_connector:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9031BE8A-646A-4581-BDE5-750FB0CE04CB",
              "versionEndExcluding": "2.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:emergency_responder:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "15BED3E2-46FF-4E58-8C5D-4D8FE5B0E527",
              "versionEndExcluding": "11.5\\(4\\)",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:enterprise_chat_and_email:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C950436-2372-4C4B-9B56-9CB48D843045",
              "versionEndExcluding": "12.0\\(1\\)",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B61F186-D943-4711-B3E0-875BB570B142",
              "versionEndIncluding": "4.1.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:finesse:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A285C40-170D-4C95-8031-2C6E4D5FB1D4",
              "versionEndExcluding": "12.6\\(1\\)",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:finesse:12.6\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "3C0F02B5-AA2A-48B2-AE43-38B45532C563",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:fog_director:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "830BDB28-963F-46C3-8D50-638FDABE7F64",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:identity_services_engine:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "54553C65-6BFA-40B1-958D-A4E3289D6B1D",
              "versionEndExcluding": "2.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:identity_services_engine:2.4.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "439948AD-C95D-4FC3-ADD1-C3D241529F12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:integrated_management_controller_supervisor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C2002AE-0F3C-4A06-9B9A-F77A9F700EB2",
              "versionEndExcluding": "2.3.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:intersight_virtual_appliance:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "596A986D-E7DC-4FC4-A776-6FE87A91D7E4",
              "versionEndExcluding": "1.0.9-361",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:iot_operations_dashboard:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD93434E-8E75-469C-B12B-7E2B6EDCAA79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:network_assurance_engine:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "78684844-4974-41AD-BBC1-961F60025CD2",
              "versionEndExcluding": "6.0.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A00D235-FC9C-4EB7-A16C-BB0B09802E61",
              "versionEndExcluding": "5.3.5.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C60FDD1B-898E-4FCB-BDE2-45A7CBDBAF4F",
              "versionEndExcluding": "5.4.5.2",
              "versionStartIncluding": "5.4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7A33E5F-BBC7-4917-9C63-900248B546D9",
              "versionEndExcluding": "5.5.4.1",
              "versionStartIncluding": "5.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "12D98A7C-4992-4E58-A6BD-3D8173C8F2B0",
              "versionEndExcluding": "5.6.3.1",
              "versionStartIncluding": "5.6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:nexus_dashboard:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2DDC1AF-31B5-4F05-B84F-8FD23BE163DA",
              "versionEndExcluding": "2.1.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:nexus_insights:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4540CF6-D33E-4D33-8608-11129D6591FA",
              "versionEndExcluding": "6.0.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:optical_network_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "129A7615-99E7-41F8-8EBC-CEDA10AD89AD",
              "versionEndExcluding": "1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:packaged_contact_center_enterprise:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F46A7AC-C133-442D-984B-BA278951D0BF",
              "versionEndExcluding": "11.6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:packaged_contact_center_enterprise:11.6\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "A1A75AB6-C3A7-4299-B35A-46A4BCD00816",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:paging_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A73E888-C8C2-4AFD-BA60-566D45214BCA",
              "versionEndExcluding": "14.4.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:prime_service_catalog:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B0D0FD0-ABC6-465F-AB8D-FA8788B1B2DD",
              "versionEndExcluding": "12.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sd-wan_vmanage:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D673F6F7-C42A-4538-96F0-34CB4F0CB080",
              "versionEndExcluding": "20.3.4.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sd-wan_vmanage:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD374819-3CED-4260-90B6-E3C1333EAAD2",
              "versionEndExcluding": "20.4.2.1",
              "versionStartIncluding": "20.4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sd-wan_vmanage:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2D89973-94AF-4BE7-8245-275F3FEB30F4",
              "versionEndExcluding": "20.5.1.1",
              "versionStartIncluding": "20.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sd-wan_vmanage:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "91A9A889-2C2B-4147-8108-C35291761C15",
              "versionEndExcluding": "20.6.2.1",
              "versionStartIncluding": "20.6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:smart_phy:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0EEA1EC-C63C-4C7D-BFAE-BA4556332242",
              "versionEndExcluding": "3.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ucs_central:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ACE22D97-42FA-4179-99E5-C2EE582DB7FF",
              "versionEndExcluding": "2.0\\(1p\\)",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ucs_director:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6B5DB6D-9E7D-4403-8028-D7DA7493716B",
              "versionEndExcluding": "6.8.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:-:*:*:*",
              "matchCriteriaId": "B98D7AD5-0590-43FB-8AC0-376C9C500C15",
              "versionEndExcluding": "11.5\\(1\\)",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:session_management:*:*:*",
              "matchCriteriaId": "D9DA1900-9972-4DFD-BE2E-74DABA1ED9A9",
              "versionEndExcluding": "11.5\\(1\\)",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "42A41C41-A370-4C0E-A49D-AD42B2F3FB5C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1\\):*:*:*:-:*:*:*",
              "matchCriteriaId": "7E958AFF-185D-4D55-B74B-485BEAEC42FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1\\):*:*:*:session_management:*:*:*",
              "matchCriteriaId": "F770709C-FFB2-4A4E-A2D8-2EAA23F2E87C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1\\)su3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B85B81F9-8837-426E-8639-AB0712CD1A96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1CCCD27-A247-4720-A2FE-C8ED55D1D0DE",
              "versionEndExcluding": "11.5\\(1\\)",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:11.5\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "34D89C42-AAD9-4B04-9F95-F77681E39553",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "897C8893-B0B6-4D6E-8D70-31B421D80B9A",
              "versionEndExcluding": "11.6\\(2\\)",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:11.6\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "91D62A73-21B5-4D16-A07A-69AED2D40CC0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0492049-D3AC-4512-A4BF-C9C26DA72CB0",
              "versionEndExcluding": "12.5\\(1\\)",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_customer_voice_portal:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3868A8AA-6660-4332-AB0C-089C150D00E7",
              "versionEndExcluding": "11.6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_customer_voice_portal:11.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "58BD72D6-4A79-49C9-9652-AB0136A591FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_customer_voice_portal:12.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A32761FD-B435-4E51-807C-2B245857F90E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_customer_voice_portal:12.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "154F7F71-53C5-441C-8F5C-0A82CB0DEC43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_intelligence_center:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8BD68514-1566-4E7C-879C-76D35084F7BE",
              "versionEndExcluding": "12.6\\(1\\)",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unity_connection:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "65FD3873-2663-4C49-878F-7C65D4B8E455",
              "versionEndExcluding": "11.5\\(1\\)",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:video_surveillance_operations_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0886FB04-24AA-4995-BA53-1E44F94E114E",
              "versionEndExcluding": "7.14.4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:virtual_topology_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C61805C1-1F73-462C-A9CA-BB0CA4E57D0B",
              "versionEndExcluding": "2.6.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:virtualized_infrastructure_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EB39834-0F6D-4BD7-AFEC-DD8BEE46DA50",
              "versionEndExcluding": "3.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:virtualized_infrastructure_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B78DD21-15F2-47A4-8A99-6DB6756920AC",
              "versionEndExcluding": "3.4.4",
              "versionStartIncluding": "3.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:virtualized_voice_browser:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C6222EB-36E1-4CD5-BD69-5A921ED5DA6A",
              "versionEndExcluding": "12.5\\(1\\)",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:wan_automation_engine:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C200CABD-F91B-49C4-A262-C56370E44B4C",
              "versionEndExcluding": "7.3.0.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:webex_meetings_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE22BE9B-374E-43DC-BA91-E3B9699A4C7C",
              "versionEndExcluding": "3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:webex_meetings_server:3.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "61D1081F-87E8-4E8B-BEBD-0F239E745586",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "8D138973-02B0-4FEC-A646-FF1278DA1EDF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "30B55A5B-8C5E-4ECB-9C85-A8A3A3030850",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release3:*:*:*:*:*:*",
              "matchCriteriaId": "14DBEC10-0641-441C-BE15-8F72C1762DCE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release3:-:*:*:*:*:*",
              "matchCriteriaId": "205C1ABA-2A4F-480F-9768-7E3EC43B03F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release3_security_patch4:*:*:*:*:*:*",
              "matchCriteriaId": "D36FE453-C43F-448B-8A59-668DE95468C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release3_security_patch5:*:*:*:*:*:*",
              "matchCriteriaId": "E8DF0944-365F-4149-9059-BDFD6B131DC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release3_service_pack_2:*:*:*:*:*:*",
              "matchCriteriaId": "6B37AA08-13C7-4FD0-8402-E344A270C8F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release3_service_pack_3:*:*:*:*:*:*",
              "matchCriteriaId": "2AA56735-5A5E-4D8C-B09D-DBDAC2B5C8E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release4:*:*:*:*:*:*",
              "matchCriteriaId": "4646849B-8190-4798-833C-F367E28C1881",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:webex_meetings_server:4.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "4D6CF856-093A-4E89-A71D-50A2887C265B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:webex_meetings_server:4.0:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "B36A9043-0621-43CD-BFCD-66529F937859",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:webex_meetings_server:4.0:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "8842B42E-C412-4356-9F54-DFC53B683D3E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:webex_meetings_server:4.0:maintenance_release3:*:*:*:*:*:*",
              "matchCriteriaId": "D25BC647-C569-46E5-AD45-7E315EBEB784",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:workload_optimization_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B468EDA1-CDEF-44D4-9D62-C433CF27F631",
              "versionEndExcluding": "3.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_sip_proxy:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E4905E2-2129-469C-8BBD-EDA258815E2B",
              "versionEndExcluding": "10.2.1v2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_workforce_optimization:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC86AC6C-7C08-4EB9-A588-A034113E4BB1",
              "versionEndExcluding": "11.5\\(1\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FFE3880-4B85-4E23-9836-70875D5109F7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "727A02E8-40A1-4DFE-A3A2-91D628D3044F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1140:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "19F6546E-28F4-40DC-97D6-E0E023FE939B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB3B0EC3-4654-4D90-9D41-7EC2AD1DDF99",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "52D96810-5F79-4A83-B8CA-D015790FCF72",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FE2945-4975-4003-AE48-7E134E167A7F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2130:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCE7122A-5AA7-4ECD-B024-E27C9D0CFB7B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2140:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "976901BF-C52C-4F81-956A-711AF8A60140",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "957D64EB-D60E-4775-B9A8-B21CA48ED3B1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A694AD51-9008-4AE6-8240-98B17AB527EE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "38AE6DC0-2B03-4D36-9856-42530312CC46",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71DCEF22-ED20-4330-8502-EC2DD4C9838F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3DB2822B-B752-4CD9-A178-934957E306B4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "81F4868A-6D62-479C-9C19-F9AABDBB6B24",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "65378F3A-777C-4AE2-87FB-1E7402F9EA1B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "07DAFDDA-718B-4B69-A524-B0CEB80FE960",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:fxos:6.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "82C8AD48-0130-4C20-ADEC-697668E2293B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:fxos:6.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E75EF7C-8D71-4D70-91F0-74FC99A90CC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:fxos:6.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DB7EE7D-8CB4-4804-9F9D-F235608E86E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:fxos:6.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "77571973-2A94-4E15-AC5B-155679C3C565",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:fxos:6.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA405A50-3F31-48ED-9AF1-4B02F5B367DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:fxos:6.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3753953-04E8-4382-A6EC-CD334DD83CF4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:fxos:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4A5F89F-1296-4A0F-A36D-082A481F190F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:fxos:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F50F48AF-44FF-425C-9685-E386F956C901",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:automated_subsea_tuning:02.01.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4D28E76-56D4-4C9A-A660-7CD7E0A1AC9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:broadworks:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD975A0E-00A6-475E-9064-1D64E4291499",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cloudcenter_suite:4.10\\(0.15\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "2E50AC21-DA54-4BC8-A503-1935FD1714C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cloudcenter_suite:5.3\\(0\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "4D05E169-4AF1-4127-A917-056EC2CE781B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cloudcenter_suite:5.4\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "8AD415A2-422E-4F15-A177-C3696FEAFF0C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cloudcenter_suite:5.5\\(0\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "134443B7-7BA8-4B50-8874-D4BF931BECFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cloudcenter_suite:5.5\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "73ADF6EA-CD29-4835-8D72-84241D513AFF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:common_services_platform_collector:002.009\\(000.000\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "BAC1A386-04C7-45B2-A883-1CD9AB60C14B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:common_services_platform_collector:002.009\\(000.001\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "3F0F1639-D69E-473A-8926-827CCF73ACC9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:common_services_platform_collector:002.009\\(000.002\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "F4FDF900-E9D6-454A-BF6B-821620CA59F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:common_services_platform_collector:002.009\\(001.000\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "1859BD43-BA2B-45A5-B523-C6BFD34C7B01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:common_services_platform_collector:002.009\\(001.001\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "1EBC145C-9A2F-4B76-953E-0F690314511C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:common_services_platform_collector:002.009\\(001.002\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "158B7A53-FEC1-4B42-A1E2-E83E99564B07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:common_services_platform_collector:002.010\\(000.000\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "3A378971-1A08-4914-B012-8E24DCDEFC68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:006.004.000.003:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E5CC012-DC85-481A-B82A-9323C19674DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:006.005.000.:*:*:*:*:*:*:*",
              "matchCriteriaId": "76CF59ED-685D-46CD-80A2-AEDA4F03FE53",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:006.005.000.000:*:*:*:*:*:*:*",
              "matchCriteriaId": "960B07C0-E205-47E7-B578-46A0AF559D04",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:007.000.001:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1A194E1-405E-47FA-8CDF-58EB78883ACC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:007.001.000:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E628231-61FB-40AF-A20B-00F5CB78E63B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:007.002.000:*:*:*:*:*:*:*",
              "matchCriteriaId": "2EA25E92-2C76-4722-BA06-53F33C0D961C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "51D2940A-0D03-415B-B72E-1F6862DDAC41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:007.003.000:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B346ADC-00BE-4409-B658-A11351D2A7D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:007.003.001.001:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A0E44A9-C427-493B-868A-8A8DA405E759",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:007.003.003:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2B31E7C-0EB3-4996-8859-DF94A3EE20B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:008.000.000:*:*:*:*:*:*:*",
              "matchCriteriaId": "3EAB3E03-275F-4942-9396-FC7A22F42C8D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:008.000.000.000.004:*:*:*:*:*:*:*",
              "matchCriteriaId": "19DAD751-D170-4914-BAB2-6054DFEEF404",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:crosswork_network_automation:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F429F37-3576-4D8A-9901-359D65EC3CF4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:crosswork_network_automation:2.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F526DEF1-4A3E-4FE1-8153-E9252DAE5B92",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:crosswork_network_automation:3.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C19679D0-F4DC-4130-AFFD-692E5130531A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:crosswork_network_automation:4.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "60D2FBF3-D8AB-41F0-B170-9E56FBF7E2F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:crosswork_network_automation:4.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F60324DD-8450-4B14-A7A1-0D5EA5163580",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cx_cloud_agent:001.012:*:*:*:*:*:*:*",
              "matchCriteriaId": "12F6DFD1-273B-4292-A22C-F2BE0DD3FB3F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:4.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "13EA024C-97A4-4D33-BC3E-51DB77C51E76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision_sensor_management_extension:4.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "85289E35-C7C2-46D0-9BDC-10648DD2C86F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:dna_center:2.2.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "17282822-C082-4FBC-B46D-468DCF8EF6B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:dna_spaces:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5463DA6-5D44-4C32-B46C-E8A2ADD7646B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:dna_spaces_connector:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "54A237CF-A439-4114-AF81-D75582F29573",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:emergency_responder:11.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "A37D19BF-E4F5-4AF4-8942-0C3B62C4BF2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:emergency_responder:11.5\\(4.65000.14\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "EF25688B-6659-4C7C-866D-79AA1166AD7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:emergency_responder:11.5\\(4.66000.14\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "47B70741-90D9-4676-BF16-8A21E147F532",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:enterprise_chat_and_email:12.0\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "ED862A1B-E558-4D44-839C-270488E735BB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:enterprise_chat_and_email:12.5\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "2678AF98-1194-4810-9933-5BA50E409F88",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:enterprise_chat_and_email:12.6\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "37E7DEBD-9E47-4D08-86BC-D1B013450A98",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A935862-18F7-45FE-B647-1A9BA454E304",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "69594997-2568-4C10-A411-69A50BFD175F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EC39E2D-C47B-4311-BC7B-130D432549F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE5E6CBE-D82C-4001-87CB-73DF526F0AB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "460E6456-0E51-45BC-868E-DEEA5E3CD366",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7F58659-A318-42A0-83C5-8F09FCD78982",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:finesse:12.5\\(1\\):su1:*:*:*:*:*:*",
              "matchCriteriaId": "D8A49E46-8501-4697-A17A-249A7D9F5A0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:finesse:12.5\\(1\\):su2:*:*:*:*:*:*",
              "matchCriteriaId": "5D81E7A9-0C2B-4603-91F0-ABF2380DBBA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:finesse:12.6\\(1\\):-:*:*:*:*:*:*",
              "matchCriteriaId": "4DFCE723-9359-40C7-BA35-B71BDF8E3CF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:finesse:12.6\\(1\\):es01:*:*:*:*:*:*",
              "matchCriteriaId": "28B1524E-FDCA-4570-86DD-CE396271B232",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:finesse:12.6\\(1\\):es02:*:*:*:*:*:*",
              "matchCriteriaId": "74DC6F28-BFEF-4D89-93D5-10072DAC39C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:finesse:12.6\\(1\\):es03:*:*:*:*:*:*",
              "matchCriteriaId": "BA1D60D7-1B4A-4EEE-A26C-389D9271E005",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D726F07-06F1-4B0A-B010-E607E0C2A280",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3ED58B0E-FCC7-48E3-A5C0-6CC54A38BAE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2DF0B07-8C2A-4341-8AFF-DE7E5E5B3A43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "41E168ED-D664-4749-805E-77644407EAFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCD69468-8067-4A5D-B2B0-EC510D889AA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "85F22403-B4EE-4303-9C94-915D3E0AC944",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBCA75A6-0A3E-4393-8884-9F3CE190641E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D619BF54-1BA9-45D0-A876-92D7010088A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:identity_services_engine:002.004\\(000.914\\):-:*:*:*:*:*:*",
              "matchCriteriaId": "808F8065-BD3A-4802-83F9-CE132EDB8D34",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:identity_services_engine:002.006\\(000.156\\):-:*:*:*:*:*:*",
              "matchCriteriaId": "B236B13E-93B9-424E-926C-95D3DBC6CA5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:identity_services_engine:002.007\\(000.356\\):-:*:*:*:*:*:*",
              "matchCriteriaId": "8A63CC83-0A6E-4F33-A1BE-214A33B51518",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:identity_services_engine:003.000\\(000.458\\):-:*:*:*:*:*:*",
              "matchCriteriaId": "37DB7759-6529-46DE-B384-10F060D86A97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:identity_services_engine:003.001\\(000.518\\):-:*:*:*:*:*:*",
              "matchCriteriaId": "8C640AD9-146E-488A-B166-A6BB940F97D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:identity_services_engine:003.002\\(000.116\\):-:*:*:*:*:*:*",
              "matchCriteriaId": "DAC1FA7E-CB1B-46E5-A248-ABACECFBD6E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:integrated_management_controller_supervisor:002.003\\(002.000\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "7C3BD5AF-9FC1-494B-A676-CC3D4B8EAC8D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:integrated_management_controller_supervisor:2.3.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F477CACA-2AA0-417C-830D-F2D3AE93153A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:intersight_virtual_appliance:1.0.9-343:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E3BE5E1-A6B6-46C7-B93B-8A9F5AEA2731",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:mobility_services_engine:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "04E0BB7B-0716-4DBD-89B9-BA11AAD77C00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:network_assurance_engine:6.0\\(2.1912\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "64C98A76-0C31-45E7-882B-35AE0D2C5430",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.0\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "379F8D86-BE87-4250-9E85-494D331A0398",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.1\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "71F69E51-E59D-4AE3-B242-D6D2CFDB3F46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.2\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "578DA613-8E15-4748-A4B7-646415449609",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.3\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "544EFAD6-CE2F-4E1D-9A00-043454B72889",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.4\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "2E16DF9C-3B64-4220-82B6-6E20C7807BAA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.5\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "B9CD5B8A-9846-48F1-9495-77081E44CBFC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.5\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "68E6CD49-6F71-4E17-B046-FBE91CE91CB7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.5\\(3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "0BDD8018-7E77-4C89-917E-ACDC678A7DE2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:network_insights_for_data_center:6.0\\(2.1914\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "A7D39156-A47D-405E-8C02-CAE7D637F99A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:network_services_orchestrator:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5426FC59-411D-4963-AFEF-5B55F68B8958",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:optical_network_controller:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "810E9A92-4302-4396-94D3-3003947DB2A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:paging_server:8.3\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "522C36A5-7520-4368-BD92-9AB577756493",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:paging_server:8.4\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "CB2EC4BE-FFAF-4605-8A96-2FEF35975540",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:paging_server:8.5\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "CA1D3C2A-E5FA-400C-AC01-27A3E5160477",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:paging_server:9.0\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "63B27050-997B-4D54-8E5A-CE9E33904318",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:paging_server:9.0\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "5ABF05B8-1B8A-4CCF-A1AD-D8602A247718",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:paging_server:9.1\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "2F74580D-0011-4ED9-9A00-B4CDB6685154",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:paging_server:12.5\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "17A3C22E-1980-49B6-8985-9FA76A77A836",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:paging_server:14.0\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "B1AB42DC-CE58-448A-A6B5-56F31B15F4A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:prime_service_catalog:12.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9DC32B55-0C76-4669-8EAD-DCC16355E887",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sd-wan_vmanage:20.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "6CDA737F-337E-4C30-B68D-EF908A8D6840",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sd-wan_vmanage:20.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "9DC5A89C-CCCF-49EC-B4FC-AB98ACB79233",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sd-wan_vmanage:20.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "4BA4F513-CBA1-4523-978B-D498CEDAE0CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sd-wan_vmanage:20.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C53C6FD-B98E-4F7E-BA4D-391C90CF9E83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sd-wan_vmanage:20.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D00F6719-2C73-4D8D-8505-B9922E8A4627",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sd-wan_vmanage:20.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFE9210F-39C5-4828-9608-6905C1D378D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sd-wan_vmanage:20.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1CEDCE4-CFD1-434B-B157-D63329CBA24A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:smart_phy:3.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "33660EB8-2984-4258-B8AD-141B7065C85E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:smart_phy:3.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0ACA346D-5103-47F0-8BD9-7A8AD9B92E98",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:smart_phy:3.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "A38BDF03-23C8-4BB6-A44D-68818962E7CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:smart_phy:3.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "3104C099-FEDA-466B-93CC-D55F058F7CD3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:smart_phy:3.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "890EA1C7-5990-4C71-857F-197E6F5B4089",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:smart_phy:21.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "56F21CF4-83FE-4529-9871-0FDD70D3095E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ucs_central_software:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9331834-9EAD-46A1-9BD4-F4027E49D0C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ucs_central_software:2.0\\(1a\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "0E707E44-12CD-46C3-9124-639D0265432E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ucs_central_software:2.0\\(1b\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "2FEE8482-DB64-4421-B646-9E5F560D1712",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ucs_central_software:2.0\\(1c\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "4385CE6E-6283-4621-BBD9-8E66E2A34843",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ucs_central_software:2.0\\(1d\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "9A6CDBD4-889B-442D-B272-C8E9A1B6AEC0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ucs_central_software:2.0\\(1e\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "FF1E59F9-CF4F-4EFB-872C-5F503A04CCF4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ucs_central_software:2.0\\(1f\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "1782219F-0C3D-45B7-80C7-D1DAA70D90B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ucs_central_software:2.0\\(1g\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "DDAB3BAD-1EC6-4101-A58D-42DA48D04D0C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ucs_central_software:2.0\\(1h\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "8F7AA674-6BC2-490F-8D8A-F575B11F4BE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ucs_central_software:2.0\\(1k\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "6945C4DE-C070-453E-B641-2F5B9CFA3B6D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ucs_central_software:2.0\\(1l\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "DAB8C7C0-D09B-4232-A88E-57D25AF45457",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1.17900.52\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "ACEDB7B4-EBD4-4A37-9EE3-07EE3B46BE44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1.18119.2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "820D579C-AA45-4DC1-945A-748FFCD51CA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1.18900.97\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "7B23A9A6-CD04-4D76-BE3F-AFAFBB525F5E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1.21900.40\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "A44E6007-7A3A-4AD3-9A65-246C59B73FB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1.22900.28\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "3D508E51-4075-4E34-BB7C-65AF9D56B49F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager_im_\\\u0026_presence_service:11.5\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "376D06D5-D68E-4FF0-97E5-CBA2165A05CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager_im_\\\u0026_presence_service:11.5\\(1.22900.6\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "18ED6B8F-2064-4BBA-A78D-4408F13C724D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_computing_system:006.008\\(001.000\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "94091FE3-AB88-4CF5-8C4C-77B349E716A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:11.6\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "91D62A73-21B5-4D16-A07A-69AED2D40CC0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:12.0\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "53F1314A-9A2C-43DC-8203-E4654EF013CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:12.5\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "0ADE468B-8F0C-490D-BB4C-358D947BA8E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:12.6\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "32FEE78D-309E-491D-9AB6-98005F1CBF49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:12.6\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "878D9901-675D-4444-B094-0BA505E7433F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\):-:*:*:*:*:*:*",
              "matchCriteriaId": "66E25EE4-AB7B-42BF-A703-0C2E83E83577",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\):su1:*:*:*:*:*:*",
              "matchCriteriaId": "D8F35520-F04A-4863-A1BC-0EDD2D1804F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.6\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "EF9855FD-7747-4D9E-9542-703B1EC9A382",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.6\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "E07AF386-D8A5-44F5-A418-940C9F88A36A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_management_portal:12.6\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "113C77DA-AC22-4D67-9812-8510EFC0A95F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_customer_voice_portal:11.6\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "4BE221AB-A3B0-4CFF-9BC0-777773C2EF63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_customer_voice_portal:12.0\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "15941265-1E7E-4C3E-AF1D-027C5E0D3141",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_customer_voice_portal:12.5\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "54AA2B0C-92A1-4B53-88D7-6E31120F5041",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_customer_voice_portal:12.6\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "F9BD7207-85FB-4484-8720-4D11F296AC10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_intelligence_center:12.6\\(1\\):-:*:*:*:*:*:*",
              "matchCriteriaId": "62E009C4-BE3E-4A14-91EF-8F667B2220A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_intelligence_center:12.6\\(1\\):es01:*:*:*:*:*:*",
              "matchCriteriaId": "088512E1-434D-4685-992E-192A98ECAD9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_intelligence_center:12.6\\(1\\):es02:*:*:*:*:*:*",
              "matchCriteriaId": "50A7BBC6-077C-4182-AA7A-577C4AAC3CD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_intelligence_center:12.6\\(2\\):-:*:*:*:*:*:*",
              "matchCriteriaId": "E0536F45-3A49-4F93-942E-AF679DFC7017",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_sip_proxy:010.000\\(000\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "3D54794B-6CD5-46D7-B9E9-62A642143562",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_sip_proxy:010.000\\(001\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "BE844DCA-FF52-43F5-BDD9-836A812A8CFF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_sip_proxy:010.002\\(000\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "07B261EB-CA63-4796-BD15-A6770FD68B34",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_sip_proxy:010.002\\(001\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "29F9067A-B86C-4A6B-ACB7-DB125E04B795",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_workforce_optimization:11.5\\(1\\):sr7:*:*:*:*:*:*",
              "matchCriteriaId": "FAC4CC92-8BA0-4D96-9C48-5E311CDED53F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unity_connection:11.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F2437A5-217A-4CD1-9B72-A31BDDC81F42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unity_connection:11.5\\(1.10000.6\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "9C3CFF0D-BD70-4353-AE2F-6C55F8DE56A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:video_surveillance_manager:7.14\\(1.26\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "2CE47760-0E71-4FCA-97D1-CF0BB71CAC17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:video_surveillance_manager:7.14\\(2.26\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "89B2D4F5-CB86-4B25-8C14-CED59E8A3F22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:video_surveillance_manager:7.14\\(3.025\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "B150B636-6267-4504-940F-DC37ABEFB082",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:video_surveillance_manager:7.14\\(4.018\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "D00B9911-A7CA-467E-B7A3-3AF31828D5D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:virtual_topology_system:2.6.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "B67C08C3-412F-4B7F-B98C-EEAEE77CBE4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:wan_automation_engine:7.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D428C9B-53E1-4D26-BB4D-57FDE02FA613",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:wan_automation_engine:7.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDB41596-FACF-440A-BB6C-8CAD792EC186",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:wan_automation_engine:7.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8C88EE2-5702-4E8B-A144-CB485435FD62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:wan_automation_engine:7.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BC62844-C608-4DB1-A1AD-C1B55128C560",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:wan_automation_engine:7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFF2FFA4-358A-4F33-BC67-A9EF8A30714E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:wan_automation_engine:7.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "53C0BBDE-795E-4754-BB96-4D6D4B5A804F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:wan_automation_engine:7.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A41E377-16F9-423F-8DC2-F6EDD54E1069",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:wan_automation_engine:7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0C2789E-255B-45D9-9469-B5B549A01F53",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:webex_meetings_server:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFAFEC61-2128-4BFA-992D-54742BD4911A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:webex_meetings_server:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F12AF70E-2201-4F5D-A929-A1A057B74252",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:snowsoftware:snow_commander:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2CBCDC4-02DF-47F4-A01C-7CBCB2FF0163",
              "versionEndExcluding": "8.10.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:snowsoftware:vm_access_proxy:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C42D44C8-9894-4183-969B-B38FDA1FEDF9",
              "versionEndExcluding": "3.6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:bentley:synchro:*:*:*:*:pro:*:*:*",
              "matchCriteriaId": "452D8730-F273-4AB4-9221-E82EC2CAAFD8",
              "versionEndExcluding": "6.2.4.2",
              "versionStartIncluding": "6.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bentley:synchro_4d:*:*:*:*:pro:*:*:*",
              "matchCriteriaId": "F2EF5054-EECB-4489-B27A-AACB96B25B97",
              "versionEndExcluding": "6.4.3.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:percussion:rhythmyx:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "16E0A04D-30BE-4AB3-85A1-13AF614C425C",
              "versionEndIncluding": "7.3.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apple:xcode:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0755E91-2F36-4EC3-8727-E8BF0427E663",
              "versionEndExcluding": "13.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects."
    },
    {
      "lang": "es",
      "value": "Las caracter\u00edsticas JNDI de Apache Log4j2 2.0-beta9 hasta 2.15.0 (excluyendo las versiones de seguridad 2.12.2, 2.12.3 y 2.3.1) utilizadas en la configuraci\u00f3n, los mensajes de registro y los par\u00e1metros no protegen contra LDAP controlado por un atacante y otros puntos finales relacionados con JNDI. Un atacante que pueda controlar los mensajes de registro o los par\u00e1metros de los mensajes de registro puede ejecutar c\u00f3digo arbitrario cargado desde servidores LDAP cuando la sustituci\u00f3n de la b\u00fasqueda de mensajes est\u00e1 habilitada. A partir de la versi\u00f3n 2.15.0 de log4j, este comportamiento ha sido deshabilitado por defecto. A partir de la versi\u00f3n 2.16.0 (junto con las versiones 2.12.2, 2.12.3 y 2.3.1), esta funcionalidad se ha eliminado por completo. Tenga en cuenta que esta vulnerabilidad es espec\u00edfica de log4j-core y no afecta a log4net, log4cxx u otros proyectos de Apache Logging Services"
    }
  ],
  "id": "CVE-2021-44228",
  "lastModified": "2025-08-08T18:52:00.230",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 10.0,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 10.0,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.0,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2021-12-10T10:15:09.143",
  "references": [
    {
      "source": "security@apache.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/165225/Apache-Log4j2-2.14.1-Remote-Code-Execution.html"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/165260/VMware-Security-Advisory-2021-0028.html"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/165261/Apache-Log4j2-2.14.1-Information-Disclosure.html"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/165270/Apache-Log4j2-2.14.1-Remote-Code-Execution.html"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/165281/Log4j2-Log4Shell-Regexes.html"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/165282/Log4j-Payload-Generator.html"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/165306/L4sh-Log4j-Remote-Code-Execution.html"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/165307/Log4j-Remote-Code-Execution-Word-Bypassing.html"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry",
        "Broken Link"
      ],
      "url": "http://packetstormsecurity.com/files/165311/log4j-scan-Extensive-Scanner.html"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/165371/VMware-Security-Advisory-2021-0028.4.html"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/165532/Log4Shell-HTTP-Header-Injection.html"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/165642/VMware-vCenter-Server-Unauthenticated-Log4Shell-JNDI-Injection-Remote-Code-Execution.html"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/165673/UniFi-Network-Application-Unauthenticated-Log4Shell-Remote-Code-Execution.html"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/167794/Open-Xchange-App-Suite-7.10.x-Cross-Site-Scripting-Command-Injection.html"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/167917/MobileIron-Log4Shell-Remote-Command-Execution.html"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/171626/AD-Manager-Plus-7122-Remote-Code-Execution.html"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Exploit",
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://seclists.org/fulldisclosure/2022/Dec/2"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://seclists.org/fulldisclosure/2022/Jul/11"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://seclists.org/fulldisclosure/2022/Mar/23"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Mailing List",
        "Mitigation",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2021/12/10/1"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Mailing List",
        "Mitigation",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2021/12/10/2"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2021/12/10/3"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2021/12/13/1"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2021/12/13/2"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2021/12/14/4"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2021/12/15/3"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://github.com/cisagov/log4j-affected-db"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Broken Link",
        "Product",
        "US Government Resource"
      ],
      "url": "https://github.com/cisagov/log4j-affected-db/blob/develop/SOFTWARE-LIST.md"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-44228"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00007.html"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Release Notes"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M5CSVUNV4HWZZXGOKNSK6L7RPM7BOKIB/"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Release Notes"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VU57UJDCFIASIO35GC55JMKSRXJMCDFM/"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Release Notes",
        "Vendor Advisory"
      ],
      "url": "https://logging.apache.org/log4j/2.x/security.html"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Patch",
        "Third Party Advisory",
        "Vendor Advisory"
      ],
      "url": "https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.netapp.com/advisory/ntap-20211210-0007/"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://support.apple.com/kb/HT213189"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Broken Link",
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://twitter.com/kurtseifried/status/1469345530182455296"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.bentley.com/en/common-vulnerability-exposure/be-2022-0001"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://www.debian.org/security/2021/dsa-5020"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://www.kb.cert.org/vuls/id/930724"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://www.nu11secur1ty.com/2021/12/cve-2021-44228.html"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/alert-cve-2021-44228.html"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/165225/Apache-Log4j2-2.14.1-Remote-Code-Execution.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/165260/VMware-Security-Advisory-2021-0028.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/165261/Apache-Log4j2-2.14.1-Information-Disclosure.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/165270/Apache-Log4j2-2.14.1-Remote-Code-Execution.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/165281/Log4j2-Log4Shell-Regexes.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/165282/Log4j-Payload-Generator.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/165306/L4sh-Log4j-Remote-Code-Execution.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/165307/Log4j-Remote-Code-Execution-Word-Bypassing.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry",
        "Broken Link"
      ],
      "url": "http://packetstormsecurity.com/files/165311/log4j-scan-Extensive-Scanner.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/165371/VMware-Security-Advisory-2021-0028.4.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/165532/Log4Shell-HTTP-Header-Injection.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/165642/VMware-vCenter-Server-Unauthenticated-Log4Shell-JNDI-Injection-Remote-Code-Execution.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/165673/UniFi-Network-Application-Unauthenticated-Log4Shell-Remote-Code-Execution.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/167794/Open-Xchange-App-Suite-7.10.x-Cross-Site-Scripting-Command-Injection.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/167917/MobileIron-Log4Shell-Remote-Command-Execution.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/171626/AD-Manager-Plus-7122-Remote-Code-Execution.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://seclists.org/fulldisclosure/2022/Dec/2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://seclists.org/fulldisclosure/2022/Jul/11"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://seclists.org/fulldisclosure/2022/Mar/23"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Mitigation",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2021/12/10/1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Mitigation",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2021/12/10/2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2021/12/10/3"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2021/12/13/1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2021/12/13/2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2021/12/14/4"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2021/12/15/3"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://github.com/cisagov/log4j-affected-db"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Product",
        "US Government Resource"
      ],
      "url": "https://github.com/cisagov/log4j-affected-db/blob/develop/SOFTWARE-LIST.md"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-44228"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00007.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Release Notes"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M5CSVUNV4HWZZXGOKNSK6L7RPM7BOKIB/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Release Notes"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VU57UJDCFIASIO35GC55JMKSRXJMCDFM/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Release Notes",
        "Vendor Advisory"
      ],
      "url": "https://logging.apache.org/log4j/2.x/security.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory",
        "Vendor Advisory"
      ],
      "url": "https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.netapp.com/advisory/ntap-20211210-0007/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://support.apple.com/kb/HT213189"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://twitter.com/kurtseifried/status/1469345530182455296"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.bentley.com/en/common-vulnerability-exposure/be-2022-0001"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://www.debian.org/security/2021/dsa-5020"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://www.kb.cert.org/vuls/id/930724"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://www.nu11secur1ty.com/2021/12/cve-2021-44228.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/alert-cve-2021-44228.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
    }
  ],
  "sourceIdentifier": "security@apache.org",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        },
        {
          "lang": "en",
          "value": "CWE-400"
        },
        {
          "lang": "en",
          "value": "CWE-502"
        }
      ],
      "source": "security@apache.org",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-917"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Secondary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2023-03-23 17:15

Modified

2024-11-21 07:40

Severity ?

6.8 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H
5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

A vulnerability in the IPv6 DHCP (DHCPv6) client module of Cisco Adaptive Security Appliance (ASA) Software, Cisco Firepower Threat Defense (FTD) Software, Cisco IOS Software, and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation of DHCPv6 messages. An attacker could exploit this vulnerability by sending crafted DHCPv6 messages to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. Note: To successfully exploit this vulnerability, the attacker would need to either control the DHCPv6 server or be in a man-in-the-middle position.

References

▼	URL	Tags
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftdios-dhcpv6-cli-Zf3zTv	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftdios-dhcpv6-cli-Zf3zTv	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance_software	9.8.1
cisco	adaptive_security_appliance_software	9.8.1.5
cisco	adaptive_security_appliance_software	9.8.1.7
cisco	adaptive_security_appliance_software	9.8.2
cisco	adaptive_security_appliance_software	9.8.2.8
cisco	adaptive_security_appliance_software	9.8.2.14
cisco	adaptive_security_appliance_software	9.8.2.15
cisco	adaptive_security_appliance_software	9.8.2.17
cisco	adaptive_security_appliance_software	9.8.2.20
cisco	adaptive_security_appliance_software	9.8.2.24
cisco	adaptive_security_appliance_software	9.8.2.26
cisco	adaptive_security_appliance_software	9.8.2.28
cisco	adaptive_security_appliance_software	9.8.2.33
cisco	adaptive_security_appliance_software	9.8.2.35
cisco	adaptive_security_appliance_software	9.8.2.38
cisco	adaptive_security_appliance_software	9.8.2.45
cisco	adaptive_security_appliance_software	9.8.3
cisco	adaptive_security_appliance_software	9.8.3.8
cisco	adaptive_security_appliance_software	9.8.3.11
cisco	adaptive_security_appliance_software	9.8.3.14
cisco	adaptive_security_appliance_software	9.8.3.16
cisco	adaptive_security_appliance_software	9.8.3.18
cisco	adaptive_security_appliance_software	9.8.3.21
cisco	adaptive_security_appliance_software	9.8.3.26
cisco	adaptive_security_appliance_software	9.8.3.29
cisco	adaptive_security_appliance_software	9.8.4
cisco	adaptive_security_appliance_software	9.8.4.3
cisco	adaptive_security_appliance_software	9.8.4.7
cisco	adaptive_security_appliance_software	9.8.4.8
cisco	adaptive_security_appliance_software	9.8.4.10
cisco	adaptive_security_appliance_software	9.8.4.12
cisco	adaptive_security_appliance_software	9.8.4.15
cisco	adaptive_security_appliance_software	9.8.4.17
cisco	adaptive_security_appliance_software	9.8.4.20
cisco	adaptive_security_appliance_software	9.8.4.22
cisco	adaptive_security_appliance_software	9.8.4.25
cisco	adaptive_security_appliance_software	9.8.4.26
cisco	adaptive_security_appliance_software	9.8.4.29
cisco	adaptive_security_appliance_software	9.8.4.32
cisco	adaptive_security_appliance_software	9.8.4.33
cisco	adaptive_security_appliance_software	9.8.4.34
cisco	adaptive_security_appliance_software	9.8.4.35
cisco	adaptive_security_appliance_software	9.8.4.39
cisco	adaptive_security_appliance_software	9.8.4.40
cisco	adaptive_security_appliance_software	9.8.4.41
cisco	adaptive_security_appliance_software	9.8.4.43
cisco	adaptive_security_appliance_software	9.8.4.44
cisco	adaptive_security_appliance_software	9.8.4.45
cisco	adaptive_security_appliance_software	9.9.1
cisco	adaptive_security_appliance_software	9.9.1.2
cisco	adaptive_security_appliance_software	9.9.1.3
cisco	adaptive_security_appliance_software	9.9.1.4
cisco	adaptive_security_appliance_software	9.9.1.5
cisco	adaptive_security_appliance_software	9.9.2
cisco	adaptive_security_appliance_software	9.9.2.1
cisco	adaptive_security_appliance_software	9.9.2.9
cisco	adaptive_security_appliance_software	9.9.2.14
cisco	adaptive_security_appliance_software	9.9.2.18
cisco	adaptive_security_appliance_software	9.9.2.25
cisco	adaptive_security_appliance_software	9.9.2.27
cisco	adaptive_security_appliance_software	9.9.2.32
cisco	adaptive_security_appliance_software	9.9.2.36
cisco	adaptive_security_appliance_software	9.9.2.40
cisco	adaptive_security_appliance_software	9.9.2.47
cisco	adaptive_security_appliance_software	9.9.2.50
cisco	adaptive_security_appliance_software	9.9.2.52
cisco	adaptive_security_appliance_software	9.9.2.56
cisco	adaptive_security_appliance_software	9.9.2.59
cisco	adaptive_security_appliance_software	9.9.2.61
cisco	adaptive_security_appliance_software	9.9.2.66
cisco	adaptive_security_appliance_software	9.9.2.67
cisco	adaptive_security_appliance_software	9.9.2.74
cisco	adaptive_security_appliance_software	9.9.2.80
cisco	adaptive_security_appliance_software	9.9.2.83
cisco	adaptive_security_appliance_software	9.9.2.85
cisco	adaptive_security_appliance_software	9.9.2.235
cisco	adaptive_security_appliance_software	9.10.1
cisco	adaptive_security_appliance_software	9.10.1.2
cisco	adaptive_security_appliance_software	9.10.1.7
cisco	adaptive_security_appliance_software	9.10.1.10
cisco	adaptive_security_appliance_software	9.10.1.11
cisco	adaptive_security_appliance_software	9.10.1.17
cisco	adaptive_security_appliance_software	9.10.1.22
cisco	adaptive_security_appliance_software	9.10.1.27
cisco	adaptive_security_appliance_software	9.10.1.30
cisco	adaptive_security_appliance_software	9.10.1.32
cisco	adaptive_security_appliance_software	9.10.1.37
cisco	adaptive_security_appliance_software	9.10.1.40
cisco	adaptive_security_appliance_software	9.10.1.42
cisco	adaptive_security_appliance_software	9.10.1.44
cisco	adaptive_security_appliance_software	9.12.1
cisco	adaptive_security_appliance_software	9.12.1.2
cisco	adaptive_security_appliance_software	9.12.1.3
cisco	adaptive_security_appliance_software	9.12.2
cisco	adaptive_security_appliance_software	9.12.2.1
cisco	adaptive_security_appliance_software	9.12.2.4
cisco	adaptive_security_appliance_software	9.12.2.5
cisco	adaptive_security_appliance_software	9.12.2.9
cisco	adaptive_security_appliance_software	9.12.3
cisco	adaptive_security_appliance_software	9.12.3.2
cisco	adaptive_security_appliance_software	9.12.3.7
cisco	adaptive_security_appliance_software	9.12.3.9
cisco	adaptive_security_appliance_software	9.12.3.12
cisco	adaptive_security_appliance_software	9.12.4
cisco	adaptive_security_appliance_software	9.12.4.2
cisco	adaptive_security_appliance_software	9.12.4.4
cisco	adaptive_security_appliance_software	9.12.4.7
cisco	adaptive_security_appliance_software	9.12.4.8
cisco	adaptive_security_appliance_software	9.12.4.10
cisco	adaptive_security_appliance_software	9.12.4.13
cisco	adaptive_security_appliance_software	9.12.4.18
cisco	adaptive_security_appliance_software	9.12.4.24
cisco	adaptive_security_appliance_software	9.12.4.26
cisco	adaptive_security_appliance_software	9.12.4.29
cisco	adaptive_security_appliance_software	9.12.4.30
cisco	adaptive_security_appliance_software	9.12.4.35
cisco	adaptive_security_appliance_software	9.12.4.37
cisco	adaptive_security_appliance_software	9.13.1
cisco	adaptive_security_appliance_software	9.13.1.2
cisco	adaptive_security_appliance_software	9.13.1.7
cisco	adaptive_security_appliance_software	9.13.1.10
cisco	adaptive_security_appliance_software	9.13.1.12
cisco	adaptive_security_appliance_software	9.13.1.13
cisco	adaptive_security_appliance_software	9.13.1.16
cisco	adaptive_security_appliance_software	9.13.1.19
cisco	adaptive_security_appliance_software	9.13.1.21
cisco	adaptive_security_appliance_software	9.14.1
cisco	adaptive_security_appliance_software	9.14.1.6
cisco	adaptive_security_appliance_software	9.14.1.10
cisco	adaptive_security_appliance_software	9.14.1.15
cisco	adaptive_security_appliance_software	9.14.1.19
cisco	adaptive_security_appliance_software	9.14.1.30
cisco	adaptive_security_appliance_software	9.14.2
cisco	adaptive_security_appliance_software	9.14.2.4
cisco	adaptive_security_appliance_software	9.14.2.8
cisco	adaptive_security_appliance_software	9.14.2.13
cisco	adaptive_security_appliance_software	9.14.2.15
cisco	adaptive_security_appliance_software	9.14.3
cisco	adaptive_security_appliance_software	9.14.3.1
cisco	adaptive_security_appliance_software	9.14.3.9
cisco	adaptive_security_appliance_software	9.14.3.11
cisco	adaptive_security_appliance_software	9.14.3.13
cisco	adaptive_security_appliance_software	9.14.3.15
cisco	adaptive_security_appliance_software	9.14.3.18
cisco	adaptive_security_appliance_software	9.15.1
cisco	adaptive_security_appliance_software	9.15.1.1
cisco	adaptive_security_appliance_software	9.15.1.7
cisco	adaptive_security_appliance_software	9.15.1.10
cisco	adaptive_security_appliance_software	9.15.1.15
cisco	adaptive_security_appliance_software	9.15.1.16
cisco	adaptive_security_appliance_software	9.15.1.17
cisco	adaptive_security_appliance_software	9.15.1.21
cisco	adaptive_security_appliance_software	9.16.1
cisco	adaptive_security_appliance_software	9.16.1.28
cisco	adaptive_security_appliance_software	9.16.2
cisco	adaptive_security_appliance_software	9.16.2.3
cisco	adaptive_security_appliance_software	9.16.2.7
cisco	adaptive_security_appliance_software	9.16.2.11
cisco	adaptive_security_appliance_software	9.17.1
cisco	firepower_threat_defense	9.8.1
cisco	firepower_threat_defense	9.8.1.5
cisco	firepower_threat_defense	9.8.1.7
cisco	firepower_threat_defense	9.8.2
cisco	firepower_threat_defense	9.8.2.8
cisco	firepower_threat_defense	9.8.2.14
cisco	firepower_threat_defense	9.8.2.15
cisco	firepower_threat_defense	9.8.2.17
cisco	firepower_threat_defense	9.8.2.20
cisco	firepower_threat_defense	9.8.2.24
cisco	firepower_threat_defense	9.8.2.26
cisco	firepower_threat_defense	9.8.2.28
cisco	firepower_threat_defense	9.8.2.33
cisco	firepower_threat_defense	9.8.2.35
cisco	firepower_threat_defense	9.8.2.38
cisco	firepower_threat_defense	9.8.2.45
cisco	firepower_threat_defense	9.8.3
cisco	firepower_threat_defense	9.8.3.8
cisco	firepower_threat_defense	9.8.3.11
cisco	firepower_threat_defense	9.8.3.14
cisco	firepower_threat_defense	9.8.3.16
cisco	firepower_threat_defense	9.8.3.18
cisco	firepower_threat_defense	9.8.3.21
cisco	firepower_threat_defense	9.8.3.26
cisco	firepower_threat_defense	9.8.3.29
cisco	firepower_threat_defense	9.8.4
cisco	firepower_threat_defense	9.8.4.3
cisco	firepower_threat_defense	9.8.4.7
cisco	firepower_threat_defense	9.8.4.8
cisco	firepower_threat_defense	9.8.4.10
cisco	firepower_threat_defense	9.8.4.12
cisco	firepower_threat_defense	9.8.4.15
cisco	firepower_threat_defense	9.8.4.17
cisco	firepower_threat_defense	9.8.4.20
cisco	firepower_threat_defense	9.8.4.22
cisco	firepower_threat_defense	9.8.4.25
cisco	firepower_threat_defense	9.8.4.26
cisco	firepower_threat_defense	9.8.4.29
cisco	firepower_threat_defense	9.8.4.32
cisco	firepower_threat_defense	9.8.4.33
cisco	firepower_threat_defense	9.8.4.34
cisco	firepower_threat_defense	9.8.4.35
cisco	firepower_threat_defense	9.8.4.39
cisco	firepower_threat_defense	9.8.4.40
cisco	firepower_threat_defense	9.8.4.41
cisco	firepower_threat_defense	9.8.4.43
cisco	firepower_threat_defense	9.8.4.44
cisco	firepower_threat_defense	9.8.4.45
cisco	firepower_threat_defense	9.9.1
cisco	firepower_threat_defense	9.9.1.2
cisco	firepower_threat_defense	9.9.1.3
cisco	firepower_threat_defense	9.9.1.4
cisco	firepower_threat_defense	9.9.1.5
cisco	firepower_threat_defense	9.9.2
cisco	firepower_threat_defense	9.9.2.1
cisco	firepower_threat_defense	9.9.2.9
cisco	firepower_threat_defense	9.9.2.14
cisco	firepower_threat_defense	9.9.2.18
cisco	firepower_threat_defense	9.9.2.25
cisco	firepower_threat_defense	9.9.2.27
cisco	firepower_threat_defense	9.9.2.32
cisco	firepower_threat_defense	9.9.2.36
cisco	firepower_threat_defense	9.9.2.40
cisco	firepower_threat_defense	9.9.2.47
cisco	firepower_threat_defense	9.9.2.50
cisco	firepower_threat_defense	9.9.2.52
cisco	firepower_threat_defense	9.9.2.56
cisco	firepower_threat_defense	9.9.2.59
cisco	firepower_threat_defense	9.9.2.61
cisco	firepower_threat_defense	9.9.2.66
cisco	firepower_threat_defense	9.9.2.67
cisco	firepower_threat_defense	9.9.2.74
cisco	firepower_threat_defense	9.9.2.80
cisco	firepower_threat_defense	9.9.2.83
cisco	firepower_threat_defense	9.9.2.85
cisco	firepower_threat_defense	9.9.2.235
cisco	firepower_threat_defense	9.10.1
cisco	firepower_threat_defense	9.10.1.2
cisco	firepower_threat_defense	9.10.1.7
cisco	firepower_threat_defense	9.10.1.10
cisco	firepower_threat_defense	9.10.1.11
cisco	firepower_threat_defense	9.10.1.17
cisco	firepower_threat_defense	9.10.1.22
cisco	firepower_threat_defense	9.10.1.27
cisco	firepower_threat_defense	9.10.1.30
cisco	firepower_threat_defense	9.10.1.32
cisco	firepower_threat_defense	9.10.1.37
cisco	firepower_threat_defense	9.10.1.40
cisco	firepower_threat_defense	9.10.1.42
cisco	firepower_threat_defense	9.10.1.44
cisco	firepower_threat_defense	9.12.1
cisco	firepower_threat_defense	9.12.1.2
cisco	firepower_threat_defense	9.12.1.3
cisco	firepower_threat_defense	9.12.2
cisco	firepower_threat_defense	9.12.2.1
cisco	firepower_threat_defense	9.12.2.4
cisco	firepower_threat_defense	9.12.2.5
cisco	firepower_threat_defense	9.12.2.9
cisco	firepower_threat_defense	9.12.3
cisco	firepower_threat_defense	9.12.3.2
cisco	firepower_threat_defense	9.12.3.7
cisco	firepower_threat_defense	9.12.3.9
cisco	firepower_threat_defense	9.12.3.12
cisco	firepower_threat_defense	9.12.4
cisco	firepower_threat_defense	9.12.4.2
cisco	firepower_threat_defense	9.12.4.4
cisco	firepower_threat_defense	9.12.4.7
cisco	firepower_threat_defense	9.12.4.8
cisco	firepower_threat_defense	9.12.4.10
cisco	firepower_threat_defense	9.12.4.13
cisco	firepower_threat_defense	9.12.4.18
cisco	firepower_threat_defense	9.12.4.24
cisco	firepower_threat_defense	9.12.4.26
cisco	firepower_threat_defense	9.12.4.29
cisco	firepower_threat_defense	9.12.4.30
cisco	firepower_threat_defense	9.12.4.35
cisco	firepower_threat_defense	9.12.4.37
cisco	firepower_threat_defense	9.13.1
cisco	firepower_threat_defense	9.13.1.2
cisco	firepower_threat_defense	9.13.1.7
cisco	firepower_threat_defense	9.13.1.10
cisco	firepower_threat_defense	9.13.1.12
cisco	firepower_threat_defense	9.13.1.13
cisco	firepower_threat_defense	9.13.1.16
cisco	firepower_threat_defense	9.13.1.19
cisco	firepower_threat_defense	9.13.1.21
cisco	firepower_threat_defense	9.14.1
cisco	firepower_threat_defense	9.14.1.6
cisco	firepower_threat_defense	9.14.1.10
cisco	firepower_threat_defense	9.14.1.15
cisco	firepower_threat_defense	9.14.1.19
cisco	firepower_threat_defense	9.14.1.30
cisco	firepower_threat_defense	9.14.2
cisco	firepower_threat_defense	9.14.2.4
cisco	firepower_threat_defense	9.14.2.8
cisco	firepower_threat_defense	9.14.2.13
cisco	firepower_threat_defense	9.14.2.15
cisco	firepower_threat_defense	9.14.3
cisco	firepower_threat_defense	9.14.3.1
cisco	firepower_threat_defense	9.14.3.9
cisco	firepower_threat_defense	9.14.3.11
cisco	firepower_threat_defense	9.14.3.13
cisco	firepower_threat_defense	9.14.3.15
cisco	firepower_threat_defense	9.14.3.18
cisco	firepower_threat_defense	9.15.1
cisco	firepower_threat_defense	9.15.1.1
cisco	firepower_threat_defense	9.15.1.7
cisco	firepower_threat_defense	9.15.1.10
cisco	firepower_threat_defense	9.15.1.15
cisco	firepower_threat_defense	9.15.1.16
cisco	firepower_threat_defense	9.15.1.17
cisco	firepower_threat_defense	9.15.1.21
cisco	firepower_threat_defense	9.16.1
cisco	firepower_threat_defense	9.16.1.28
cisco	firepower_threat_defense	9.16.2
cisco	firepower_threat_defense	9.16.2.3
cisco	firepower_threat_defense	9.16.2.7
cisco	firepower_threat_defense	9.16.2.11
cisco	firepower_threat_defense	9.17.1
cisco	ios	17.8.1
cisco	ios_xe	17.8.1
cisco	1100-4g_integrated_services_router	-
cisco	1100-4p_integrated_services_router	-
cisco	1100-6g_integrated_services_router	-
cisco	1100-8p_integrated_services_router	-
cisco	1101-4p_integrated_services_router	-
cisco	1101_integrated_services_router	-
cisco	1109-2p_integrated_services_router	-
cisco	1109-4p_integrated_services_router	-
cisco	1109_integrated_services_router	-
cisco	1111x-8p_integrated_services_router	-
cisco	1111x_integrated_services_router	-
cisco	111x_integrated_services_router	-
cisco	1120_integrated_services_router	-
cisco	1131_integrated_services_router	-
cisco	1160_integrated_services_router	-
cisco	4000_integrated_services_router	-
cisco	4221_integrated_services_router	-
cisco	4321_integrated_services_router	-
cisco	4331_integrated_services_router	-
cisco	4351_integrated_services_router	-
cisco	4431_integrated_services_router	-
cisco	4451-x_integrated_services_router	-
cisco	4451_integrated_services_router	-
cisco	4461_integrated_services_router	-
cisco	8101-32fh	-
cisco	8101-32h	-
cisco	8102-64h	-
cisco	8201	-
cisco	8201-32fh	-
cisco	8202	-
cisco	8800_12-slot	-
cisco	8800_18-slot	-
cisco	8800_4-slot	-
cisco	8800_8-slot	-
cisco	8804	-
cisco	8808	-
cisco	8812	-
cisco	8818	-
cisco	8831	-
cisco	asr_1000	-
cisco	asr_1000-esp100	-
cisco	asr_1000-esp100-x	-
cisco	asr_1000-esp200-x	-
cisco	asr_1000-x	-
cisco	asr_1001	-
cisco	asr_1001-hx	-
cisco	asr_1001-x	-
cisco	asr_1001-x_r	-
cisco	asr_1002	-
cisco	asr_1002-hx	-
cisco	asr_1002-hx_r	-
cisco	asr_1002-x	-
cisco	asr_1002-x_r	-
cisco	asr_1004	-
cisco	asr_1006	-
cisco	asr_1006-x	-
cisco	asr_1009-x	-
cisco	asr_1013	-
cisco	asr_1023	-
cisco	asr_900	-
cisco	asr_9000	-
cisco	asr_9000v	-
cisco	asr_9000v	v2
cisco	asr_9001	-
cisco	asr_9006	-
cisco	asr_9010	-
cisco	asr_902	-
cisco	asr_902u	-
cisco	asr_903	-
cisco	asr_907	-
cisco	catalyst_3650	-
cisco	catalyst_3650-12x48fd-e	-
cisco	catalyst_3650-12x48fd-l	-
cisco	catalyst_3650-12x48fd-s	-
cisco	catalyst_3650-12x48uq	-
cisco	catalyst_3650-12x48uq-e	-
cisco	catalyst_3650-12x48uq-l	-
cisco	catalyst_3650-12x48uq-s	-
cisco	catalyst_3650-12x48ur	-
cisco	catalyst_3650-12x48ur-e	-
cisco	catalyst_3650-12x48ur-l	-
cisco	catalyst_3650-12x48ur-s	-
cisco	catalyst_3650-12x48uz	-
cisco	catalyst_3650-12x48uz-e	-
cisco	catalyst_3650-12x48uz-l	-
cisco	catalyst_3650-12x48uz-s	-
cisco	catalyst_3650-24pd	-
cisco	catalyst_3650-24pd-e	-
cisco	catalyst_3650-24pd-l	-
cisco	catalyst_3650-24pd-s	-
cisco	catalyst_3650-24pdm	-
cisco	catalyst_3650-24pdm-e	-
cisco	catalyst_3650-24pdm-l	-
cisco	catalyst_3650-24pdm-s	-
cisco	catalyst_3650-24ps-e	-
cisco	catalyst_3650-24ps-l	-
cisco	catalyst_3650-24ps-s	-
cisco	catalyst_3650-24td-e	-
cisco	catalyst_3650-24td-l	-
cisco	catalyst_3650-24td-s	-
cisco	catalyst_3650-24ts-e	-
cisco	catalyst_3650-24ts-l	-
cisco	catalyst_3650-24ts-s	-
cisco	catalyst_3650-48fd-e	-
cisco	catalyst_3650-48fd-l	-
cisco	catalyst_3650-48fd-s	-
cisco	catalyst_3650-48fq	-
cisco	catalyst_3650-48fq-e	-
cisco	catalyst_3650-48fq-l	-
cisco	catalyst_3650-48fq-s	-
cisco	catalyst_3650-48fqm	-
cisco	catalyst_3650-48fqm-e	-
cisco	catalyst_3650-48fqm-l	-
cisco	catalyst_3650-48fqm-s	-
cisco	catalyst_3650-48fs-e	-
cisco	catalyst_3650-48fs-l	-
cisco	catalyst_3650-48fs-s	-
cisco	catalyst_3650-48pd-e	-
cisco	catalyst_3650-48pd-l	-
cisco	catalyst_3650-48pd-s	-
cisco	catalyst_3650-48pq-e	-
cisco	catalyst_3650-48pq-l	-
cisco	catalyst_3650-48pq-s	-
cisco	catalyst_3650-48ps-e	-
cisco	catalyst_3650-48ps-l	-
cisco	catalyst_3650-48ps-s	-
cisco	catalyst_3650-48td-e	-
cisco	catalyst_3650-48td-l	-
cisco	catalyst_3650-48td-s	-
cisco	catalyst_3650-48tq-e	-
cisco	catalyst_3650-48tq-l	-
cisco	catalyst_3650-48tq-s	-
cisco	catalyst_3650-48ts-e	-
cisco	catalyst_3650-48ts-l	-
cisco	catalyst_3650-48ts-s	-
cisco	catalyst_3650-8x24pd-e	-
cisco	catalyst_3650-8x24pd-l	-
cisco	catalyst_3650-8x24pd-s	-
cisco	catalyst_3650-8x24uq	-
cisco	catalyst_3650-8x24uq-e	-
cisco	catalyst_3650-8x24uq-l	-
cisco	catalyst_3650-8x24uq-s	-
cisco	catalyst_3850	-
cisco	catalyst_3850-12s-e	-
cisco	catalyst_3850-12s-s	-
cisco	catalyst_3850-12x48u	-
cisco	catalyst_3850-12xs-e	-
cisco	catalyst_3850-12xs-s	-
cisco	catalyst_3850-16xs-e	-
cisco	catalyst_3850-16xs-s	-
cisco	catalyst_3850-24p-e	-
cisco	catalyst_3850-24p-l	-
cisco	catalyst_3850-24p-s	-
cisco	catalyst_3850-24pw-s	-
cisco	catalyst_3850-24s-e	-
cisco	catalyst_3850-24s-s	-
cisco	catalyst_3850-24t-e	-
cisco	catalyst_3850-24t-l	-
cisco	catalyst_3850-24t-s	-
cisco	catalyst_3850-24u	-
cisco	catalyst_3850-24u-e	-
cisco	catalyst_3850-24u-l	-
cisco	catalyst_3850-24u-s	-
cisco	catalyst_3850-24xs	-
cisco	catalyst_3850-24xs-e	-
cisco	catalyst_3850-24xs-s	-
cisco	catalyst_3850-24xu	-
cisco	catalyst_3850-24xu-e	-
cisco	catalyst_3850-24xu-l	-
cisco	catalyst_3850-24xu-s	-
cisco	catalyst_3850-32xs-e	-
cisco	catalyst_3850-32xs-s	-
cisco	catalyst_3850-48f-e	-
cisco	catalyst_3850-48f-l	-
cisco	catalyst_3850-48f-s	-
cisco	catalyst_3850-48p-e	-
cisco	catalyst_3850-48p-l	-
cisco	catalyst_3850-48p-s	-
cisco	catalyst_3850-48pw-s	-
cisco	catalyst_3850-48t-e	-
cisco	catalyst_3850-48t-l	-
cisco	catalyst_3850-48t-s	-
cisco	catalyst_3850-48u	-
cisco	catalyst_3850-48u-e	-
cisco	catalyst_3850-48u-l	-
cisco	catalyst_3850-48u-s	-
cisco	catalyst_3850-48xs	-
cisco	catalyst_3850-48xs-e	-
cisco	catalyst_3850-48xs-f-e	-
cisco	catalyst_3850-48xs-f-s	-
cisco	catalyst_3850-48xs-s	-
cisco	catalyst_3850-nm-2-40g	-
cisco	catalyst_3850-nm-8-10g	-
cisco	catalyst_8200	-
cisco	catalyst_8300-1n1s-4t2x	-
cisco	catalyst_8300-1n1s-6t	-
cisco	catalyst_8300-2n2s-4t2x	-
cisco	catalyst_8300-2n2s-6t	-
cisco	catalyst_8500-4qc	-
cisco	catalyst_8500l	-
cisco	catalyst_8510csr	-
cisco	catalyst_8510msr	-
cisco	catalyst_8540csr	-
cisco	catalyst_8540msr	-
cisco	catalyst_9200	-
cisco	catalyst_9200cx	-
cisco	catalyst_9200l	-
cisco	catalyst_9300	-
cisco	catalyst_9300-24p-a	-
cisco	catalyst_9300-24p-e	-
cisco	catalyst_9300-24s-a	-
cisco	catalyst_9300-24s-e	-
cisco	catalyst_9300-24t-a	-
cisco	catalyst_9300-24t-e	-
cisco	catalyst_9300-24u-a	-
cisco	catalyst_9300-24u-e	-
cisco	catalyst_9300-24ux-a	-
cisco	catalyst_9300-24ux-e	-
cisco	catalyst_9300-48p-a	-
cisco	catalyst_9300-48p-e	-
cisco	catalyst_9300-48s-a	-
cisco	catalyst_9300-48s-e	-
cisco	catalyst_9300-48t-a	-
cisco	catalyst_9300-48t-e	-
cisco	catalyst_9300-48u-a	-
cisco	catalyst_9300-48u-e	-
cisco	catalyst_9300-48un-a	-
cisco	catalyst_9300-48un-e	-
cisco	catalyst_9300-48uxm-a	-
cisco	catalyst_9300-48uxm-e	-
cisco	catalyst_9300l	-
cisco	catalyst_9300l-24p-4g-a	-
cisco	catalyst_9300l-24p-4g-e	-
cisco	catalyst_9300l-24p-4x-a	-
cisco	catalyst_9300l-24p-4x-e	-
cisco	catalyst_9300l-24t-4g-a	-
cisco	catalyst_9300l-24t-4g-e	-
cisco	catalyst_9300l-24t-4x-a	-
cisco	catalyst_9300l-24t-4x-e	-
cisco	catalyst_9300l-48p-4g-a	-
cisco	catalyst_9300l-48p-4g-e	-
cisco	catalyst_9300l-48p-4x-a	-
cisco	catalyst_9300l-48p-4x-e	-
cisco	catalyst_9300l-48t-4g-a	-
cisco	catalyst_9300l-48t-4g-e	-
cisco	catalyst_9300l-48t-4x-a	-
cisco	catalyst_9300l-48t-4x-e	-
cisco	catalyst_9300l_stack	-
cisco	catalyst_9300lm	-
cisco	catalyst_9300x	-
cisco	catalyst_9400	-
cisco	catalyst_9400_supervisor_engine-1	-
cisco	catalyst_9407r	-
cisco	catalyst_9410r	-
cisco	catalyst_9500	-
cisco	catalyst_9500h	-
cisco	catalyst_9600	-
cisco	catalyst_9600_supervisor_engine-1	-
cisco	catalyst_9600x	-
cisco	catalyst_9800	-
cisco	catalyst_9800-40	-
cisco	catalyst_9800-40_wireless_controller	-
cisco	catalyst_9800-80	-
cisco	catalyst_9800-80_wireless_controller	-
cisco	catalyst_9800-cl	-
cisco	catalyst_9800-l	-
cisco	catalyst_9800-l-c	-
cisco	catalyst_9800-l-f	-
cisco	catalyst_9800_embedded_wireless_controller	-
cisco	cbr8_converged_broadband_router	-
cisco	cg418-e	-
cisco	cg522-e	-
cisco	cloud_services_router_1000v	-
cisco	esr-6300-con-k9	-
cisco	esr-6300-ncp-k9	-
cisco	ess-3300-24t-con-a	-
cisco	ess-3300-24t-con-e	-
cisco	ess-3300-24t-ncp-a	-
cisco	ess-3300-24t-ncp-e	-
cisco	ess-3300-con-a	-
cisco	ess-3300-con-e	-
cisco	ess-3300-ncp-a	-
cisco	ess-3300-ncp-e	-
cisco	ess9300-10x-e	-
cisco	ie-3200-8p2s-e	-
cisco	ie-3200-8t2s-e	-
cisco	ie-3300-8p2s-a	-
cisco	ie-3300-8p2s-e	-
cisco	ie-3300-8t2s-a	-
cisco	ie-3300-8t2s-e	-
cisco	ie-3300-8t2x-a	-
cisco	ie-3300-8t2x-e	-
cisco	ie-3300-8u2x-a	-
cisco	ie-3300-8u2x-e	-
cisco	ie-3400-8p2s-a	-
cisco	ie-3400-8p2s-e	-
cisco	ie-3400-8t2s-a	-
cisco	ie-3400-8t2s-e	-
cisco	ie-9310-26s2c	-
cisco	ie-9320-26s2c	-
cisco	integrated_services_virtual_router	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D482F818-0A8E-49D7-8E3E-0958019FA629",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E7BFB57-BC02-4930-A02F-83583E6A0FC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "026F1960-C879-4611-A60A-96311B63CCA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAF8B33E-0C95-467D-A865-0A234E69D0CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFF144F5-D933-4DE4-818C-001BD9E3958A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "00112ED3-FE7B-425B-9A28-1E5F2BC8BB01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDD491D5-FAAB-493F-91A6-D2F3B5F5970E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "1519F49D-588F-4B70-B38F-EF4F3E13FEAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "15354443-5EB7-4712-B2DE-61DB33830759",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "248D6B44-E134-4DEC-A947-636824E3FDFA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "0820A79C-F3EF-407F-9AC7-DCAB4CD39C89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D3E8805-85D2-4345-8076-039513209A31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "14BB907B-D75A-4F5E-B20D-5457A71A70EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "F118B803-4C55-436A-A136-0C1FEA49858F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.38:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A272121-408E-45F6-A2A1-0BA6EBC060A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.45:*:*:*:*:*:*:*",
              "matchCriteriaId": "61C3A433-0792-434E-AC90-A84B346499D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "980CEA3B-5A81-4E8C-BEA3-DD31BE7DA2CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3910211-D4DB-4CA7-BBEA-DD8246FF10ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "C260BF30-7A33-4C70-9509-404856C93666",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF894850-39EC-4B57-BBFF-F1AB4F8389A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1FAFCF9-0ABE-483E-9604-329762BB7870",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "83DB4278-3126-4765-97C4-6C0A8C78DA78",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "174E631B-6099-47DE-8790-BBF4B7FDB8CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FE3538B-F612-4105-BFDE-A4B594482DCF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "3143B0FF-C855-485E-A908-E48974B1643C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "26DD9992-6D98-4E03-9599-ECF38A186FBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "24DCEAE6-355B-40AE-A7C8-AF744FCA8A86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "2097E81E-B422-4B93-AF09-F300A0E8AF71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "454DEA31-A607-4054-82D3-24A4FEB7358F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "57F0B213-8187-4465-84F1-FB8D92B36020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "E540771E-BA0B-42D1-8251-B576B0F142C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEC2A833-BECF-4000-A592-6113A84C2D20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "077F1416-924A-4D25-9CEE-3BD66A96A019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BDC8D92-D6E0-40EE-B190-D2B32C7DEB75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "23CD5619-E534-4F40-998D-39DC19FA0451",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5D0EB11-14B1-44B3-8D46-B9DD872F772C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FA399CF-12DB-42E0-A66F-14508B52A453",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B5A7608-E737-420E-9B5E-836600DAC701",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.32:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7EB6801-336D-4F41-ADE7-1C58C63C3F6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "8413DA41-02A5-4269-8C88-9DD5076AF91B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.34:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA00285F-6914-4749-8A47-FC4EDAFFF3C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "4AA4D367-32B9-4F54-8352-A959F61A1FDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "2259FF9E-0C8B-440F-B1AC-51BDE3F60E68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C522B55-904D-4C08-B73E-1457D877C0AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "4483056A-FBF3-4E00-81EB-1E97334EF240",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.43:*:*:*:*:*:*:*",
              "matchCriteriaId": "48677330-06AB-4C7F-B2AD-F7E465A9632A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.44:*:*:*:*:*:*:*",
              "matchCriteriaId": "7AEA80D2-5DB8-4334-9A88-7DDE395832C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.45:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB1C38A5-1028-4AD3-8CC7-A00091091E76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C50642A-B123-4503-9EBB-32CDB67E44D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "39B646DA-3317-4285-9CB3-1D90B8F54266",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "97AC204B-9376-4760-8EF7-58F6EC68C936",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "75846B12-CC4D-4277-B12D-2C2D0DF1C706",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "289317DE-77AB-48AF-8CF2-00E9EB85F364",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC44F77D-C48E-46DA-B7B7-9D772D043B4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6445101B-54E3-4511-9D45-001CBE70203A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA4A0F4E-1330-456C-8C5E-C9F76BAF651F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "F181EF65-D795-4ABB-B464-40B24B29ECA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "C49A0CF5-EF87-4228-8B88-859A1E1AB7B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2CC4146-D447-4E5A-8CBB-60664CDE05BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.27:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF1150A5-B314-4798-BE10-25E6F979ADA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.32:*:*:*:*:*:*:*",
              "matchCriteriaId": "44FC4B71-584F-444F-957C-99E045AA4140",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.36:*:*:*:*:*:*:*",
              "matchCriteriaId": "E25FBC5B-3FD8-461A-99DE-4120D62CA914",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1608733-4D00-4169-AAA2-2ACB7DCE01E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.47:*:*:*:*:*:*:*",
              "matchCriteriaId": "390781EE-6B38-4C25-9BBC-10D67F858678",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.50:*:*:*:*:*:*:*",
              "matchCriteriaId": "332C4752-27EA-43ED-A42D-9C0E250C2F15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.52:*:*:*:*:*:*:*",
              "matchCriteriaId": "A29D95A7-C9FB-424C-90E4-1D2F0FB27917",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.56:*:*:*:*:*:*:*",
              "matchCriteriaId": "16C3345B-61DA-4565-80DC-7C0645E076D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.59:*:*:*:*:*:*:*",
              "matchCriteriaId": "547BBEE2-E4C8-43C7-B0CB-A40DBF0457AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.61:*:*:*:*:*:*:*",
              "matchCriteriaId": "86F29A49-1E28-4483-BE05-6409DFBF6FC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.66:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD0E70B2-E401-4F27-9033-5061BD8BA3D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.67:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5D43506-BB40-4490-A3D0-D4B56D01F931",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.74:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6F94E7F-2455-4C23-B055-3C759571D986",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.80:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B3FB946-FEC6-42F8-AFC3-40F581F7126B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.83:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A6CF74B-A6AC-4081-BA20-AB1C7DCF8850",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.85:*:*:*:*:*:*:*",
              "matchCriteriaId": "6ED3B3FD-B44F-464B-9B4E-2650A62EEF3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.235:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A2806C4-C1C7-4B10-A015-C5C922A9526F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "69289C72-01B5-4280-A382-665C1224C850",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.10.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A774BF55-3B8C-4E0A-BE73-93189E8E1CC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.10.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC46F5E6-5385-46A9-997B-ED543B71CE25",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.10.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F083BA6-04C8-44DF-8E3E-77C550F31C89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.10.1.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "C445E350-259B-41DB-BAFF-EB1B023C4648",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.10.1.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "E65D4505-C562-41C1-8CFE-1ABE807D83FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.10.1.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3F91FE1-433C-4263-AA0C-1EB5166B07D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.10.1.27:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF4E6F0E-1729-4EFD-9B4B-76A39F1B7ABF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.10.1.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D1A5740-7C1A-45D7-8767-5C50E09F2268",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.10.1.32:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA9D78E4-EFEB-4D2F-989C-CB976E1B5C91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.10.1.37:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1B8ADDF-2845-4F6D-8920-A4909150927C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.10.1.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "B422EED4-C9AA-411A-8203-270862FFFFA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.10.1.42:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF1F99D0-F529-44DE-BB26-2279688DFCCA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.10.1.44:*:*:*:*:*:*:*",
              "matchCriteriaId": "46CE7CFE-6DAB-47D5-87EB-9607BBD41E1F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F002FD55-F881-450E-BC1B-8073E188F47E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA940C4F-13BB-465F-BB8D-CBD0109BF012",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B0434F5-9A50-4B57-9C5B-E09415D098C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE727035-06CB-4E37-A9D2-96BD54502120",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FE52B81-2CF8-48E5-A7BA-A163A25A669B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8E8D7C9-5272-40E6-869B-B33959F9F0CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE8D5D71-5C85-4644-8A84-F073549ADB50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "0790DDC2-7BA0-42DC-A157-754C0CBBE178",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "882394EA-70C8-4D86-9AEF-5D273D8E518C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "855AD3CC-F404-48C5-80D2-7F2765D16D72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "26B6BF72-9124-4213-B3C0-BD31B46E8C91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE8FBE89-8FDA-4B9B-BA1A-90FFD482A585",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "149C3872-8DA9-48DD-ADD0-2E84C1A76A40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2D33E8C-294A-4C43-8DB6-9DA9F61F0B3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E23ACB0-DF8B-4672-A819-4DCD3104CE4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4723B88-62BA-40E6-AA89-BAC02D6A036F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C698819-3C8E-4A16-8F52-42FF1E54C076",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D3CE74E-59E7-448A-8417-18F97C05C798",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "0986C171-0E75-4F6F-A9BD-276830104E5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "66A2777A-7831-4324-AEB2-5D93B5F6C04B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "37045680-9189-4B7F-A4F7-4E682FE20A09",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6C9F37B-CF3C-4861-A969-C7CF4946274A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A1DAF21-3FED-4691-9D4C-8FD8CEA7FB3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB938E58-4963-4A31-8836-88E958592B30",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E317897-EE97-44F3-96BB-E54228D72A7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EF7FAB2-158D-4C48-9246-E7AD3BF1D801",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.37:*:*:*:*:*:*:*",
              "matchCriteriaId": "056D43AE-ECDB-40D2-A196-18DDCD02629E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.13.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D9AE545-A469-41C7-BD95-3CC80AF8067B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.13.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3255DB9E-85A5-48ED-90AA-6A7A55A0B1F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.13.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "02B6C9A0-B941-4C7C-BFE9-F1D837D5ADBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.13.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "77E783FD-5D4B-4C4F-BBFE-1186EFDFEF3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.13.1.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "40145CFB-CEE8-4ABA-A9C2-BA262B7A9AEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.13.1.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "23C82327-5362-4876-8058-EB51030CD5DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.13.1.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C700CC9-E16F-4C05-915D-1CA39257ACCB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.13.1.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "3ABDBB94-BA4F-4991-A703-0D7DDF999CBF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.13.1.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "D59B6947-1953-4C86-A76C-7A881CD3A502",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "52D83C3A-ED0B-42D5-A08A-97D27E189875",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "A649E319-D408-4AA2-8293-C9E37AF14BA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4187EFE-4D7E-4493-A6E0-24C98256CF79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "6730194F-5069-40AB-AE66-871D3992560C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E257F98-D1A0-4D28-9504-1749CC090D49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FF1A5FC-73BE-4218-86D9-2E81FA64EABD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E492943-6EC0-4E34-9DBC-DD1C2CF1CDCC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "589E46F3-8038-4B87-8C40-55C6268B82F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F3B73F6-139E-42DC-B895-DDD17B5A1138",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A2590E7-FE04-4B29-B36B-AABAA5F3B9AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E4FD5E3-7E82-4294-8B05-D2045D857029",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E998A4A-5346-4CFA-A617-FD1106C6B7A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "91265549-A16E-4A00-A031-4F1EB8D6881C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA3C316B-5485-4CDD-A1A1-6C0A9CB4719F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECE6D033-7B8B-4F61-B653-0C0EF13466EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "14441650-DAD5-4959-83DF-4D6F3D6A05FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B21ABC9-A64B-43E4-8951-1E6C0F427DBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "A48EC041-322F-422D-B95B-0FC07BDA2B6B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA0B9B73-A9E6-4924-9EAE-B57E534938FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "012812C4-EFF8-465F-A771-134BEB617CC9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "E06141A9-8C37-445A-B58A-45739AFE7D4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "7EDC09E5-51D3-4672-B910-B34A9CBD6128",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "71ED7A71-81CB-444C-A4ED-EA4A58D5E73C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "CAD13331-0EB8-4C8D-85CC-D96CA9F829AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "7137F22B-F993-4620-9378-9412DAEA9EF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "923A40E8-6456-4288-B9AB-DBF5F9C4246A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "13F57A86-6284-4269-823E-B30C57185D14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.1.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6560447-039C-40FA-A24D-C8994AC2743B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "378ED826-F5FE-40BA-9FC0-9C185A13518B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "130B6FD9-764D-4EF8-91AA-37E52AE9B3E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "225861CE-FFF8-4AFA-A07B-CB8D5BC9C361",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD08C4E8-3ADB-4048-9B3C-4F0385201523",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "27ACBA2A-87A7-4836-A474-AFD7D22F820D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AAC0A7B7-2FE5-40ED-80F3-70F6CC2065F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "B066DB88-FB86-467E-8AE2-3AC76B202082",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A356E12-DFC8-45D3-A72B-133C72011A85",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "40955D09-9351-436D-A93A-266913CFE407",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCDA8B7D-108E-4851-BDDD-E81C58131B8D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.2.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "975AA7EF-3BE1-4112-AAAE-80C678DF06FE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.2.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDDC513A-8B98-4904-BC39-E178D6CABD86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.2.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6A4E4A8-3FB8-4EAA-ADD8-D8A48269C7A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.2.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "E00E1A95-4D81-4D8C-8E9F-02F9866DEC19",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.2.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "968A5890-B604-4AF7-88FD-52512DE60A0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.2.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3390375-1D75-4D28-AA2B-4D28FC006B2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.2.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "134FBA88-E8BF-4757-9ED5-449A03ED4FEB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.2.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "17F83FA7-11A1-48D1-AAD9-80EB8330C576",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.2.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "2250FD43-E360-4BB9-8444-47C6014E77F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.2.38:*:*:*:*:*:*:*",
              "matchCriteriaId": "33E18DBD-6477-4DEF-9A4F-884F0987C89C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.2.45:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8F86296-B25B-4807-942F-C411B2B168A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "41A26F87-4A82-4BF1-9B69-3FDA62659237",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "82B5E7C5-CE7E-45CF-9B02-D174F99D3379",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A59FF9C-0A15-4F9F-A807-5F4B5FDD83F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0912860-7B6E-4AF9-8208-0F51A11B0CBD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.3.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "1136F1DA-65C0-4D46-87EE-63A5EA8BCC82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEA9D4DA-1CC3-4F76-8AC2-936DF68608A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.3.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1A05215-3700-4DF3-8CDF-25E40065B539",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.3.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBE017C1-28CE-4219-9BC4-E7AC61A836E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.3.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDB86586-4D1A-415D-9070-EAAFFFF670AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2443A527-3A65-4226-A643-B683072CB664",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA645994-0744-446B-96EA-21915AF3BEC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA1E87A4-A9EB-4BFC-9070-F32ABD32D33C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5B63317-7612-4B7C-8AE8-F18AEFAF4560",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CF8BD7E-31C0-4F05-A092-64D9918ED5DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BBD9E97-0BC5-4120-8E03-1EE9D11E3359",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.4.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D724096-92CD-457E-8CC5-B8099A8E3187",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.4.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "66EA1792-85AC-4AD1-8213-A992F623D743",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.4.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "86C7966B-2EB0-4970-B2D5-9F892F2D1C8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.4.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "50C1D4AD-01C0-4591-9308-625FEF736D7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.4.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EE06D7A-8DF5-4C98-AEDB-CF0DC5DFF565",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.4.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B9027F6-F91E-49D3-9328-C72E18625292",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.4.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1C4EBE8-60A7-4F71-959A-1127DAF2A262",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.4.32:*:*:*:*:*:*:*",
              "matchCriteriaId": "3484693F-1D88-44AA-B739-6E0B2C359A4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.4.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "413E425D-9BD5-4A9B-9FE6-6190C488C1D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.4.34:*:*:*:*:*:*:*",
              "matchCriteriaId": "753121F0-AE17-49FE-B5F3-71DFBD9A4634",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.4.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "A583EEC5-7EA9-422E-8C1C-4C28CDBC65F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.4.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FDAA778-942A-433F-88E5-359490AA28CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.4.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DC8A5AE-032F-49C7-B1D3-FA68351E9C3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.4.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0F554EB-CCF5-4779-B199-B5F54DDEF79A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.4.43:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2FD6008-65F5-4AA5-A824-674863D55F3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.4.44:*:*:*:*:*:*:*",
              "matchCriteriaId": "21908446-BEEC-4E62-AC98-A29CC1130C71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.4.45:*:*:*:*:*:*:*",
              "matchCriteriaId": "66F24887-C173-4EEB-A299-104C1E3FA701",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "646F1EBB-24EA-45B3-8437-071BE1040989",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.9.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6CA92DBD-4500-4295-9E21-14E06E0FDC81",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.9.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA6D89F7-1EAF-4091-9FF1-A0B70F76B41D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.9.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C24AF6C-7C97-4C76-97B7-6CF98513D2C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.9.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4AD2276-DA52-4A03-A991-3C9B736FFBE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "10A10EF3-3BF1-413F-89C4-A157C70F8CDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.9.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "09AC6A1C-1080-4B70-A324-A7EF270270DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.9.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4C48DE3-1096-42D0-BA55-9B8F46F1C9E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.9.2.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC25AD63-0715-476D-BC9E-66E99091BF4F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.9.2.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CC2F017-C961-46C6-BB73-7B57367A48D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.9.2.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "553EF6FF-05DF-4B05-83D9-D7E4B45B5CEA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.9.2.27:*:*:*:*:*:*:*",
              "matchCriteriaId": "028E165F-B8E3-4BC9-B235-B9CFD2D0E54B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.9.2.32:*:*:*:*:*:*:*",
              "matchCriteriaId": "36999788-BB3C-45C6-A4A3-28572AE3B579",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.9.2.36:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFEE1329-0C49-4149-AA4A-64E76429F7E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.9.2.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "D45CD1F1-53F3-466A-B217-C68A57248A16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.9.2.47:*:*:*:*:*:*:*",
              "matchCriteriaId": "020A76EE-85E4-4064-BFF3-10F6F2FD1244",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.9.2.50:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B344394-1F5C-4272-B62F-372AA8C6FE5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.9.2.52:*:*:*:*:*:*:*",
              "matchCriteriaId": "272B4F25-F353-402F-A8C3-2CA59A7F091F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.9.2.56:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB33B59A-8448-4DF1-9CC9-AE1AAB1DFA4F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.9.2.59:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FDE7264-FC49-4E03-A540-28BD79BFFCD3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.9.2.61:*:*:*:*:*:*:*",
              "matchCriteriaId": "83D572BA-D27D-4CF2-A5A6-50A6FB03F681",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.9.2.66:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD1F5272-79BD-4847-83F7-B55D8D93172F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.9.2.67:*:*:*:*:*:*:*",
              "matchCriteriaId": "9EE6074A-133D-4553-A089-1F679B9D788C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.9.2.74:*:*:*:*:*:*:*",
              "matchCriteriaId": "56F76A7D-8832-4873-8172-BD2FF68B79C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.9.2.80:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A1DD620-7DC3-464B-8BED-205ECF2B49EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.9.2.83:*:*:*:*:*:*:*",
              "matchCriteriaId": "C219B2E1-8B1E-477C-9119-86C2D1575CDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.9.2.85:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0A50CAA-619B-4814-91A9-4D71110A6DD4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.9.2.235:*:*:*:*:*:*:*",
              "matchCriteriaId": "959A700C-7F5B-4BB2-8DE7-313952301540",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0C1682E-F944-4A15-AD8D-FB15848C025F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.10.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C3B3E6-ED15-4AAE-A02D-224E6A738C72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.10.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4C62CB3-06EB-4D7B-9C45-C920A30B3CDA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.10.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "FDA9B25D-D9D7-470B-9B82-8FD818D4AAAB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.10.1.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF4F41B3-AF10-4E3B-AA94-22AF79D40D7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.10.1.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E9F83CC-E66B-4FAB-A816-5F340E4D4A36",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.10.1.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD19AC6E-4BF9-4644-B45A-09E73B31ED07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.10.1.27:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2CE675D-2530-43FD-AF4D-F7AF70B86132",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.10.1.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "9838B80F-503A-4E24-B59B-5C7D219D49FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.10.1.32:*:*:*:*:*:*:*",
              "matchCriteriaId": "8AF7E033-CF74-4F83-B857-0E0D04470C4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.10.1.37:*:*:*:*:*:*:*",
              "matchCriteriaId": "4589D214-DF24-4DBD-8778-F22A1118E2E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.10.1.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5159338-D8B3-449B-9BF2-7586B81BBD45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.10.1.42:*:*:*:*:*:*:*",
              "matchCriteriaId": "540FC6EA-4C1B-47E1-8C9D-8CBC12625DD1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.10.1.44:*:*:*:*:*:*:*",
              "matchCriteriaId": "60050A86-D4C3-4BDD-9106-33306BD8E953",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.12.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "55711FD3-EF2E-4247-883B-03A40FD97612",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "91495846-B9D1-4EBD-9AB3-3B93B85AC279",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.12.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2C17961-8069-4D62-ABC1-DCAB7329C3FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.12.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2D742BF-6E32-4510-A484-EB478EE12132",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.12.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED71E067-9788-4369-BD9B-DAC3AA1A26BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.12.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "344AAD16-48F8-470F-A292-1CA3D21A75D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.12.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF6A591D-2AC6-4A28-B6CD-BD2A3F8D3C26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.12.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "95EC0A62-B604-4913-B52F-478FA03A5949",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.12.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "934198F1-D461-4881-B8C7-8CCECB730FA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.12.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E357084A-5E12-41E8-9944-1451A55A2D13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.12.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5D877E6-5623-41B0-BE45-4D8697DF1715",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.12.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA3917D9-E072-4474-B236-AE25875AA509",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.12.3.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "0561BA9E-415A-4D2A-95A2-0C4A706E19A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.12.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "52E4A054-1837-436E-A1BF-68FF5213EE91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.12.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2CC50D9-10AC-4098-8C09-E46A3BB2DB2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.12.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "420D097B-8D7F-455A-8FFD-3D07722CB232",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.12.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBBAE927-0B79-4EFA-BC6B-08134B03DAB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.12.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B9CA5A8-6C58-44DA-8786-0A1784D73A0E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.12.4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "42E47AFC-3BC4-4B8D-AC45-D71A0DB8937C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.12.4.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "A81420A1-7B35-4C48-AF03-82F0ACDEC038",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.12.4.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FAC37E6-81AC-4B7C-9C8B-EE9AFB4EF36B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.12.4.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD9D1E08-2203-4C5D-A6CA-1041312AAAC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.12.4.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "874B8CDA-1A5B-4F26-B7DF-34204FD481CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.12.4.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9C2D047-BE9B-4A8C-A34E-77D9F1E4EEA4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.12.4.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0481146-DDE9-4B0A-907E-867CCCA79F8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.12.4.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA8D47A5-60F7-48F7-B8D1-BCE9E9976CFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.12.4.37:*:*:*:*:*:*:*",
              "matchCriteriaId": "6362C627-390E-4183-B6D2-981E0EA1C89F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.13.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "49124883-9210-4876-AD9A-1D907EE2FFE2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.13.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "22A1C8D0-526A-4688-9699-5E1937A89180",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.13.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5D130D9-8913-489E-BAA4-B0B14250B8FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.13.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "80D17185-7BD2-43A3-951D-CC593D4E9017",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.13.1.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "93C908AA-D9C0-4205-A551-7E9D9834E01B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.13.1.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C9A8FE6-F25E-497D-A3EF-69FC6A5DC881",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.13.1.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "8BD4E146-6C60-4F37-A882-E1AA166A4E68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.13.1.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "909E97F3-0F3C-42E1-94D9-C785594F78DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.13.1.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "38348775-81CD-4DD0-B3FE-3B5F9A3CACD6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.14.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "22038B43-6CE2-413A-8334-32BF9137E574",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.14.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "15464E33-3166-4401-993D-FEB12DBF0CC1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.14.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BEAC68D-1A73-492B-A932-50048090A855",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.14.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "82EB29B3-F12B-41DC-B573-3FFC0EB9D26B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.14.1.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "41F732E6-A003-4B38-9057-A962C7EDFC6D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.14.1.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AF57890-3CD7-41A3-A93A-4E3609CA1BF1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.14.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2183862-4E0A-4046-AA22-53B8CFFAE9C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.14.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "B87C2BF2-D4F5-43FD-805C-B93D752ABAD6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.14.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "21AF5911-BFE9-414B-AD39-F1E2E06377C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.14.2.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "02C8586E-8BBE-45FA-80AA-5C1F2AC79BD5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.14.2.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "4726A373-71E1-4E12-BEBB-62DF6293B45B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.14.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "03F02586-FB92-4A39-8141-A9BD55C52D6B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.14.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D66B0B2F-B191-47A2-917E-AC4616CC39AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.14.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "88A3E2E8-2E7E-469F-B396-902706C5863F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.14.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "E247E151-E5C3-4A39-AA3F-BA77FBD743D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.14.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "73F35B92-5A4B-4194-A7F0-721E12F7A427",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.14.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7F58F94-4010-4B3F-BD37-5DB291BFC082",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.14.3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "756045B0-6A52-4B98-9EE3-455A71F39034",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.15.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E02DCB5D-818B-498E-B077-6C73568EC7A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.15.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C65E767-7E10-45CE-B46D-32A512D37E02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.15.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9B33FEB-0DB6-4F2F-BCB8-67CB26C5F127",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.15.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "03700A91-CFC9-4038-AEC6-1D693F2577C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.15.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "929439FB-D5E7-4E13-979B-8F0E407E17B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.15.1.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "C107667C-A223-4EA1-ABB0-45E0AC6E0A1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.15.1.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "143F8F07-9B3B-4015-AC57-B17F007D92E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.15.1.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "A963BCC1-C1EF-4294-AF84-6969807E9B60",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.16.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "52E31CF5-7241-4DC5-97F9-C2EFC9E44A90",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.16.1.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0D20C10-2129-4AEE-87A1-05BD05690823",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.16.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D84F31E-6830-4B79-BC20-584E622E3861",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.16.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A45DA2B-089E-476D-B2B5-18337AA54B6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.16.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CA21B4B-0D0D-4F43-AC83-D979EFCCCBAD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.16.2.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D06B1D5-4CDE-406C-A667-1A2226B5229A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.17.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D5859D3-D831-44BB-A72C-E2509054BB6B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios:17.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "130B8DBD-7530-4A92-8044-39C097411EEF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7592C7E3-3735-425F-A276-9EE03224CD5E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:1100-4g_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F77CD6A-83DA-4F31-A128-AD6DAECD623B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1100-4p_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2D2305B-B69E-4F74-A44E-07B3205CE9F7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1100-6g_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B68B363-3C57-4E95-8B13-0F9B59D551F7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1100-8p_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "26DD41B3-1D1D-44D3-BA8E-5A66AFEE77E6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1101-4p_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AAD4397-6DCF-493A-BD61-3A890F6F3AB2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1101_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EB8A757-7888-4AC2-BE44-B89DB83C6C77",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1109-2p_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F2F0A8E-97F6-41AC-BE67-4B2D60F9D36B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1109-4p_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB9229F3-7BCE-46C4-9879-D57B5BAAE44E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1109_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B80890A8-E3D3-462C-B125-9E9BC6525B02",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1111x-8p_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5A606FE-E6F1-43F9-B1CD-D9DF35FC3573",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1111x_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0547E196-5991-4C33-823A-342542E9DFD3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:111x_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "802CBFC1-8A2F-4BF7-A1D3-00622C33BE16",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1120_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7AFE0FC1-EEBC-42F0-88B0-4AF5B76DDD97",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1131_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3F374DC-B9F7-4515-A064-01BB436CA984",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1160_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D916389F-54DB-44CB-91DD-7CE3C7059350",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4000_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE82335E-ECEC-47BD-BC4A-5FDEA08D1A18",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4221_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C8AED7C-DDA3-4C29-BB95-6518C02C551A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4321_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9421DBEF-AE42-4234-B49F-FCC34B804D7F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4331_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5419CB9F-241F-4431-914F-2659BE27BEA5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4351_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DE02DBE-EAD5-4F37-8AB7-DF46A605A0E2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4431_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5720462A-BE6B-4E84-A1A1-01E80BBA86AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4451-x_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "818CEFA6-208C-43C3-8E43-474A93ADCF21",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4451_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "82225D40-537F-41D2-B1C4-1B7D06466B06",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4461_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8B60888-6E2B-494E-AC65-83337661EE7D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8101-32fh:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E055F58F-F9FB-4B27-841E-61ECAB5F42B8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8101-32h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B832863-E366-46ED-BC35-838762F0CE29",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8102-64h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3C3DDAC-7D0F-4D1D-9632-F001F2EB5D34",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8201:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D8E7FFF-82A8-4ECB-BA0C-CBF0C2FDA3A3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8201-32fh:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "528BE0D3-E5ED-4836-B0D8-0C8508C5BDD7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8202:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "87DC4C2F-01C5-4D89-8D79-E5D28EDAD0F2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8800_12-slot:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B4318C0-0FD0-46B3-8E23-94EC53A34A20",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8800_18-slot:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FC6220-78E1-44A6-A596-6368D3EF7CC4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8800_4-slot:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCAEDE0A-E6F9-4727-8DC2-F47579220BE0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8800_8-slot:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E289FAD-04F0-4E3A-BC4D-8E5116F01AF0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8804:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6655851F-58D9-49D9-A56E-8440A7F7BB45",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8808:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5E2AE67-DED3-4414-A194-386ADB2C8DC7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8812:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3920133A-684D-4A9F-B65A-FF4EAE5052E5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8818:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9ED06361-5A68-4656-AEA5-240C290594CD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8831:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE2514A1-486C-40F7-8746-56E2B973CBE6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "91209C16-A620-44A0-9134-8AA456343F29",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1000-esp100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C5C1005-0C12-4EDA-BC4A-B52201C4F516",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1000-esp100-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "917B52DF-4210-4DD6-97EF-8A033497A954",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1000-esp200-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7F413FB-D4F9-4113-9D67-2956BF1DC30D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1000-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE2182E7-C813-4966-A36C-E648A9344299",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED7C321E-F083-4AB6-96A0-D6358980441E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1001-hx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7594E307-AC80-41EC-AE94-07E664A7D701",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1001-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "09C913FF-63D5-43FB-8B39-598EF436BA5A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1001-x_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "241EEBD9-76E4-4AE6-96B8-1C1ACD834F17",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1002:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4376E56-A21C-4642-A85D-439C8E21CD7F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1002-hx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD2794BD-C8CE-46EF-9857-1723FCF04E46",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1002-hx_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC03A84F-C8F2-4225-9A00-8FA35368CD57",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1002-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "444F688F-79D0-4F22-B530-7BD520080B8F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1002-x_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "51F2A755-556C-4C5E-8622-96D124319AF7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1004:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "55DD2272-10C2-43B9-9F13-6DC41DBE179B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1006:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7428E0A8-1641-47FB-9CA9-34311DEF660D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1006-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE7401B7-094C-46EB-9869-2F0372E8B26B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1009-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D8A72FD-D8B0-45B5-8FAD-6D8395BB218A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1013:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "854D9594-FE84-4E7B-BA21-A3287F2DC302",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1023:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C81CC6E3-B989-4730-820E-46734E3E608D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_900:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA873342-542E-4FC8-9C22-B5A43F9F3E9D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FEF8271-315F-4756-931F-015F790BE693",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71BD158E-71D8-4DCA-8C09-F8AB7EF0EBDD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9000v:v2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6B6AF64-42FF-4411-85EA-9AE537383CD6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "324C97E6-1810-404F-9F45-6240F99FF039",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_902:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "70352B04-C3FD-47F5-A2F8-691CF63EB50D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_902u:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE063AF2-5579-4D7E-8829-9102FC7CB994",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_903:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "51938C0A-AFDB-4B12-BB64-9C67FC0C738F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_907:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A18E4A46-10D3-48F8-9E92-377ACA447257",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7814FA61-CAF1-46DE-9D84-CEBE6480EA03",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48fd-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7EE4F60E-DF3D-4839-8731-7CF16DA8FF26",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48fd-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8EA5EEE3-A084-46B4-84C0-ADFD69800649",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48fd-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "592F67D5-344B-49AF-A277-1089A40AC2FD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48uq:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7434059A-25B8-4FAC-A756-6E571348B76E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48uq-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB2A5355-BF40-437C-8683-A7A81DEE362C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48uq-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "43F4B90E-3499-45D4-864D-18505E2149F2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48uq-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B9BE6BA-6B2D-47C9-B8F1-3C9CE213948D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48ur:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "858FEECF-CC69-4E68-8E8A-674643021964",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48ur-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE5FCCFF-E491-474F-9B86-AB51D8244582",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48ur-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA8464F8-D6D2-4165-ADE8-B40F7D8556C2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48ur-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "61007628-A81B-43E0-86DE-1F7DDAD9F1A7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48uz:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "91B9F022-4C3D-493E-9418-E9CDDAFEC9B1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48uz-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C3F03C3-C0CA-4E9B-A99A-BE28153EB5C9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48uz-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B39F250E-6A89-4537-BD31-1FB81734A9A1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48uz-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB4E3B69-DDE8-4EA2-8E63-D6EEF41083B3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-24pd:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8904EAF5-25E7-4A6B-8117-1859F913B83B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-24pd-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A369CD35-1242-4556-A83D-BD69CC149CFA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-24pd-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA2D1B9E-6234-4FD6-A003-AFBC8A4DC2E6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-24pd-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "784A1499-1F33-493D-B433-EB2550C03C19",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-24pdm:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "59A990D6-B748-4AFD-B924-1D19680BD3DB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-24pdm-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CECFC88D-5480-46E4-BF74-E11A514A8BDD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-24pdm-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E54D16A8-0407-41E3-9599-9A6F57E1AA75",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-24pdm-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C94A9A21-C4F7-4EA4-95B1-DEA7DDA0F77D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-24ps-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF3818CC-8653-4A9E-A57B-950A15914D6B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-24ps-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7EDC790B-B42D-45DB-ACF5-A789F76C2BC4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-24ps-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2A6BC84-91F2-437D-9D2E-F8B3F5966767",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-24td-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F331F13-5D05-4213-B442-D48D8E22287B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-24td-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6E312F4-90DA-40E4-BCD1-92F41BEEEECF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-24td-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA32EA3F-946D-430D-B00F-939D828DD72C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-24ts-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D239A09C-34D2-4418-B538-03A1080B8479",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-24ts-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C84561E-DD99-4433-9EF2-083F7C300123",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-24ts-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B29871BE-CA7D-4108-B46A-CBD539C9A2B8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48fd-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "39CD9189-6524-4157-B90E-FF6A81DE3599",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48fd-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CF1B702-643A-4AF2-B0AD-3C540CF85F2A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48fd-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "96269625-CB31-4850-872B-B2C1321B13B6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48fq:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "426B68A6-3A41-43DB-846F-AEFBA62E221B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48fq-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BDE086A-3FE5-46E3-BD66-23D0AE5089BE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48fq-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA53775A-D3ED-4D34-8338-A384DBEB94E5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48fq-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE7D4522-D6BB-467F-AF5D-4D753A89D524",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48fqm:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C96215F-A300-4B4E-9D3A-C32E484BFC5B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48fqm-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C680534-C663-40B0-A4AA-7F292EE60FE2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48fqm-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BAF4F233-7B47-46ED-BDC5-A589BCFC0B39",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48fqm-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A528EC0-4650-4787-BE52-A588E7E38A31",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48fs-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "53898E96-03D6-43A2-AE05-46C62464BD26",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48fs-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "465917E5-8BF0-4BBB-85A0-DE8F516880C9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48fs-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9FA66D9-E465-406E-A95C-608A1BE34D74",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48pd-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EFFE6E6-413F-48AC-B4CE-0F1058C48FC2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48pd-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1456B204-A2A5-4790-A684-7F50D692EC9F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48pd-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD715BDD-7C74-4785-BEDF-75918F6FB37A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48pq-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CD10664-94D0-48C0-92EF-E8EA66841245",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48pq-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "071A47F9-FF35-4F2C-BF5D-897CAC8BC08A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48pq-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E988448-36C9-47E0-9356-DA400EB824E3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48ps-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D067EF9-00DB-4979-B12E-55749059A083",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48ps-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9FA300A-44B1-44EE-8111-C1296EB0B638",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48ps-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8598A543-B30B-4BD4-9974-F432FFFDCDD7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48td-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "48DEBBAD-D28D-4784-BBD8-9FAD1710A919",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48td-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A5FC516-6B48-4D77-B26D-FA097AC91D1A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48td-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A7437E4-5C09-436C-AFBC-F6B6747A4339",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48tq-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECBC0277-4990-4DE7-AD80-20E8A6F561D2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48tq-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E7DAF69-662B-4999-A6AD-AA528B53EAF7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48tq-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DF90C70-A2B8-44A4-B4A1-2A1B48AA9D0A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48ts-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D28306B1-3DDE-4444-9784-522B3D2163EE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48ts-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9257D187-1F2D-40F4-8C87-78978DB56C3F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48ts-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BF4A033-FD9E-4B98-A0FD-CF6CD9BD3E5B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-8x24pd-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4AF8261-74E0-4F53-B82C-A7BA7559D7CB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-8x24pd-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "25AE251E-E99F-4546-85B0-C57834B040B7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-8x24pd-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C62FFCB9-4253-459B-9298-C252DA9177DB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-8x24uq:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "991CBDFB-6836-4D1F-80A9-14EBCE3F855F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-8x24uq-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B4C0250-DA0D-4CEE-99F4-C211163C6653",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-8x24uq-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E18C436-AC70-4E2E-8ED2-EEADFCE36CB2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-8x24uq-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D453BF6-AB9F-4D47-B4DF-C25C67358FFE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "005F5347-A5E6-4954-ACAB-E4DF29119724",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-12s-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C2A8413-DF92-4690-8BC1-A21001BDF76B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-12s-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "882B8D8F-E154-45C3-BB47-5353167C9776",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-12x48u:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8F7FAA3-003D-4BEE-99CC-C9F75D5293FC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-12xs-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A54B4EB4-EB41-4522-B7AB-C30F96099EA3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-12xs-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAD7BE51-0BA6-4750-B274-A6E33D32B484",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-16xs-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5B6123E-B86F-4EC8-95D6-4CE47A7D0AC2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-16xs-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2305B8A-B8F2-4AF4-A86A-EFF11541D62D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24p-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "44C3EF8E-DF88-46DC-8E06-B009F346D1D2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24p-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E87F823-D924-4718-AD81-248A6C619531",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24p-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BA01B5E-9E7B-4EE6-9480-A82B753BBB82",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24pw-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCAC93E0-F982-4E37-866E-43B7BC5AC82E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24s-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FC866C9-BB98-4320-9FFA-F0960C560DA6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24s-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "79FB0F3E-BB66-47BB-A59F-2D4C123F9CBE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24t-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3AD7495-3DA2-4596-9620-CD36D7C561AC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24t-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E492F3F8-4188-41E4-9A84-5E30C4AC3378",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24t-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "718F2FDC-9EA4-4C4C-8821-B15E56AF8101",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24u:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC5CB558-BD42-4615-BC31-41CCF25DE5C9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24u-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC04072A-9BBE-4A9D-AE39-054D93E0C6D8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24u-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E45BCCD0-65BB-431F-B448-221C1595CD92",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24u-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F33BA722-0680-4074-8D03-41657F8CDCC7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24xs:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "295C46B4-5E9F-4DD8-861B-00BA43923306",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24xs-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "431570C7-74A1-4F7E-8FD0-690AEF0F823B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24xs-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5D22E15-E1E8-4115-A55F-5743CA9C5947",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24xu:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F840171D-CA1C-4E25-BD41-6B871C47BB84",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24xu-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B240B20-CF48-4A72-9653-9D04D59C1391",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24xu-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "19D6AC73-67C9-4FA2-A361-FF08B0E3AF47",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24xu-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "58430463-EA77-4DC9-ACDE-4DCF92CA2FC7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-32xs-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "74CCD143-3D6E-4880-B275-ECF5B04238C6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-32xs-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0D3784F-C572-4A6F-83B9-BCF64D339BC9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48f-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E09C466B-CE87-4A57-B40B-88C94BAAF36B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48f-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D58FF034-8E07-4518-A858-5F16F22217E5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48f-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "376AD386-373D-4B24-966F-D11F76C9020F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48p-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2280CAA3-03F6-4168-8E50-A6B7132A3B0E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48p-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E0C1174-C789-4547-9899-F7FCD0905F92",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48p-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC366801-655A-403B-ACD9-3BB43802A3C5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48pw-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF5463D0-A8D3-43EC-8CFF-F659A8C84436",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48t-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BD50BB2-BFD8-42F2-8C23-0D95187B01F2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48t-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "05D4D7E4-B195-46D8-8A6B-6AA4B8357618",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48t-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "39600E51-4A21-4E5B-9FF9-E7C00AE86646",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48u:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "47E4D5A8-7E4A-44C5-81DC-84712781206D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48u-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B13D6D50-D0FA-4527-BED3-52560DDD5253",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48u-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "965BF315-D833-4711-97FC-512151113367",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48u-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A0ADEBE-3DA2-4850-8115-0AC937FB0A94",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48xs:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8E9B149-AA2B-4421-8CC3-5A4B32B7AADF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48xs-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "04072C0F-78A2-4D10-87B2-52DC2537BA89",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48xs-f-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD5C080E-D5C4-47B2-A46C-4EB3051C5221",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48xs-f-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "41CEBEE0-DA67-4EE5-9BCF-263843053A8F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48xs-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD262F58-C47F-439E-A9FF-D1C60120D306",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-nm-2-40g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "35490BDE-DF21-495E-9F8A-7631FCB32A1F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-nm-8-10g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "20EFB5B8-4A38-48C5-A363-3C7F7763C1D5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE9EABE0-5FB0-4277-A389-87732E750B7C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8300-1n1s-4t2x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E7E8914-7B25-4097-8B22-6928C1F03D5A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8300-1n1s-6t:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B207857B-C483-47DF-9FC7-6A05B866BF60",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8300-2n2s-4t2x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD26746A-80D1-4C48-BF77-E9F7EEEF7EA7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8300-2n2s-6t:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDB16CCE-1E89-4707-86C1-97F2FB5B62B9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8500-4qc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1DBA393-232D-40E6-9CDB-DF82D2E7A5B6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8500l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "04AB61E9-0148-495E-BD21-64D52DE60A6C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8510csr:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "85D2C587-E95B-4E74-88CF-5930072258D3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8510msr:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3D1BB0B-0EFE-4C6D-A18E-3E48ABA01F00",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8540csr:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "74270062-2030-45A0-9C93-C1F3B7C88E8B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8540msr:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F403859-F034-4DD9-9CA5-708EADECB380",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC4A5C56-0D08-4423-AEBD-33EDF172FCF9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9200cx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7670A322-31C2-4A8A-86E9-09D63C52E4C2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9200l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D6376BE-3A69-469C-B6A9-2EFB55A3B87F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0972076B-5C87-44B3-90EC-4C200B89318A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-24p-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3765B3DB-8B1B-46EF-AF7D-ED1EB2079C3A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-24p-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "74AED057-2458-4DE0-8D51-ABD766D07F68",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-24s-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "19538C03-5FB8-4401-8B21-489C629D7E7D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-24s-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B26D7061-F471-4DF0-A892-ED132958B84A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-24t-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "033ED443-80E7-4012-9825-07AAC0D44B96",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-24t-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD3F3CC6-A349-47B1-B282-B6458683C191",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-24u-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB24EF21-1C10-48A7-BC68-FFC842A28D12",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-24u-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED0625A2-BF14-4552-83D8-AEE0A04EA023",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-24ux-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD0D6ED6-AE64-4E20-B9CD-3EAA22709CFF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-24ux-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "21AFDC0D-7629-424E-827B-C8A8767324C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48p-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A263CFF2-A659-405B-90EA-51E49B25C6D3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48p-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEFBD449-217D-4569-99F7-D56B853A3E07",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48s-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7ED668FC-D1A5-4175-A234-23760BA6E788",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48s-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D650C48-9241-42F7-87A9-20733329489A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48t-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3ED16A65-9AFF-4825-95D1-162FBA0F566D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48t-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "82D345E7-8208-41AC-B11A-4425D29E98A1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48u-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E386D461-F1C1-4970-B056-D6119E74D449",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48u-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "99F3A466-F665-4132-ABC4-2DFC0A7E2B55",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48un-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3395168-FF2E-4CB6-AABE-5E36DEB241CA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48un-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F525CBC-1CE6-4CAB-B1C1-DFA7EA462EF0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48uxm-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "226F985C-4669-4D0A-9DB4-CB1465B37B02",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48uxm-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B736A43-6F4E-40A9-84E4-D9E251489234",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2FF888F-46F5-4A79-BB88-BB2EC2D27E24",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-24p-4g-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "26437DA7-2EFE-4CA2-8DB0-9FECBEFAE4EA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-24p-4g-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E99CA124-7D86-463B-A31E-A7836B7493E6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-24p-4x-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E014B028-8DD9-428C-B705-8F428F145932",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-24p-4x-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6C44229-A842-49B2-AD3E-79C83DB63EBE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-24t-4g-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D56D21F-0F55-4AB1-AB9B-8EAE08F4BEDA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-24t-4g-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3C0441D-A7AC-4B4E-970A-3A441C2F66B0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-24t-4x-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5306E847-C718-4C83-9C97-8AB498DC4A88",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-24t-4x-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "18287CEF-B574-4498-A256-567CA6E6CA7C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-48p-4g-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E9AAA2C-495E-4FD1-9050-264FDC25254B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-48p-4g-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5713043E-2535-4540-B3EF-41FAC40BECE9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-48p-4x-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C0C18E5-45B9-49D2-A4AB-DD8D5CB04C5C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-48p-4x-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "67701D77-8B03-446A-AE22-4B8CCCD6F029",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-48t-4g-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B0BEAE3-2056-4B7B-8D7C-AEE3DC86CC2A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-48t-4g-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "831A2390-7170-4FC0-A95E-3DAB1791017D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-48t-4x-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F788CBC4-782F-4A43-AC80-4AEF1C43A22D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-48t-4x-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "493989DC-8F1B-45C9-AD11-38B97B958C9C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l_stack:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "419ABFB5-2C27-4EBE-98EF-8A8B718CD1F9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300lm:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA0DBB2E-DB15-47E1-B8F2-3AC0B1197C5F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F168FB20-0C44-4A5B-910A-04B9517545C2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "737F22AB-C5A9-4A18-BA3D-38A222491397",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9400_supervisor_engine-1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E5DCFD5-2B46-4D06-9E4C-B2325F440F02",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9407r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5508320-8318-41A8-8026-4A61907C1CD7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9410r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AAD337D8-8C72-4025-A8C3-E63598DE7BDB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "176ACF88-6112-4179-8492-50C50577B300",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9500h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D07FC868-0B38-4F24-BA40-87966FF80AB7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C19A801D-02D7-40B0-88E8-FE7BA8630E60",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9600_supervisor_engine-1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EA59279-3504-417D-9E86-E5886EE198BD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9600x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4035136-CC10-4DDD-92AF-9DC41D19CF8A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A48E6CF0-7A3B-4D11-8D02-0CD38F2420E9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800-40:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B9ED0E5-CB20-4106-9CF2-8EB587B33543",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800-40_wireless_controller:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E283C34-43AE-49A5-A72B-32DEA185ABD3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800-80:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B0E620C-8E09-4F7C-A326-26013173B993",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800-80_wireless_controller:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADB3AF13-5324-42CD-8EDB-6F730BF46214",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800-cl:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF93F1C8-669F-4ECB-8D81-ECDA7B550175",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E0BA345-B7D7-4975-9199-4DC7875BBFD0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800-l-c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E9EA95F-4E39-4D9C-8A84-D1F6014A4A40",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800-l-f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA0BC769-C244-41BD-BE80-E67F4E1CDDA4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800_embedded_wireless_controller:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "78706517-83F4-4D44-A6EC-B78ADCEABAC0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:cbr8_converged_broadband_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "141CA33C-7453-417F-8A16-A64CE97C9052",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:cg418-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C054973-91D8-439F-960F-02BF12A50632",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:cg522-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "79252E00-2D94-44AA-8601-E4AB4EA38A76",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:cloud_services_router_1000v:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CCB8270-A01D-40A6-BF4B-26BAF65E68F3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:esr-6300-con-k9:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5E69A6F-DFC0-4C8A-B77F-B7329FA5F567",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:esr-6300-ncp-k9:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BA015C4-7163-4FCD-ADE1-D5481B10EACA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ess-3300-24t-con-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4C98B90-69B3-4BDF-A569-4C102498BFAD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ess-3300-24t-con-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7646B0A1-FDF5-4A60-A451-E84CE355302E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ess-3300-24t-ncp-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA889066-14A8-4D88-9EFF-582FE1E65108",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ess-3300-24t-ncp-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A0C09AE-CD2A-486A-82D4-2F26AA6B6B95",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ess-3300-con-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEF81CC0-AEED-42DE-B423-8F4E118680BA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ess-3300-con-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDAAFDF1-7A3C-475F-AE82-B3194939D401",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ess-3300-ncp-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9566FC8C-0357-4780-976F-8A68E6A7D24A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ess-3300-ncp-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "07503D21-965B-49F0-B8F2-B5ECD656F277",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ess9300-10x-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "880B8176-B30D-443E-B5F1-1769B65978C9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie-3200-8p2s-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "409A8E23-765E-4DDF-A1D6-957C069485F7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie-3200-8t2s-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBDA8A7A-0E67-457D-B141-4A7123D88563",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie-3300-8p2s-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB9BE362-7510-49AA-8407-9DF16C2CE83F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie-3300-8p2s-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "188F53F7-026B-439F-8230-7A86F88ED291",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie-3300-8t2s-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D83BE1F-BEAA-4A5E-ABB3-3D1C1290C33D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie-3300-8t2s-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A025E73-71FF-4021-A531-972597B20983",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie-3300-8t2x-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "258F818D-A13B-487F-B885-BCD66CFD9A35",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie-3300-8t2x-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "96578BAC-0720-4662-9C15-10B085618ADB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie-3300-8u2x-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B21C9C3-1B1F-4EAF-909B-D68A3975490A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie-3300-8u2x-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "50D5D07D-81D0-4827-8AF9-4FA8E1C64D9C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie-3400-8p2s-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E1424EF-E9F8-40AD-8B77-95A6EC220C2E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie-3400-8p2s-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE60F5EA-EE6A-45F2-8276-6859F1F976F3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie-3400-8t2s-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "10B5F733-8359-4A02-9AE6-379DCEF98B54",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie-3400-8t2s-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E58BBF6-0975-45F0-9EBE-10AD86FBE1C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie-9310-26s2c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6118613-8BC0-413D-A4D1-D6C6138CA693",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie-9320-26s2c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4487C0CE-3020-4D06-92D8-CEA97C4FAC4A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:integrated_services_virtual_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5361C70A-C036-4254-9698-BC58F48C465B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the IPv6 DHCP (DHCPv6) client module of Cisco Adaptive Security Appliance (ASA) Software, Cisco Firepower Threat Defense (FTD) Software, Cisco IOS Software, and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation of DHCPv6 messages. An attacker could exploit this vulnerability by sending crafted DHCPv6 messages to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. Note: To successfully exploit this vulnerability, the attacker would need to either control the DHCPv6 server or be in a man-in-the-middle position."
    }
  ],
  "id": "CVE-2023-20081",
  "lastModified": "2024-11-21T07:40:30.673",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 5.9,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-03-23T17:15:14.873",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftdios-dhcpv6-cli-Zf3zTv"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftdios-dhcpv6-cli-Zf3zTv"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-122"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-10-21 19:15

Modified

2024-11-21 05:31

Severity ?

6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Summary

A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation of commands supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input to the affected command. A successful exploit could allow the attacker to execute commands on the underlying operating system with root privileges.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-cmdinj-pqZvmXCr	Patch, Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-cmdinj-pqZvmXCr	Patch, Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_extensible_operating_system	*
cisco	firepower_extensible_operating_system	*
cisco	firepower_extensible_operating_system	*
cisco	firepower_extensible_operating_system	*
cisco	firepower_4110	-
cisco	firepower_4112	-
cisco	firepower_4115	-
cisco	firepower_4120	-
cisco	firepower_4125	-
cisco	firepower_4140	-
cisco	firepower_4145	-
cisco	firepower_4150	-
cisco	firepower_9300_sm-24	-
cisco	firepower_9300_sm-36	-
cisco	firepower_9300_sm-40	-
cisco	firepower_9300_sm-44	-
cisco	firepower_9300_sm-44_x_3	-
cisco	firepower_9300_sm-48	-
cisco	firepower_9300_sm-56	-
cisco	firepower_9300_sm-56_x_3	-
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	firepower_1000	-
cisco	firepower_1010	-
cisco	firepower_1120	-
cisco	firepower_1140	-
cisco	firepower_1150	-
cisco	firepower_2100	-
cisco	firepower_2110	-
cisco	firepower_2120	-
cisco	firepower_2130	-
cisco	firepower_2140	-
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_1000	-
cisco	firepower_1010	-
cisco	firepower_1120	-
cisco	firepower_1140	-
cisco	firepower_1150	-
cisco	firepower_2100	-
cisco	firepower_2110	-
cisco	firepower_2120	-
cisco	firepower_2130	-
cisco	firepower_2140	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F28E6085-8E83-4A6F-9C6A-6B8D5F0BE334",
              "versionEndExcluding": "2.4.1.266",
              "versionStartIncluding": "2.4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6DCD71B-89A0-4D38-89F8-DB358145FDA0",
              "versionEndExcluding": "2.6.1.204",
              "versionStartIncluding": "2.6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2E8A64D-C8E2-4030-8616-D47741E43E3A",
              "versionEndExcluding": "2.7.1.131",
              "versionStartIncluding": "2.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C931A1B-3465-4CD6-A62A-BFA0180A917E",
              "versionEndExcluding": "2.8.1.125",
              "versionStartIncluding": "2.8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "957D64EB-D60E-4775-B9A8-B21CA48ED3B1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A694AD51-9008-4AE6-8240-98B17AB527EE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "38AE6DC0-2B03-4D36-9856-42530312CC46",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71DCEF22-ED20-4330-8502-EC2DD4C9838F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3DB2822B-B752-4CD9-A178-934957E306B4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "81F4868A-6D62-479C-9C19-F9AABDBB6B24",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "65378F3A-777C-4AE2-87FB-1E7402F9EA1B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_9300_sm-24:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "18048A84-BA0F-48EF-AFFB-635FF7F70C66",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_9300_sm-36:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "317DF3DD-C7CD-4CA2-804F-A738E048BEB4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_9300_sm-40:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C13CF29B-9308-452B-B7E0-9E818B5A6C1E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_9300_sm-44:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6DB527C2-855E-4BB9-BCA7-94BE86100D44",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_9300_sm-44_x_3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E82C1B05-990D-49D2-B80A-C3EDD4082840",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_9300_sm-48:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "421D91C3-8AB3-45E1-9E55-13ED1A4A623E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_9300_sm-56:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D741945-8B0A-408D-A5FE-D5B38DC6D46A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_9300_sm-56_x_3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9308CA67-E949-4338-A890-22B3C4428D70",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "44064024-9A8B-4443-9AF7-B28CD3C643F0",
              "versionEndExcluding": "9.8.4.29",
              "versionStartIncluding": "9.8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "86B181C5-34C2-4BD5-B012-841B978A26C4",
              "versionEndExcluding": "9.9.2.80",
              "versionStartIncluding": "9.9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CCF1EAA-45F3-4155-B8DA-F34213C911F7",
              "versionEndExcluding": "9.10.1.40",
              "versionStartIncluding": "9.10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "922DEE7A-F3E4-4DE1-AAB0-71F92C208EA0",
              "versionEndExcluding": "9.12.4.3",
              "versionStartIncluding": "9.12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F21E8FD7-6BBB-4D7B-B21A-D5D57630800A",
              "versionEndExcluding": "9.13.1.13",
              "versionStartIncluding": "9.13",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6F79864-CA70-4192-AC2C-E174DF3F25B2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FFE3880-4B85-4E23-9836-70875D5109F7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "727A02E8-40A1-4DFE-A3A2-91D628D3044F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1140:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "19F6546E-28F4-40DC-97D6-E0E023FE939B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB3B0EC3-4654-4D90-9D41-7EC2AD1DDF99",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D23A26EF-5B43-437C-A962-4FC69D8A0FF4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "52D96810-5F79-4A83-B8CA-D015790FCF72",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FE2945-4975-4003-AE48-7E134E167A7F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2130:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCE7122A-5AA7-4ECD-B024-E27C9D0CFB7B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2140:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "976901BF-C52C-4F81-956A-711AF8A60140",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DAE7D15F-6771-421C-94A9-89280283DEF8",
              "versionEndExcluding": "6.3.0.6",
              "versionStartIncluding": "6.2.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "706422EE-ACF8-46AA-A946-27BA302BD180",
              "versionEndExcluding": "6.4.0.9",
              "versionStartIncluding": "6.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "38DCBF6C-AA34-4A5B-B2B1-57684DD5BB42",
              "versionEndExcluding": "6.5.0.5",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6F79864-CA70-4192-AC2C-E174DF3F25B2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FFE3880-4B85-4E23-9836-70875D5109F7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "727A02E8-40A1-4DFE-A3A2-91D628D3044F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1140:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "19F6546E-28F4-40DC-97D6-E0E023FE939B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB3B0EC3-4654-4D90-9D41-7EC2AD1DDF99",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D23A26EF-5B43-437C-A962-4FC69D8A0FF4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "52D96810-5F79-4A83-B8CA-D015790FCF72",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FE2945-4975-4003-AE48-7E134E167A7F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2130:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCE7122A-5AA7-4ECD-B024-E27C9D0CFB7B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2140:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "976901BF-C52C-4F81-956A-711AF8A60140",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation of commands supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input to the affected command. A successful exploit could allow the attacker to execute commands on the underlying operating system with root privileges."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la CLI de Cisco FXOS Software, podr\u00eda permitir a un atacante local autenticado inyectar comandos arbitrarios que son ejecutados con privilegios root.\u0026#xa0;La vulnerabilidad es debido a una comprobaci\u00f3n insuficiente de la entrada de los comandos suministrados por el usuario.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad mediante la autenticaci\u00f3n en un dispositivo y enviar una entrada dise\u00f1ada hacia el comando afectado.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir a un atacante ejecutar comandos en el sistema operativo subyacente con privilegios root"
    }
  ],
  "id": "CVE-2020-3457",
  "lastModified": "2024-11-21T05:31:06.517",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.9,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-10-21T19:15:16.357",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-cmdinj-pqZvmXCr"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-cmdinj-pqZvmXCr"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-05-06 17:15

Modified

2024-11-21 05:30

Severity ?

7.4 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Summary

A vulnerability in the ARP packet processing of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Security Appliances could allow an unauthenticated, adjacent attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition on an affected device. The vulnerability is due to incorrect processing of ARP packets received by the management interface of an affected device. An attacker could exploit this vulnerability by sending a series of unicast ARP packets in a short timeframe that would reach the management interface of an affected device. A successful exploit could allow the attacker to consume resources on an affected device, which would prevent the device from sending internal system keepalives and eventually cause the device to reload, resulting in a denial of service (DoS) condition.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fp2100-arp-dos-kLdCK8ks	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fp2100-arp-dos-kLdCK8ks	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	firepower_threat_defense	*
cisco	firepower_2110	-
cisco	firepower_2120	-
cisco	firepower_2130	-
cisco	firepower_2140	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "49FFDB02-2944-4B31-BBC0-30E60BA9F9D1",
              "versionEndExcluding": "9.10.1.37",
              "versionStartIncluding": "9.10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1419728-88C1-49C2-B269-5D2353E109D1",
              "versionEndExcluding": "9.12.3",
              "versionStartIncluding": "9.12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCA21413-F0A0-4521-9E59-B889A2060309",
              "versionEndExcluding": "9.13.1.2",
              "versionStartIncluding": "9.13",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F90C934-5556-479B-873B-CC32F77B7BEC",
              "versionEndExcluding": "6.6.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "52D96810-5F79-4A83-B8CA-D015790FCF72",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FE2945-4975-4003-AE48-7E134E167A7F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2130:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCE7122A-5AA7-4ECD-B024-E27C9D0CFB7B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2140:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "976901BF-C52C-4F81-956A-711AF8A60140",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the ARP packet processing of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Security Appliances could allow an unauthenticated, adjacent attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition on an affected device. The vulnerability is due to incorrect processing of ARP packets received by the management interface of an affected device. An attacker could exploit this vulnerability by sending a series of unicast ARP packets in a short timeframe that would reach the management interface of an affected device. A successful exploit could allow the attacker to consume resources on an affected device, which would prevent the device from sending internal system keepalives and eventually cause the device to reload, resulting in a denial of service (DoS) condition."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el procesamiento de paquetes ARP del Cisco Adaptive Security Appliance (ASA) Software y el Cisco Firepower Threat Defense (FTD) Software para el Cisco Firepower 2100 Series Security Appliances, podr\u00eda permitir a un atacante adyacente no autenticado causar que un dispositivo afectado se sobrecargue, resultando en una condici\u00f3n de denegaci\u00f3n de servicio (DoS) sobre un dispositivo afectado. La vulnerabilidad es debido a un procesamiento inapropiado de los paquetes ARP recibidos por la interfaz de administraci\u00f3n de un dispositivo afectado. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de una serie de paquetes ARP de unidifusi\u00f3n en un corta trama de tiempo que llegar\u00eda a la interfaz de administraci\u00f3n de un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir a un atacante consumir recursos sobre un dispositivo afectado, lo que impedir\u00eda que el dispositivo env\u00ede mensajes de mantenimiento internos del sistema y eventualmente causar que el dispositivo se sobrecargue, resultando en una condici\u00f3n de denegaci\u00f3n de servicio (DoS)."
    }
  ],
  "id": "CVE-2020-3334",
  "lastModified": "2024-11-21T05:30:49.400",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "ADJACENT_NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 6.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 6.5,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.4,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.4,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 4.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-05-06T17:15:14.010",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fp2100-arp-dos-kLdCK8ks"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fp2100-arp-dos-kLdCK8ks"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2021-10-27 19:15

Modified

2024-11-21 06:11

Severity ?

5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Summary

A vulnerability in the identity-based firewall (IDFW) rule processing feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass security protections. This vulnerability is due to improper handling of network requests by affected devices configured to use object group search. An attacker could exploit this vulnerability by sending a specially crafted network request to an affected device. A successful exploit could allow the attacker to bypass access control list (ACL) rules on the device, bypass security protections, and send network traffic to unauthorized hosts.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-rule-bypass-ejjOgQEY	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-rule-bypass-ejjOgQEY	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	asa_5512-x_firmware	009.009
cisco	asa_5512-x_firmware	009.012
cisco	asa_5512-x	-
cisco	asa_5505_firmware	009.009
cisco	asa_5505_firmware	009.012
cisco	asa_5505	-
cisco	asa_5515-x_firmware	009.009
cisco	asa_5515-x_firmware	009.012
cisco	asa_5515-x	-
cisco	asa_5525-x_firmware	009.009
cisco	asa_5525-x_firmware	009.012
cisco	asa_5525-x	-
cisco	asa_5545-x_firmware	009.009
cisco	asa_5545-x_firmware	009.012
cisco	asa_5545-x	-
cisco	asa_5555-x_firmware	009.009
cisco	asa_5555-x_firmware	009.012
cisco	asa_5555-x	-
cisco	asa_5580_firmware	009.009
cisco	asa_5580_firmware	009.012
cisco	asa_5580	-
cisco	asa_5585-x_firmware	009.009
cisco	asa_5585-x_firmware	009.012
cisco	asa_5585-x	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C7F329B-4EF5-411A-9AB6-02E6A4162D6D",
              "versionEndExcluding": "9.8.4.40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5429F29E-BEE8-4989-B5F3-A9BABBF64D31",
              "versionEndExcluding": "6.4.0.13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "18589C74-19D2-44F0-AF26-68910E26655D",
              "versionEndExcluding": "6.6.5",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "98DEDDAB-B8C5-4753-A208-94638E694FC1",
              "versionEndExcluding": "6.7.0.3",
              "versionStartIncluding": "6.7.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B2F537A-A488-45B6-AD4B-48B7064AE84C",
              "versionEndExcluding": "7.0.1",
              "versionStartIncluding": "7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C27A64DD-7126-4F45-80D4-5B98C3DB6D77",
              "versionEndExcluding": "9.12.4.25",
              "versionStartIncluding": "9.9.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "147207F3-6036-46DC-A83C-B135326DF7D4",
              "versionEndExcluding": "9.14.3.1",
              "versionStartIncluding": "9.13.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6EC0723-CBC7-45A7-8B30-B680E8A771EF",
              "versionEndExcluding": "9.15.1.17",
              "versionStartIncluding": "9.15.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F046A32-A3BA-4B48-874F-2C52D080166B",
              "versionEndExcluding": "9.16.1.28",
              "versionStartIncluding": "9.16.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5512-x_firmware:009.009:*:*:*:*:*:*:*",
              "matchCriteriaId": "97B47994-6866-46A5-8D07-FD7FAA3CA1A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5512-x_firmware:009.012:*:*:*:*:*:*:*",
              "matchCriteriaId": "417AE369-7A93-47A0-AA9E-07B88CE7BFD6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08F0F160-DAD2-48D4-B7B2-4818B2526F35",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5505_firmware:009.009:*:*:*:*:*:*:*",
              "matchCriteriaId": "09C56CAF-9DA5-4233-A7B2-F5D7D26B7BA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5505_firmware:009.012:*:*:*:*:*:*:*",
              "matchCriteriaId": "98D4B188-126E-4245-B23A-569941C75932",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E6A8BB7-2000-4CA2-9DD7-89573CE4C73A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5515-x_firmware:009.009:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C19AB1B-9190-4FE4-BC1C-762C126182F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5515-x_firmware:009.012:*:*:*:*:*:*:*",
              "matchCriteriaId": "5926D2D6-A03E-4D33-8ADA-C06A3ED2CA6E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "977D597B-F6DE-4438-AB02-06BE64D71EBE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5525-x_firmware:009.009:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A5B7754-8875-429A-92CB-EC05B64464F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5525-x_firmware:009.012:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD83127F-7033-4136-8BAF-2677ED6A2B95",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB71EB29-0115-4307-A9F7-262394FD9FB0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5545-x_firmware:009.009:*:*:*:*:*:*:*",
              "matchCriteriaId": "6496BFCA-1195-4840-974E-AE6A1E22248E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5545-x_firmware:009.012:*:*:*:*:*:*:*",
              "matchCriteriaId": "F16D0BB8-A495-416B-A5D4-2C4C285C0810",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5545-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57179F60-E330-4FF0-9664-B1E4637FF210",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5555-x_firmware:009.009:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3768B18-0A51-4CD4-8E25-4502CA924325",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5555-x_firmware:009.012:*:*:*:*:*:*:*",
              "matchCriteriaId": "255DCB68-68EE-4B5A-9D5B-C8BC0ECB0317",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5535C936-391B-4619-AA03-B35265FC15D7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5580_firmware:009.009:*:*:*:*:*:*:*",
              "matchCriteriaId": "60ED0532-A2B6-4CDF-A878-78863281718B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5580_firmware:009.012:*:*:*:*:*:*:*",
              "matchCriteriaId": "65458D9C-7E2B-4205-9635-2B1542A15A05",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1E828B8-5ECC-4A09-B2AD-DEDC558713DE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5585-x_firmware:009.009:*:*:*:*:*:*:*",
              "matchCriteriaId": "B679AA95-7B72-4F52-A0CF-F3D404468D71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5585-x_firmware:009.012:*:*:*:*:*:*:*",
              "matchCriteriaId": "6EA45A41-CF74-4D9F-A6DA-06AAFDE1D66E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16AE20C2-C77E-4E04-BF13-A48696E52426",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the identity-based firewall (IDFW) rule processing feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass security protections. This vulnerability is due to improper handling of network requests by affected devices configured to use object group search. An attacker could exploit this vulnerability by sending a specially crafted network request to an affected device. A successful exploit could allow the attacker to bypass access control list (ACL) rules on the device, bypass security protections, and send network traffic to unauthorized hosts."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la funcionalidad de procesamiento de reglas del firewall basado en la identidad (IDFW) del software Cisco Adaptive Security Appliance (ASA) y del software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir a un atacante remoto no autenticado omitir las protecciones de seguridad. Esta vulnerabilidad es debido al manejo inapropiado de las peticiones de red por parte de los dispositivos afectados configurados para usar la b\u00fasqueda de grupos de objetos. Un atacante podr\u00eda aprovechar esta vulnerabilidad mediante el env\u00edo de una petici\u00f3n de red especialmente dise\u00f1ada a un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante omitir las reglas de la lista de control de acceso (ACL) en el dispositivo, omitir las protecciones de seguridad y enviar tr\u00e1fico de red a hosts no autorizados"
    }
  ],
  "id": "CVE-2021-34787",
  "lastModified": "2024-11-21T06:11:12.123",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-10-27T19:15:08.347",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-rule-bypass-ejjOgQEY"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-rule-bypass-ejjOgQEY"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-183"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-755"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-05-06 17:15

Modified

2024-11-21 05:30

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

A vulnerability in the DHCP module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. The vulnerability is due to incorrect processing of certain DHCP packets. An attacker could exploit this vulnerability by sending a crafted DHCP packet to the affected device. A successful exploit could allow the attacker to cause a DoS condition on the affected device.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dos-qk8cTGLz	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dos-qk8cTGLz	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	asa_5505	-
cisco	asa_5510	-
cisco	asa_5512-x	-
cisco	asa_5515-x	-
cisco	asa_5520	-
cisco	asa_5525-x	-
cisco	asa_5550	-
cisco	asa_5555-x	-
cisco	asa_5580	-
cisco	asa_5585-x	-
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FE0076B-25F9-4A04-93F2-1B283C27882B",
              "versionEndExcluding": "9.6.4.34",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B25DFB28-C8FF-47B8-B619-CDA94ED9AFFF",
              "versionEndExcluding": "9.8.4.10",
              "versionStartIncluding": "9.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8B7269E-E076-497D-8EBD-8B19BCB211FE",
              "versionEndExcluding": "9.10.1.30",
              "versionStartIncluding": "9.9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1419728-88C1-49C2-B269-5D2353E109D1",
              "versionEndExcluding": "9.12.3",
              "versionStartIncluding": "9.12",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E6A8BB7-2000-4CA2-9DD7-89573CE4C73A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B091B9BA-D4CA-435B-8D66-602B45F0E0BD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08F0F160-DAD2-48D4-B7B2-4818B2526F35",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "977D597B-F6DE-4438-AB02-06BE64D71EBE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5520:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B387F62-6341-434D-903F-9B72E7F84ECB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB71EB29-0115-4307-A9F7-262394FD9FB0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5550:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6287D95-F564-44B7-A0F9-91396D7C2C4E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5535C936-391B-4619-AA03-B35265FC15D7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1E828B8-5ECC-4A09-B2AD-DEDC558713DE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16AE20C2-C77E-4E04-BF13-A48696E52426",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "885E5B33-1658-4B86-9B47-D89CA3FA2EF6",
              "versionEndExcluding": "6.3.0.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "17D8647E-1FA8-486E-B150-1EEFE52C31BB",
              "versionEndExcluding": "6.4.0.4",
              "versionStartIncluding": "6.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the DHCP module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. The vulnerability is due to incorrect processing of certain DHCP packets. An attacker could exploit this vulnerability by sending a crafted DHCP packet to the affected device. A successful exploit could allow the attacker to cause a DoS condition on the affected device."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el m\u00f3dulo DHCP del Cisco Adaptive Security Appliance (ASA) Software y el Cisco Firepower Threat Defense (FTD) Software, podr\u00eda permitir a un atacante remoto no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) sobre el dispositivo afectado. La vulnerabilidad es debido al procesamiento incorrecto de determinados paquetes DHCP. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de un paquete DHCP dise\u00f1ado hacia el dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir a un atacante causar una condici\u00f3n DoS sobre el dispositivo afectado."
    }
  ],
  "id": "CVE-2020-3306",
  "lastModified": "2024-11-21T05:30:46.620",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-05-06T17:15:13.260",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dos-qk8cTGLz"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dos-qk8cTGLz"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2021-04-29 18:15

Modified

2024-11-21 05:44

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

A vulnerability in the SIP inspection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a crash and reload of an affected device, resulting in a denial of service (DoS) condition.The vulnerability is due to a crash that occurs during a hash lookup for a SIP pinhole connection. An attacker could exploit this vulnerability by sending crafted SIP traffic through an affected device. A successful exploit could allow the attacker to cause a crash and reload of the affected device.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-sipdos-GGwmMerC	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-sipdos-GGwmMerC	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F27F5475-6A35-41D8-AF91-CD49CFDBC192",
              "versionEndExcluding": "6.4.0.12",
              "versionStartIncluding": "6.2.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "04202164-FCC4-413E-90B5-01FE08AC6EEC",
              "versionEndExcluding": "6.6.4",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FDDF492B-BC61-4814-B05F-3F6CD07080F7",
              "versionEndExcluding": "6.7.0.2",
              "versionStartIncluding": "6.7.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "17BDCF23-5836-4E95-A0E6-81334FE3F7BE",
              "versionEndExcluding": "9.8.4.34",
              "versionStartIncluding": "9.8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A9BFFBC-F577-47CD-83E8-A6227B17D557",
              "versionEndExcluding": "9.9.2.85",
              "versionStartIncluding": "9.9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "13C4CAAF-7E9E-4D91-AF3D-9792CE47FDAF",
              "versionEndExcluding": "9.12.4.18",
              "versionStartIncluding": "9.10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B74C14F-C95B-4AF5-A255-1CA824AA7FDE",
              "versionEndExcluding": "9.13.1.21",
              "versionStartIncluding": "9.13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "06071877-6E69-4440-9306-6410223218D7",
              "versionEndExcluding": "9.14.2.13",
              "versionStartIncluding": "9.14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D2794F2-BC8F-42CC-910A-203BE7B3475F",
              "versionEndExcluding": "9.15.1.15",
              "versionStartIncluding": "9.15",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the SIP inspection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a crash and reload of an affected device, resulting in a denial of service (DoS) condition.The vulnerability is due to a crash that occurs during a hash lookup for a SIP pinhole connection. An attacker could exploit this vulnerability by sending crafted SIP traffic through an affected device. A successful exploit could allow the attacker to cause a crash and reload of the affected device."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el motor de inspecci\u00f3n SIP del Software Cisco Adaptive Security Appliance (ASA) y el software Cisco Firepower Threat Defense (FTD), podr\u00eda permitir a un atacante remoto no autenticado causar un bloqueo y la recarga de un dispositivo afectado, resultando en una denegaci\u00f3n de servicio ( DoS). La vulnerabilidad es debido a un bloqueo que ocurre durante una b\u00fasqueda de hash para una conexi\u00f3n SIP pinhole.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de tr\u00e1fico SIP dise\u00f1ado a trav\u00e9s de un dispositivo afectado.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar un bloqueo y recargar el dispositivo afectado"
    }
  ],
  "id": "CVE-2021-1501",
  "lastModified": "2024-11-21T05:44:29.640",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-04-29T18:15:09.463",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-sipdos-GGwmMerC"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-sipdos-GGwmMerC"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-613"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2021-10-27 19:15

Modified

2024-11-21 06:11

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

A vulnerability in the software-based SSL/TLS message handler of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient validation of SSL/TLS messages when the device performs software-based SSL/TLS decryption. An attacker could exploit this vulnerability by sending a crafted SSL/TLS message to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Note: Datagram TLS (DTLS) messages cannot be used to exploit this vulnerability.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tls-decrypt-dos-BMxYjm8M	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tls-decrypt-dos-BMxYjm8M	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	asa_5512-x_firmware	009.016\(001\)
cisco	asa_5512-x_firmware	009.016\(001.025\)
cisco	asa_5512-x	-
cisco	asa_5505_firmware	009.016\(001\)
cisco	asa_5505_firmware	009.016\(001.025\)
cisco	asa_5505	-
cisco	asa_5515-x_firmware	009.016\(001\)
cisco	asa_5515-x_firmware	009.016\(001.025\)
cisco	asa_5515-x	-
cisco	asa_5525-x_firmware	009.016\(001\)
cisco	asa_5525-x_firmware	009.016\(001.025\)
cisco	asa_5525-x	-
cisco	asa_5545-x_firmware	009.016\(001\)
cisco	asa_5545-x_firmware	009.016\(001.025\)
cisco	asa_5545-x	-
cisco	asa_5555-x_firmware	009.016\(001\)
cisco	asa_5555-x_firmware	009.016\(001.025\)
cisco	asa_5555-x	-
cisco	asa_5580_firmware	009.016\(001\)
cisco	asa_5580_firmware	009.016\(001.025\)
cisco	asa_5580	-
cisco	asa_5585-x_firmware	009.016\(001\)
cisco	asa_5585-x_firmware	009.016\(001.025\)
cisco	asa_5585-x	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "17F461B5-E600-4C81-BA3C-1DBC90D4D438",
              "versionEndExcluding": "6.4.0.13",
              "versionStartIncluding": "6.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "37A74256-AF9A-473B-9DC7-A57618BA9F00",
              "versionEndExcluding": "6.6.5",
              "versionStartIncluding": "6.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "98DEDDAB-B8C5-4753-A208-94638E694FC1",
              "versionEndExcluding": "6.7.0.3",
              "versionStartIncluding": "6.7.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B2F537A-A488-45B6-AD4B-48B7064AE84C",
              "versionEndExcluding": "7.0.1",
              "versionStartIncluding": "7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F6EF272-6D43-476C-B35D-DDE79A7A01C5",
              "versionEndExcluding": "9.8.4.40",
              "versionStartIncluding": "9.8.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B10BB7F0-1CC7-4331-A05C-3C20B0584C04",
              "versionEndExcluding": "9.12.4.29",
              "versionStartIncluding": "9.12.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6828628-B179-4188-92CE-1D488859D92D",
              "versionEndExcluding": "9.14.3.9",
              "versionStartIncluding": "9.14.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6EC0723-CBC7-45A7-8B30-B680E8A771EF",
              "versionEndExcluding": "9.15.1.17",
              "versionStartIncluding": "9.15.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "25DBA8C5-EB2F-4C01-88BA-EC2D720F9F7C",
              "versionEndExcluding": "9.16.2",
              "versionStartIncluding": "9.16.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5512-x_firmware:009.016\\(001\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "4D96435F-F035-486E-86AA-DB9A1A1878F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5512-x_firmware:009.016\\(001.025\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "BEEEB3EB-7AD9-4498-BEE5-12A374AEF0FC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08F0F160-DAD2-48D4-B7B2-4818B2526F35",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5505_firmware:009.016\\(001\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "B6AA6797-A9F7-4036-8241-F822B30C9DFB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5505_firmware:009.016\\(001.025\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "74DF1599-7739-47DD-AD89-B9C48D1ED2EC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E6A8BB7-2000-4CA2-9DD7-89573CE4C73A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5515-x_firmware:009.016\\(001\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "9E038B73-401A-455C-851A-116EDF48243A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5515-x_firmware:009.016\\(001.025\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "96EDFC77-6634-4427-98F8-ACDC704F670F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "977D597B-F6DE-4438-AB02-06BE64D71EBE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5525-x_firmware:009.016\\(001\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "29B863B0-C802-4220-984C-3D31E3DB1867",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5525-x_firmware:009.016\\(001.025\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "AD551733-BBAE-4FE3-8E20-877084CA5E5D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB71EB29-0115-4307-A9F7-262394FD9FB0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5545-x_firmware:009.016\\(001\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "5E412ECC-0C85-4F67-BF06-8DEC4D0AD9EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5545-x_firmware:009.016\\(001.025\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "1819434E-FE47-4544-8BCB-D1765760E1BB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5545-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57179F60-E330-4FF0-9664-B1E4637FF210",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5555-x_firmware:009.016\\(001\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "63BDBAD7-A0B1-4750-B29A-50941488858A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5555-x_firmware:009.016\\(001.025\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "FB65CEFA-1874-438A-B4F3-9DE96564D291",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5535C936-391B-4619-AA03-B35265FC15D7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5580_firmware:009.016\\(001\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "966485AF-DBDC-4AB9-82BE-970BCCBA54F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5580_firmware:009.016\\(001.025\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "4BED5416-48BE-48A4-9209-DD22BC247819",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1E828B8-5ECC-4A09-B2AD-DEDC558713DE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5585-x_firmware:009.016\\(001\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "B524ED0E-13AF-4365-A509-A4D226A6A7CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5585-x_firmware:009.016\\(001.025\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "C7A8E03D-F2C3-4766-B004-961B58C172E2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16AE20C2-C77E-4E04-BF13-A48696E52426",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the software-based SSL/TLS message handler of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient validation of SSL/TLS messages when the device performs software-based SSL/TLS decryption. An attacker could exploit this vulnerability by sending a crafted SSL/TLS message to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Note: Datagram TLS (DTLS) messages cannot be used to exploit this vulnerability."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el administrador de mensajes SSL/TLS basado en software del software Cisco Adaptive Security Appliance (ASA) y del software Firepower Threat Defense (FTD) podr\u00eda permitir a un atacante remoto no autenticado causar la recarga de un dispositivo afectado, resultando en una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Esta vulnerabilidad es debido a la insuficiente comprobaci\u00f3n de los mensajes SSL/TLS cuando el dispositivo lleva a cabo el descifrado SSL/TLS basado en software. Un atacante podr\u00eda aprovechar esta vulnerabilidad mediante el env\u00edo de un mensaje SSL/TLS dise\u00f1ado a un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar la recarga del dispositivo afectado, resultando en una condici\u00f3n de DoS. Nota: Los mensajes TLS de datagrama (DTLS) no pueden ser usados para explotar esta vulnerabilidad"
    }
  ],
  "id": "CVE-2021-34783",
  "lastModified": "2024-11-21T06:11:11.547",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-10-27T19:15:08.290",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tls-decrypt-dos-BMxYjm8M"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tls-decrypt-dos-BMxYjm8M"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2019-05-03 15:29

Modified

2024-11-21 04:37

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

A vulnerability in the TCP proxy functionality for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to an error in TCP-based packet inspection, which could cause the TCP packet to have an invalid Layer 2 (L2)-formatted header. An attacker could exploit this vulnerability by sending a crafted TCP packet sequence to the targeted device. A successful exploit could allow the attacker to cause a DoS condition.

References

URL	Tags
psirt@cisco.com	http://www.securityfocus.com/bid/108176	Broken Link, Third Party Advisory, VDB Entry
psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftdtcp-dos	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/108176	Broken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftdtcp-dos	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	asa_5505	-
cisco	asa_5510	-
cisco	asa_5512-x	-
cisco	asa_5515-x	-
cisco	asa_5520	-
cisco	asa_5525-x	-
cisco	asa_5540	-
cisco	asa_5545-x	-
cisco	asa_5550	-
cisco	asa_5555-x	-
cisco	asa_5580	-
cisco	asa_5585-x	-
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "79F0345E-5661-4119-8620-8A1F42E97128",
              "versionEndExcluding": "9.4.4.34",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7789E32-76B1-4D16-A556-B6B5A8CDB5A0",
              "versionEndExcluding": "9.6.4.25",
              "versionStartIncluding": "9.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C812C8D5-3159-434C-8B9F-8CB0A8767923",
              "versionEndExcluding": "9.8.4",
              "versionStartIncluding": "9.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABCD2AF8-97D4-45C6-B80E-D5FA9B719BD5",
              "versionEndExcluding": "9.9.2.50",
              "versionStartIncluding": "9.9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4C6B343-2D4D-4C7E-A59E-629773DD2E60",
              "versionEndExcluding": "9.10.1.17",
              "versionStartIncluding": "9.10",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E6A8BB7-2000-4CA2-9DD7-89573CE4C73A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B091B9BA-D4CA-435B-8D66-602B45F0E0BD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08F0F160-DAD2-48D4-B7B2-4818B2526F35",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "977D597B-F6DE-4438-AB02-06BE64D71EBE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5520:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B387F62-6341-434D-903F-9B72E7F84ECB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB71EB29-0115-4307-A9F7-262394FD9FB0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5540:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C5A524-E1D9-480F-B655-0680AA5BF720",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5545-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57179F60-E330-4FF0-9664-B1E4637FF210",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5550:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6287D95-F564-44B7-A0F9-91396D7C2C4E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5535C936-391B-4619-AA03-B35265FC15D7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1E828B8-5ECC-4A09-B2AD-DEDC558713DE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16AE20C2-C77E-4E04-BF13-A48696E52426",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "73A0B57C-1076-4382-BADE-9EB2E18FAB9C",
              "versionEndExcluding": "6.2.3.12",
              "versionStartIncluding": "6.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A16803C-579C-4992-B37E-7CEC17307659",
              "versionEndExcluding": "6.3.0.3",
              "versionStartIncluding": "6.3.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the TCP proxy functionality for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to an error in TCP-based packet inspection, which could cause the TCP packet to have an invalid Layer 2 (L2)-formatted header. An attacker could exploit this vulnerability by sending a crafted TCP packet sequence to the targeted device. A successful exploit could allow the attacker to cause a DoS condition."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la funcionalidad de proxy TCP para el software Adaptive Security Appliance (ASA) de Cisco  y el software Firepower Threat Defense (FTD) de Cisco, podr\u00eda permitir que un atacante remoto no identificado cause que el dispositivo se reinicie  inesperadamente, dando como resultado  una condici\u00f3n de Denegaci\u00f3n de Servicio (DoS) . La vulnerabilidad es debido a un error en la inspecci\u00f3n de paquetes basados en TCP, lo que podr\u00eda causar que el paquete TCP tenga un encabezado formateado de capa 2 (L2) no v\u00e1lido. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una secuencia de paquetes TCP creada hacia el dispositivo de destino. Una operaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar una condici\u00f3n DoS."
    }
  ],
  "id": "CVE-2019-1687",
  "lastModified": "2024-11-21T04:37:06.050",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-05-03T15:29:00.837",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/108176"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftdtcp-dos"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/108176"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftdtcp-dos"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2019-11-05 20:15

Modified

2024-11-26 16:09

Severity ?

5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Summary

A vulnerability in the HTTP traffic filtering component of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow an unauthenticated, remote attacker to bypass filtering protections. The vulnerability is due to improper handling of HTTP requests, including those communicated over a secure HTTPS connection, that contain maliciously crafted headers. An attacker could exploit this vulnerability by sending malicious requests to an affected device. An exploit could allow the attacker to bypass filtering and deliver malicious requests to protected systems, allowing attackers to deliver malicious content that would otherwise be blocked.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190816-ftd-http	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190816-ftd-http	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_services_software_for_asa	-
cisco	firepower_threat_defense	-
cisco	secure_firewall_management_center	2.9.13
cisco	secure_firewall_management_center	2.9.14.0
cisco	secure_firewall_management_center	3.0.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_services_software_for_asa:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4C5EF69-498C-4433-8B86-91EB343C3F63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E239E86-8CC7-4BE1-BE5F-AF623DB68058",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:2.9.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A0E77B1-0B0C-47A6-B906-7BBA3CF8C890",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:2.9.14.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2986D5BD-1936-41BD-A992-7672C019F27E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:3.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0E7A9BD-8C83-401C-BB3E-E52F4B7608A5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the HTTP traffic filtering component of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow an unauthenticated, remote attacker to bypass filtering protections. The vulnerability is due to improper handling of HTTP requests, including those communicated over a secure HTTPS connection, that contain maliciously crafted headers. An attacker could exploit this vulnerability by sending malicious requests to an affected device. An exploit could allow the attacker to bypass filtering and deliver malicious requests to protected systems, allowing attackers to deliver malicious content that would otherwise be blocked."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el componente de filtrado de tr\u00e1fico HTTP del software Cisco Firepower Threat Defense, el software Cisco FirePOWER Services para ASA y el software Cisco Firepower Management Center, podr\u00eda permitir a un atacante remoto no autenticado omitir las protecciones de filtrado. La vulnerabilidad es debido al manejo inapropiado de las peticiones HTTP, incluidas las comunicadas por medio de una conexi\u00f3n HTTPS segura, que contienen encabezados especialmente dise\u00f1ados con fines maliciosos. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de peticiones maliciosas a un dispositivo afectado. Una explotaci\u00f3n podr\u00eda permitir al atacante evitar el filtrado y entregar peticiones maliciosas hacia los sistemas protegidos, lo que permitir\u00eda a atacantes entregar contenido malicioso que de otra manera se bloquear\u00eda."
    }
  ],
  "id": "CVE-2019-1982",
  "lastModified": "2024-11-26T16:09:02.407",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-11-05T20:15:11.907",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190816-ftd-http"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190816-ftd-http"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-276"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2023-11-01 18:15

Modified

2024-11-21 07:41

Severity ?

4.0 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Summary

A vulnerability in the IP geolocation rules of Snort 3 could allow an unauthenticated, remote attacker to potentially bypass IP address restrictions. This vulnerability exists because the configuration for IP geolocation rules is not parsed properly. An attacker could exploit this vulnerability by spoofing an IP address until they bypass the restriction. A successful exploit could allow the attacker to bypass location-based IP address restrictions.

References

▼	URL	Tags
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftdsnort3sip-bypass-LMz2ThKn	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftdsnort3sip-bypass-LMz2ThKn	Vendor Advisory

Impacted products

	Vendor	Product	Version
	cisco	firepower_threat_defense	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C09834D9-E0C1-49C9-92A9-4FF1F84D37FC",
              "versionEndIncluding": "7.3.1.1",
              "versionStartIncluding": "6.7.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the IP geolocation rules of Snort 3 could allow an unauthenticated, remote attacker to potentially bypass IP address restrictions. This vulnerability exists because the configuration for IP geolocation rules is not parsed properly. An attacker could exploit this vulnerability by spoofing an IP address until they bypass the restriction. A successful exploit could allow the attacker to bypass location-based IP address restrictions."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en las reglas de geolocalizaci\u00f3n de IP de Snort 3 podr\u00eda permitir que un atacante remoto no autenticado potencialmente evite las restricciones de direcciones IP. Esta vulnerabilidad existe porque la configuraci\u00f3n de las reglas de geolocalizaci\u00f3n de IP no se analiza correctamente. Un atacante podr\u00eda aprovechar esta vulnerabilidad falsificando una direcci\u00f3n IP hasta omitir la restricci\u00f3n. Un exploit exitoso podr\u00eda permitir al atacante omitir las restricciones de direcciones IP basadas en la ubicaci\u00f3n."
    }
  ],
  "id": "CVE-2023-20267",
  "lastModified": "2024-11-21T07:41:02.150",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.0,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 1.4,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-11-01T18:15:09.810",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftdsnort3sip-bypass-LMz2ThKn"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftdsnort3sip-bypass-LMz2ThKn"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-284"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-10-21 19:15

Modified

2024-11-21 05:31

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Summary

A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to upload arbitrary-sized files to specific folders on an affected device, which could lead to an unexpected device reload. The vulnerability exists because the affected software does not efficiently handle the writing of large files to specific folders on the local file system. An attacker could exploit this vulnerability by uploading files to those specific folders. A successful exploit could allow the attacker to write a file that triggers a watchdog timeout, which would cause the device to unexpectedly reload, causing a denial of service (DoS) condition.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-fileup-dos-zvC7wtys	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-fileup-dos-zvC7wtys	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	6.6.0
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDD51404-99D0-45D6-8998-02861FF10108",
              "versionEndExcluding": "9.6.4.45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2330600D-6AB1-4912-A595-2AE167853B93",
              "versionEndIncluding": "6.2.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D27DE97-510A-4761-8184-6940745B54E2",
              "versionEndExcluding": "6.3.0.6",
              "versionStartIncluding": "6.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "53C69C8B-5A19-4613-8861-683CF21806B7",
              "versionEndExcluding": "6.4.0.10",
              "versionStartIncluding": "6.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3ED0E59C-146C-494F-AD46-F6FB43F9C575",
              "versionEndExcluding": "6.5.0.5",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCD69468-8067-4A5D-B2B0-EC510D889AA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC125A5B-3544-4ABF-9A27-2596D717C22A",
              "versionEndExcluding": "9.8.4.25",
              "versionStartIncluding": "9.8.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E16D2CA3-B494-4348-BF0C-03969D1423D0",
              "versionEndExcluding": "9.9.2.80",
              "versionStartIncluding": "9.9.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFF8B79C-41E6-4367-8A37-C1A41DA8345E",
              "versionEndExcluding": "9.10.1.44",
              "versionStartIncluding": "9.10.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7A573BF-C6E7-4985-9B93-928584F7A986",
              "versionEndExcluding": "9.12.4.2",
              "versionStartIncluding": "9.12.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "00E5D38D-07C2-4543-96B0-7FB9582A37FB",
              "versionEndExcluding": "9.13.1.12",
              "versionStartIncluding": "9.13.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8353B0CD-5C3F-4F18-966B-DB43DA92838E",
              "versionEndExcluding": "9.14.1.15",
              "versionStartIncluding": "9.14.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to upload arbitrary-sized files to specific folders on an affected device, which could lead to an unexpected device reload. The vulnerability exists because the affected software does not efficiently handle the writing of large files to specific folders on the local file system. An attacker could exploit this vulnerability by uploading files to those specific folders. A successful exploit could allow the attacker to write a file that triggers a watchdog timeout, which would cause the device to unexpectedly reload, causing a denial of service (DoS) condition."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la interfaz de servicios web de Cisco Adaptive Security Appliance (ASA) y Cisco Firepower Threat Defense (FTD) Software, podr\u00eda permitir a un atacante remoto no autenticado cargar archivos de tama\u00f1o arbitrario en carpetas espec\u00edficas en un dispositivo afectado, que podr\u00eda conllevar a una recarga inesperada del dispositivo.\u0026#xa0;La vulnerabilidad se presenta porque el software afectado no maneja de manera eficiente la escritura de archivos de gran tama\u00f1o en carpetas espec\u00edficas en el sistema de archivos local.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad mediante la carga de archivos en esas carpetas espec\u00edficas.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir a un atacante escribir un archivo que desencadena un tiempo de espera del watchdog, lo que causar\u00eda la recarga inesperada del dispositivo, causando una condici\u00f3n de denegaci\u00f3n de servicio (DoS)"
    }
  ],
  "id": "CVE-2020-3436",
  "lastModified": "2024-11-21T05:31:03.880",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-10-21T19:15:16.077",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-fileup-dos-zvC7wtys"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-fileup-dos-zvC7wtys"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-434"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-434"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2022-11-15 21:15

Modified

2024-11-21 06:43

Severity ?

7.7 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Summary

A vulnerability in the Simple Network Management Protocol (SNMP) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted SNMP request to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition.

References

▼	URL	Tags
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-snmp-dos-qsqBNM6x
	af854a3a-2127-422b-91ae-364da2661108	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-snmp-dos-qsqBNM6x

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance_software	9.14.1
cisco	adaptive_security_appliance_software	9.14.1.6
cisco	adaptive_security_appliance_software	9.14.1.10
cisco	adaptive_security_appliance_software	9.14.1.15
cisco	adaptive_security_appliance_software	9.14.1.19
cisco	adaptive_security_appliance_software	9.14.1.30
cisco	adaptive_security_appliance_software	9.14.2
cisco	adaptive_security_appliance_software	9.14.2.4
cisco	adaptive_security_appliance_software	9.14.2.8
cisco	adaptive_security_appliance_software	9.14.2.13
cisco	adaptive_security_appliance_software	9.14.2.15
cisco	adaptive_security_appliance_software	9.14.3
cisco	adaptive_security_appliance_software	9.14.3.1
cisco	adaptive_security_appliance_software	9.14.3.9
cisco	adaptive_security_appliance_software	9.14.3.11
cisco	adaptive_security_appliance_software	9.14.3.13
cisco	adaptive_security_appliance_software	9.14.3.15
cisco	adaptive_security_appliance_software	9.14.3.18
cisco	adaptive_security_appliance_software	9.14.4
cisco	adaptive_security_appliance_software	9.14.4.6
cisco	adaptive_security_appliance_software	9.14.4.7
cisco	adaptive_security_appliance_software	9.14.4.12
cisco	adaptive_security_appliance_software	9.15.1
cisco	adaptive_security_appliance_software	9.15.1.1
cisco	adaptive_security_appliance_software	9.15.1.7
cisco	adaptive_security_appliance_software	9.15.1.10
cisco	adaptive_security_appliance_software	9.15.1.15
cisco	adaptive_security_appliance_software	9.15.1.16
cisco	adaptive_security_appliance_software	9.15.1.17
cisco	adaptive_security_appliance_software	9.15.1.21
cisco	adaptive_security_appliance_software	9.16.3
cisco	adaptive_security_appliance_software	9.16.3.3
cisco	adaptive_security_appliance_software	9.16.3.14
cisco	adaptive_security_appliance_software	9.17.1
cisco	adaptive_security_appliance_software	9.17.1.7
cisco	adaptive_security_appliance_software	9.17.1.9
cisco	adaptive_security_appliance_software	9.17.1.10
cisco	adaptive_security_appliance_software	9.17.1.11
cisco	adaptive_security_appliance_software	9.17.1.13
cisco	adaptive_security_appliance_software	9.17.1.15
cisco	adaptive_security_appliance_software	9.18.1
cisco	firepower_threat_defense	6.6.0
cisco	firepower_threat_defense	6.6.0.1
cisco	firepower_threat_defense	6.6.1
cisco	firepower_threat_defense	6.6.3
cisco	firepower_threat_defense	6.6.4
cisco	firepower_threat_defense	6.6.5
cisco	firepower_threat_defense	6.6.5.1
cisco	firepower_threat_defense	6.6.5.2
cisco	firepower_threat_defense	6.7.0
cisco	firepower_threat_defense	6.7.0.1
cisco	firepower_threat_defense	6.7.0.2
cisco	firepower_threat_defense	6.7.0.3
cisco	firepower_threat_defense	7.0.0
cisco	firepower_threat_defense	7.0.0.1
cisco	firepower_threat_defense	7.0.1
cisco	firepower_threat_defense	7.0.1.1
cisco	firepower_threat_defense	7.0.2
cisco	firepower_threat_defense	7.0.2.1
cisco	firepower_threat_defense	7.0.3
cisco	firepower_threat_defense	7.1.0.0
cisco	firepower_threat_defense	7.1.0.1
cisco	firepower_threat_defense	7.1.0.2
cisco	firepower_threat_defense	7.2.0
cisco	firepower_threat_defense	7.2.0.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "52D83C3A-ED0B-42D5-A08A-97D27E189875",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "A649E319-D408-4AA2-8293-C9E37AF14BA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4187EFE-4D7E-4493-A6E0-24C98256CF79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "6730194F-5069-40AB-AE66-871D3992560C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E257F98-D1A0-4D28-9504-1749CC090D49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FF1A5FC-73BE-4218-86D9-2E81FA64EABD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E492943-6EC0-4E34-9DBC-DD1C2CF1CDCC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "589E46F3-8038-4B87-8C40-55C6268B82F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F3B73F6-139E-42DC-B895-DDD17B5A1138",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A2590E7-FE04-4B29-B36B-AABAA5F3B9AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E4FD5E3-7E82-4294-8B05-D2045D857029",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E998A4A-5346-4CFA-A617-FD1106C6B7A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "91265549-A16E-4A00-A031-4F1EB8D6881C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA3C316B-5485-4CDD-A1A1-6C0A9CB4719F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECE6D033-7B8B-4F61-B653-0C0EF13466EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "14441650-DAD5-4959-83DF-4D6F3D6A05FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B21ABC9-A64B-43E4-8951-1E6C0F427DBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "A48EC041-322F-422D-B95B-0FC07BDA2B6B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE0D50C0-DADB-4747-8649-8A5257111FE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEE2699F-353F-44CB-A778-981783DDC31F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D8E50BD-1FBD-483B-9C27-70E95C732E55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "F46E5E4F-787C-4C05-B1E7-C39BB9125D16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA0B9B73-A9E6-4924-9EAE-B57E534938FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "012812C4-EFF8-465F-A771-134BEB617CC9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "E06141A9-8C37-445A-B58A-45739AFE7D4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "7EDC09E5-51D3-4672-B910-B34A9CBD6128",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "71ED7A71-81CB-444C-A4ED-EA4A58D5E73C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "CAD13331-0EB8-4C8D-85CC-D96CA9F829AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "7137F22B-F993-4620-9378-9412DAEA9EF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "923A40E8-6456-4288-B9AB-DBF5F9C4246A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "08CCBF5E-257A-4A1F-8930-3643A9588838",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "782BC9ED-1395-472B-9F34-DED812AA5BFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "153449C0-B93F-49A2-8A6A-BE84305E8D2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "27ACBA2A-87A7-4836-A474-AFD7D22F820D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "C73E0B2E-BABF-4998-A1D7-4E803F9D78AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "59306ADF-FAA6-4970-ADFB-C5D9A5AEF1AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "959107AC-E9EC-467C-901B-A3164E3762E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F944F8F-0255-42BE-BD44-D21EC9F0FFC4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F39C535-5A41-47CE-A9CF-B360998D4BF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9CEAEFC-7B82-41F9-A09D-C86A3A60A4FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BA16A6D-2747-4DAC-A30A-166F1FD906FA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCD69468-8067-4A5D-B2B0-EC510D889AA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "20AE4051-FA3B-4F0B-BD3D-083A14269FF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "46A42D07-FF3E-41B4-BA39-3A5BDA4E0E61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3985EA37-2B77-45F2-ABA5-5CCC7B35CA2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "67FB5ABE-3C40-4C58-B91F-0621C2180FAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "53909FD6-EC74-4D2F-99DA-26E70400B53F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "55FE024D-0D43-40AD-9645-8C54ECF17824",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC411A8D-CD39-46F5-B8FC-6753E618FAEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "85F22403-B4EE-4303-9C94-915D3E0AC944",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "828E3DE1-B62E-4FEC-AAD3-EB0E452C9CBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "596EC5DD-D7F4-44C8-B4B5-E2DC142FC486",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C356E0E6-5B87-40CF-996E-6FFEDFD82A31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBCA75A6-0A3E-4393-8884-9F3CE190641E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F3C12D3-7662-46C5-9E88-D1BE6CF605E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "046B53A0-6BC1-461A-9C28-C534CE12C4BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA889E1-4E8F-4ECE-88AC-7A240D5CBF0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D1C767F-3E06-43B7-A0CC-D51D97A053EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "43A950B0-A7CA-4CE7-A393-A18C8C41B08E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7E221CB-BD0F-4AEE-8646-998B75647714",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7533780-0DF9-41BE-8455-F60676785689",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "469EA365-DED5-4436-AAC2-5553529DE700",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D94F400-5A35-41F5-B37F-E9DA6F87ED8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FD5D12-CF1A-4990-99B3-1840EFBA5611",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCD2D11D-FF08-44E4-BF67-D8DD1E701FCD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the Simple Network Management Protocol (SNMP) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\r\n\r This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted SNMP request to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la funci\u00f3n del Protocolo Simple de Administraci\u00f3n de Red (SNMP) del software Cisco Adaptive Security Appliance (ASA) y del software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir que un atacante remoto autenticado provoque una condici\u00f3n de Denegaci\u00f3n de Servicio (DoS) en el dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n de entrada insuficiente. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una solicitud SNMP manipulada a un dispositivo afectado. Un exploit exitoso podr\u00eda permitir al atacante hacer que el dispositivo afectado entre en bucle de carga, lo que resultar\u00eda en una condici\u00f3n DoS."
    }
  ],
  "id": "CVE-2022-20924",
  "lastModified": "2024-11-21T06:43:50.043",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.7,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.1,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-11-15T21:15:31.730",
  "references": [
    {
      "source": "psirt@cisco.com",
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-snmp-dos-qsqBNM6x"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-snmp-dos-qsqBNM6x"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-703"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2024-10-23 17:15

Modified

2025-08-01 16:11

Severity ?

7.7 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

Summary

A vulnerability in the Simple Network Management Protocol (SNMP) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause an unexpected reload of the device. This vulnerability is due to insufficient input validation of SNMP packets. An attacker could exploit this vulnerability by sending a crafted SNMP request to an affected device using IPv4 or IPv6. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. This vulnerability affects all versions of SNMP (versions 1, 2c, and 3) and requires a valid SNMP community string or valid SNMPv3 user credentials.

References

URL	Tags
psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-snmp-dos-7TcnzxTU	Vendor Advisory
psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-M446vbEO	Broken Link
psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance_software	9.14.1
cisco	adaptive_security_appliance_software	9.14.1.6
cisco	adaptive_security_appliance_software	9.14.1.10
cisco	adaptive_security_appliance_software	9.14.1.15
cisco	adaptive_security_appliance_software	9.14.1.19
cisco	adaptive_security_appliance_software	9.14.1.30
cisco	adaptive_security_appliance_software	9.14.2
cisco	adaptive_security_appliance_software	9.14.2.4
cisco	adaptive_security_appliance_software	9.14.2.8
cisco	adaptive_security_appliance_software	9.14.2.13
cisco	adaptive_security_appliance_software	9.14.2.15
cisco	adaptive_security_appliance_software	9.14.3
cisco	adaptive_security_appliance_software	9.14.3.1
cisco	adaptive_security_appliance_software	9.14.3.9
cisco	adaptive_security_appliance_software	9.14.3.11
cisco	adaptive_security_appliance_software	9.14.3.13
cisco	adaptive_security_appliance_software	9.14.3.15
cisco	adaptive_security_appliance_software	9.14.3.18
cisco	adaptive_security_appliance_software	9.14.4
cisco	adaptive_security_appliance_software	9.14.4.6
cisco	adaptive_security_appliance_software	9.14.4.7
cisco	adaptive_security_appliance_software	9.14.4.12
cisco	adaptive_security_appliance_software	9.14.4.13
cisco	adaptive_security_appliance_software	9.14.4.14
cisco	adaptive_security_appliance_software	9.14.4.15
cisco	adaptive_security_appliance_software	9.14.4.17
cisco	adaptive_security_appliance_software	9.14.4.22
cisco	adaptive_security_appliance_software	9.14.4.23
cisco	adaptive_security_appliance_software	9.14.4.24
cisco	adaptive_security_appliance_software	9.15.1
cisco	adaptive_security_appliance_software	9.15.1.1
cisco	adaptive_security_appliance_software	9.15.1.7
cisco	adaptive_security_appliance_software	9.15.1.10
cisco	adaptive_security_appliance_software	9.15.1.15
cisco	adaptive_security_appliance_software	9.15.1.16
cisco	adaptive_security_appliance_software	9.15.1.17
cisco	adaptive_security_appliance_software	9.15.1.21
cisco	adaptive_security_appliance_software	9.16.1
cisco	adaptive_security_appliance_software	9.16.1.28
cisco	adaptive_security_appliance_software	9.16.2
cisco	adaptive_security_appliance_software	9.16.2.3
cisco	adaptive_security_appliance_software	9.16.2.7
cisco	adaptive_security_appliance_software	9.16.2.11
cisco	adaptive_security_appliance_software	9.16.2.13
cisco	adaptive_security_appliance_software	9.16.2.14
cisco	adaptive_security_appliance_software	9.16.3
cisco	adaptive_security_appliance_software	9.16.3.3
cisco	adaptive_security_appliance_software	9.16.3.14
cisco	adaptive_security_appliance_software	9.16.3.15
cisco	adaptive_security_appliance_software	9.16.3.19
cisco	adaptive_security_appliance_software	9.16.3.23
cisco	adaptive_security_appliance_software	9.16.4
cisco	adaptive_security_appliance_software	9.16.4.9
cisco	adaptive_security_appliance_software	9.16.4.14
cisco	adaptive_security_appliance_software	9.16.4.18
cisco	adaptive_security_appliance_software	9.16.4.19
cisco	adaptive_security_appliance_software	9.16.4.27
cisco	adaptive_security_appliance_software	9.16.4.38
cisco	adaptive_security_appliance_software	9.16.4.39
cisco	adaptive_security_appliance_software	9.16.4.42
cisco	adaptive_security_appliance_software	9.16.4.48
cisco	adaptive_security_appliance_software	9.17.1
cisco	adaptive_security_appliance_software	9.17.1.7
cisco	adaptive_security_appliance_software	9.17.1.9
cisco	adaptive_security_appliance_software	9.17.1.10
cisco	adaptive_security_appliance_software	9.17.1.11
cisco	adaptive_security_appliance_software	9.17.1.13
cisco	adaptive_security_appliance_software	9.17.1.15
cisco	adaptive_security_appliance_software	9.17.1.20
cisco	adaptive_security_appliance_software	9.17.1.30
cisco	adaptive_security_appliance_software	9.17.1.33
cisco	adaptive_security_appliance_software	9.18.1
cisco	adaptive_security_appliance_software	9.18.1.3
cisco	adaptive_security_appliance_software	9.18.2
cisco	adaptive_security_appliance_software	9.18.2.5
cisco	adaptive_security_appliance_software	9.18.2.7
cisco	adaptive_security_appliance_software	9.18.2.8
cisco	adaptive_security_appliance_software	9.18.3
cisco	adaptive_security_appliance_software	9.18.3.39
cisco	adaptive_security_appliance_software	9.18.3.46
cisco	adaptive_security_appliance_software	9.18.3.53
cisco	adaptive_security_appliance_software	9.18.3.55
cisco	adaptive_security_appliance_software	9.18.3.56
cisco	adaptive_security_appliance_software	9.18.4
cisco	adaptive_security_appliance_software	9.18.4.5
cisco	adaptive_security_appliance_software	9.18.4.8
cisco	adaptive_security_appliance_software	9.19.1
cisco	adaptive_security_appliance_software	9.19.1.5
cisco	adaptive_security_appliance_software	9.19.1.9
cisco	adaptive_security_appliance_software	9.19.1.12
cisco	adaptive_security_appliance_software	9.19.1.18
cisco	adaptive_security_appliance_software	9.19.1.22
cisco	adaptive_security_appliance_software	9.19.1.24
cisco	adaptive_security_appliance_software	9.19.1.27
cisco	adaptive_security_appliance_software	9.20.1
cisco	adaptive_security_appliance_software	9.20.1.5
cisco	adaptive_security_appliance_software	9.20.2
cisco	firepower_threat_defense	6.6.0
cisco	firepower_threat_defense	6.6.0.1
cisco	firepower_threat_defense	6.6.1
cisco	firepower_threat_defense	6.6.3
cisco	firepower_threat_defense	6.6.4
cisco	firepower_threat_defense	6.6.5
cisco	firepower_threat_defense	6.6.5.1
cisco	firepower_threat_defense	6.6.5.2
cisco	firepower_threat_defense	6.6.7
cisco	firepower_threat_defense	6.6.7.1
cisco	firepower_threat_defense	6.6.7.2
cisco	firepower_threat_defense	6.7.0
cisco	firepower_threat_defense	6.7.0.1
cisco	firepower_threat_defense	6.7.0.2
cisco	firepower_threat_defense	6.7.0.3
cisco	firepower_threat_defense	7.0.0
cisco	firepower_threat_defense	7.0.0.1
cisco	firepower_threat_defense	7.0.1
cisco	firepower_threat_defense	7.0.1.1
cisco	firepower_threat_defense	7.0.2
cisco	firepower_threat_defense	7.0.2.1
cisco	firepower_threat_defense	7.0.3
cisco	firepower_threat_defense	7.0.4
cisco	firepower_threat_defense	7.0.5
cisco	firepower_threat_defense	7.0.6
cisco	firepower_threat_defense	7.0.6.1
cisco	firepower_threat_defense	7.1.0
cisco	firepower_threat_defense	7.1.0.1
cisco	firepower_threat_defense	7.1.0.2
cisco	firepower_threat_defense	7.1.0.3
cisco	firepower_threat_defense	7.2.0
cisco	firepower_threat_defense	7.2.0.1
cisco	firepower_threat_defense	7.2.1
cisco	firepower_threat_defense	7.2.2
cisco	firepower_threat_defense	7.2.3
cisco	firepower_threat_defense	7.2.4
cisco	firepower_threat_defense	7.2.4.1
cisco	firepower_threat_defense	7.2.5
cisco	firepower_threat_defense	7.2.5.1
cisco	firepower_threat_defense	7.2.5.2
cisco	firepower_threat_defense	7.3.0
cisco	firepower_threat_defense	7.3.1
cisco	firepower_threat_defense	7.3.1.1
cisco	firepower_threat_defense	7.3.1.2
cisco	firepower_threat_defense	7.4.0
cisco	firepower_threat_defense	7.4.1
cisco	firepower_threat_defense	7.4.1.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "52D83C3A-ED0B-42D5-A08A-97D27E189875",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "A649E319-D408-4AA2-8293-C9E37AF14BA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4187EFE-4D7E-4493-A6E0-24C98256CF79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "6730194F-5069-40AB-AE66-871D3992560C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E257F98-D1A0-4D28-9504-1749CC090D49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FF1A5FC-73BE-4218-86D9-2E81FA64EABD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E492943-6EC0-4E34-9DBC-DD1C2CF1CDCC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "589E46F3-8038-4B87-8C40-55C6268B82F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F3B73F6-139E-42DC-B895-DDD17B5A1138",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A2590E7-FE04-4B29-B36B-AABAA5F3B9AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E4FD5E3-7E82-4294-8B05-D2045D857029",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E998A4A-5346-4CFA-A617-FD1106C6B7A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "91265549-A16E-4A00-A031-4F1EB8D6881C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA3C316B-5485-4CDD-A1A1-6C0A9CB4719F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECE6D033-7B8B-4F61-B653-0C0EF13466EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "14441650-DAD5-4959-83DF-4D6F3D6A05FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B21ABC9-A64B-43E4-8951-1E6C0F427DBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "A48EC041-322F-422D-B95B-0FC07BDA2B6B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE0D50C0-DADB-4747-8649-8A5257111FE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEE2699F-353F-44CB-A778-981783DDC31F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D8E50BD-1FBD-483B-9C27-70E95C732E55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "F46E5E4F-787C-4C05-B1E7-C39BB9125D16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6A29312-38E7-456B-94DD-4D7329691114",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "27F7BB31-C733-4C32-BF0F-33B5AF020156",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC313568-33A6-435B-98FF-8A7091D9C451",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F85710A-28CE-4913-8523-356461908FBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6069950-016B-419A-B754-D58956CB6D14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A2F3FEC-624F-47C5-B056-836861BB038A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C4B1136-66B6-42BA-BC17-86E7DCE1CF29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA0B9B73-A9E6-4924-9EAE-B57E534938FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "012812C4-EFF8-465F-A771-134BEB617CC9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "E06141A9-8C37-445A-B58A-45739AFE7D4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "7EDC09E5-51D3-4672-B910-B34A9CBD6128",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "71ED7A71-81CB-444C-A4ED-EA4A58D5E73C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "CAD13331-0EB8-4C8D-85CC-D96CA9F829AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "7137F22B-F993-4620-9378-9412DAEA9EF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "923A40E8-6456-4288-B9AB-DBF5F9C4246A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "13F57A86-6284-4269-823E-B30C57185D14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.1.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6560447-039C-40FA-A24D-C8994AC2743B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "378ED826-F5FE-40BA-9FC0-9C185A13518B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "130B6FD9-764D-4EF8-91AA-37E52AE9B3E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "225861CE-FFF8-4AFA-A07B-CB8D5BC9C361",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD08C4E8-3ADB-4048-9B3C-4F0385201523",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4875811-F209-49ED-B310-8377B2F87FF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "99C52C7B-B626-4A3C-A2EC-28A20E7FA95F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "08CCBF5E-257A-4A1F-8930-3643A9588838",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "782BC9ED-1395-472B-9F34-DED812AA5BFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "153449C0-B93F-49A2-8A6A-BE84305E8D2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "853A002C-839A-4372-8485-750A86E9F6E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "C62BB5D6-CE75-4C83-82DC-4148EF8CB1F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "D32F1365-EAF8-4570-B2FF-45E47E8586F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFD07F9B-6BB3-4423-8DBE-4E89A6478E65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "34FE4F28-B704-4325-AE8A-C790163FEE71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "E832BC0C-8439-4779-9064-C2D93F231031",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA99DF94-D031-4375-9A16-306606FE28F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC149D03-5609-46E6-A1B3-F4D91F282B49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.27:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5D7FC6F-1370-4272-97E5-226C2ED1D335",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.38:*:*:*:*:*:*:*",
              "matchCriteriaId": "164D5774-D51B-47C6-AD32-ED6B84E78BBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "24A810C8-1BB5-4589-84AB-C357C1937201",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.42:*:*:*:*:*:*:*",
              "matchCriteriaId": "F22D8D65-2E88-4557-BF85-1E3ABD4CCAE8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.48:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF62C9AF-70F5-4A12-9B0A-F32551FB2C40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "27ACBA2A-87A7-4836-A474-AFD7D22F820D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "C73E0B2E-BABF-4998-A1D7-4E803F9D78AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "59306ADF-FAA6-4970-ADFB-C5D9A5AEF1AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "959107AC-E9EC-467C-901B-A3164E3762E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F944F8F-0255-42BE-BD44-D21EC9F0FFC4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F39C535-5A41-47CE-A9CF-B360998D4BF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9CEAEFC-7B82-41F9-A09D-C86A3A60A4FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "40FAC31D-19C0-4BA0-A019-C7E7A0BA0B5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "6CAAFE0F-416F-4BCA-BA37-30EAEADA8AFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E1E8552-58F0-491E-B7D7-E89527872FC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BA16A6D-2747-4DAC-A30A-166F1FD906FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "289F9874-FC01-4809-9BDA-1AF583FB60B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "74EDFC67-E4EE-4D2C-BF9F-5881C987C662",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "826869BE-4874-4BBA-9392-14851560BA10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF52D477-3045-45D1-9FD3-12F396266463",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "88E310BF-F1F6-4124-A875-81967B9B531E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B330F8F-F0DA-472C-A932-AD1D232C7DB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BF59DAA-268C-4FCF-A0AA-7967128AEBC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.46:*:*:*:*:*:*:*",
              "matchCriteriaId": "140ED95D-173C-4ADB-A2E6-97F0D595D1AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.53:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC9B00E1-3E50-4356-B6D9-F84BCD552402",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.55:*:*:*:*:*:*:*",
              "matchCriteriaId": "552319A9-01F7-47BA-83B3-B2DD648AA07E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.56:*:*:*:*:*:*:*",
              "matchCriteriaId": "4914603C-4B1B-48F1-826C-DB803BD21F87",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AE21762-3085-4AFC-B1DE-A4562CDAC509",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "852C3478-7529-4002-8540-ABA4D556DEFC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "23B8A815-5D58-4952-936E-D47B83637BEB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEE52F59-AABA-4069-A909-64AD5DFD2B18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "20D7966E-B02B-48C8-BF96-723DD6C25314",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA618249-E76F-4104-9326-C9F2DC8DE3D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C925E1F-6BD9-4CD1-8AC4-4263A9094786",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5EE76D9-6D18-4823-B6B0-E1394A4D140C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F635946-586D-4DE2-927B-300CE569C596",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "459C11B9-ABA1-472A-8CDA-9C7B4E48E943",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.27:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA060112-E2D8-4EC5-8400-D8D189A119B5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B25468E3-03F9-4C2A-B82A-F87F4FCD57E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EC6F412-4A30-4E9A-B8DF-C4BF80E5C4B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA47E8EA-29F2-40F3-826E-E7295FFAD8C1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCD69468-8067-4A5D-B2B0-EC510D889AA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "20AE4051-FA3B-4F0B-BD3D-083A14269FF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "46A42D07-FF3E-41B4-BA39-3A5BDA4E0E61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3985EA37-2B77-45F2-ABA5-5CCC7B35CA2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "67FB5ABE-3C40-4C58-B91F-0621C2180FAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "53909FD6-EC74-4D2F-99DA-26E70400B53F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "55FE024D-0D43-40AD-9645-8C54ECF17824",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC411A8D-CD39-46F5-B8FC-6753E618FAEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "D46E2E00-BA86-4002-B67B-2C1A6C1AAAE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "91AD8BA2-EB8D-4D8B-B707-AF5C2A831998",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FA95508-0A28-4D4A-81A7-5CDD1F5DA46C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "85F22403-B4EE-4303-9C94-915D3E0AC944",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "828E3DE1-B62E-4FEC-AAD3-EB0E452C9CBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "596EC5DD-D7F4-44C8-B4B5-E2DC142FC486",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C356E0E6-5B87-40CF-996E-6FFEDFD82A31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBCA75A6-0A3E-4393-8884-9F3CE190641E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F3C12D3-7662-46C5-9E88-D1BE6CF605E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "046B53A0-6BC1-461A-9C28-C534CE12C4BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA889E1-4E8F-4ECE-88AC-7A240D5CBF0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D1C767F-3E06-43B7-A0CC-D51D97A053EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "43A950B0-A7CA-4CE7-A393-A18C8C41B08E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7E221CB-BD0F-4AEE-8646-998B75647714",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "225382DE-2919-48F4-9CC0-DE685EAAFDF4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBA2DFE7-F478-46EC-9832-4B2C738FC879",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "39FE5927-2421-4CBE-97EA-6AED892DA1C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8BF2227-3C50-4FD1-98DB-21196E75D1DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D619BF54-1BA9-45D0-A876-92D7010088A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "469EA365-DED5-4436-AAC2-5553529DE700",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D94F400-5A35-41F5-B37F-E9DA6F87ED8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5364CB94-BEA3-4E9A-A2F9-EE96A2D7F8AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FD5D12-CF1A-4990-99B3-1840EFBA5611",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCD2D11D-FF08-44E4-BF67-D8DD1E701FCD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F788D156-1F1F-4A08-848B-257BC4CCE000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "795ED164-7800-4D50-8E37-665BE30190D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B0664B8-1670-4F47-A01E-089D05A9618A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6826018-5620-4924-BE92-6A245378F610",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A49A07CF-12BA-481C-B5FF-754520080A8A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "F203C7D1-AA92-4367-B7A5-EBAE6B76EE6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0064C97F-1140-43AC-8229-C8CCC367DC4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9296D33-D59A-463D-9722-9D4C3F720E7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBC0C3DC-4761-488A-90A9-6EA45EE61526",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "62EE065B-F8B6-4125-8486-B2EE0566B27A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5245DEF8-64BE-47C9-AA3C-DF3F7F92A89F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5A52991-802D-46FB-A508-5616BA1CEB78",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3E08AAC-9C5E-4D18-817C-C466D1D6C4DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "724A3B6F-DDAB-4A2F-8430-9E1F352D755F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.4.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDBF14DD-0654-47F3-A698-020397A1EAA3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the Simple Network Management Protocol (SNMP) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause an unexpected reload of the device.\r\n\r\nThis vulnerability is due to insufficient input validation of SNMP packets. An attacker could exploit this vulnerability by sending a crafted SNMP request to an affected device using IPv4 or IPv6. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. This vulnerability affects all versions of SNMP (versions 1, 2c, and 3) and requires a valid SNMP community string or valid SNMPv3 user credentials."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la funci\u00f3n de protocolo simple de administraci\u00f3n de redes (SNMP) del software Cisco Adaptive Security Appliance (ASA) y del software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir que un atacante remoto autenticado provoque una recarga inesperada del dispositivo. Esta vulnerabilidad se debe a una validaci\u00f3n de entrada insuficiente de los paquetes SNMP. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una solicitud SNMP manipulada a un dispositivo afectado mediante IPv4 o IPv6. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante haga que el dispositivo afectado se recargue, lo que da como resultado una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Esta vulnerabilidad afecta a todas las versiones de SNMP (versiones 1, 2c y 3) y requiere una cadena de comunidad SNMP v\u00e1lida o credenciales de usuario SNMPv3 v\u00e1lidas."
    }
  ],
  "id": "CVE-2024-20268",
  "lastModified": "2025-08-01T16:11:41.337",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.7,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.1,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-10-23T17:15:14.387",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-snmp-dos-7TcnzxTU"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Broken Link"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-M446vbEO"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-231"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-05-06 17:15

Modified

2024-11-21 05:30

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

A vulnerability in the generic routing encapsulation (GRE) tunnel decapsulation feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a memory handling error when GRE over IPv6 traffic is processed. An attacker could exploit this vulnerability by sending crafted GRE over IPv6 packets with either IPv4 or IPv6 payload through an affected device. A successful exploit could allow the attacker to cause the device to crash, resulting in a DoS condition.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-2-sS2h7aWe	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-2-sS2h7aWe	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	asa_5505_firmware	9.9\(2\)
cisco	asa_5505_firmware	101.5\(1.26\)
cisco	asa_5505	-
cisco	asa_5510_firmware	9.9\(2\)
cisco	asa_5510_firmware	101.5\(1.26\)
cisco	asa_5510	-
cisco	asa_5512-x_firmware	9.9\(2\)
cisco	asa_5512-x_firmware	101.5\(1.26\)
cisco	asa_5512-x	-
cisco	asa_5515-x_firmware	9.9\(2\)
cisco	asa_5515-x_firmware	101.5\(1.26\)
cisco	asa_5515-x	-
cisco	asa_5520_firmware	9.9\(2\)
cisco	asa_5520_firmware	101.5\(1.26\)
cisco	asa_5520	-
cisco	asa_5525-x_firmware	9.9\(2\)
cisco	asa_5525-x_firmware	101.5\(1.26\)
cisco	asa_5525-x	-
cisco	asa_5540_firmware	9.9\(2\)
cisco	asa_5540_firmware	101.5\(1.26\)
cisco	asa_5540	-
cisco	asa_5545-x_firmware	9.9\(2\)
cisco	asa_5545-x_firmware	101.5\(1.26\)
cisco	asa_5545-x	-
cisco	asa_5550_firmware	9.9\(2\)
cisco	asa_5550_firmware	101.5\(1.26\)
cisco	asa_5550	-
cisco	asa_5555-x_firmware	9.9\(2\)
cisco	asa_5555-x_firmware	101.5\(1.26\)
cisco	asa_5555-x	-
cisco	asa_5580_firmware	9.9\(2\)
cisco	asa_5580_firmware	101.5\(1.26\)
cisco	asa_5580	-
cisco	asa_5585-x_firmware	9.9\(2\)
cisco	asa_5585-x_firmware	101.5\(1.26\)
cisco	asa_5585-x	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3920B277-4643-4601-A4C8-05C0C3D76C42",
              "versionEndExcluding": "6.3.0.5",
              "versionStartIncluding": "6.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3EDD3A04-6832-4533-8CE6-6083720E8654",
              "versionEndExcluding": "6.4.0.6",
              "versionStartIncluding": "6.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5505_firmware:9.9\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "A83DD80F-BA91-4963-9BCB-86E29CDBCD40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5505_firmware:101.5\\(1.26\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "E1D26B17-4BC0-4182-AA15-E27B2B0A615C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E6A8BB7-2000-4CA2-9DD7-89573CE4C73A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5510_firmware:9.9\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "0124350A-B946-4E2E-9022-91F36283FD1F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5510_firmware:101.5\\(1.26\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "EAF3961E-8EEB-4D78-9C94-41BD0B1B32CC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B091B9BA-D4CA-435B-8D66-602B45F0E0BD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5512-x_firmware:9.9\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "445B2018-0C36-4548-AA11-5FCD114957B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5512-x_firmware:101.5\\(1.26\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "C38F1054-D223-492A-8901-6B20749CAFD9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08F0F160-DAD2-48D4-B7B2-4818B2526F35",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5515-x_firmware:9.9\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "296C12B8-B49C-4D54-802C-B839973598E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5515-x_firmware:101.5\\(1.26\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "077243B8-4103-42B4-874C-002BB8A81AE8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "977D597B-F6DE-4438-AB02-06BE64D71EBE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5520_firmware:9.9\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "C7DFA877-2983-49DC-9C51-1C8BC9E3C0B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5520_firmware:101.5\\(1.26\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "794CD31C-C1A4-4DE4-BDFE-CBA172398128",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5520:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B387F62-6341-434D-903F-9B72E7F84ECB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5525-x_firmware:9.9\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "925F2CEC-99EA-40AF-827C-A002900041B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5525-x_firmware:101.5\\(1.26\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "8337D8B3-E834-4E7B-9AEE-B8D181A8FC53",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB71EB29-0115-4307-A9F7-262394FD9FB0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5540_firmware:9.9\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "8A2E5A45-7AA9-43F1-A937-7EA588CA306D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5540_firmware:101.5\\(1.26\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "72446CAD-9796-4A80-8C06-621FAA7E11CE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5540:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C5A524-E1D9-480F-B655-0680AA5BF720",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5545-x_firmware:9.9\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "18F1F84D-1BDC-4C83-9AFD-8D6A7C4ECBF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5545-x_firmware:101.5\\(1.26\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "3AA879CD-AEDD-4A2F-9CA9-F1C9D034091F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5545-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57179F60-E330-4FF0-9664-B1E4637FF210",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5550_firmware:9.9\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "670A91E8-730B-4201-9CAA-5B0436EDDAF8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5550_firmware:101.5\\(1.26\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "6886B720-975C-48CE-900F-6F3883D55BC0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5550:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6287D95-F564-44B7-A0F9-91396D7C2C4E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5555-x_firmware:9.9\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "9C3147FE-8A2B-4147-903B-1ED59C020B70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5555-x_firmware:101.5\\(1.26\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "7CE8F42A-8F42-4DA4-864E-CD3F59727C3F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5535C936-391B-4619-AA03-B35265FC15D7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5580_firmware:9.9\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "9E83C904-A31F-4883-9967-675C1C850BA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5580_firmware:101.5\\(1.26\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "7517C43B-86AC-4653-AC0B-9FE689CF973F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1E828B8-5ECC-4A09-B2AD-DEDC558713DE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5585-x_firmware:9.9\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "B98477E0-C039-454A-A1BE-7423E0E467A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5585-x_firmware:101.5\\(1.26\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "F28286B4-95DC-4197-B868-107660CFAFBF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16AE20C2-C77E-4E04-BF13-A48696E52426",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the generic routing encapsulation (GRE) tunnel decapsulation feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a memory handling error when GRE over IPv6 traffic is processed. An attacker could exploit this vulnerability by sending crafted GRE over IPv6 packets with either IPv4 or IPv6 payload through an affected device. A successful exploit could allow the attacker to cause the device to crash, resulting in a DoS condition."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la funcionalidad de descapsulaci\u00f3n de t\u00fanel generic routing encapsulation (GRE) del Cisco Firepower Threat Defense (FTD) Software, podr\u00eda permitir a un atacante remoto no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) sobre un dispositivo afectado. La vulnerabilidad es debido a un error de manejo de la memoria cuando es procesada la GRE sobre el tr\u00e1fico IPv6. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de paquetes GRE sobre IPv6 dise\u00f1ados con carga \u00fatil de IPv4 o IPv6 a trav\u00e9s de un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir a un atacante causar que el dispositivo se bloquee, resultando en una condici\u00f3n DoS."
    }
  ],
  "id": "CVE-2020-3179",
  "lastModified": "2024-11-21T05:30:29.540",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-05-06T17:15:11.917",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-2-sS2h7aWe"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-2-sS2h7aWe"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-415"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-415"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-10-21 19:15

Modified

2024-11-26 16:09

Severity ?

8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

A vulnerability in the sftunnel functionality of Cisco Firepower Management Center (FMC) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to obtain the device registration hash. The vulnerability is due to insufficient sftunnel negotiation protection during initial device registration. An attacker in a man-in-the-middle position could exploit this vulnerability by intercepting a specific flow of the sftunnel communication between an FMC device and an FTD device. A successful exploit could allow the attacker to decrypt and modify the sftunnel communication between FMC and FTD devices, allowing the attacker to modify configuration data sent from an FMC device to an FTD device or alert data sent from an FTD device to an FMC device.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftdfmc-sft-mitm-tc8AzFs2	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftdfmc-sft-mitm-tc8AzFs2	Vendor Advisory

Impacted products

	Vendor	Product	Version
	cisco	firepower_threat_defense	*
	cisco	secure_firewall_management_center	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "493313EB-7599-454D-9C8B-7E32754F3AF5",
              "versionEndExcluding": "6.6.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "49ED2A60-CA5B-4AE7-A45B-8444353C753A",
              "versionEndExcluding": "6.6.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the sftunnel functionality of Cisco Firepower Management Center (FMC) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to obtain the device registration hash. The vulnerability is due to insufficient sftunnel negotiation protection during initial device registration. An attacker in a man-in-the-middle position could exploit this vulnerability by intercepting a specific flow of the sftunnel communication between an FMC device and an FTD device. A successful exploit could allow the attacker to decrypt and modify the sftunnel communication between FMC and FTD devices, allowing the attacker to modify configuration data sent from an FMC device to an FTD device or alert data sent from an FTD device to an FMC device."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la funcionalidad sftunnel de Cisco Firepower Management Center (FMC) Software y Cisco Firepower Threat Defense (FTD) Software, podr\u00eda permitir a un atacante remoto no autenticado obtener el hash de registro del dispositivo.\u0026#xa0;La vulnerabilidad es debido a una protecci\u00f3n de negociaci\u00f3n de sftunnel insuficiente durante el registro inicial del dispositivo.\u0026#xa0;Un atacante en una posici\u00f3n man-in-the-middle podr\u00eda explotar esta vulnerabilidad al interceptar un flujo espec\u00edfico de la comunicaci\u00f3n sftunnel entre un dispositivo FMC y un dispositivo FTD.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir a un atacante descifrar y modificar la comunicaci\u00f3n sftunnel entre los dispositivos FMC y FTD, permitiendo a un atacante modificar los datos de configuraci\u00f3n enviados desde un dispositivo FMC hacia un dispositivo FTD o los datos de alerta enviados desde un dispositivo FTD a un dispositivo FMC"
    }
  ],
  "id": "CVE-2020-3549",
  "lastModified": "2024-11-26T16:09:02.407",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.1,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 5.9,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.1,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-10-21T19:15:17.123",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftdfmc-sft-mitm-tc8AzFs2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftdfmc-sft-mitm-tc8AzFs2"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-326"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-326"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2023-06-28 15:15

Modified

2024-11-21 07:40

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

A vulnerability in the hardware-based SSL/TLS cryptography functionality of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Appliances could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to an implementation error within the cryptographic functions for SSL/TLS traffic processing when they are offloaded to the hardware. An attacker could exploit this vulnerability by sending a crafted stream of SSL/TLS traffic to an affected device. A successful exploit could allow the attacker to cause an unexpected error in the hardware-based cryptography engine, which could cause the device to reload.

References

▼	URL	Tags
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ssl-dos-uu7mV5p6	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ssl-dos-uu7mV5p6	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	7.2.1
cisco	firepower_threat_defense	7.2.2
cisco	firepower_threat_defense	7.2.3
cisco	adaptive_security_appliance_software	9.16.4
cisco	adaptive_security_appliance_software	9.18.2
cisco	adaptive_security_appliance_software	9.18.2.5
cisco	firepower_2110	-
cisco	firepower_2120	-
cisco	firepower_2130	-
cisco	firepower_2140	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F788D156-1F1F-4A08-848B-257BC4CCE000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "795ED164-7800-4D50-8E37-665BE30190D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B0664B8-1670-4F47-A01E-089D05A9618A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFD07F9B-6BB3-4423-8DBE-4E89A6478E65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "74EDFC67-E4EE-4D2C-BF9F-5881C987C662",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "826869BE-4874-4BBA-9392-14851560BA10",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "52D96810-5F79-4A83-B8CA-D015790FCF72",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FE2945-4975-4003-AE48-7E134E167A7F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2130:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCE7122A-5AA7-4ECD-B024-E27C9D0CFB7B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2140:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "976901BF-C52C-4F81-956A-711AF8A60140",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the hardware-based SSL/TLS cryptography functionality of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Appliances could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition.\r\n\r This vulnerability is due to an implementation error within the cryptographic functions for SSL/TLS traffic processing when they are offloaded to the hardware. An attacker could exploit this vulnerability by sending a crafted stream of SSL/TLS traffic to an affected device. A successful exploit could allow the attacker to cause an unexpected error in the hardware-based cryptography engine, which could cause the device to reload."
    }
  ],
  "id": "CVE-2023-20006",
  "lastModified": "2024-11-21T07:40:19.593",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-06-28T15:15:09.387",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ssl-dos-uu7mV5p6"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ssl-dos-uu7mV5p6"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-681"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-681"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-05-06 17:15

Modified

2024-11-26 16:09

Severity ?

5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Summary

Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass the configured file policies on an affected system. The vulnerability is due to errors in how the Snort detection engine handles specific HTTP responses. An attacker could exploit this vulnerability by sending crafted HTTP packets that would flow through an affected system. A successful exploit could allow the attacker to bypass the configured file policies and deliver a malicious payload to the protected network.

References

URL	Tags
psirt@cisco.com	https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html
psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort_filepolbypass-m4X5DgOP	Vendor Advisory
psirt@cisco.com	https://www.debian.org/security/2023/dsa-5354
af854a3a-2127-422b-91ae-364da2661108	https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html
af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort_filepolbypass-m4X5DgOP	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.debian.org/security/2023/dsa-5354

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	secure_firewall_management_center	2.9.14.4
cisco	secure_firewall_management_center	2.9.15
cisco	secure_firewall_management_center	2.9.16
cisco	ios	15.2\(7\)e
cisco	ios	16.11.2
cisco	ios	17.3.1
cisco	1100-4g_integrated_services_router	-
cisco	1100-6g_integrated_services_router	-
cisco	1100-lte_integrated_services_router	-
cisco	1101_integrated_services_router	-
cisco	1109_integrated_services_router	-
cisco	1111x_integrated_services_router	-
cisco	111x_integrated_services_router	-
cisco	1120_integrated_services_router	-
cisco	1160_integrated_services_router	-
cisco	4221_integrated_services_router	-
cisco	4331_integrated_services_router	-
cisco	4431_integrated_services_router	-
cisco	4461_integrated_services_router	-
cisco	csr1000v	-
cisco	isa-3000-2c2f-k9	-
cisco	isa-3000-4c-k9	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F90C934-5556-479B-873B-CC32F77B7BEC",
              "versionEndExcluding": "6.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:2.9.14.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "639305A6-4FEA-4BA5-AB9A-3B222AF45A9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:2.9.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "42493B4F-0CF2-45F0-B72D-36F0597CC274",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:2.9.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "06F2E7D8-BB95-480D-AE3E-F9B97C3A5379",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:ios:15.2\\(7\\)e:*:*:*:*:*:*:*",
              "matchCriteriaId": "41206465-375A-4368-B390-8C629251D597",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:16.11.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "76CAC6C9-6016-41B2-ADAB-0FF15E36BD43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:17.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1ECD4BE-D7E3-4A07-B354-9E6E3B942463",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:1100-4g_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F77CD6A-83DA-4F31-A128-AD6DAECD623B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1100-6g_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B68B363-3C57-4E95-8B13-0F9B59D551F7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1100-lte_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBE4E146-1D77-4F15-AE58-3C1CE5DB62C5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1101_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EB8A757-7888-4AC2-BE44-B89DB83C6C77",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1109_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B80890A8-E3D3-462C-B125-9E9BC6525B02",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1111x_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0547E196-5991-4C33-823A-342542E9DFD3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:111x_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "802CBFC1-8A2F-4BF7-A1D3-00622C33BE16",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1120_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7AFE0FC1-EEBC-42F0-88B0-4AF5B76DDD97",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1160_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D916389F-54DB-44CB-91DD-7CE3C7059350",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4221_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C8AED7C-DDA3-4C29-BB95-6518C02C551A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4331_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5419CB9F-241F-4431-914F-2659BE27BEA5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4431_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5720462A-BE6B-4E84-A1A1-01E80BBA86AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4461_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8B60888-6E2B-494E-AC65-83337661EE7D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:csr1000v:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "62081293-8355-4197-A5A8-1E434B808680",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:isa-3000-2c2f-k9:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC504D67-ABE7-4DA4-97DD-3D3EEE5D5208",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:isa-3000-4c-k9:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D7A3FA6-CAAB-4F64-8EC8-B12FE45D8E22",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass the configured file policies on an affected system. The vulnerability is due to errors in how the Snort detection engine handles specific HTTP responses. An attacker could exploit this vulnerability by sending crafted HTTP packets that would flow through an affected system. A successful exploit could allow the attacker to bypass the configured file policies and deliver a malicious payload to the protected network."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples productos de Cisco est\u00e1n afectados por una vulnerabilidad en el motor de detecci\u00f3n Snort que podr\u00eda permitir a un atacante remoto no autenticado omitir las pol\u00edticas de archivos configuradas sobre un sistema afectado. La vulnerabilidad es debido a errores en como el motor de detecci\u00f3n Snort maneja respuestas HTTP espec\u00edficas. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de paquetes HTTP dise\u00f1ados que fluir\u00edan por medio de un sistema afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir a un atacante omitir las pol\u00edticas de archivos configuradas y entregar una carga maliciosa a la red protegida."
    }
  ],
  "id": "CVE-2020-3315",
  "lastModified": "2024-11-26T16:09:02.407",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-05-06T17:15:13.823",
  "references": [
    {
      "source": "psirt@cisco.com",
      "url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort_filepolbypass-m4X5DgOP"
    },
    {
      "source": "psirt@cisco.com",
      "url": "https://www.debian.org/security/2023/dsa-5354"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort_filepolbypass-m4X5DgOP"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.debian.org/security/2023/dsa-5354"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-693"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-668"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2021-07-16 13:15

Modified

2024-11-21 05:44

Severity ?

7.7 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
7.7 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

Summary

A vulnerability in the software cryptography module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker or an unauthenticated attacker in a man-in-the-middle position to cause an unexpected reload of the device that results in a denial of service (DoS) condition. The vulnerability is due to a logic error in how the software cryptography module handles specific types of decryption errors. An attacker could exploit this vulnerability by sending malicious packets over an established IPsec connection. A successful exploit could cause the device to crash, forcing it to reload. Important: Successful exploitation of this vulnerability would not cause a compromise of any encrypted data. Note: This vulnerability affects only Cisco ASA Software Release 9.16.1 and Cisco FTD Software Release 7.0.0.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-ipsec-dos-TFKQbgWC	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-ipsec-dos-TFKQbgWC	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance_software	9.16.1
cisco	firepower_threat_defense	7.0.0.0
cisco	adaptive_security_virtual_appliance	-
cisco	firepower_2100	-
cisco	firepower_2110	-
cisco	firepower_2120	-
cisco	firepower_2130	-
cisco	firepower_2140	-
cisco	ftd_virtual	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "13F57A86-6284-4269-823E-B30C57185D14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_threat_defense:7.0.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "90C0208A-CF86-47EB-AC1E-F1BBB4D4A5B9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:adaptive_security_virtual_appliance:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E785C602-BE11-4FFC-A2A7-EC520E220C0F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D23A26EF-5B43-437C-A962-4FC69D8A0FF4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "52D96810-5F79-4A83-B8CA-D015790FCF72",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FE2945-4975-4003-AE48-7E134E167A7F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2130:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCE7122A-5AA7-4ECD-B024-E27C9D0CFB7B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2140:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "976901BF-C52C-4F81-956A-711AF8A60140",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ftd_virtual:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8E41ECE-56CB-4B41-AE96-B19EFA53EAD1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the software cryptography module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker or an unauthenticated attacker in a man-in-the-middle position to cause an unexpected reload of the device that results in a denial of service (DoS) condition. The vulnerability is due to a logic error in how the software cryptography module handles specific types of decryption errors. An attacker could exploit this vulnerability by sending malicious packets over an established IPsec connection. A successful exploit could cause the device to crash, forcing it to reload. Important: Successful exploitation of this vulnerability would not cause a compromise of any encrypted data. Note: This vulnerability affects only Cisco ASA Software Release 9.16.1 and Cisco FTD Software Release 7.0.0."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el m\u00f3dulo de criptograf\u00eda de software de Cisco Adaptive Security Appliance (ASA) Software y Cisco Firepower Threat Defense (FTD) Software, podr\u00eda permitir a un atacante remoto autenticado o a un atacante no autenticado en una posici\u00f3n de tipo man-in-the-middle causar una recarga inesperada del dispositivo que resulta en una condici\u00f3n de denegaci\u00f3n de servicio (DoS). La vulnerabilidad es debido a un error l\u00f3gico en como el m\u00f3dulo de criptograf\u00eda del software maneja tipos espec\u00edficos de errores de descifrado. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de paquetes maliciosos a trav\u00e9s de una conexi\u00f3n IPsec establecida. Una explotaci\u00f3n con \u00e9xito podr\u00eda causar el bloqueo del dispositivo, oblig\u00e1ndolo a recargarse. Importante: Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad no causar\u00eda un compromiso de ning\u00fan dato encriptado. Nota: Esta vulnerabilidad s\u00f3lo afecta la versi\u00f3n 9.16.1 del software Cisco ASA y la versi\u00f3n 7.0.0 del software Cisco FTD"
    }
  ],
  "id": "CVE-2021-1422",
  "lastModified": "2024-11-21T05:44:19.693",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 6.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.7,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.1,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.7,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.1,
        "impactScore": 4.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-07-16T13:15:08.783",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-ipsec-dos-TFKQbgWC"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-ipsec-dos-TFKQbgWC"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-617"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-617"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2018-04-19 20:29

Modified

2024-11-21 03:37

Severity ?

8.6 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Summary

A vulnerability in the internal packet-processing functionality of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Security Appliances could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service (DoS) condition. The vulnerability is due to the affected software improperly validating IP Version 4 (IPv4) and IP Version 6 (IPv6) packets after the software reassembles the packets (following IP Fragmentation). An attacker could exploit this vulnerability by sending a series of malicious, fragmented IPv4 or IPv6 packets to an affected device. A successful exploit could allow the attacker to cause Snort processes on the affected device to hang at 100% CPU utilization, which could cause the device to stop processing traffic and result in a DoS condition until the device is reloaded manually. This vulnerability affects Cisco Firepower Threat Defense (FTD) Software Releases 6.2.1 and 6.2.2, if the software is running on a Cisco Firepower 2100 Series Security Appliance. Cisco Bug IDs: CSCvf91098.

References

URL	Tags
psirt@cisco.com	http://www.securityfocus.com/bid/103931	Third Party Advisory, VDB Entry
psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-fp2100	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/103931	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-fp2100	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	6.2.1
cisco	firepower_threat_defense	6.2.2
cisco	adaptive_security_appliance_software	9.8\(2\)

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD48BE40-C647-429A-81B6-59E125BBE415",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "42496A5B-1644-4088-BBCF-2ED810A5694B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "8EA6DC7B-87E1-4331-A199-B5013F113D6E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the internal packet-processing functionality of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Security Appliances could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service (DoS) condition. The vulnerability is due to the affected software improperly validating IP Version 4 (IPv4) and IP Version 6 (IPv6) packets after the software reassembles the packets (following IP Fragmentation). An attacker could exploit this vulnerability by sending a series of malicious, fragmented IPv4 or IPv6 packets to an affected device. A successful exploit could allow the attacker to cause Snort processes on the affected device to hang at 100% CPU utilization, which could cause the device to stop processing traffic and result in a DoS condition until the device is reloaded manually. This vulnerability affects Cisco Firepower Threat Defense (FTD) Software Releases 6.2.1 and 6.2.2, if the software is running on a Cisco Firepower 2100 Series Security Appliance. Cisco Bug IDs: CSCvf91098."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la funcionalidad interna de procesamiento de paquetes de Cisco Firepower Threat Defense (FTD) Software para Cisco Firepower 2100 Series Security Appliances podr\u00e1 permitir que un atacante remoto no autenticado provoque que un dispositivo afectado deje de procesar tr\u00e1fico. Esto resulta en una denegaci\u00f3n de servicio (DoS). La vulnerabilidad se debe a que el software afectado no valida correctamente los paquetes IPv4 (IP Version 4) e IPv6 (IP Version 6) una vez el software haya reensamblado los paquetes (tras una fragmentaci\u00f3n de IP). Un atacante podr\u00eda explotar esta vulnerabilidad enviando una serie de paquetes IPv4 o IPv6 maliciosos fragmentados a un dispositivo afectado. Su explotaci\u00f3n con \u00e9xito podr\u00eda permitir que el atacante haga que los procesos Snort en el dispositivo afectado se bloqueen en un nivel de uso de la CPU del 100%. Esto provocar\u00eda que el dispositivo deje de procesar tr\u00e1fico y resulte en una condici\u00f3n de denegaci\u00f3n de servicio (DoS) hasta que el dispositivo se recargue manualmente. Esta vulnerabilidad afecta a Cisco Firepower Threat Defense (FTD) Software Releases 6.2.1 y 6.2.2, si el software se ejecuta en Cisco Firepower 2100 Series Security Appliance. Cisco Bug IDs: CSCvf91098."
    }
  ],
  "id": "CVE-2018-0230",
  "lastModified": "2024-11-21T03:37:46.897",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-04-19T20:29:00.473",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/103931"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-fp2100"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/103931"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-fp2100"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2019-01-24 16:29

Modified

2024-11-21 04:37

Severity ?

8.6 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
8.6 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Summary

A vulnerability in the data acquisition (DAQ) component of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured access control policies or cause a denial of service (DoS) condition. The vulnerability exists because the affected software improperly manages system memory resources when inspecting traffic. An attacker could exploit this vulnerability by generating specific traffic patterns for the software to inspect. A successful exploit could allow the attacker to exhaust system memory resources used for traffic inspection. Depending on the configuration, the FTD Software could fail open and cease to inspect traffic or fail closed and result in a DoS condition. This vulnerability may require manual intervention to restore the software.

References

URL	Tags
psirt@cisco.com	http://www.securityfocus.com/bid/106721	Third Party Advisory
psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-firepowertds-bypass	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/106721	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-firepowertds-bypass	Vendor Advisory

Impacted products

	Vendor	Product	Version
	cisco	firepower_threat_defense	6.3.0
	cisco	firepower_threat_defense	6.4.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3ED58B0E-FCC7-48E3-A5C0-6CC54A38BAE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2DF0B07-8C2A-4341-8AFF-DE7E5E5B3A43",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the data acquisition (DAQ) component of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured access control policies or cause a denial of service (DoS) condition. The vulnerability exists because the affected software improperly manages system memory resources when inspecting traffic. An attacker could exploit this vulnerability by generating specific traffic patterns for the software to inspect. A successful exploit could allow the attacker to exhaust system memory resources used for traffic inspection. Depending on the configuration, the FTD Software could fail open and cease to inspect traffic or fail closed and result in a DoS condition. This vulnerability may require manual intervention to restore the software."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el componente de adquisici\u00f3n de datos (DAQ) de Cisco Firepower Threat Defense (FTD) Software podr\u00eda permitir a un atacante remoto no autenticado omitir las pol\u00edticas de control de acceso configuradas o provocar una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Esta vulnerabilidad existe porque el software afectado gestiona incorrectamente los recursos de la memoria del sistema al inspeccionar tr\u00e1fico. Un atacante podr\u00eda explotar esta vulnerabilidad generando patrones de tr\u00e1fico espec\u00edficos para que el software los inspeccione. Su explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante agotar los recursos de la memoria del sistema que se utilizan para inspecciones de tr\u00e1fico. Dependiendo de la configuraci\u00f3n, el software FTD podr\u00eda \"fail open\" y dejar de inspeccionar tr\u00e1fico o \"fail closed\" y resultar en una condici\u00f3n DoS. Esta vulnerabilidad podr\u00eda requerir intervenci\u00f3n manual para recuperar el software."
    }
  ],
  "id": "CVE-2019-1669",
  "lastModified": "2024-11-21T04:37:03.550",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-01-24T16:29:00.597",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/106721"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-firepowertds-bypass"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/106721"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-firepowertds-bypass"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-693"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-693"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2024-05-22 17:16

Modified

2025-07-03 17:19

Severity ?

5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

Summary

Multiple Cisco products are affected by a vulnerability in the Snort Intrusion Prevention System (IPS) rule engine that could allow an unauthenticated, remote attacker to bypass the configured rules on an affected system. This vulnerability is due to incorrect HTTP packet handling. An attacker could exploit this vulnerability by sending crafted HTTP packets through an affected device. A successful exploit could allow the attacker to bypass configured IPS rules and allow uninspected traffic onto the network.

References

▼	URL	Tags
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort3-ips-bypass-uE69KBMd	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort3-ips-bypass-uE69KBMd	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	7.4.0
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	17.6.4
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	17.6.5
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	17.12.1a
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	17.12.2
cisco	snort	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3E08AAC-9C5E-4D18-817C-C466D1D6C4DE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "90DCBE28-910B-418E-AD93-EA0BB69913D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "EED24474-335B-4595-A4B1-A2F1E9590AFC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.12.1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FC4D3D8-4391-4ED6-B27B-EF47C96904CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.12.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "60AE1B18-3CEB-45B3-A43D-3C6DCC1F20F3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:snort:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F36998E8-E48F-4EE5-84C0-31DE3956F313",
              "versionEndExcluding": "3.1.69.0",
              "versionStartIncluding": "3.0.0-233",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple Cisco products are affected by a vulnerability in the Snort Intrusion Prevention System (IPS) rule engine that could allow an unauthenticated, remote attacker to bypass the configured rules on an affected system. This vulnerability is due to incorrect HTTP packet handling. An attacker could exploit this vulnerability by sending crafted HTTP packets through an affected device. A successful exploit could allow the attacker to bypass configured IPS rules and allow uninspected traffic onto the network."
    },
    {
      "lang": "es",
      "value": "Varios productos de Cisco se ven afectados por una vulnerabilidad en el motor de reglas del Snort Intrusion Prevention System (IPS) que podr\u00eda permitir a un atacante remoto no autenticado eludir las reglas configuradas en un sistema afectado. Esta vulnerabilidad se debe a un manejo incorrecto de paquetes HTTP. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando paquetes HTTP manipulados a trav\u00e9s de un dispositivo afectado. Un exploit exitoso podr\u00eda permitir al atacante eludir las reglas IPS configuradas y permitir el ingreso de tr\u00e1fico no inspeccionado a la red."
    }
  ],
  "id": "CVE-2024-20363",
  "lastModified": "2025-07-03T17:19:51.450",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-05-22T17:16:13.950",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort3-ips-bypass-uE69KBMd"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort3-ips-bypass-uE69KBMd"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-290"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-290"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2018-04-19 20:29

Modified

2024-11-21 03:37

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Summary

A vulnerability in the ingress flow creation functionality of Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause the CPU to increase upwards of 100% utilization, causing a denial of service (DoS) condition on an affected system. The vulnerability is due to incorrect handling of an internal software lock that could prevent other system processes from getting CPU cycles, causing a high CPU condition. An attacker could exploit this vulnerability by sending a steady stream of malicious IP packets that can cause connections to be created on the targeted device. A successful exploit could allow the attacker to exhaust CPU resources, resulting in a DoS condition during which traffic through the device could be delayed. This vulnerability applies to either IPv4 or IPv6 ingress traffic. This vulnerability affects Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) Software that is running on the following Cisco products: 3000 Series Industrial Security Appliances (ISA), ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliances (ASAv), Firepower 2100 Series Security Appliances, Firepower 4110 Security Appliances, Firepower 9300 ASA Security Modules. Cisco Bug IDs: CSCvf63718.

References

URL	Tags
psirt@cisco.com	http://www.securityfocus.com/bid/104220	Third Party Advisory, VDB Entry
psirt@cisco.com	http://www.securitytracker.com/id/1040724	Third Party Advisory, VDB Entry
psirt@cisco.com	https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01	Third Party Advisory, US Government Resource
psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa2	Mitigation, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/104220	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1040724	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01	Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa2	Mitigation, Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	98.1\(12.187\)
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B01C9189-891E-4C37-ABF1-D6929332E6B3",
              "versionEndExcluding": "9.1.7.20",
              "versionStartIncluding": "9.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6AAFBA62-0F1B-4320-8867-5507F9F7E385",
              "versionEndExcluding": "9.4.4.13",
              "versionStartIncluding": "9.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8C5EDCE-BD69-4022-94AA-44370FC338BC",
              "versionEndExcluding": "9.6.3.17",
              "versionStartIncluding": "9.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E2E890F-A79A-4D0A-A431-3D30C31F324F",
              "versionEndExcluding": "9.7.1.16",
              "versionStartIncluding": "9.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B864E72-DF68-4245-8A0D-56EDF33CA400",
              "versionEndExcluding": "9.8.2.14",
              "versionStartIncluding": "9.8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E278B6BC-D5C3-400A-A554-9E922701E1A3",
              "versionEndExcluding": "9.2.4.27",
              "versionStartIncluding": "9.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B07A4CC-7827-4894-9C43-78E138E1FAC5",
              "versionEndExcluding": "9.9.1",
              "versionStartIncluding": "9.9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:98.1\\(12.187\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "1422EDDD-3B9A-435F-BE39-BEE47B0D4D13",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "21752F70-F117-4BEE-AF64-3A0A7999E9EC",
              "versionEndExcluding": "6.1.0.6",
              "versionStartIncluding": "6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC8A9EB8-D0BF-453B-BB21-5EE5D8E29728",
              "versionEndExcluding": "6.2.0.5",
              "versionStartIncluding": "6.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F78E5B29-1033-4151-A1C2-063D590C0B34",
              "versionEndExcluding": "6.2.2.2",
              "versionStartIncluding": "6.2.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the ingress flow creation functionality of Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause the CPU to increase upwards of 100% utilization, causing a denial of service (DoS) condition on an affected system. The vulnerability is due to incorrect handling of an internal software lock that could prevent other system processes from getting CPU cycles, causing a high CPU condition. An attacker could exploit this vulnerability by sending a steady stream of malicious IP packets that can cause connections to be created on the targeted device. A successful exploit could allow the attacker to exhaust CPU resources, resulting in a DoS condition during which traffic through the device could be delayed. This vulnerability applies to either IPv4 or IPv6 ingress traffic. This vulnerability affects Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) Software that is running on the following Cisco products: 3000 Series Industrial Security Appliances (ISA), ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliances (ASAv), Firepower 2100 Series Security Appliances, Firepower 4110 Security Appliances, Firepower 9300 ASA Security Modules. Cisco Bug IDs: CSCvf63718."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la funcionalidad de creaci\u00f3n de flujo de entrada de Cisco Adaptive Security Appliance (ASA) podr\u00eda permitir que un atacante remoto no autenticado provoque que la CPU aumente su uso por encima del 100%, provocando una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un sistema afectado. La vulnerabilidad se debe a la manipulaci\u00f3n incorrecta de un bloqueo de software interno que podr\u00eda evitar que otros procesos del sistema obtengan ciclos de CPU, provocando una condici\u00f3n de CPU alta. Un atacante podr\u00eda explotar esta vulnerabilidad enviando un flujo constante de paquetes de IP maliciosos que podr\u00edan provocar que se creen conexiones en el dispositivo objetivo. Si se explota esta vulnerabilidad con \u00e9xito, el atacante podr\u00eda agota los recursos de la CPU, lo que resultar\u00eda en una condici\u00f3n de denegaci\u00f3n de servicio (DoS) durante la cual el tr\u00e1fico del dispositivo podr\u00eda retrasarse. Esta vulnerabilidad aplica al tr\u00e1fico de entrada IPv4 o IPv6. Esta vulnerabilidad afecta a las versiones de Cisco Adaptive Security Appliance (ASA) y Firepower Threat Defense (FTD) Software que se ejecutan en los siguientes productos de Cisco: 3000 Series Industrial Security Appliances (ISA), ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliances (ASAv), Firepower 2100 Series Security Appliances, Firepower 4110 Security Appliances y Firepower 9300 ASA Security Modules. Cisco Bug IDs: CSCvf63718."
    }
  ],
  "id": "CVE-2018-0228",
  "lastModified": "2024-11-21T03:37:46.627",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-04-19T20:29:00.363",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/104220"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1040724"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/104220"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1040724"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa2"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-667"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2024-10-23 18:15

Modified

2025-08-05 14:53

Severity ?

5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

Summary

A vulnerability in the interaction between the TCP Intercept feature and the Snort 3 detection engine on Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured policies on an affected system. Devices that are configured with Snort 2 are not affected by this vulnerability. This vulnerability is due to a logic error when handling embryonic (half-open) TCP connections. An attacker could exploit this vulnerability by sending a crafted traffic pattern through an affected device. A successful exploit could allow unintended traffic to enter the network protected by the affected device.

References

▼	URL	Tags
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-bypass-PTry37fX	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	6.2.3
cisco	firepower_threat_defense	6.2.3.1
cisco	firepower_threat_defense	6.2.3.2
cisco	firepower_threat_defense	6.2.3.3
cisco	firepower_threat_defense	6.2.3.4
cisco	firepower_threat_defense	6.2.3.5
cisco	firepower_threat_defense	6.2.3.6
cisco	firepower_threat_defense	6.2.3.7
cisco	firepower_threat_defense	6.2.3.8
cisco	firepower_threat_defense	6.2.3.9
cisco	firepower_threat_defense	6.2.3.10
cisco	firepower_threat_defense	6.2.3.11
cisco	firepower_threat_defense	6.2.3.12
cisco	firepower_threat_defense	6.2.3.13
cisco	firepower_threat_defense	6.2.3.14
cisco	firepower_threat_defense	6.2.3.15
cisco	firepower_threat_defense	6.2.3.16
cisco	firepower_threat_defense	6.2.3.17
cisco	firepower_threat_defense	6.2.3.18
cisco	firepower_threat_defense	6.4.0
cisco	firepower_threat_defense	6.4.0.1
cisco	firepower_threat_defense	6.4.0.2
cisco	firepower_threat_defense	6.4.0.3
cisco	firepower_threat_defense	6.4.0.4
cisco	firepower_threat_defense	6.4.0.5
cisco	firepower_threat_defense	6.4.0.6
cisco	firepower_threat_defense	6.4.0.7
cisco	firepower_threat_defense	6.4.0.8
cisco	firepower_threat_defense	6.4.0.9
cisco	firepower_threat_defense	6.4.0.10
cisco	firepower_threat_defense	6.4.0.11
cisco	firepower_threat_defense	6.4.0.12
cisco	firepower_threat_defense	6.4.0.13
cisco	firepower_threat_defense	6.4.0.14
cisco	firepower_threat_defense	6.4.0.15
cisco	firepower_threat_defense	6.4.0.16
cisco	firepower_threat_defense	6.4.0.17
cisco	firepower_threat_defense	6.4.0.18
cisco	firepower_threat_defense	6.6.0
cisco	firepower_threat_defense	6.6.0.1
cisco	firepower_threat_defense	6.6.1
cisco	firepower_threat_defense	6.6.3
cisco	firepower_threat_defense	6.6.4
cisco	firepower_threat_defense	6.6.5
cisco	firepower_threat_defense	6.6.5.1
cisco	firepower_threat_defense	6.6.5.2
cisco	firepower_threat_defense	6.6.7
cisco	firepower_threat_defense	6.6.7.1
cisco	firepower_threat_defense	6.6.7.2
cisco	firepower_threat_defense	6.7.0
cisco	firepower_threat_defense	6.7.0.1
cisco	firepower_threat_defense	6.7.0.2
cisco	firepower_threat_defense	6.7.0.3
cisco	firepower_threat_defense	7.0.0
cisco	firepower_threat_defense	7.0.0.1
cisco	firepower_threat_defense	7.0.1
cisco	firepower_threat_defense	7.0.1.1
cisco	firepower_threat_defense	7.0.2
cisco	firepower_threat_defense	7.0.2.1
cisco	firepower_threat_defense	7.0.3
cisco	firepower_threat_defense	7.0.4
cisco	firepower_threat_defense	7.0.5
cisco	firepower_threat_defense	7.0.6
cisco	firepower_threat_defense	7.0.6.1
cisco	firepower_threat_defense	7.0.6.2
cisco	firepower_threat_defense	7.1.0
cisco	firepower_threat_defense	7.1.0.1
cisco	firepower_threat_defense	7.1.0.2
cisco	firepower_threat_defense	7.1.0.3
cisco	firepower_threat_defense	7.2.0
cisco	firepower_threat_defense	7.2.0.1
cisco	firepower_threat_defense	7.2.1
cisco	firepower_threat_defense	7.2.2
cisco	firepower_threat_defense	7.2.3
cisco	firepower_threat_defense	7.2.4
cisco	firepower_threat_defense	7.2.4.1
cisco	firepower_threat_defense	7.2.5
cisco	firepower_threat_defense	7.2.5.1
cisco	firepower_threat_defense	7.2.5.2
cisco	firepower_threat_defense	7.2.6
cisco	firepower_threat_defense	7.2.7
cisco	firepower_threat_defense	7.2.8
cisco	firepower_threat_defense	7.2.8.1
cisco	firepower_threat_defense	7.3.0
cisco	firepower_threat_defense	7.3.1
cisco	firepower_threat_defense	7.3.1.1
cisco	firepower_threat_defense	7.3.1.2
cisco	firepower_threat_defense	7.4.0
cisco	firepower_threat_defense	7.4.1
cisco	firepower_threat_defense	7.4.1.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D726F07-06F1-4B0A-B010-E607E0C2A280",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FAD2427-82A3-4E64-ADB5-FA4F40B568F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "08D5A647-AC21-40AC-8B3C-EE5D3EDA038A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BAE999A-5244-46CF-8C12-D68E789BDEE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6468D3D-C5A7-4FAE-B4B9-AD862CD11055",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6E4808D-592E-46A6-A83A-A46227D817B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AB45136-ACCD-4230-8975-0EBB30D5B375",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2C39AC1-1B96-4253-9FC8-4CC26D6261F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE9102C8-F211-4E50-967F-FD51C7FC904F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4933642-89E5-4909-AD3C-862CD3B77790",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9A6C776-79B3-47ED-B013-100B8F08E1C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "E504F28A-44CE-4B3E-9330-6A98728E3AEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEA0DD43-D206-4C1C-8B17-DA47F96B3BAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "1983172D-4F52-479F-BF14-A84B92D36864",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "4122D982-A57A-4249-A8DC-CE9FC6C98803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "96464380-F665-4266-B0AD-693E078C9F82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C230B8A-570D-4F58-83E1-AFA50B813EA4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD3F39CB-C4C2-4B13-94F0-9E44322314BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "59A71873-0EB2-418F-AE33-8474A1010FA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2DF0B07-8C2A-4341-8AFF-DE7E5E5B3A43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E6BD0EE-649E-4ED6-A09C-8364335DEF52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AE11554-FE3C-4C8B-8986-5D88E4967342",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1C11983-22A8-4859-A240-571A7815FF54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "24CD0B0A-2B91-45DD-9522-8D1D3850CC9B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7026F0E-72A7-4CDF-BADC-E34FE6FADC51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "63B85369-FBAE-456C-BC99-5418B043688A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "86434346-D5F0-49BA-803E-244C3266E361",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2FA7B3C-002D-4755-B323-CA24B770A5B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1CB7EBC-F3D5-4855-A8D8-BA5AB21FD719",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2A5530C-DF29-421B-9712-3454C1769446",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "41170977-FEEA-4B51-BF98-8493096CD691",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "B05791F9-0B31-4C4C-A9BA-9268CAA45FB2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D975CBA-7F01-4A4C-991B-9571410C4F07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6D7AF29-4E08-4BFD-AFE0-994309E66F08",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2EFA476-5021-4A00-859E-1643009D6156",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6E3A5DC-A237-46E4-A4E5-F135482F984A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "B166867E-E51B-46E3-A6E2-B10E67364058",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "1CE51492-8C9B-459E-9F80-64F426009905",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCD69468-8067-4A5D-B2B0-EC510D889AA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "20AE4051-FA3B-4F0B-BD3D-083A14269FF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "46A42D07-FF3E-41B4-BA39-3A5BDA4E0E61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3985EA37-2B77-45F2-ABA5-5CCC7B35CA2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "67FB5ABE-3C40-4C58-B91F-0621C2180FAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "53909FD6-EC74-4D2F-99DA-26E70400B53F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "55FE024D-0D43-40AD-9645-8C54ECF17824",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC411A8D-CD39-46F5-B8FC-6753E618FAEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "D46E2E00-BA86-4002-B67B-2C1A6C1AAAE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "91AD8BA2-EB8D-4D8B-B707-AF5C2A831998",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FA95508-0A28-4D4A-81A7-5CDD1F5DA46C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "85F22403-B4EE-4303-9C94-915D3E0AC944",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "828E3DE1-B62E-4FEC-AAD3-EB0E452C9CBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "596EC5DD-D7F4-44C8-B4B5-E2DC142FC486",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C356E0E6-5B87-40CF-996E-6FFEDFD82A31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBCA75A6-0A3E-4393-8884-9F3CE190641E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F3C12D3-7662-46C5-9E88-D1BE6CF605E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "046B53A0-6BC1-461A-9C28-C534CE12C4BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA889E1-4E8F-4ECE-88AC-7A240D5CBF0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D1C767F-3E06-43B7-A0CC-D51D97A053EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "43A950B0-A7CA-4CE7-A393-A18C8C41B08E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7E221CB-BD0F-4AEE-8646-998B75647714",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "225382DE-2919-48F4-9CC0-DE685EAAFDF4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBA2DFE7-F478-46EC-9832-4B2C738FC879",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "39FE5927-2421-4CBE-97EA-6AED892DA1C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8BF2227-3C50-4FD1-98DB-21196E75D1DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5460064F-FF50-4F54-A8DF-180C76AF9B8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D619BF54-1BA9-45D0-A876-92D7010088A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "469EA365-DED5-4436-AAC2-5553529DE700",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D94F400-5A35-41F5-B37F-E9DA6F87ED8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5364CB94-BEA3-4E9A-A2F9-EE96A2D7F8AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FD5D12-CF1A-4990-99B3-1840EFBA5611",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCD2D11D-FF08-44E4-BF67-D8DD1E701FCD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F788D156-1F1F-4A08-848B-257BC4CCE000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "795ED164-7800-4D50-8E37-665BE30190D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B0664B8-1670-4F47-A01E-089D05A9618A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6826018-5620-4924-BE92-6A245378F610",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A49A07CF-12BA-481C-B5FF-754520080A8A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "F203C7D1-AA92-4367-B7A5-EBAE6B76EE6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0064C97F-1140-43AC-8229-C8CCC367DC4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9296D33-D59A-463D-9722-9D4C3F720E7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9F66CCA-0982-4107-BC5B-79D727479343",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "77B80698-1E76-4B13-AB83-A03FF8C785FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "7106C567-726C-4399-ABE0-4A26B9572D40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D5EEF62-DFD3-4E08-8959-2BCD4B1308CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBC0C3DC-4761-488A-90A9-6EA45EE61526",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "62EE065B-F8B6-4125-8486-B2EE0566B27A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5245DEF8-64BE-47C9-AA3C-DF3F7F92A89F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5A52991-802D-46FB-A508-5616BA1CEB78",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3E08AAC-9C5E-4D18-817C-C466D1D6C4DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "724A3B6F-DDAB-4A2F-8430-9E1F352D755F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.4.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDBF14DD-0654-47F3-A698-020397A1EAA3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the interaction between the TCP Intercept feature and the Snort 3 detection engine on Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured policies on an affected system. Devices that are configured with Snort 2 are not affected by this vulnerability. \r\n\r This vulnerability is due to a logic error when handling embryonic (half-open) TCP connections. An attacker could exploit this vulnerability by sending a crafted traffic pattern through an affected device. A successful exploit could allow unintended traffic to enter the network protected by the affected device."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la interacci\u00f3n entre la funci\u00f3n TCP Intercept y el motor de detecci\u00f3n Snort 3 en el software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir que un atacante remoto no autenticado eluda las pol\u00edticas configuradas en un sistema afectado. Los dispositivos que est\u00e1n configurados con Snort 2 no se ven afectados por esta vulnerabilidad. Esta vulnerabilidad se debe a un error l\u00f3gico al manejar conexiones TCP embrionarias (semiabiertas). Un atacante podr\u00eda explotar esta vulnerabilidad enviando un patr\u00f3n de tr\u00e1fico manipulado a trav\u00e9s de un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el tr\u00e1fico no deseado ingrese a la red protegida por el dispositivo afectado."
    }
  ],
  "id": "CVE-2024-20407",
  "lastModified": "2025-08-05T14:53:15.063",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-10-23T18:15:08.413",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-bypass-PTry37fX"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2023-11-01 17:15

Modified

2024-11-21 07:41

Severity ?

5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

Summary

A vulnerability in the interaction between the Server Message Block (SMB) protocol preprocessor and the Snort 3 detection engine for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the configured policies or cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper error-checking when the Snort 3 detection engine is processing SMB traffic. An attacker could exploit this vulnerability by sending a crafted SMB packet stream through an affected device. A successful exploit could allow the attacker to cause the Snort process to reload, resulting in a DoS condition.

References

▼	URL	Tags
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-smbsnort3-dos-pfOjOYUV	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-smbsnort3-dos-pfOjOYUV	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	7.1.0
cisco	firepower_threat_defense	7.1.0.1
cisco	firepower_threat_defense	7.1.0.2
cisco	firepower_threat_defense	7.1.0.3
cisco	firepower_threat_defense	7.2.0
cisco	firepower_threat_defense	7.2.0.1
cisco	firepower_threat_defense	7.2.1
cisco	firepower_threat_defense	7.2.2
cisco	firepower_threat_defense	7.2.3
cisco	firepower_threat_defense	7.3.0
cisco	firepower_threat_defense	7.3.1
cisco	firepower_threat_defense	7.3.1.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D619BF54-1BA9-45D0-A876-92D7010088A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "469EA365-DED5-4436-AAC2-5553529DE700",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D94F400-5A35-41F5-B37F-E9DA6F87ED8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5364CB94-BEA3-4E9A-A2F9-EE96A2D7F8AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FD5D12-CF1A-4990-99B3-1840EFBA5611",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCD2D11D-FF08-44E4-BF67-D8DD1E701FCD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F788D156-1F1F-4A08-848B-257BC4CCE000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "795ED164-7800-4D50-8E37-665BE30190D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B0664B8-1670-4F47-A01E-089D05A9618A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBC0C3DC-4761-488A-90A9-6EA45EE61526",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "62EE065B-F8B6-4125-8486-B2EE0566B27A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5245DEF8-64BE-47C9-AA3C-DF3F7F92A89F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the interaction between the Server Message Block (SMB) protocol preprocessor and the Snort 3 detection engine for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the configured policies or cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper error-checking when the Snort 3 detection engine is processing SMB traffic. An attacker could exploit this vulnerability by sending a crafted SMB packet stream through an affected device. A successful exploit could allow the attacker to cause the Snort process to reload, resulting in a DoS condition."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la interacci\u00f3n entre el preprocesador del protocolo Server Message Block (SMB) y el motor de detecci\u00f3n Snort 3 para el software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir que un atacante remoto no autenticado omita las pol\u00edticas configuradas o provoque una Denegaci\u00f3n de Servicio (DoS) condici\u00f3n en un dispositivo afectado. Esta vulnerabilidad se debe a una verificaci\u00f3n de errores incorrecta cuando el motor de detecci\u00f3n de Snort 3 procesa el tr\u00e1fico SMB. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando un flujo de paquetes SMB manipulado a trav\u00e9s de un dispositivo afectado. Un exploit exitoso podr\u00eda permitir al atacante hacer que el proceso Snort se recargue, lo que resultar\u00eda en una condici\u00f3n DoS."
    }
  ],
  "id": "CVE-2023-20270",
  "lastModified": "2024-11-21T07:41:02.670",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 5.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 5.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-11-01T17:15:11.783",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-smbsnort3-dos-pfOjOYUV"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-smbsnort3-dos-pfOjOYUV"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2022-11-15 21:15

Modified

2024-11-26 16:09

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

A vulnerability in the processing of SSH connections of Cisco Firepower Management Center (FMC) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper error handling when an SSH session fails to be established. An attacker could exploit this vulnerability by sending a high rate of crafted SSH connections to the instance. A successful exploit could allow the attacker to cause resource exhaustion, resulting in a reboot on the affected device.

References

▼	URL	Tags
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-dos-OwEunWJN
	af854a3a-2127-422b-91ae-364da2661108	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-dos-OwEunWJN

Impacted products

Vendor	Product	Version
cisco	secure_firewall_management_center	*
cisco	secure_firewall_management_center	*
cisco	secure_firewall_management_center	*
cisco	secure_firewall_management_center	*
cisco	secure_firewall_management_center	*
cisco	secure_firewall_management_center	*
cisco	secure_firewall_management_center	*
cisco	secure_firewall_management_center	*
cisco	secure_firewall_management_center	6.2.1
cisco	secure_firewall_management_center	6.6.0
cisco	secure_firewall_management_center	6.6.0.1
cisco	secure_firewall_management_center	6.6.1
cisco	secure_firewall_management_center	6.6.3
cisco	secure_firewall_management_center	6.6.4
cisco	secure_firewall_management_center	6.6.5
cisco	secure_firewall_management_center	6.6.5.1
cisco	secure_firewall_management_center	6.6.5.2
cisco	secure_firewall_management_center	7.0.0
cisco	secure_firewall_management_center	7.0.0.1
cisco	secure_firewall_management_center	7.0.1
cisco	secure_firewall_management_center	7.0.1.1
cisco	secure_firewall_management_center	7.0.2
cisco	secure_firewall_management_center	7.0.2.1
cisco	secure_firewall_management_center	7.0.3
cisco	secure_firewall_management_center	7.0.4
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	6.2.1
cisco	firepower_threat_defense	6.6.0
cisco	firepower_threat_defense	6.6.0.1
cisco	firepower_threat_defense	6.6.1
cisco	firepower_threat_defense	6.6.3
cisco	firepower_threat_defense	6.6.4
cisco	firepower_threat_defense	6.6.5
cisco	firepower_threat_defense	6.6.5.1
cisco	firepower_threat_defense	6.6.5.2
cisco	firepower_threat_defense	7.0.0
cisco	firepower_threat_defense	7.0.0.1
cisco	firepower_threat_defense	7.0.1
cisco	firepower_threat_defense	7.0.1.1
cisco	firepower_threat_defense	7.0.2
cisco	firepower_threat_defense	7.0.2.1
cisco	firepower_threat_defense	7.0.3
cisco	firepower_threat_defense	7.0.4

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2763D059-E717-43B8-8108-8025CDDF73EB",
              "versionEndIncluding": "6.1.0.7",
              "versionStartIncluding": "6.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A2861D3-2CAE-448E-8A0B-822F4E730971",
              "versionEndIncluding": "6.2.0.6",
              "versionStartIncluding": "6.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FDB7B36E-7DA5-4690-9D21-6BFD8025766C",
              "versionEndIncluding": "6.2.2.5",
              "versionStartIncluding": "6.2.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B2802CF-8A7F-4FC6-A406-F1F26C932F3C",
              "versionEndIncluding": "6.2.3.18",
              "versionStartIncluding": "6.2.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "129717CC-A91F-4F05-8096-E9CABDFE6F6F",
              "versionEndIncluding": "6.3.0.5",
              "versionStartIncluding": "6.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "25585CDD-8917-43DD-8FE4-01CF9C7AADCA",
              "versionEndIncluding": "6.4.0.15",
              "versionStartIncluding": "6.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2586C31E-6CAC-433C-90B0-6233CA28D041",
              "versionEndIncluding": "6.5.0.5",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C8ECB61-27AB-49B9-8201-AD36C3E924B0",
              "versionEndIncluding": "6.7.0.3",
              "versionStartIncluding": "6.7.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A4A52EA-D464-4855-ABEC-FD98E0F3BD97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "81F9AF68-70BD-46DE-B7F2-97C9BD5182A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1D808CD-B030-4334-A286-9B3A1D35C61D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0DFE9115-3E32-4A55-AB5A-83513322FE97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "09BD6616-B2B9-49B1-AD20-9B13D93C8F2C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "35A9634E-FCF4-4C67-A463-6BA5F63DD2A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D8CF5AA-7B41-4E98-8E7E-A399AAA510B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.6.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8452BA9A-F56C-48E0-BDBA-9095AF78F521",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2CE3B06-353C-4623-9EF4-78814DCB0D7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFA94312-376E-4785-888F-3C07612E1DF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "29E73FBF-2579-4660-AFFA-7F9607004226",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "87FAAFFB-0589-441B-8289-8B8A6E18F705",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "73B92119-793D-4A43-A056-24DB6826E759",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "093A0BC2-037C-463F-AFC5-EF11C2954EAD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.0.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4F434FC-CAA4-4DBB-8094-C4ECC28B31E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "68C70BB3-33B3-4E7E-99D5-FF76D4ED96AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "B881B8DF-A96D-4B64-B98A-71F0D3388641",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "64116F5B-671C-46DB-A78D-AB14AAF946FD",
              "versionEndIncluding": "6.1.0.7",
              "versionStartIncluding": "6.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD237542-FED6-4013-AD9F-18891954FE05",
              "versionEndIncluding": "6.2.0.6",
              "versionStartIncluding": "6.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F74A25A-601D-470D-BA43-EA68ADD266C6",
              "versionEndIncluding": "6.2.2.5",
              "versionStartIncluding": "6.2.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D58D7217-F6F5-4B58-B59C-E5C8781C87A9",
              "versionEndIncluding": "6.2.3.18",
              "versionStartIncluding": "6.2.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDE0C110-518D-4E51-BCEB-F4E9FC448278",
              "versionEndIncluding": "6.3.0.5",
              "versionStartIncluding": "6.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "874E0E13-4A9E-4296-BEE6-F5B1077411A0",
              "versionEndIncluding": "6.4.0.15",
              "versionStartIncluding": "6.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "171E1C5D-68C5-4BBC-AE18-D1518A1B7277",
              "versionEndIncluding": "6.5.0.5",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1110632C-526F-4025-A7BE-0CF9F37E5F9E",
              "versionEndIncluding": "6.7.0.3",
              "versionStartIncluding": "6.7.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD48BE40-C647-429A-81B6-59E125BBE415",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCD69468-8067-4A5D-B2B0-EC510D889AA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "20AE4051-FA3B-4F0B-BD3D-083A14269FF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "46A42D07-FF3E-41B4-BA39-3A5BDA4E0E61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3985EA37-2B77-45F2-ABA5-5CCC7B35CA2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "67FB5ABE-3C40-4C58-B91F-0621C2180FAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "53909FD6-EC74-4D2F-99DA-26E70400B53F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "55FE024D-0D43-40AD-9645-8C54ECF17824",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC411A8D-CD39-46F5-B8FC-6753E618FAEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBCA75A6-0A3E-4393-8884-9F3CE190641E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F3C12D3-7662-46C5-9E88-D1BE6CF605E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "046B53A0-6BC1-461A-9C28-C534CE12C4BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA889E1-4E8F-4ECE-88AC-7A240D5CBF0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D1C767F-3E06-43B7-A0CC-D51D97A053EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "43A950B0-A7CA-4CE7-A393-A18C8C41B08E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7E221CB-BD0F-4AEE-8646-998B75647714",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "225382DE-2919-48F4-9CC0-DE685EAAFDF4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the processing of SSH connections of Cisco Firepower Management Center (FMC) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\r\n\r This vulnerability is due to improper error handling when an SSH session fails to be established. An attacker could exploit this vulnerability by sending a high rate of crafted SSH connections to the instance. A successful exploit could allow the attacker to cause resource exhaustion, resulting in a reboot on the affected device."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el procesamiento de conexiones SSH de Cisco Firepower Management Center (FMC) y el software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir que un atacante remoto no autenticado cause una condici\u00f3n de Denegaci\u00f3n de Servicio (DoS) en un dispositivo afectado. Esta vulnerabilidad se debe a un manejo inadecuado de errores cuando no se puede establecer una sesi\u00f3n SSH. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una alta tasa de conexiones SSH manipuladas a la instancia. Un exploit exitoso podr\u00eda permitir que el atacante provoque el agotamiento de los recursos, lo que provocar\u00eda un reinicio en el dispositivo afectado."
    }
  ],
  "id": "CVE-2022-20854",
  "lastModified": "2024-11-26T16:09:02.407",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-11-15T21:15:27.867",
  "references": [
    {
      "source": "psirt@cisco.com",
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-dos-OwEunWJN"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-dos-OwEunWJN"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-755"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2022-11-15 21:15

Modified

2024-11-21 06:43

Severity ?

6.4 (Medium) - CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

A vulnerability in the secure boot implementation of Cisco Secure Firewalls 3100 Series that are running Cisco Adaptive Security Appliance (ASA) Software or Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated attacker with physical access to the device to bypass the secure boot functionality. This vulnerability is due to a logic error in the boot process. An attacker could exploit this vulnerability by injecting malicious code into a specific memory location during the boot process of an affected device. A successful exploit could allow the attacker to execute persistent code at boot time and break the chain of trust.

References

▼	URL	Tags
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fw3100-secure-boot-5M8mUh26
	af854a3a-2127-422b-91ae-364da2661108	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fw3100-secure-boot-5M8mUh26

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance_software	9.17.1
cisco	adaptive_security_appliance_software	9.17.1.9
cisco	adaptive_security_appliance_software	9.17.1.10
cisco	adaptive_security_appliance_software	9.17.1.13
cisco	adaptive_security_appliance_software	9.18.1
cisco	adaptive_security_appliance_software	9.18.1.3
cisco	secure_firewall_3105	-
cisco	secure_firewall_3110	-
cisco	secure_firewall_3120	-
cisco	secure_firewall_3130	-
cisco	secure_firewall_3140	-
cisco	firepower_threat_defense	7.1.0.0
cisco	firepower_threat_defense	7.2.0.0
cisco	firepower_threat_defense	7.2.0.1
cisco	secure_firewall_3105	-
cisco	secure_firewall_3110	-
cisco	secure_firewall_3120	-
cisco	secure_firewall_3130	-
cisco	secure_firewall_3140	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "27ACBA2A-87A7-4836-A474-AFD7D22F820D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "59306ADF-FAA6-4970-ADFB-C5D9A5AEF1AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "959107AC-E9EC-467C-901B-A3164E3762E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F39C535-5A41-47CE-A9CF-B360998D4BF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BA16A6D-2747-4DAC-A30A-166F1FD906FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "289F9874-FC01-4809-9BDA-1AF583FB60B2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:secure_firewall_3105:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5D9FDF8-13BF-425F-9802-1A334065D7C0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:secure_firewall_3110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "87403E0F-659C-4C5B-863D-0274D2828A9A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:secure_firewall_3120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "73D24C57-2311-48E9-879E-124472E98F6F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:secure_firewall_3130:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE02D38A-5354-47E6-A46F-06D53F14F5A8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:secure_firewall_3140:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F191A423-DB18-4F3A-9D31-C3DD8F185C88",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7533780-0DF9-41BE-8455-F60676785689",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CAF8ACA8-BDDA-4008-8422-46737396F4CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCD2D11D-FF08-44E4-BF67-D8DD1E701FCD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:secure_firewall_3105:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5D9FDF8-13BF-425F-9802-1A334065D7C0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:secure_firewall_3110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "87403E0F-659C-4C5B-863D-0274D2828A9A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:secure_firewall_3120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "73D24C57-2311-48E9-879E-124472E98F6F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:secure_firewall_3130:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE02D38A-5354-47E6-A46F-06D53F14F5A8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:secure_firewall_3140:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F191A423-DB18-4F3A-9D31-C3DD8F185C88",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the secure boot implementation of Cisco Secure Firewalls 3100 Series that are running Cisco Adaptive Security Appliance (ASA) Software or Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated attacker with physical access to the device to bypass the secure boot functionality.\r\n\r This vulnerability is due to a logic error in the boot process. An attacker could exploit this vulnerability by injecting malicious code into a specific memory location during the boot process of an affected device. A successful exploit could allow the attacker to execute persistent code at boot time and break the chain of trust."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la implementaci\u00f3n de boot seguro de Cisco Secure Firewalls serie 3100 que ejecutan el Software Cisco Adaptive Security Appliance (ASA) o el Software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir que un atacante no autenticado con acceso f\u00edsico al dispositivo omita la funcionalidad de boot seguro. Esta vulnerabilidad se debe a un error l\u00f3gico en el proceso de boot. Un atacante podr\u00eda aprovechar esta vulnerabilidad inyectando c\u00f3digo malicioso en una ubicaci\u00f3n de memoria espec\u00edfica durante el proceso de boot de un dispositivo afectado. Un exploit exitoso podr\u00eda permitir al atacante ejecutar c\u00f3digo persistente en el momento del boot y romper la cadena de confianza."
    }
  ],
  "id": "CVE-2022-20826",
  "lastModified": "2024-11-21T06:43:38.120",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "PHYSICAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.4,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.5,
        "impactScore": 5.9,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "PHYSICAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-11-15T21:15:22.930",
  "references": [
    {
      "source": "psirt@cisco.com",
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fw3100-secure-boot-5M8mUh26"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fw3100-secure-boot-5M8mUh26"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-501"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2021-04-29 18:15

Modified

2024-11-21 05:43

Severity ?

6.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
6.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H

Summary

A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to overwrite files on the file system of an affected device by using directory traversal techniques. A successful exploit could cause system instability if important system files are overwritten. This vulnerability is due to insufficient validation of user input for the file path in a specific CLI command. An attacker could exploit this vulnerability by logging in to a targeted device and issuing a specific CLI command with crafted user input. A successful exploit could allow the attacker to overwrite arbitrary files on the file system of the affected device. The attacker would need valid user credentials on the device.

References

URL	Tags
psirt@cisco.com	https://kc.mcafee.com/corporate/index?page=content&id=SB10382	Not Applicable, Third Party Advisory
psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-file-overwrite-XknRjGdB	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://kc.mcafee.com/corporate/index?page=content&id=SB10382	Not Applicable, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-file-overwrite-XknRjGdB	Vendor Advisory

Impacted products

	Vendor	Product	Version
	cisco	firepower_threat_defense	*
	cisco	firepower_threat_defense	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C8BBB3D-8E5E-4285-AA16-DCA436119F4D",
              "versionEndIncluding": "6.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6642EEB-0BE6-4607-9B1E-96F2F715710F",
              "versionEndExcluding": "6.6.4",
              "versionStartIncluding": "6.6.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to overwrite files on the file system of an affected device by using directory traversal techniques. A successful exploit could cause system instability if important system files are overwritten. This vulnerability is due to insufficient validation of user input for the file path in a specific CLI command. An attacker could exploit this vulnerability by logging in to a targeted device and issuing a specific CLI command with crafted user input. A successful exploit could allow the attacker to overwrite arbitrary files on the file system of the affected device. The attacker would need valid user credentials on the device."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la CLI del software Cisco Firepower Threat Defense (FTD), podr\u00eda permitir a un atacante autenticado local sobrescribir archivos en el sistema de archivos de un dispositivo afectado mediante el uso de t\u00e9cnicas de salto de directorios.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda causar inestabilidad en el sistema si archivos importantes del sistema son sobrescritos.\u0026#xa0;Esta vulnerabilidad es debido a una comprobaci\u00f3n insuficiente de entrada del usuario para la ruta del archivo en un comando CLI espec\u00edfico.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad al iniciar sesi\u00f3n en un dispositivo de destino y emitir un comando CLI espec\u00edfico con la entrada del usuario.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante sobrescribir archivos arbitrarios en el sistema de archivos del dispositivo afectado.\u0026#xa0;El atacante necesitar\u00eda credenciales de usuario v\u00e1lidas en el dispositivo"
    }
  ],
  "id": "CVE-2021-1256",
  "lastModified": "2024-11-21T05:43:56.447",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 3.6,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.0,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.2,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.0,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.2,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-04-29T18:15:08.840",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Not Applicable",
        "Third Party Advisory"
      ],
      "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10382"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-file-overwrite-XknRjGdB"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Not Applicable",
        "Third Party Advisory"
      ],
      "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10382"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-file-overwrite-XknRjGdB"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-552"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        },
        {
          "lang": "en",
          "value": "CWE-552"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2017-05-03 21:59

Modified

2025-04-20 01:37

Severity ?

7.1 (High) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H

Summary

A "Cisco Firepower Threat Defense 6.0.0 through 6.2.2 and Cisco ASA with FirePOWER Module Denial of Service" vulnerability in the access control policy of Cisco Firepower System Software could allow an authenticated, remote attacker to cause an affected system to stop inspecting and processing packets, resulting in a denial of service (DoS) condition. The vulnerability is due to improper SSL policy handling by the affected software when packets are passed through the sensing interfaces of an affected system. An attacker could exploit this vulnerability by sending crafted packets through a targeted system. This vulnerability affects Cisco Firepower System Software that is configured with the SSL policy feature. Cisco Bug IDs: CSCvc84361.

References

URL	Tags
psirt@cisco.com	http://www.securityfocus.com/bid/98292	Third Party Advisory, VDB Entry
psirt@cisco.com	http://www.securitytracker.com/id/1038397	Third Party Advisory, VDB Entry
psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-ftd	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/98292	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1038397	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-ftd	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	6.0.0
cisco	firepower_threat_defense	6.0.1
cisco	firepower_threat_defense	6.1.0
cisco	firepower_threat_defense	6.1.0.2
cisco	firepower_threat_defense	6.2.0
cisco	firepower_threat_defense	6.2.1
cisco	firepower_threat_defense	6.2.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1AC6A67-82EF-4D31-AFCB-499A0C6EC0F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "995667FD-35F1-49E5-96DB-2FDFF5E0B523",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "61FB47CF-2A6A-4121-BFF7-5862E163B8E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9873ABAC-9A3D-40E1-B7FF-F2AB74F82C22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1DC52A8B-7DF4-47B2-9F49-627F59656E5E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD48BE40-C647-429A-81B6-59E125BBE415",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "42496A5B-1644-4088-BBCF-2ED810A5694B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A \"Cisco Firepower Threat Defense 6.0.0 through 6.2.2 and Cisco ASA with FirePOWER Module Denial of Service\" vulnerability in the access control policy of Cisco Firepower System Software could allow an authenticated, remote attacker to cause an affected system to stop inspecting and processing packets, resulting in a denial of service (DoS) condition. The vulnerability is due to improper SSL policy handling by the affected software when packets are passed through the sensing interfaces of an affected system. An attacker could exploit this vulnerability by sending crafted packets through a targeted system. This vulnerability affects Cisco Firepower System Software that is configured with the SSL policy feature. Cisco Bug IDs: CSCvc84361."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de \"Cisco Firepower Threat Defense versi\u00f3n 6.0.0 hasta 6.2.2 y Cisco ASA with FirePOWER Module Denial of Service\" en la pol\u00edtica de control de acceso de Cisco Firepower System Software podr\u00eda permitir que un atacante remoto identificado provoque que un sistema afectado deje de inspeccionar y procesar paquetes, lo que resulta en una condici\u00f3n de denegaci\u00f3n de servicio (DoS). La vulnerabilidad se debe a un manejo inapropiado de la pol\u00edtica SSL por parte del software afectado cuando los paquetes pasan por medio  de las interfaces de detecci\u00f3n de un sistema afectado. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando paquetes creados por medio  de un sistema espec\u00edfico. Esta vulnerabilidad afecta al software del sistema Cisco Firepower que est\u00e1 configurado con la funci\u00f3n de pol\u00edtica SSL. Identificaci\u00f3n de errores de Cisco  Bug IDs: CSCvc84361"
    }
  ],
  "id": "CVE-2017-6625",
  "lastModified": "2025-04-20T01:37:25.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.5,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 4.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.1,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 4.2,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-05-03T21:59:00.230",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/98292"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1038397"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-ftd"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/98292"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1038397"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-ftd"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2019-05-03 16:29

Modified

2024-11-21 04:37

Severity ?

7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

Multiple vulnerabilities in the Server Message Block (SMB) Protocol preprocessor detection engine for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent or remote attacker to cause a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory.

References

URL	Tags
psirt@cisco.com	http://www.securityfocus.com/bid/108171	Third Party Advisory, VDB Entry
psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-frpwr-smb-snort	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/108171	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-frpwr-smb-snort	Vendor Advisory

Impacted products

	Vendor	Product	Version
	cisco	firepower_threat_defense	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "73A0B57C-1076-4382-BADE-9EB2E18FAB9C",
              "versionEndExcluding": "6.2.3.12",
              "versionStartIncluding": "6.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple vulnerabilities in the Server Message Block (SMB) Protocol preprocessor detection engine for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent or remote attacker to cause a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory."
    },
    {
      "lang": "es",
      "value": "Las m\u00faltiples vulnerabilidades en el motor de detecci\u00f3n del preprocesador de  Protocolo Server Message Block (SMB) para el software Firepower Threat Defense (FTD) de Cisco, podr\u00edan permitir que un atacante no autenticado, adyacente o remoto genere una condici\u00f3n de Denegaci\u00f3n de Servicio (DoS). Para m\u00e1s informaci\u00f3n sobre estas vulnerabilidades, consulte la secci\u00f3n Detalles de este aviso."
    }
  ],
  "id": "CVE-2019-1704",
  "lastModified": "2024-11-21T04:37:08.370",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-05-03T16:29:00.490",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/108171"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-frpwr-smb-snort"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/108171"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-frpwr-smb-snort"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2018-02-08 07:29

Modified

2024-11-21 03:37

Severity ?

5.3 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Summary

A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass file policies that are configured to block files transmitted to an affected device via the BitTorrent protocol. The vulnerability exists because the affected software does not detect BitTorrent handshake messages correctly. An attacker could exploit this vulnerability by sending a crafted BitTorrent connection request to an affected device. A successful exploit could allow the attacker to bypass file policies that are configured to block files transmitted to the affected device via the BitTorrent protocol. Cisco Bug IDs: CSCve26946.

References

URL	Tags
psirt@cisco.com	http://www.securityfocus.com/bid/102978	Third Party Advisory, VDB Entry
psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180207-fss	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/102978	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180207-fss	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	6.1.0
cisco	firepower_threat_defense	6.2.0
cisco	firepower_threat_defense	6.2.2
cisco	firepower_threat_defense	6.2.3

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "61FB47CF-2A6A-4121-BFF7-5862E163B8E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1DC52A8B-7DF4-47B2-9F49-627F59656E5E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "42496A5B-1644-4088-BBCF-2ED810A5694B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D726F07-06F1-4B0A-B010-E607E0C2A280",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass file policies that are configured to block files transmitted to an affected device via the BitTorrent protocol. The vulnerability exists because the affected software does not detect BitTorrent handshake messages correctly. An attacker could exploit this vulnerability by sending a crafted BitTorrent connection request to an affected device. A successful exploit could allow the attacker to bypass file policies that are configured to block files transmitted to the affected device via the BitTorrent protocol. Cisco Bug IDs: CSCve26946."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el motor de detecci\u00f3n de Cisco Firepower System Software podr\u00eda permitir que un atacante remoto sin autenticar omita pol\u00edticas de archivos que est\u00e9n configuradas para bloquear archivos transmitidos a un dispositivo afectado mediante el protocolo BitTorrent. La vulnerabilidad existe debido a que el software afectado no detecta correctamente los mensajes del handshake de BitTorrent. Un atacante podr\u00eda explotar esta vulnerabilidad enviando una petici\u00f3n de conexi\u00f3n BitTorrent manipulada a un dispositivo afectado. Un exploit con \u00e9xito podr\u00eda permitir que un atacante remoto sin autenticar omita pol\u00edticas de archivos que est\u00e9n configuradas para bloquear archivos transmitidos a un dispositivo afectado mediante el protocolo BitTorrent. Cisco Bug IDs: CSCve26946."
    }
  ],
  "id": "CVE-2018-0138",
  "lastModified": "2024-11-21T03:37:35.717",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-02-08T07:29:00.977",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/102978"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180207-fss"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/102978"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180207-fss"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-693"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-693"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2025-09-25 16:15

Modified

2025-09-26 19:26

Severity ?

6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Summary

A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to access restricted URL endpoints that are related to remote access VPN that should otherwise be inaccessible without authentication. This vulnerability is due to improper validation of user-supplied input in HTTP(S) requests. An attacker could exploit this vulnerability by sending crafted HTTP requests to a targeted web server on a device. A successful exploit could allow the attacker to access a restricted URL without authentication.

References

▼	URL	Tags
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-webvpn-YROOTUW	Vendor Advisory
	134c704f-9b21-4f2e-91b3-4a467353bcc0	https://sec.cloudapps.cisco.com/security/center/resources/asa_ftd_continued_attacks	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*

JSON

To clipboard

{
  "cisaActionDue": "2025-09-26",
  "cisaExploitAdd": "2025-09-25",
  "cisaRequiredAction": "The KEV due date refers to the deadline by which FCEB agencies are expected to review and begin implementing the guidance outlined in Emergency Directive (ED) 25-03 (URL listed below in Notes). Agencies must follow the mitigation steps provided by CISA (URL listed below in Notes) and vendor\u2019s instructions (URL listed below in Notes). Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available.",
  "cisaVulnerabilityName": "Cisco Secure Firewall Adaptive Security (ASA) Appliance and Secure Firewall Threat Defense (FTD) Missing Authorization Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "775B3D5F-25D3-4B1C-9BA2-985263A6CE83",
              "versionEndExcluding": "9.12.4.72",
              "versionStartIncluding": "9.12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9AD381CE-3B2E-4633-AA43-7A82BA7D39CF",
              "versionEndExcluding": "9.14.4.28",
              "versionStartIncluding": "9.14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8D232A4-8AB6-4B7B-A603-4F31B8BAE40C",
              "versionEndExcluding": "9.16.4.85",
              "versionStartIncluding": "9.16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "452A6BDC-8213-4ADD-AAC9-87466D95F188",
              "versionEndExcluding": "9.18.4.67",
              "versionStartIncluding": "9.17.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2ED8DF6E-39F6-427A-A0FF-98F6435052DD",
              "versionEndExcluding": "9.20.4.10",
              "versionStartIncluding": "9.19",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD2F2F11-458B-4DFB-91AB-9F0949959769",
              "versionEndExcluding": "9.22.2.14",
              "versionStartIncluding": "9.22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4BDB9C75-6398-4282-B913-3262D8080471",
              "versionEndExcluding": "9.23.1.19",
              "versionStartIncluding": "9.23",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DAC10ECF-61D6-495F-9377-FE4DF6CF02FC",
              "versionEndExcluding": "7.0.8.1",
              "versionStartIncluding": "7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7FC7AAC-DAFB-4595-B2F2-FB3F7C285A3B",
              "versionEndExcluding": "7.2.10.2",
              "versionStartIncluding": "7.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C63DAB4E-72E6-4016-B665-9957A69F49F1",
              "versionEndExcluding": "7.4.2.4",
              "versionStartIncluding": "7.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5974899-1958-4FB5-AF88-F464258154E7",
              "versionEndExcluding": "7.6.2.1",
              "versionStartIncluding": "7.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C7EBB77-0701-4D43-BB34-4039E98BB3A9",
              "versionEndExcluding": "7.7.10.1",
              "versionStartIncluding": "7.7.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to access restricted URL endpoints that are related to remote access VPN that should otherwise be inaccessible without authentication.\r\n\r This vulnerability is due to improper validation of user-supplied input in HTTP(S) requests. An attacker could exploit this vulnerability by sending crafted HTTP requests to a targeted web server on a device. A successful exploit could allow the attacker to access a restricted URL without authentication."
    }
  ],
  "id": "CVE-2025-20362",
  "lastModified": "2025-09-26T19:26:43.497",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 2.5,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-09-25T16:15:32.280",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-webvpn-YROOTUW"
    },
    {
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/resources/asa_ftd_continued_attacks"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-862"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2023-11-01 17:15

Modified

2024-11-21 07:40

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Summary

A vulnerability in ICMPv6 processing of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to improper processing of ICMPv6 messages. An attacker could exploit this vulnerability by sending crafted ICMPv6 messages to a targeted Cisco ASA or FTD system with IPv6 enabled. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

References

▼	URL	Tags
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-icmpv6-t5TzqwNd	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-icmpv6-t5TzqwNd	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance_software	9.8.1
cisco	adaptive_security_appliance_software	9.8.1.5
cisco	adaptive_security_appliance_software	9.8.1.7
cisco	adaptive_security_appliance_software	9.8.2
cisco	adaptive_security_appliance_software	9.8.2.8
cisco	adaptive_security_appliance_software	9.8.2.14
cisco	adaptive_security_appliance_software	9.8.2.15
cisco	adaptive_security_appliance_software	9.8.2.17
cisco	adaptive_security_appliance_software	9.8.2.20
cisco	adaptive_security_appliance_software	9.8.2.24
cisco	adaptive_security_appliance_software	9.8.2.26
cisco	adaptive_security_appliance_software	9.8.2.28
cisco	adaptive_security_appliance_software	9.8.2.33
cisco	adaptive_security_appliance_software	9.8.2.35
cisco	adaptive_security_appliance_software	9.8.2.38
cisco	adaptive_security_appliance_software	9.8.3
cisco	adaptive_security_appliance_software	9.8.3.8
cisco	adaptive_security_appliance_software	9.8.3.11
cisco	adaptive_security_appliance_software	9.8.3.14
cisco	adaptive_security_appliance_software	9.8.3.16
cisco	adaptive_security_appliance_software	9.8.3.18
cisco	adaptive_security_appliance_software	9.8.3.21
cisco	adaptive_security_appliance_software	9.8.3.26
cisco	adaptive_security_appliance_software	9.8.3.29
cisco	adaptive_security_appliance_software	9.8.4
cisco	adaptive_security_appliance_software	9.8.4.3
cisco	adaptive_security_appliance_software	9.8.4.7
cisco	adaptive_security_appliance_software	9.8.4.8
cisco	adaptive_security_appliance_software	9.8.4.10
cisco	adaptive_security_appliance_software	9.8.4.12
cisco	adaptive_security_appliance_software	9.8.4.15
cisco	adaptive_security_appliance_software	9.8.4.17
cisco	adaptive_security_appliance_software	9.8.4.20
cisco	adaptive_security_appliance_software	9.8.4.22
cisco	adaptive_security_appliance_software	9.8.4.25
cisco	adaptive_security_appliance_software	9.8.4.26
cisco	adaptive_security_appliance_software	9.8.4.29
cisco	adaptive_security_appliance_software	9.8.4.32
cisco	adaptive_security_appliance_software	9.8.4.33
cisco	adaptive_security_appliance_software	9.8.4.34
cisco	adaptive_security_appliance_software	9.8.4.35
cisco	adaptive_security_appliance_software	9.8.4.39
cisco	adaptive_security_appliance_software	9.8.4.40
cisco	adaptive_security_appliance_software	9.8.4.41
cisco	adaptive_security_appliance_software	9.8.4.43
cisco	adaptive_security_appliance_software	9.8.4.44
cisco	adaptive_security_appliance_software	9.8.4.45
cisco	adaptive_security_appliance_software	9.8.4.46
cisco	adaptive_security_appliance_software	9.8.4.48
cisco	adaptive_security_appliance_software	9.12.1
cisco	adaptive_security_appliance_software	9.12.1.2
cisco	adaptive_security_appliance_software	9.12.1.3
cisco	adaptive_security_appliance_software	9.12.2
cisco	adaptive_security_appliance_software	9.12.2.1
cisco	adaptive_security_appliance_software	9.12.2.4
cisco	adaptive_security_appliance_software	9.12.2.5
cisco	adaptive_security_appliance_software	9.12.2.9
cisco	adaptive_security_appliance_software	9.12.3
cisco	adaptive_security_appliance_software	9.12.3.2
cisco	adaptive_security_appliance_software	9.12.3.7
cisco	adaptive_security_appliance_software	9.12.3.9
cisco	adaptive_security_appliance_software	9.12.3.12
cisco	adaptive_security_appliance_software	9.12.4
cisco	adaptive_security_appliance_software	9.12.4.2
cisco	adaptive_security_appliance_software	9.12.4.4
cisco	adaptive_security_appliance_software	9.12.4.7
cisco	adaptive_security_appliance_software	9.12.4.8
cisco	adaptive_security_appliance_software	9.12.4.10
cisco	adaptive_security_appliance_software	9.12.4.13
cisco	adaptive_security_appliance_software	9.12.4.18
cisco	adaptive_security_appliance_software	9.12.4.24
cisco	adaptive_security_appliance_software	9.12.4.26
cisco	adaptive_security_appliance_software	9.12.4.29
cisco	adaptive_security_appliance_software	9.12.4.30
cisco	adaptive_security_appliance_software	9.12.4.35
cisco	adaptive_security_appliance_software	9.12.4.37
cisco	adaptive_security_appliance_software	9.12.4.38
cisco	adaptive_security_appliance_software	9.12.4.39
cisco	adaptive_security_appliance_software	9.12.4.40
cisco	adaptive_security_appliance_software	9.12.4.41
cisco	adaptive_security_appliance_software	9.12.4.47
cisco	adaptive_security_appliance_software	9.12.4.48
cisco	adaptive_security_appliance_software	9.12.4.50
cisco	adaptive_security_appliance_software	9.12.4.52
cisco	adaptive_security_appliance_software	9.12.4.54
cisco	adaptive_security_appliance_software	9.12.4.55
cisco	adaptive_security_appliance_software	9.14.1
cisco	adaptive_security_appliance_software	9.14.1.6
cisco	adaptive_security_appliance_software	9.14.1.10
cisco	adaptive_security_appliance_software	9.14.1.15
cisco	adaptive_security_appliance_software	9.14.1.19
cisco	adaptive_security_appliance_software	9.14.1.30
cisco	adaptive_security_appliance_software	9.14.2
cisco	adaptive_security_appliance_software	9.14.2.4
cisco	adaptive_security_appliance_software	9.14.2.8
cisco	adaptive_security_appliance_software	9.14.2.13
cisco	adaptive_security_appliance_software	9.14.2.15
cisco	adaptive_security_appliance_software	9.14.3
cisco	adaptive_security_appliance_software	9.14.3.1
cisco	adaptive_security_appliance_software	9.14.3.9
cisco	adaptive_security_appliance_software	9.14.3.11
cisco	adaptive_security_appliance_software	9.14.3.13
cisco	adaptive_security_appliance_software	9.14.3.15
cisco	adaptive_security_appliance_software	9.14.3.18
cisco	adaptive_security_appliance_software	9.14.4
cisco	adaptive_security_appliance_software	9.14.4.6
cisco	adaptive_security_appliance_software	9.14.4.7
cisco	adaptive_security_appliance_software	9.14.4.12
cisco	adaptive_security_appliance_software	9.14.4.13
cisco	adaptive_security_appliance_software	9.14.4.14
cisco	adaptive_security_appliance_software	9.14.4.15
cisco	adaptive_security_appliance_software	9.14.4.17
cisco	adaptive_security_appliance_software	9.14.4.22
cisco	adaptive_security_appliance_software	9.15.1
cisco	adaptive_security_appliance_software	9.15.1.1
cisco	adaptive_security_appliance_software	9.15.1.7
cisco	adaptive_security_appliance_software	9.15.1.10
cisco	adaptive_security_appliance_software	9.15.1.15
cisco	adaptive_security_appliance_software	9.15.1.16
cisco	adaptive_security_appliance_software	9.15.1.17
cisco	adaptive_security_appliance_software	9.15.1.21
cisco	adaptive_security_appliance_software	9.16.1
cisco	adaptive_security_appliance_software	9.16.1.28
cisco	adaptive_security_appliance_software	9.16.2
cisco	adaptive_security_appliance_software	9.16.2.3
cisco	adaptive_security_appliance_software	9.16.2.7
cisco	adaptive_security_appliance_software	9.16.2.11
cisco	adaptive_security_appliance_software	9.16.2.13
cisco	adaptive_security_appliance_software	9.16.2.14
cisco	adaptive_security_appliance_software	9.16.3
cisco	adaptive_security_appliance_software	9.16.3.3
cisco	adaptive_security_appliance_software	9.16.3.14
cisco	adaptive_security_appliance_software	9.16.3.15
cisco	adaptive_security_appliance_software	9.16.3.19
cisco	adaptive_security_appliance_software	9.16.3.23
cisco	adaptive_security_appliance_software	9.16.4
cisco	adaptive_security_appliance_software	9.16.4.9
cisco	adaptive_security_appliance_software	9.17.1
cisco	adaptive_security_appliance_software	9.17.1.7
cisco	adaptive_security_appliance_software	9.17.1.9
cisco	adaptive_security_appliance_software	9.17.1.10
cisco	adaptive_security_appliance_software	9.17.1.11
cisco	adaptive_security_appliance_software	9.17.1.13
cisco	adaptive_security_appliance_software	9.17.1.15
cisco	adaptive_security_appliance_software	9.17.1.20
cisco	adaptive_security_appliance_software	9.18.1
cisco	adaptive_security_appliance_software	9.18.1.3
cisco	adaptive_security_appliance_software	9.18.2
cisco	adaptive_security_appliance_software	9.18.2.5
cisco	adaptive_security_appliance_software	9.18.2.7
cisco	adaptive_security_appliance_software	9.18.2.8
cisco	adaptive_security_appliance_software	9.19.1
cisco	firepower_threat_defense	6.2.3
cisco	firepower_threat_defense	6.2.3.1
cisco	firepower_threat_defense	6.2.3.2
cisco	firepower_threat_defense	6.2.3.3
cisco	firepower_threat_defense	6.2.3.4
cisco	firepower_threat_defense	6.2.3.5
cisco	firepower_threat_defense	6.2.3.6
cisco	firepower_threat_defense	6.2.3.7
cisco	firepower_threat_defense	6.2.3.8
cisco	firepower_threat_defense	6.2.3.9
cisco	firepower_threat_defense	6.2.3.10
cisco	firepower_threat_defense	6.2.3.11
cisco	firepower_threat_defense	6.2.3.12
cisco	firepower_threat_defense	6.2.3.13
cisco	firepower_threat_defense	6.2.3.14
cisco	firepower_threat_defense	6.2.3.15
cisco	firepower_threat_defense	6.2.3.16
cisco	firepower_threat_defense	6.2.3.17
cisco	firepower_threat_defense	6.2.3.18
cisco	firepower_threat_defense	6.4.0
cisco	firepower_threat_defense	6.4.0.1
cisco	firepower_threat_defense	6.4.0.2
cisco	firepower_threat_defense	6.4.0.3
cisco	firepower_threat_defense	6.4.0.4
cisco	firepower_threat_defense	6.4.0.5
cisco	firepower_threat_defense	6.4.0.6
cisco	firepower_threat_defense	6.4.0.7
cisco	firepower_threat_defense	6.4.0.8
cisco	firepower_threat_defense	6.4.0.9
cisco	firepower_threat_defense	6.4.0.10
cisco	firepower_threat_defense	6.4.0.11
cisco	firepower_threat_defense	6.4.0.12
cisco	firepower_threat_defense	6.4.0.13
cisco	firepower_threat_defense	6.4.0.14
cisco	firepower_threat_defense	6.4.0.15
cisco	firepower_threat_defense	6.4.0.16
cisco	firepower_threat_defense	6.6.0
cisco	firepower_threat_defense	6.6.0.1
cisco	firepower_threat_defense	6.6.1
cisco	firepower_threat_defense	6.6.3
cisco	firepower_threat_defense	6.6.4
cisco	firepower_threat_defense	6.6.5
cisco	firepower_threat_defense	6.6.5.1
cisco	firepower_threat_defense	6.6.5.2
cisco	firepower_threat_defense	6.6.7
cisco	firepower_threat_defense	6.6.7.1
cisco	firepower_threat_defense	6.7.0
cisco	firepower_threat_defense	6.7.0.1
cisco	firepower_threat_defense	6.7.0.2
cisco	firepower_threat_defense	6.7.0.3
cisco	firepower_threat_defense	7.0.0
cisco	firepower_threat_defense	7.0.0.1
cisco	firepower_threat_defense	7.0.1
cisco	firepower_threat_defense	7.0.1.1
cisco	firepower_threat_defense	7.0.2
cisco	firepower_threat_defense	7.0.2.1
cisco	firepower_threat_defense	7.0.3
cisco	firepower_threat_defense	7.0.4
cisco	firepower_threat_defense	7.0.5
cisco	firepower_threat_defense	7.1.0
cisco	firepower_threat_defense	7.1.0.1
cisco	firepower_threat_defense	7.1.0.2
cisco	firepower_threat_defense	7.1.0.3
cisco	firepower_threat_defense	7.2.0
cisco	firepower_threat_defense	7.2.0.1
cisco	firepower_threat_defense	7.2.1
cisco	firepower_threat_defense	7.2.2
cisco	firepower_threat_defense	7.2.3
cisco	firepower_threat_defense	7.3.0
cisco	firepower_threat_defense	7.3.1
cisco	firepower_threat_defense	7.3.1.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D482F818-0A8E-49D7-8E3E-0958019FA629",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E7BFB57-BC02-4930-A02F-83583E6A0FC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "026F1960-C879-4611-A60A-96311B63CCA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAF8B33E-0C95-467D-A865-0A234E69D0CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFF144F5-D933-4DE4-818C-001BD9E3958A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "00112ED3-FE7B-425B-9A28-1E5F2BC8BB01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDD491D5-FAAB-493F-91A6-D2F3B5F5970E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "1519F49D-588F-4B70-B38F-EF4F3E13FEAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "15354443-5EB7-4712-B2DE-61DB33830759",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "248D6B44-E134-4DEC-A947-636824E3FDFA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "0820A79C-F3EF-407F-9AC7-DCAB4CD39C89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D3E8805-85D2-4345-8076-039513209A31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "14BB907B-D75A-4F5E-B20D-5457A71A70EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "F118B803-4C55-436A-A136-0C1FEA49858F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.38:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A272121-408E-45F6-A2A1-0BA6EBC060A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "980CEA3B-5A81-4E8C-BEA3-DD31BE7DA2CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3910211-D4DB-4CA7-BBEA-DD8246FF10ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "C260BF30-7A33-4C70-9509-404856C93666",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF894850-39EC-4B57-BBFF-F1AB4F8389A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1FAFCF9-0ABE-483E-9604-329762BB7870",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "83DB4278-3126-4765-97C4-6C0A8C78DA78",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "174E631B-6099-47DE-8790-BBF4B7FDB8CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FE3538B-F612-4105-BFDE-A4B594482DCF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "3143B0FF-C855-485E-A908-E48974B1643C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "26DD9992-6D98-4E03-9599-ECF38A186FBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "24DCEAE6-355B-40AE-A7C8-AF744FCA8A86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "2097E81E-B422-4B93-AF09-F300A0E8AF71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "454DEA31-A607-4054-82D3-24A4FEB7358F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "57F0B213-8187-4465-84F1-FB8D92B36020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "E540771E-BA0B-42D1-8251-B576B0F142C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEC2A833-BECF-4000-A592-6113A84C2D20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "077F1416-924A-4D25-9CEE-3BD66A96A019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BDC8D92-D6E0-40EE-B190-D2B32C7DEB75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "23CD5619-E534-4F40-998D-39DC19FA0451",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5D0EB11-14B1-44B3-8D46-B9DD872F772C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FA399CF-12DB-42E0-A66F-14508B52A453",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B5A7608-E737-420E-9B5E-836600DAC701",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.32:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7EB6801-336D-4F41-ADE7-1C58C63C3F6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "8413DA41-02A5-4269-8C88-9DD5076AF91B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.34:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA00285F-6914-4749-8A47-FC4EDAFFF3C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "4AA4D367-32B9-4F54-8352-A959F61A1FDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "2259FF9E-0C8B-440F-B1AC-51BDE3F60E68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C522B55-904D-4C08-B73E-1457D877C0AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "4483056A-FBF3-4E00-81EB-1E97334EF240",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.43:*:*:*:*:*:*:*",
              "matchCriteriaId": "48677330-06AB-4C7F-B2AD-F7E465A9632A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.44:*:*:*:*:*:*:*",
              "matchCriteriaId": "7AEA80D2-5DB8-4334-9A88-7DDE395832C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.45:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB1C38A5-1028-4AD3-8CC7-A00091091E76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.46:*:*:*:*:*:*:*",
              "matchCriteriaId": "848147B2-C49A-43F6-9069-FC8885BDFDA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.48:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6FEF0DA-741E-4361-8143-068EB47D6520",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F002FD55-F881-450E-BC1B-8073E188F47E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA940C4F-13BB-465F-BB8D-CBD0109BF012",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B0434F5-9A50-4B57-9C5B-E09415D098C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE727035-06CB-4E37-A9D2-96BD54502120",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FE52B81-2CF8-48E5-A7BA-A163A25A669B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8E8D7C9-5272-40E6-869B-B33959F9F0CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE8D5D71-5C85-4644-8A84-F073549ADB50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "0790DDC2-7BA0-42DC-A157-754C0CBBE178",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "882394EA-70C8-4D86-9AEF-5D273D8E518C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "855AD3CC-F404-48C5-80D2-7F2765D16D72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "26B6BF72-9124-4213-B3C0-BD31B46E8C91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE8FBE89-8FDA-4B9B-BA1A-90FFD482A585",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "149C3872-8DA9-48DD-ADD0-2E84C1A76A40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2D33E8C-294A-4C43-8DB6-9DA9F61F0B3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E23ACB0-DF8B-4672-A819-4DCD3104CE4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4723B88-62BA-40E6-AA89-BAC02D6A036F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C698819-3C8E-4A16-8F52-42FF1E54C076",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D3CE74E-59E7-448A-8417-18F97C05C798",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "0986C171-0E75-4F6F-A9BD-276830104E5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "66A2777A-7831-4324-AEB2-5D93B5F6C04B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "37045680-9189-4B7F-A4F7-4E682FE20A09",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6C9F37B-CF3C-4861-A969-C7CF4946274A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A1DAF21-3FED-4691-9D4C-8FD8CEA7FB3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB938E58-4963-4A31-8836-88E958592B30",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E317897-EE97-44F3-96BB-E54228D72A7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EF7FAB2-158D-4C48-9246-E7AD3BF1D801",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.37:*:*:*:*:*:*:*",
              "matchCriteriaId": "056D43AE-ECDB-40D2-A196-18DDCD02629E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.38:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3E555F3-3580-4D71-8D8D-92FE72763D62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "93013503-8B9A-4160-AF7E-277958FA6E9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3B009FD-0F2B-4511-8EDF-C3E670623F89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "52579D8D-E855-42B3-B406-32DD1C39F721",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.47:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7E44FC6-12A2-4F76-A095-28F3804B619F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.48:*:*:*:*:*:*:*",
              "matchCriteriaId": "42917E5E-E362-4B40-B2B2-3C77BA35641C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.50:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF317FA3-EBF3-49BB-A9E6-0D4295FA3F60",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.52:*:*:*:*:*:*:*",
              "matchCriteriaId": "F98B1683-914F-43D3-AE1C-311D3A90BE8C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.54:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8D24656-CAB1-4A98-A440-482927FEDD16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.55:*:*:*:*:*:*:*",
              "matchCriteriaId": "E504557C-DA5D-4D0F-A813-4CE7D5109F15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "52D83C3A-ED0B-42D5-A08A-97D27E189875",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "A649E319-D408-4AA2-8293-C9E37AF14BA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4187EFE-4D7E-4493-A6E0-24C98256CF79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "6730194F-5069-40AB-AE66-871D3992560C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E257F98-D1A0-4D28-9504-1749CC090D49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FF1A5FC-73BE-4218-86D9-2E81FA64EABD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E492943-6EC0-4E34-9DBC-DD1C2CF1CDCC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "589E46F3-8038-4B87-8C40-55C6268B82F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F3B73F6-139E-42DC-B895-DDD17B5A1138",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A2590E7-FE04-4B29-B36B-AABAA5F3B9AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E4FD5E3-7E82-4294-8B05-D2045D857029",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E998A4A-5346-4CFA-A617-FD1106C6B7A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "91265549-A16E-4A00-A031-4F1EB8D6881C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA3C316B-5485-4CDD-A1A1-6C0A9CB4719F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECE6D033-7B8B-4F61-B653-0C0EF13466EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "14441650-DAD5-4959-83DF-4D6F3D6A05FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B21ABC9-A64B-43E4-8951-1E6C0F427DBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "A48EC041-322F-422D-B95B-0FC07BDA2B6B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE0D50C0-DADB-4747-8649-8A5257111FE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEE2699F-353F-44CB-A778-981783DDC31F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D8E50BD-1FBD-483B-9C27-70E95C732E55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "F46E5E4F-787C-4C05-B1E7-C39BB9125D16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6A29312-38E7-456B-94DD-4D7329691114",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "27F7BB31-C733-4C32-BF0F-33B5AF020156",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC313568-33A6-435B-98FF-8A7091D9C451",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F85710A-28CE-4913-8523-356461908FBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6069950-016B-419A-B754-D58956CB6D14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA0B9B73-A9E6-4924-9EAE-B57E534938FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "012812C4-EFF8-465F-A771-134BEB617CC9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "E06141A9-8C37-445A-B58A-45739AFE7D4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "7EDC09E5-51D3-4672-B910-B34A9CBD6128",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "71ED7A71-81CB-444C-A4ED-EA4A58D5E73C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "CAD13331-0EB8-4C8D-85CC-D96CA9F829AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "7137F22B-F993-4620-9378-9412DAEA9EF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "923A40E8-6456-4288-B9AB-DBF5F9C4246A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "13F57A86-6284-4269-823E-B30C57185D14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.1.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6560447-039C-40FA-A24D-C8994AC2743B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "378ED826-F5FE-40BA-9FC0-9C185A13518B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "130B6FD9-764D-4EF8-91AA-37E52AE9B3E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "225861CE-FFF8-4AFA-A07B-CB8D5BC9C361",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD08C4E8-3ADB-4048-9B3C-4F0385201523",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4875811-F209-49ED-B310-8377B2F87FF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "99C52C7B-B626-4A3C-A2EC-28A20E7FA95F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "08CCBF5E-257A-4A1F-8930-3643A9588838",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "782BC9ED-1395-472B-9F34-DED812AA5BFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "153449C0-B93F-49A2-8A6A-BE84305E8D2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "853A002C-839A-4372-8485-750A86E9F6E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "C62BB5D6-CE75-4C83-82DC-4148EF8CB1F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "D32F1365-EAF8-4570-B2FF-45E47E8586F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFD07F9B-6BB3-4423-8DBE-4E89A6478E65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "34FE4F28-B704-4325-AE8A-C790163FEE71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "27ACBA2A-87A7-4836-A474-AFD7D22F820D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "C73E0B2E-BABF-4998-A1D7-4E803F9D78AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "59306ADF-FAA6-4970-ADFB-C5D9A5AEF1AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "959107AC-E9EC-467C-901B-A3164E3762E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F944F8F-0255-42BE-BD44-D21EC9F0FFC4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F39C535-5A41-47CE-A9CF-B360998D4BF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9CEAEFC-7B82-41F9-A09D-C86A3A60A4FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "40FAC31D-19C0-4BA0-A019-C7E7A0BA0B5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BA16A6D-2747-4DAC-A30A-166F1FD906FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "289F9874-FC01-4809-9BDA-1AF583FB60B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "74EDFC67-E4EE-4D2C-BF9F-5881C987C662",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "826869BE-4874-4BBA-9392-14851560BA10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF52D477-3045-45D1-9FD3-12F396266463",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "88E310BF-F1F6-4124-A875-81967B9B531E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEE52F59-AABA-4069-A909-64AD5DFD2B18",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D726F07-06F1-4B0A-B010-E607E0C2A280",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FAD2427-82A3-4E64-ADB5-FA4F40B568F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "08D5A647-AC21-40AC-8B3C-EE5D3EDA038A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BAE999A-5244-46CF-8C12-D68E789BDEE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6468D3D-C5A7-4FAE-B4B9-AD862CD11055",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6E4808D-592E-46A6-A83A-A46227D817B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AB45136-ACCD-4230-8975-0EBB30D5B375",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2C39AC1-1B96-4253-9FC8-4CC26D6261F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE9102C8-F211-4E50-967F-FD51C7FC904F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4933642-89E5-4909-AD3C-862CD3B77790",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9A6C776-79B3-47ED-B013-100B8F08E1C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "E504F28A-44CE-4B3E-9330-6A98728E3AEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEA0DD43-D206-4C1C-8B17-DA47F96B3BAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "1983172D-4F52-479F-BF14-A84B92D36864",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "4122D982-A57A-4249-A8DC-CE9FC6C98803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "96464380-F665-4266-B0AD-693E078C9F82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C230B8A-570D-4F58-83E1-AFA50B813EA4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD3F39CB-C4C2-4B13-94F0-9E44322314BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "59A71873-0EB2-418F-AE33-8474A1010FA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2DF0B07-8C2A-4341-8AFF-DE7E5E5B3A43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E6BD0EE-649E-4ED6-A09C-8364335DEF52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AE11554-FE3C-4C8B-8986-5D88E4967342",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1C11983-22A8-4859-A240-571A7815FF54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "24CD0B0A-2B91-45DD-9522-8D1D3850CC9B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7026F0E-72A7-4CDF-BADC-E34FE6FADC51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "63B85369-FBAE-456C-BC99-5418B043688A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "86434346-D5F0-49BA-803E-244C3266E361",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2FA7B3C-002D-4755-B323-CA24B770A5B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1CB7EBC-F3D5-4855-A8D8-BA5AB21FD719",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2A5530C-DF29-421B-9712-3454C1769446",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "41170977-FEEA-4B51-BF98-8493096CD691",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "B05791F9-0B31-4C4C-A9BA-9268CAA45FB2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D975CBA-7F01-4A4C-991B-9571410C4F07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6D7AF29-4E08-4BFD-AFE0-994309E66F08",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2EFA476-5021-4A00-859E-1643009D6156",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6E3A5DC-A237-46E4-A4E5-F135482F984A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCD69468-8067-4A5D-B2B0-EC510D889AA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "20AE4051-FA3B-4F0B-BD3D-083A14269FF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "46A42D07-FF3E-41B4-BA39-3A5BDA4E0E61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3985EA37-2B77-45F2-ABA5-5CCC7B35CA2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "67FB5ABE-3C40-4C58-B91F-0621C2180FAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "53909FD6-EC74-4D2F-99DA-26E70400B53F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "55FE024D-0D43-40AD-9645-8C54ECF17824",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC411A8D-CD39-46F5-B8FC-6753E618FAEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "D46E2E00-BA86-4002-B67B-2C1A6C1AAAE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "91AD8BA2-EB8D-4D8B-B707-AF5C2A831998",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "85F22403-B4EE-4303-9C94-915D3E0AC944",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "828E3DE1-B62E-4FEC-AAD3-EB0E452C9CBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "596EC5DD-D7F4-44C8-B4B5-E2DC142FC486",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C356E0E6-5B87-40CF-996E-6FFEDFD82A31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBCA75A6-0A3E-4393-8884-9F3CE190641E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F3C12D3-7662-46C5-9E88-D1BE6CF605E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "046B53A0-6BC1-461A-9C28-C534CE12C4BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA889E1-4E8F-4ECE-88AC-7A240D5CBF0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D1C767F-3E06-43B7-A0CC-D51D97A053EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "43A950B0-A7CA-4CE7-A393-A18C8C41B08E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7E221CB-BD0F-4AEE-8646-998B75647714",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "225382DE-2919-48F4-9CC0-DE685EAAFDF4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBA2DFE7-F478-46EC-9832-4B2C738FC879",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D619BF54-1BA9-45D0-A876-92D7010088A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "469EA365-DED5-4436-AAC2-5553529DE700",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D94F400-5A35-41F5-B37F-E9DA6F87ED8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5364CB94-BEA3-4E9A-A2F9-EE96A2D7F8AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FD5D12-CF1A-4990-99B3-1840EFBA5611",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCD2D11D-FF08-44E4-BF67-D8DD1E701FCD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F788D156-1F1F-4A08-848B-257BC4CCE000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "795ED164-7800-4D50-8E37-665BE30190D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B0664B8-1670-4F47-A01E-089D05A9618A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBC0C3DC-4761-488A-90A9-6EA45EE61526",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "62EE065B-F8B6-4125-8486-B2EE0566B27A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5245DEF8-64BE-47C9-AA3C-DF3F7F92A89F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in ICMPv6 processing of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to improper processing of ICMPv6 messages. An attacker could exploit this vulnerability by sending crafted ICMPv6 messages to a targeted Cisco ASA or FTD system with IPv6 enabled. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el procesamiento ICMPv6 del software Cisco Adaptive Security Appliance (ASA) y el software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir que un atacante remoto no autenticado provoque una condici\u00f3n de Denegaci\u00f3n de Servicio (DoS). Esta vulnerabilidad se debe a un procesamiento inadecuado de mensajes ICMPv6. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando mensajes ICMPv6 manipulados a un sistema Cisco ASA o FTD objetivo con IPv6 habilitado. Un exploit exitoso podr\u00eda permitir que el atacante provoque que el dispositivo se recargue, lo que resultar\u00eda en una condici\u00f3n DoS."
    }
  ],
  "id": "CVE-2023-20086",
  "lastModified": "2024-11-21T07:40:31.500",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-11-01T17:15:11.057",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-icmpv6-t5TzqwNd"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-icmpv6-t5TzqwNd"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-248"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2024-10-23 18:15

Modified

2025-08-01 16:02

Severity ?

5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

Summary

A vulnerability in the Network Service Group (NSG) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should be denied to flow through an affected device. This vulnerability is due to a logic error that occurs when NSG ACLs are populated on an affected device. An attacker could exploit this vulnerability by establishing a connection to the affected device. A successful exploit could allow the attacker to bypass configured ACL rules.

References

▼	URL	Tags
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-nsgacl-bypass-77XnEAsL	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance_software	9.16.1
cisco	adaptive_security_appliance_software	9.16.1.28
cisco	adaptive_security_appliance_software	9.16.2
cisco	adaptive_security_appliance_software	9.16.2.3
cisco	adaptive_security_appliance_software	9.16.2.7
cisco	adaptive_security_appliance_software	9.16.2.11
cisco	adaptive_security_appliance_software	9.16.2.13
cisco	adaptive_security_appliance_software	9.16.2.14
cisco	adaptive_security_appliance_software	9.16.3
cisco	adaptive_security_appliance_software	9.16.3.3
cisco	adaptive_security_appliance_software	9.16.3.14
cisco	adaptive_security_appliance_software	9.16.3.15
cisco	adaptive_security_appliance_software	9.16.3.19
cisco	adaptive_security_appliance_software	9.16.3.23
cisco	adaptive_security_appliance_software	9.16.4
cisco	adaptive_security_appliance_software	9.16.4.9
cisco	adaptive_security_appliance_software	9.16.4.14
cisco	adaptive_security_appliance_software	9.16.4.18
cisco	adaptive_security_appliance_software	9.16.4.19
cisco	adaptive_security_appliance_software	9.16.4.27
cisco	adaptive_security_appliance_software	9.16.4.38
cisco	adaptive_security_appliance_software	9.16.4.39
cisco	adaptive_security_appliance_software	9.16.4.42
cisco	adaptive_security_appliance_software	9.16.4.48
cisco	adaptive_security_appliance_software	9.16.4.55
cisco	adaptive_security_appliance_software	9.16.4.57
cisco	adaptive_security_appliance_software	9.16.4.61
cisco	adaptive_security_appliance_software	9.17.1
cisco	adaptive_security_appliance_software	9.17.1.7
cisco	adaptive_security_appliance_software	9.17.1.9
cisco	adaptive_security_appliance_software	9.17.1.10
cisco	adaptive_security_appliance_software	9.17.1.11
cisco	adaptive_security_appliance_software	9.17.1.13
cisco	adaptive_security_appliance_software	9.17.1.15
cisco	adaptive_security_appliance_software	9.17.1.20
cisco	adaptive_security_appliance_software	9.17.1.30
cisco	adaptive_security_appliance_software	9.17.1.33
cisco	adaptive_security_appliance_software	9.17.1.39
cisco	adaptive_security_appliance_software	9.18.1
cisco	adaptive_security_appliance_software	9.18.1.3
cisco	adaptive_security_appliance_software	9.18.2
cisco	adaptive_security_appliance_software	9.18.2.5
cisco	adaptive_security_appliance_software	9.18.2.7
cisco	adaptive_security_appliance_software	9.18.2.8
cisco	adaptive_security_appliance_software	9.18.3
cisco	adaptive_security_appliance_software	9.18.3.39
cisco	adaptive_security_appliance_software	9.18.3.46
cisco	adaptive_security_appliance_software	9.18.3.53
cisco	adaptive_security_appliance_software	9.18.3.55
cisco	adaptive_security_appliance_software	9.18.3.56
cisco	adaptive_security_appliance_software	9.18.4
cisco	adaptive_security_appliance_software	9.18.4.5
cisco	adaptive_security_appliance_software	9.18.4.8
cisco	adaptive_security_appliance_software	9.18.4.22
cisco	adaptive_security_appliance_software	9.18.4.24
cisco	adaptive_security_appliance_software	9.18.4.29
cisco	adaptive_security_appliance_software	9.19.1
cisco	adaptive_security_appliance_software	9.19.1.5
cisco	adaptive_security_appliance_software	9.19.1.9
cisco	adaptive_security_appliance_software	9.19.1.12
cisco	adaptive_security_appliance_software	9.19.1.18
cisco	adaptive_security_appliance_software	9.19.1.22
cisco	adaptive_security_appliance_software	9.19.1.24
cisco	adaptive_security_appliance_software	9.19.1.27
cisco	adaptive_security_appliance_software	9.19.1.28
cisco	adaptive_security_appliance_software	9.19.1.31
cisco	adaptive_security_appliance_software	9.20.1
cisco	adaptive_security_appliance_software	9.20.1.5
cisco	adaptive_security_appliance_software	9.20.2
cisco	adaptive_security_appliance_software	9.20.2.10
cisco	adaptive_security_appliance_software	9.20.2.21
cisco	adaptive_security_appliance_software	9.20.2.22
cisco	firepower_threat_defense	7.0.0
cisco	firepower_threat_defense	7.0.0.1
cisco	firepower_threat_defense	7.0.1
cisco	firepower_threat_defense	7.0.1.1
cisco	firepower_threat_defense	7.0.2
cisco	firepower_threat_defense	7.0.2.1
cisco	firepower_threat_defense	7.0.3
cisco	firepower_threat_defense	7.0.4
cisco	firepower_threat_defense	7.0.5
cisco	firepower_threat_defense	7.0.6
cisco	firepower_threat_defense	7.0.6.1
cisco	firepower_threat_defense	7.0.6.2
cisco	firepower_threat_defense	7.1.0
cisco	firepower_threat_defense	7.1.0.1
cisco	firepower_threat_defense	7.1.0.2
cisco	firepower_threat_defense	7.1.0.3
cisco	firepower_threat_defense	7.2.0
cisco	firepower_threat_defense	7.2.0.1
cisco	firepower_threat_defense	7.2.1
cisco	firepower_threat_defense	7.2.2
cisco	firepower_threat_defense	7.2.3
cisco	firepower_threat_defense	7.2.4
cisco	firepower_threat_defense	7.2.4.1
cisco	firepower_threat_defense	7.2.5
cisco	firepower_threat_defense	7.2.5.1
cisco	firepower_threat_defense	7.2.5.2
cisco	firepower_threat_defense	7.2.6
cisco	firepower_threat_defense	7.2.7
cisco	firepower_threat_defense	7.2.8
cisco	firepower_threat_defense	7.2.8.1
cisco	firepower_threat_defense	7.3.0
cisco	firepower_threat_defense	7.3.1
cisco	firepower_threat_defense	7.3.1.1
cisco	firepower_threat_defense	7.3.1.2
cisco	firepower_threat_defense	7.4.0
cisco	firepower_threat_defense	7.4.1
cisco	firepower_threat_defense	7.4.1.1
cisco	firepower_threat_defense	7.4.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "13F57A86-6284-4269-823E-B30C57185D14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.1.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6560447-039C-40FA-A24D-C8994AC2743B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "378ED826-F5FE-40BA-9FC0-9C185A13518B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "130B6FD9-764D-4EF8-91AA-37E52AE9B3E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "225861CE-FFF8-4AFA-A07B-CB8D5BC9C361",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD08C4E8-3ADB-4048-9B3C-4F0385201523",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4875811-F209-49ED-B310-8377B2F87FF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "99C52C7B-B626-4A3C-A2EC-28A20E7FA95F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "08CCBF5E-257A-4A1F-8930-3643A9588838",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "782BC9ED-1395-472B-9F34-DED812AA5BFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "153449C0-B93F-49A2-8A6A-BE84305E8D2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "853A002C-839A-4372-8485-750A86E9F6E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "C62BB5D6-CE75-4C83-82DC-4148EF8CB1F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "D32F1365-EAF8-4570-B2FF-45E47E8586F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFD07F9B-6BB3-4423-8DBE-4E89A6478E65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "34FE4F28-B704-4325-AE8A-C790163FEE71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "E832BC0C-8439-4779-9064-C2D93F231031",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA99DF94-D031-4375-9A16-306606FE28F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC149D03-5609-46E6-A1B3-F4D91F282B49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.27:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5D7FC6F-1370-4272-97E5-226C2ED1D335",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.38:*:*:*:*:*:*:*",
              "matchCriteriaId": "164D5774-D51B-47C6-AD32-ED6B84E78BBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "24A810C8-1BB5-4589-84AB-C357C1937201",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.42:*:*:*:*:*:*:*",
              "matchCriteriaId": "F22D8D65-2E88-4557-BF85-1E3ABD4CCAE8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.48:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF62C9AF-70F5-4A12-9B0A-F32551FB2C40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.55:*:*:*:*:*:*:*",
              "matchCriteriaId": "A04EB4FB-0C9F-441E-B02A-6B22F195348F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.57:*:*:*:*:*:*:*",
              "matchCriteriaId": "ACDD7BD6-1C1D-49FE-8478-D0F37EB59BC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.61:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB7D8466-0050-495A-9442-8C5FF3912F5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "27ACBA2A-87A7-4836-A474-AFD7D22F820D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "C73E0B2E-BABF-4998-A1D7-4E803F9D78AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "59306ADF-FAA6-4970-ADFB-C5D9A5AEF1AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "959107AC-E9EC-467C-901B-A3164E3762E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F944F8F-0255-42BE-BD44-D21EC9F0FFC4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F39C535-5A41-47CE-A9CF-B360998D4BF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9CEAEFC-7B82-41F9-A09D-C86A3A60A4FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "40FAC31D-19C0-4BA0-A019-C7E7A0BA0B5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "6CAAFE0F-416F-4BCA-BA37-30EAEADA8AFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E1E8552-58F0-491E-B7D7-E89527872FC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "9347D71D-1F50-4F85-9F6D-E11D79BD26E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BA16A6D-2747-4DAC-A30A-166F1FD906FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "289F9874-FC01-4809-9BDA-1AF583FB60B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "74EDFC67-E4EE-4D2C-BF9F-5881C987C662",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "826869BE-4874-4BBA-9392-14851560BA10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF52D477-3045-45D1-9FD3-12F396266463",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "88E310BF-F1F6-4124-A875-81967B9B531E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B330F8F-F0DA-472C-A932-AD1D232C7DB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BF59DAA-268C-4FCF-A0AA-7967128AEBC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.46:*:*:*:*:*:*:*",
              "matchCriteriaId": "140ED95D-173C-4ADB-A2E6-97F0D595D1AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.53:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC9B00E1-3E50-4356-B6D9-F84BCD552402",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.55:*:*:*:*:*:*:*",
              "matchCriteriaId": "552319A9-01F7-47BA-83B3-B2DD648AA07E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.56:*:*:*:*:*:*:*",
              "matchCriteriaId": "4914603C-4B1B-48F1-826C-DB803BD21F87",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AE21762-3085-4AFC-B1DE-A4562CDAC509",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "852C3478-7529-4002-8540-ABA4D556DEFC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "23B8A815-5D58-4952-936E-D47B83637BEB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.4.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C98D085-E321-4BAE-AF03-ABDEDC4D24BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.4.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "C05599C9-C0DB-47C1-B145-C410076C1049",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.4.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BC91A59-0BFA-4DE8-B414-7558D27FBC54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEE52F59-AABA-4069-A909-64AD5DFD2B18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "20D7966E-B02B-48C8-BF96-723DD6C25314",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA618249-E76F-4104-9326-C9F2DC8DE3D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C925E1F-6BD9-4CD1-8AC4-4263A9094786",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5EE76D9-6D18-4823-B6B0-E1394A4D140C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F635946-586D-4DE2-927B-300CE569C596",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "459C11B9-ABA1-472A-8CDA-9C7B4E48E943",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.27:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA060112-E2D8-4EC5-8400-D8D189A119B5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3888BB0-B529-486C-8563-392BD1C5DFD5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.31:*:*:*:*:*:*:*",
              "matchCriteriaId": "43FE3FA7-8281-4BD9-A08B-8C79D369480E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B25468E3-03F9-4C2A-B82A-F87F4FCD57E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EC6F412-4A30-4E9A-B8DF-C4BF80E5C4B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA47E8EA-29F2-40F3-826E-E7295FFAD8C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.2.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4D303F8-E6AA-4F1C-9988-055EECD0A902",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.2.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DCBBA66-6D00-4D8B-86FE-81EF431A7806",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.2.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB768AFD-64C1-4AD4-8194-2A1D428BAC67",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBCA75A6-0A3E-4393-8884-9F3CE190641E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F3C12D3-7662-46C5-9E88-D1BE6CF605E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "046B53A0-6BC1-461A-9C28-C534CE12C4BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA889E1-4E8F-4ECE-88AC-7A240D5CBF0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D1C767F-3E06-43B7-A0CC-D51D97A053EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "43A950B0-A7CA-4CE7-A393-A18C8C41B08E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7E221CB-BD0F-4AEE-8646-998B75647714",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "225382DE-2919-48F4-9CC0-DE685EAAFDF4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBA2DFE7-F478-46EC-9832-4B2C738FC879",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "39FE5927-2421-4CBE-97EA-6AED892DA1C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8BF2227-3C50-4FD1-98DB-21196E75D1DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5460064F-FF50-4F54-A8DF-180C76AF9B8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D619BF54-1BA9-45D0-A876-92D7010088A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "469EA365-DED5-4436-AAC2-5553529DE700",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D94F400-5A35-41F5-B37F-E9DA6F87ED8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5364CB94-BEA3-4E9A-A2F9-EE96A2D7F8AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FD5D12-CF1A-4990-99B3-1840EFBA5611",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCD2D11D-FF08-44E4-BF67-D8DD1E701FCD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F788D156-1F1F-4A08-848B-257BC4CCE000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "795ED164-7800-4D50-8E37-665BE30190D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B0664B8-1670-4F47-A01E-089D05A9618A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6826018-5620-4924-BE92-6A245378F610",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A49A07CF-12BA-481C-B5FF-754520080A8A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "F203C7D1-AA92-4367-B7A5-EBAE6B76EE6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0064C97F-1140-43AC-8229-C8CCC367DC4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9296D33-D59A-463D-9722-9D4C3F720E7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9F66CCA-0982-4107-BC5B-79D727479343",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "77B80698-1E76-4B13-AB83-A03FF8C785FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "7106C567-726C-4399-ABE0-4A26B9572D40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D5EEF62-DFD3-4E08-8959-2BCD4B1308CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBC0C3DC-4761-488A-90A9-6EA45EE61526",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "62EE065B-F8B6-4125-8486-B2EE0566B27A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5245DEF8-64BE-47C9-AA3C-DF3F7F92A89F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5A52991-802D-46FB-A508-5616BA1CEB78",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3E08AAC-9C5E-4D18-817C-C466D1D6C4DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "724A3B6F-DDAB-4A2F-8430-9E1F352D755F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.4.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDBF14DD-0654-47F3-A698-020397A1EAA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "8920FFA0-1F84-44FE-A776-4FFA654D8419",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the Network Service Group (NSG) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should be denied to flow through an affected device.\r\n\r This vulnerability is due to a logic error that occurs when NSG ACLs are populated on an affected device. An attacker could exploit this vulnerability by establishing a connection to the affected device. A successful exploit could allow the attacker to bypass configured ACL rules."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la funci\u00f3n Network Service Group (NSG) del software Cisco Adaptive Security Appliance (ASA) y del software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir que un atacante remoto no autenticado omita una lista de control de acceso (ACL) configurada y permita que el tr\u00e1fico que deber\u00eda estar denegado fluya a trav\u00e9s de un dispositivo afectado. Esta vulnerabilidad se debe a un error l\u00f3gico que ocurre cuando se completan las ACL de NSG en un dispositivo afectado. Un atacante podr\u00eda aprovechar esta vulnerabilidad estableciendo una conexi\u00f3n con el dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante omitir las reglas de ACL configuradas."
    }
  ],
  "id": "CVE-2024-20384",
  "lastModified": "2025-08-01T16:02:16.727",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-10-23T18:15:07.030",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-nsgacl-bypass-77XnEAsL"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-290"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2019-05-03 17:29

Modified

2024-11-21 04:37

Severity ?

5.3 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Summary

A vulnerability in the Deterministic Random Bit Generator (DRBG), also known as Pseudorandom Number Generator (PRNG), used in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a cryptographic collision, enabling the attacker to discover the private key of an affected device. The vulnerability is due to insufficient entropy in the DRBG when generating cryptographic keys. An attacker could exploit this vulnerability by generating a large number of cryptographic keys on an affected device and looking for collisions with target devices. A successful exploit could allow the attacker to impersonate an affected target device or to decrypt traffic secured by an affected key that is sent to or from an affected target device.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftd-entropy	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftd-entropy	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance_device_manager	*
cisco	adaptive_security_appliance_device_manager	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	asa-5506-x	-
cisco	asa-5506h-x	-
cisco	asa-5506w-x	-
cisco	asa-5508-x	-
cisco	asa-5516-x	-
cisco	asa-5525-x	-
cisco	asa-5545-x	-
cisco	asa-5555-x	-
cisco	asa_5500	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance_device_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F79CB60-BED5-4750-B503-DA7C860B2DE8",
              "versionEndExcluding": "9.8.4",
              "versionStartIncluding": "9.8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance_device_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "62D8BB1B-1B4E-44F5-B59A-927C29711992",
              "versionEndExcluding": "9.9.2.50",
              "versionStartIncluding": "9.9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8F292C5-67ED-4F18-B6C4-5873BB771C3D",
              "versionEndExcluding": "6.2.3.12",
              "versionStartIncluding": "6.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A16803C-579C-4992-B37E-7CEC17307659",
              "versionEndExcluding": "6.3.0.3",
              "versionStartIncluding": "6.3.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa-5506-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4916B846-AEAD-4C06-9705-048627F27236",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa-5506h-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "931B9C8E-6AD7-4E05-8E48-27D3931DC8BB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa-5506w-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D78BA13B-49B2-4ECF-A69D-5C14EAB6B118",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa-5508-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5806FA7C-356B-45BB-ABB0-54B87167AF77",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa-5516-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "93289CFF-6A07-46F2-A2E0-5C43C67E0DCD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa-5525-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "45A11CA4-D93C-4D32-81C7-E3CF71EC4BBB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa-5545-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EF47542-3C2E-4BDB-823F-9A901312C634",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa-5555-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A567EFB6-9A19-4BC0-8EE2-6E2219D09961",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7018906A-ACDF-4D7B-B816-ED9C235BF04E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the Deterministic Random Bit Generator (DRBG), also known as Pseudorandom Number Generator (PRNG), used in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a cryptographic collision, enabling the attacker to discover the private key of an affected device. The vulnerability is due to insufficient entropy in the DRBG when generating cryptographic keys. An attacker could exploit this vulnerability by generating a large number of cryptographic keys on an affected device and looking for collisions with target devices. A successful exploit could allow the attacker to impersonate an affected target device or to decrypt traffic secured by an affected key that is sent to or from an affected target device."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el Deterministic Random Bit Generator (DRBG), conocido como Pseudorandom Number Generator (PRNG), utilizado en los programas Adaptive Security Appliance (ASA) y Firepower Threat Defense (FTD) de  Cisco, podr\u00eda permitir que un atacante remoto no identificado genere una colisi\u00f3n criptogr\u00e1fica, que permite al atacante descubrir la clave privada de un dispositivo afectado. La vulnerabilidad se debe a una entrop\u00eda insuficiente en la DRBG al generar claves criptogr\u00e1ficas. Un atacante podr\u00eda atacar esta vulnerabilidad al generar una gran cantidad de claves criptogr\u00e1ficas en un dispositivo afectado y provocar colisiones con los dispositivos de destino. Una operaci\u00f3n exito podr\u00eda permitir al atacante hacerse pasar por un dispositivo de destino afectado o descifrar el tr\u00e1fico protegido por una clave afectada que se env\u00eda desde un dispositivo de destino afectado."
    }
  ],
  "id": "CVE-2019-1715",
  "lastModified": "2024-11-21T04:37:09.840",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-05-03T17:29:00.593",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftd-entropy"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftd-entropy"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-332"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-332"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2022-11-15 21:15

Modified

2024-11-21 06:43

Severity ?

5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Summary

A vulnerability in the interaction of SIP and Snort 3 for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the Snort 3 detection engine to restart. This vulnerability is due to a lack of error-checking when SIP bidirectional flows are being inspected by Snort 3. An attacker could exploit this vulnerability by sending a stream of crafted SIP traffic through an interface on the targeted device. A successful exploit could allow the attacker to trigger a restart of the Snort 3 process, resulting in a denial of service (DoS) condition.

References

▼	URL	Tags
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftdsnort3sip-dos-A4cHeArC
	af854a3a-2127-422b-91ae-364da2661108	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftdsnort3sip-dos-A4cHeArC

Impacted products

	Vendor	Product	Version
	cisco	firepower_threat_defense	7.2.0
	cisco	firepower_threat_defense	7.2.0.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FD5D12-CF1A-4990-99B3-1840EFBA5611",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCD2D11D-FF08-44E4-BF67-D8DD1E701FCD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the interaction of SIP and Snort 3 for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the Snort 3 detection engine to restart.\r\n\r This vulnerability is due to a lack of error-checking when SIP bidirectional flows are being inspected by Snort 3. An attacker could exploit this vulnerability by sending a stream of crafted SIP traffic through an interface on the targeted device. A successful exploit could allow the attacker to trigger a restart of the Snort 3 process, resulting in a denial of service (DoS) condition."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la interacci\u00f3n de SIP y Snort 3 para el software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir que un atacante remoto no autenticado provoque que el motor de detecci\u00f3n de Snort 3 se reinicie. Esta vulnerabilidad se debe a la falta de verificaci\u00f3n de errores cuando Snort 3 inspecciona los flujos bidireccionales SIP. Un atacante podr\u00eda explotar esta vulnerabilidad enviando un flujo de tr\u00e1fico SIP manipulado a trav\u00e9s de una interfaz en el dispositivo objetivo. Un exploit exitoso podr\u00eda permitir al atacante reiniciar el proceso Snort 3, lo que resultar\u00eda en una condici\u00f3n de Denegaci\u00f3n de Servicio (DoS)."
    }
  ],
  "id": "CVE-2022-20950",
  "lastModified": "2024-11-21T06:43:53.120",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 5.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-11-15T21:15:36.110",
  "references": [
    {
      "source": "psirt@cisco.com",
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftdsnort3sip-dos-A4cHeArC"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftdsnort3sip-dos-A4cHeArC"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-770"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-754"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2022-11-15 21:15

Modified

2024-11-21 06:43

Severity ?

5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

Summary

A vulnerability in the authentication and authorization flows for VPN connections in Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to establish a connection as a different user. This vulnerability is due to a flaw in the authorization verifications during the VPN authentication flow. An attacker could exploit this vulnerability by sending a crafted packet during a VPN authentication. The attacker must have valid credentials to establish a VPN connection. A successful exploit could allow the attacker to establish a VPN connection with access privileges from a different user.

References

▼	URL	Tags
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-vp-authz-N2GckjN6
	af854a3a-2127-422b-91ae-364da2661108	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-vp-authz-N2GckjN6

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance_software	9.6.1
cisco	adaptive_security_appliance_software	9.6.1.3
cisco	adaptive_security_appliance_software	9.6.1.5
cisco	adaptive_security_appliance_software	9.6.1.10
cisco	adaptive_security_appliance_software	9.6.2
cisco	adaptive_security_appliance_software	9.6.2.1
cisco	adaptive_security_appliance_software	9.6.2.2
cisco	adaptive_security_appliance_software	9.6.2.3
cisco	adaptive_security_appliance_software	9.6.2.7
cisco	adaptive_security_appliance_software	9.6.2.11
cisco	adaptive_security_appliance_software	9.6.2.13
cisco	adaptive_security_appliance_software	9.6.2.22
cisco	adaptive_security_appliance_software	9.6.2.23
cisco	adaptive_security_appliance_software	9.6.3
cisco	adaptive_security_appliance_software	9.6.3.1
cisco	adaptive_security_appliance_software	9.6.3.3
cisco	adaptive_security_appliance_software	9.6.3.8
cisco	adaptive_security_appliance_software	9.6.3.9
cisco	adaptive_security_appliance_software	9.6.3.11
cisco	adaptive_security_appliance_software	9.6.3.12
cisco	adaptive_security_appliance_software	9.6.3.14
cisco	adaptive_security_appliance_software	9.6.3.17
cisco	adaptive_security_appliance_software	9.6.3.20
cisco	adaptive_security_appliance_software	9.6.4
cisco	adaptive_security_appliance_software	9.6.4.3
cisco	adaptive_security_appliance_software	9.6.4.5
cisco	adaptive_security_appliance_software	9.6.4.6
cisco	adaptive_security_appliance_software	9.6.4.8
cisco	adaptive_security_appliance_software	9.6.4.10
cisco	adaptive_security_appliance_software	9.6.4.12
cisco	adaptive_security_appliance_software	9.6.4.14
cisco	adaptive_security_appliance_software	9.6.4.17
cisco	adaptive_security_appliance_software	9.6.4.18
cisco	adaptive_security_appliance_software	9.6.4.20
cisco	adaptive_security_appliance_software	9.6.4.22
cisco	adaptive_security_appliance_software	9.6.4.23
cisco	adaptive_security_appliance_software	9.6.4.24
cisco	adaptive_security_appliance_software	9.6.4.25
cisco	adaptive_security_appliance_software	9.6.4.29
cisco	adaptive_security_appliance_software	9.6.4.30
cisco	adaptive_security_appliance_software	9.6.4.34
cisco	adaptive_security_appliance_software	9.6.4.36
cisco	adaptive_security_appliance_software	9.6.4.40
cisco	adaptive_security_appliance_software	9.6.4.41
cisco	adaptive_security_appliance_software	9.6.4.42
cisco	adaptive_security_appliance_software	9.6.4.45
cisco	adaptive_security_appliance_software	9.7.1
cisco	adaptive_security_appliance_software	9.7.1.2
cisco	adaptive_security_appliance_software	9.7.1.4
cisco	adaptive_security_appliance_software	9.7.1.8
cisco	adaptive_security_appliance_software	9.7.1.15
cisco	adaptive_security_appliance_software	9.7.1.16
cisco	adaptive_security_appliance_software	9.7.1.21
cisco	adaptive_security_appliance_software	9.7.1.24
cisco	adaptive_security_appliance_software	9.8.1
cisco	adaptive_security_appliance_software	9.8.1.5
cisco	adaptive_security_appliance_software	9.8.1.7
cisco	adaptive_security_appliance_software	9.8.2
cisco	adaptive_security_appliance_software	9.8.2.8
cisco	adaptive_security_appliance_software	9.8.2.14
cisco	adaptive_security_appliance_software	9.8.2.15
cisco	adaptive_security_appliance_software	9.8.2.17
cisco	adaptive_security_appliance_software	9.8.2.20
cisco	adaptive_security_appliance_software	9.8.2.24
cisco	adaptive_security_appliance_software	9.8.2.26
cisco	adaptive_security_appliance_software	9.8.2.28
cisco	adaptive_security_appliance_software	9.8.2.33
cisco	adaptive_security_appliance_software	9.8.2.35
cisco	adaptive_security_appliance_software	9.8.2.38
cisco	adaptive_security_appliance_software	9.8.3
cisco	adaptive_security_appliance_software	9.8.3.8
cisco	adaptive_security_appliance_software	9.8.3.11
cisco	adaptive_security_appliance_software	9.8.3.14
cisco	adaptive_security_appliance_software	9.8.3.16
cisco	adaptive_security_appliance_software	9.8.3.18
cisco	adaptive_security_appliance_software	9.8.3.21
cisco	adaptive_security_appliance_software	9.8.3.26
cisco	adaptive_security_appliance_software	9.8.3.29
cisco	adaptive_security_appliance_software	9.8.4
cisco	adaptive_security_appliance_software	9.8.4.3
cisco	adaptive_security_appliance_software	9.8.4.7
cisco	adaptive_security_appliance_software	9.8.4.8
cisco	adaptive_security_appliance_software	9.8.4.10
cisco	adaptive_security_appliance_software	9.8.4.12
cisco	adaptive_security_appliance_software	9.8.4.15
cisco	adaptive_security_appliance_software	9.8.4.17
cisco	adaptive_security_appliance_software	9.8.4.20
cisco	adaptive_security_appliance_software	9.8.4.22
cisco	adaptive_security_appliance_software	9.8.4.25
cisco	adaptive_security_appliance_software	9.8.4.26
cisco	adaptive_security_appliance_software	9.8.4.29
cisco	adaptive_security_appliance_software	9.8.4.32
cisco	adaptive_security_appliance_software	9.8.4.33
cisco	adaptive_security_appliance_software	9.8.4.34
cisco	adaptive_security_appliance_software	9.8.4.35
cisco	adaptive_security_appliance_software	9.8.4.39
cisco	adaptive_security_appliance_software	9.8.4.40
cisco	adaptive_security_appliance_software	9.8.4.41
cisco	adaptive_security_appliance_software	9.8.4.43
cisco	adaptive_security_appliance_software	9.8.4.44
cisco	adaptive_security_appliance_software	9.8.4.45
cisco	adaptive_security_appliance_software	9.9.1
cisco	adaptive_security_appliance_software	9.9.1.2
cisco	adaptive_security_appliance_software	9.9.1.3
cisco	adaptive_security_appliance_software	9.9.1.4
cisco	adaptive_security_appliance_software	9.9.1.5
cisco	adaptive_security_appliance_software	9.9.2
cisco	adaptive_security_appliance_software	9.9.2.1
cisco	adaptive_security_appliance_software	9.9.2.9
cisco	adaptive_security_appliance_software	9.9.2.14
cisco	adaptive_security_appliance_software	9.9.2.18
cisco	adaptive_security_appliance_software	9.9.2.25
cisco	adaptive_security_appliance_software	9.9.2.27
cisco	adaptive_security_appliance_software	9.9.2.32
cisco	adaptive_security_appliance_software	9.9.2.36
cisco	adaptive_security_appliance_software	9.9.2.40
cisco	adaptive_security_appliance_software	9.9.2.47
cisco	adaptive_security_appliance_software	9.9.2.50
cisco	adaptive_security_appliance_software	9.9.2.52
cisco	adaptive_security_appliance_software	9.9.2.56
cisco	adaptive_security_appliance_software	9.9.2.59
cisco	adaptive_security_appliance_software	9.9.2.61
cisco	adaptive_security_appliance_software	9.9.2.66
cisco	adaptive_security_appliance_software	9.9.2.67
cisco	adaptive_security_appliance_software	9.9.2.74
cisco	adaptive_security_appliance_software	9.9.2.80
cisco	adaptive_security_appliance_software	9.9.2.83
cisco	adaptive_security_appliance_software	9.9.2.85
cisco	adaptive_security_appliance_software	9.10.1
cisco	adaptive_security_appliance_software	9.10.1.2
cisco	adaptive_security_appliance_software	9.10.1.7
cisco	adaptive_security_appliance_software	9.10.1.10
cisco	adaptive_security_appliance_software	9.10.1.11
cisco	adaptive_security_appliance_software	9.10.1.17
cisco	adaptive_security_appliance_software	9.10.1.22
cisco	adaptive_security_appliance_software	9.10.1.27
cisco	adaptive_security_appliance_software	9.10.1.30
cisco	adaptive_security_appliance_software	9.10.1.32
cisco	adaptive_security_appliance_software	9.10.1.37
cisco	adaptive_security_appliance_software	9.10.1.40
cisco	adaptive_security_appliance_software	9.10.1.42
cisco	adaptive_security_appliance_software	9.10.1.44
cisco	adaptive_security_appliance_software	9.12.1
cisco	adaptive_security_appliance_software	9.12.1.2
cisco	adaptive_security_appliance_software	9.12.1.3
cisco	adaptive_security_appliance_software	9.12.2
cisco	adaptive_security_appliance_software	9.12.2.1
cisco	adaptive_security_appliance_software	9.12.2.4
cisco	adaptive_security_appliance_software	9.12.2.5
cisco	adaptive_security_appliance_software	9.12.2.9
cisco	adaptive_security_appliance_software	9.12.3
cisco	adaptive_security_appliance_software	9.12.3.2
cisco	adaptive_security_appliance_software	9.12.3.7
cisco	adaptive_security_appliance_software	9.12.3.9
cisco	adaptive_security_appliance_software	9.12.3.12
cisco	adaptive_security_appliance_software	9.12.4
cisco	adaptive_security_appliance_software	9.12.4.2
cisco	adaptive_security_appliance_software	9.12.4.4
cisco	adaptive_security_appliance_software	9.12.4.7
cisco	adaptive_security_appliance_software	9.12.4.8
cisco	adaptive_security_appliance_software	9.12.4.10
cisco	adaptive_security_appliance_software	9.12.4.13
cisco	adaptive_security_appliance_software	9.12.4.18
cisco	adaptive_security_appliance_software	9.12.4.24
cisco	adaptive_security_appliance_software	9.12.4.26
cisco	adaptive_security_appliance_software	9.12.4.29
cisco	adaptive_security_appliance_software	9.12.4.30
cisco	adaptive_security_appliance_software	9.12.4.35
cisco	adaptive_security_appliance_software	9.12.4.37
cisco	adaptive_security_appliance_software	9.12.4.38
cisco	adaptive_security_appliance_software	9.12.4.39
cisco	adaptive_security_appliance_software	9.13.1
cisco	adaptive_security_appliance_software	9.13.1.2
cisco	adaptive_security_appliance_software	9.13.1.7
cisco	adaptive_security_appliance_software	9.13.1.10
cisco	adaptive_security_appliance_software	9.13.1.12
cisco	adaptive_security_appliance_software	9.13.1.13
cisco	adaptive_security_appliance_software	9.13.1.16
cisco	adaptive_security_appliance_software	9.13.1.19
cisco	adaptive_security_appliance_software	9.13.1.21
cisco	adaptive_security_appliance_software	9.14.1
cisco	adaptive_security_appliance_software	9.14.1.6
cisco	adaptive_security_appliance_software	9.14.1.10
cisco	adaptive_security_appliance_software	9.14.1.15
cisco	adaptive_security_appliance_software	9.14.1.19
cisco	adaptive_security_appliance_software	9.14.1.30
cisco	adaptive_security_appliance_software	9.14.2
cisco	adaptive_security_appliance_software	9.14.2.4
cisco	adaptive_security_appliance_software	9.14.2.8
cisco	adaptive_security_appliance_software	9.14.2.13
cisco	adaptive_security_appliance_software	9.14.2.15
cisco	adaptive_security_appliance_software	9.14.3
cisco	adaptive_security_appliance_software	9.14.3.1
cisco	adaptive_security_appliance_software	9.14.3.9
cisco	adaptive_security_appliance_software	9.14.3.11
cisco	adaptive_security_appliance_software	9.14.3.13
cisco	adaptive_security_appliance_software	9.14.3.15
cisco	adaptive_security_appliance_software	9.14.3.18
cisco	adaptive_security_appliance_software	9.14.4
cisco	adaptive_security_appliance_software	9.14.4.6
cisco	adaptive_security_appliance_software	9.15.1
cisco	adaptive_security_appliance_software	9.15.1.1
cisco	adaptive_security_appliance_software	9.15.1.7
cisco	adaptive_security_appliance_software	9.15.1.10
cisco	adaptive_security_appliance_software	9.15.1.15
cisco	adaptive_security_appliance_software	9.15.1.16
cisco	adaptive_security_appliance_software	9.15.1.17
cisco	adaptive_security_appliance_software	9.15.1.21
cisco	adaptive_security_appliance_software	9.16.1
cisco	adaptive_security_appliance_software	9.16.1.28
cisco	adaptive_security_appliance_software	9.16.2
cisco	adaptive_security_appliance_software	9.16.2.3
cisco	adaptive_security_appliance_software	9.16.2.7
cisco	adaptive_security_appliance_software	9.16.2.11
cisco	adaptive_security_appliance_software	9.16.2.13
cisco	adaptive_security_appliance_software	9.16.2.14
cisco	adaptive_security_appliance_software	9.17.1
cisco	adaptive_security_appliance_software	9.17.1.7
cisco	firepower_threat_defense	6.1.0
cisco	firepower_threat_defense	6.1.0.1
cisco	firepower_threat_defense	6.1.0.2
cisco	firepower_threat_defense	6.1.0.3
cisco	firepower_threat_defense	6.1.0.4
cisco	firepower_threat_defense	6.1.0.5
cisco	firepower_threat_defense	6.1.0.6
cisco	firepower_threat_defense	6.1.0.7
cisco	firepower_threat_defense	6.2.0
cisco	firepower_threat_defense	6.2.0.1
cisco	firepower_threat_defense	6.2.0.2
cisco	firepower_threat_defense	6.2.0.3
cisco	firepower_threat_defense	6.2.0.4
cisco	firepower_threat_defense	6.2.0.5
cisco	firepower_threat_defense	6.2.0.6
cisco	firepower_threat_defense	6.2.1
cisco	firepower_threat_defense	6.2.2
cisco	firepower_threat_defense	6.2.2.1
cisco	firepower_threat_defense	6.2.2.2
cisco	firepower_threat_defense	6.2.2.3
cisco	firepower_threat_defense	6.2.2.4
cisco	firepower_threat_defense	6.2.2.5
cisco	firepower_threat_defense	6.2.3
cisco	firepower_threat_defense	6.2.3.1
cisco	firepower_threat_defense	6.2.3.2
cisco	firepower_threat_defense	6.2.3.3
cisco	firepower_threat_defense	6.2.3.4
cisco	firepower_threat_defense	6.2.3.5
cisco	firepower_threat_defense	6.2.3.6
cisco	firepower_threat_defense	6.2.3.7
cisco	firepower_threat_defense	6.2.3.8
cisco	firepower_threat_defense	6.2.3.9
cisco	firepower_threat_defense	6.2.3.10
cisco	firepower_threat_defense	6.2.3.11
cisco	firepower_threat_defense	6.2.3.12
cisco	firepower_threat_defense	6.2.3.13
cisco	firepower_threat_defense	6.2.3.14
cisco	firepower_threat_defense	6.2.3.15
cisco	firepower_threat_defense	6.2.3.16
cisco	firepower_threat_defense	6.2.3.17
cisco	firepower_threat_defense	6.2.3.18
cisco	firepower_threat_defense	6.3.0
cisco	firepower_threat_defense	6.3.0.1
cisco	firepower_threat_defense	6.3.0.2
cisco	firepower_threat_defense	6.3.0.3
cisco	firepower_threat_defense	6.3.0.4
cisco	firepower_threat_defense	6.3.0.5
cisco	firepower_threat_defense	6.4.0
cisco	firepower_threat_defense	6.4.0.1
cisco	firepower_threat_defense	6.4.0.2
cisco	firepower_threat_defense	6.4.0.3
cisco	firepower_threat_defense	6.4.0.4
cisco	firepower_threat_defense	6.4.0.5
cisco	firepower_threat_defense	6.4.0.6
cisco	firepower_threat_defense	6.4.0.7
cisco	firepower_threat_defense	6.4.0.8
cisco	firepower_threat_defense	6.4.0.9
cisco	firepower_threat_defense	6.4.0.10
cisco	firepower_threat_defense	6.4.0.11
cisco	firepower_threat_defense	6.4.0.12
cisco	firepower_threat_defense	6.4.0.13
cisco	firepower_threat_defense	6.4.0.14
cisco	firepower_threat_defense	6.5.0
cisco	firepower_threat_defense	6.5.0.1
cisco	firepower_threat_defense	6.5.0.2
cisco	firepower_threat_defense	6.5.0.3
cisco	firepower_threat_defense	6.5.0.4
cisco	firepower_threat_defense	6.5.0.5
cisco	firepower_threat_defense	6.6.0
cisco	firepower_threat_defense	6.6.0.1
cisco	firepower_threat_defense	6.6.1
cisco	firepower_threat_defense	6.6.3
cisco	firepower_threat_defense	6.6.4
cisco	firepower_threat_defense	6.6.5
cisco	firepower_threat_defense	6.6.5.1
cisco	firepower_threat_defense	6.6.5.2
cisco	firepower_threat_defense	6.7.0
cisco	firepower_threat_defense	6.7.0.1
cisco	firepower_threat_defense	6.7.0.2
cisco	firepower_threat_defense	6.7.0.3
cisco	firepower_threat_defense	7.0.0
cisco	firepower_threat_defense	7.0.0.1
cisco	firepower_threat_defense	7.0.1
cisco	firepower_threat_defense	7.0.1.1
cisco	firepower_threat_defense	7.1.0
cisco	firepower_threat_defense	7.1.0.1
cisco	firepower_threat_defense	7.1.0.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2780DD07-79B8-4096-A435-DB8FD6301E7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F2D8411-7317-4865-ADF9-279648210E0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E7AA7A9-F4DB-4BC1-9233-F72B66191F40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "03D8C893-BA42-4EE5-A790-13614A6B436F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "339ACF13-0E1F-48D6-9939-96B16AE857CE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D5D09C9-4559-4FED-B4B7-EAE5935EBCEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "074A5E58-A066-470B-840A-1148A8979DFA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEF2C556-48E6-4572-8FD9-4DC8BAD90B90",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDAD792D-70DB-4123-8BCC-B6890A9BCAA8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.2.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F273C29-0615-45E9-9860-178227E726B5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.2.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "A173A871-4186-4F3B-B40A-893DD3E1F13E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.2.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "904CE795-DC6F-4CB2-AD3D-6AB893FCB3EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.2.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C94EA10-799F-4B6F-AFF5-5CB39A641C46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "05E59B31-CBCB-46BC-A2CE-98754FC8C36B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6279892E-BB24-428F-95AE-07257400444B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3214E142-DDB6-4082-9F76-7F173EFDB6E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B0CB62A-AE50-49C0-940E-9F9C799CF1E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3650CBD-D1CB-40D5-9397-C6683396A4DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED7BF89A-465D-4B48-B38C-977859F6D613",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.3.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BCA4CF6-7D0B-400B-BF66-DB86C11EABA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8DEF3AE-A561-46F6-81A2-424512B58BBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.3.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC636946-33D5-4070-9541-1874DDE4A30A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.3.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE448D5D-6724-4E5D-8D25-699BDCC71160",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAC7A642-121A-4A8C-B055-0296EA5D6E10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "04CF50BE-1D0A-4182-BF07-3097C1FEC85A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF0A3A55-8787-4F33-A491-F32A4AFB21A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A460A3C-AFAD-41D5-A2A8-4D38D307CDCB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "10E65607-CF28-4494-8978-22C7AD142AB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "964F9FC6-AC2C-40DE-A62F-3C9724CA1276",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A62501B-A43B-4A60-8572-797AA7CBA876",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.4.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A20C2CB-9C1C-4403-B9CE-0211481A258F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.4.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2EE2F86-9EAF-47A8-9BD2-9C62D11814C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.4.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "032675B3-83C7-46A5-B13C-D98934E70057",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.4.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "689F4FE8-FA45-41AC-965E-132380FD12DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.4.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "545845CF-AD67-42B2-A943-3974A84241CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.4.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "D45673C2-8303-456E-9BF5-8882A1EA1631",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.4.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "C88C4B52-C2A1-44D4-9D33-B95AE5671AF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.4.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "67B36032-DB43-4C4B-97C4-DE47F241EF2A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.4.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBE16A02-472D-4963-9DF1-B6583E115721",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.4.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5EEC3F4-14FA-4538-B832-B196020BC96F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.4.34:*:*:*:*:*:*:*",
              "matchCriteriaId": "93548414-23A8-4B2C-A026-D84E689B08AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.4.36:*:*:*:*:*:*:*",
              "matchCriteriaId": "35C5EAC5-4F93-4E46-B774-50BE32FFC642",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.4.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA38450A-8127-4C32-A28F-951AAB2DA3E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.4.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A298344-FAD3-43E1-A687-A189C1F62A28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.4.42:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FBD7EB1-BE9C-4448-9D17-4254ACD3086B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.4.45:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C49883D-67EA-4C7F-AB4F-65205134E185",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8208A38E-5B6E-4669-ADAE-E40A4C0E3A6B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.7.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "49FCBAFC-41BE-4650-B7D1-39F8C7688870",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.7.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "953954B6-CB7F-417F-BDB3-A722A88A3F16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.7.1.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "807ECF9D-51D7-4C62-A76D-BB5C635C3AB8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.7.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "8461D662-DE9F-43F7-89D2-978BC83DB33B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.7.1.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4D87ACA-9235-44C9-86A0-3356A105297B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.7.1.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "30468FB9-D2B7-4905-AD81-E2D1DA30B916",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.7.1.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CED805E-D656-4582-9578-51AD165C1D76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D482F818-0A8E-49D7-8E3E-0958019FA629",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E7BFB57-BC02-4930-A02F-83583E6A0FC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "026F1960-C879-4611-A60A-96311B63CCA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAF8B33E-0C95-467D-A865-0A234E69D0CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFF144F5-D933-4DE4-818C-001BD9E3958A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "00112ED3-FE7B-425B-9A28-1E5F2BC8BB01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDD491D5-FAAB-493F-91A6-D2F3B5F5970E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "1519F49D-588F-4B70-B38F-EF4F3E13FEAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "15354443-5EB7-4712-B2DE-61DB33830759",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "248D6B44-E134-4DEC-A947-636824E3FDFA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "0820A79C-F3EF-407F-9AC7-DCAB4CD39C89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D3E8805-85D2-4345-8076-039513209A31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "14BB907B-D75A-4F5E-B20D-5457A71A70EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "F118B803-4C55-436A-A136-0C1FEA49858F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.38:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A272121-408E-45F6-A2A1-0BA6EBC060A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "980CEA3B-5A81-4E8C-BEA3-DD31BE7DA2CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3910211-D4DB-4CA7-BBEA-DD8246FF10ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "C260BF30-7A33-4C70-9509-404856C93666",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF894850-39EC-4B57-BBFF-F1AB4F8389A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1FAFCF9-0ABE-483E-9604-329762BB7870",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "83DB4278-3126-4765-97C4-6C0A8C78DA78",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "174E631B-6099-47DE-8790-BBF4B7FDB8CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FE3538B-F612-4105-BFDE-A4B594482DCF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "3143B0FF-C855-485E-A908-E48974B1643C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "26DD9992-6D98-4E03-9599-ECF38A186FBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "24DCEAE6-355B-40AE-A7C8-AF744FCA8A86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "2097E81E-B422-4B93-AF09-F300A0E8AF71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "454DEA31-A607-4054-82D3-24A4FEB7358F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "57F0B213-8187-4465-84F1-FB8D92B36020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "E540771E-BA0B-42D1-8251-B576B0F142C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEC2A833-BECF-4000-A592-6113A84C2D20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "077F1416-924A-4D25-9CEE-3BD66A96A019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BDC8D92-D6E0-40EE-B190-D2B32C7DEB75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "23CD5619-E534-4F40-998D-39DC19FA0451",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5D0EB11-14B1-44B3-8D46-B9DD872F772C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FA399CF-12DB-42E0-A66F-14508B52A453",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B5A7608-E737-420E-9B5E-836600DAC701",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.32:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7EB6801-336D-4F41-ADE7-1C58C63C3F6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "8413DA41-02A5-4269-8C88-9DD5076AF91B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.34:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA00285F-6914-4749-8A47-FC4EDAFFF3C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "4AA4D367-32B9-4F54-8352-A959F61A1FDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "2259FF9E-0C8B-440F-B1AC-51BDE3F60E68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C522B55-904D-4C08-B73E-1457D877C0AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "4483056A-FBF3-4E00-81EB-1E97334EF240",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.43:*:*:*:*:*:*:*",
              "matchCriteriaId": "48677330-06AB-4C7F-B2AD-F7E465A9632A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.44:*:*:*:*:*:*:*",
              "matchCriteriaId": "7AEA80D2-5DB8-4334-9A88-7DDE395832C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.45:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB1C38A5-1028-4AD3-8CC7-A00091091E76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C50642A-B123-4503-9EBB-32CDB67E44D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "39B646DA-3317-4285-9CB3-1D90B8F54266",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "97AC204B-9376-4760-8EF7-58F6EC68C936",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "75846B12-CC4D-4277-B12D-2C2D0DF1C706",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "289317DE-77AB-48AF-8CF2-00E9EB85F364",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC44F77D-C48E-46DA-B7B7-9D772D043B4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6445101B-54E3-4511-9D45-001CBE70203A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA4A0F4E-1330-456C-8C5E-C9F76BAF651F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "F181EF65-D795-4ABB-B464-40B24B29ECA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "C49A0CF5-EF87-4228-8B88-859A1E1AB7B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2CC4146-D447-4E5A-8CBB-60664CDE05BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.27:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF1150A5-B314-4798-BE10-25E6F979ADA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.32:*:*:*:*:*:*:*",
              "matchCriteriaId": "44FC4B71-584F-444F-957C-99E045AA4140",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.36:*:*:*:*:*:*:*",
              "matchCriteriaId": "E25FBC5B-3FD8-461A-99DE-4120D62CA914",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1608733-4D00-4169-AAA2-2ACB7DCE01E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.47:*:*:*:*:*:*:*",
              "matchCriteriaId": "390781EE-6B38-4C25-9BBC-10D67F858678",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.50:*:*:*:*:*:*:*",
              "matchCriteriaId": "332C4752-27EA-43ED-A42D-9C0E250C2F15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.52:*:*:*:*:*:*:*",
              "matchCriteriaId": "A29D95A7-C9FB-424C-90E4-1D2F0FB27917",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.56:*:*:*:*:*:*:*",
              "matchCriteriaId": "16C3345B-61DA-4565-80DC-7C0645E076D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.59:*:*:*:*:*:*:*",
              "matchCriteriaId": "547BBEE2-E4C8-43C7-B0CB-A40DBF0457AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.61:*:*:*:*:*:*:*",
              "matchCriteriaId": "86F29A49-1E28-4483-BE05-6409DFBF6FC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.66:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD0E70B2-E401-4F27-9033-5061BD8BA3D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.67:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5D43506-BB40-4490-A3D0-D4B56D01F931",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.74:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6F94E7F-2455-4C23-B055-3C759571D986",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.80:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B3FB946-FEC6-42F8-AFC3-40F581F7126B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.83:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A6CF74B-A6AC-4081-BA20-AB1C7DCF8850",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.85:*:*:*:*:*:*:*",
              "matchCriteriaId": "6ED3B3FD-B44F-464B-9B4E-2650A62EEF3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "69289C72-01B5-4280-A382-665C1224C850",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.10.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A774BF55-3B8C-4E0A-BE73-93189E8E1CC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.10.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC46F5E6-5385-46A9-997B-ED543B71CE25",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.10.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F083BA6-04C8-44DF-8E3E-77C550F31C89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.10.1.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "C445E350-259B-41DB-BAFF-EB1B023C4648",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.10.1.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "E65D4505-C562-41C1-8CFE-1ABE807D83FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.10.1.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3F91FE1-433C-4263-AA0C-1EB5166B07D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.10.1.27:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF4E6F0E-1729-4EFD-9B4B-76A39F1B7ABF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.10.1.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D1A5740-7C1A-45D7-8767-5C50E09F2268",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.10.1.32:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA9D78E4-EFEB-4D2F-989C-CB976E1B5C91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.10.1.37:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1B8ADDF-2845-4F6D-8920-A4909150927C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.10.1.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "B422EED4-C9AA-411A-8203-270862FFFFA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.10.1.42:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF1F99D0-F529-44DE-BB26-2279688DFCCA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.10.1.44:*:*:*:*:*:*:*",
              "matchCriteriaId": "46CE7CFE-6DAB-47D5-87EB-9607BBD41E1F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F002FD55-F881-450E-BC1B-8073E188F47E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA940C4F-13BB-465F-BB8D-CBD0109BF012",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B0434F5-9A50-4B57-9C5B-E09415D098C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE727035-06CB-4E37-A9D2-96BD54502120",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FE52B81-2CF8-48E5-A7BA-A163A25A669B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8E8D7C9-5272-40E6-869B-B33959F9F0CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE8D5D71-5C85-4644-8A84-F073549ADB50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "0790DDC2-7BA0-42DC-A157-754C0CBBE178",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "882394EA-70C8-4D86-9AEF-5D273D8E518C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "855AD3CC-F404-48C5-80D2-7F2765D16D72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "26B6BF72-9124-4213-B3C0-BD31B46E8C91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE8FBE89-8FDA-4B9B-BA1A-90FFD482A585",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "149C3872-8DA9-48DD-ADD0-2E84C1A76A40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2D33E8C-294A-4C43-8DB6-9DA9F61F0B3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E23ACB0-DF8B-4672-A819-4DCD3104CE4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4723B88-62BA-40E6-AA89-BAC02D6A036F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C698819-3C8E-4A16-8F52-42FF1E54C076",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D3CE74E-59E7-448A-8417-18F97C05C798",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "0986C171-0E75-4F6F-A9BD-276830104E5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "66A2777A-7831-4324-AEB2-5D93B5F6C04B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "37045680-9189-4B7F-A4F7-4E682FE20A09",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6C9F37B-CF3C-4861-A969-C7CF4946274A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A1DAF21-3FED-4691-9D4C-8FD8CEA7FB3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB938E58-4963-4A31-8836-88E958592B30",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E317897-EE97-44F3-96BB-E54228D72A7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EF7FAB2-158D-4C48-9246-E7AD3BF1D801",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.37:*:*:*:*:*:*:*",
              "matchCriteriaId": "056D43AE-ECDB-40D2-A196-18DDCD02629E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.38:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3E555F3-3580-4D71-8D8D-92FE72763D62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "93013503-8B9A-4160-AF7E-277958FA6E9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.13.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D9AE545-A469-41C7-BD95-3CC80AF8067B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.13.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3255DB9E-85A5-48ED-90AA-6A7A55A0B1F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.13.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "02B6C9A0-B941-4C7C-BFE9-F1D837D5ADBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.13.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "77E783FD-5D4B-4C4F-BBFE-1186EFDFEF3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.13.1.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "40145CFB-CEE8-4ABA-A9C2-BA262B7A9AEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.13.1.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "23C82327-5362-4876-8058-EB51030CD5DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.13.1.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C700CC9-E16F-4C05-915D-1CA39257ACCB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.13.1.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "3ABDBB94-BA4F-4991-A703-0D7DDF999CBF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.13.1.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "D59B6947-1953-4C86-A76C-7A881CD3A502",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "52D83C3A-ED0B-42D5-A08A-97D27E189875",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "A649E319-D408-4AA2-8293-C9E37AF14BA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4187EFE-4D7E-4493-A6E0-24C98256CF79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "6730194F-5069-40AB-AE66-871D3992560C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E257F98-D1A0-4D28-9504-1749CC090D49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FF1A5FC-73BE-4218-86D9-2E81FA64EABD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E492943-6EC0-4E34-9DBC-DD1C2CF1CDCC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "589E46F3-8038-4B87-8C40-55C6268B82F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F3B73F6-139E-42DC-B895-DDD17B5A1138",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A2590E7-FE04-4B29-B36B-AABAA5F3B9AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E4FD5E3-7E82-4294-8B05-D2045D857029",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E998A4A-5346-4CFA-A617-FD1106C6B7A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "91265549-A16E-4A00-A031-4F1EB8D6881C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA3C316B-5485-4CDD-A1A1-6C0A9CB4719F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECE6D033-7B8B-4F61-B653-0C0EF13466EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "14441650-DAD5-4959-83DF-4D6F3D6A05FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B21ABC9-A64B-43E4-8951-1E6C0F427DBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "A48EC041-322F-422D-B95B-0FC07BDA2B6B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE0D50C0-DADB-4747-8649-8A5257111FE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEE2699F-353F-44CB-A778-981783DDC31F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA0B9B73-A9E6-4924-9EAE-B57E534938FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "012812C4-EFF8-465F-A771-134BEB617CC9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "E06141A9-8C37-445A-B58A-45739AFE7D4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "7EDC09E5-51D3-4672-B910-B34A9CBD6128",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "71ED7A71-81CB-444C-A4ED-EA4A58D5E73C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "CAD13331-0EB8-4C8D-85CC-D96CA9F829AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "7137F22B-F993-4620-9378-9412DAEA9EF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "923A40E8-6456-4288-B9AB-DBF5F9C4246A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "13F57A86-6284-4269-823E-B30C57185D14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.1.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6560447-039C-40FA-A24D-C8994AC2743B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "378ED826-F5FE-40BA-9FC0-9C185A13518B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "130B6FD9-764D-4EF8-91AA-37E52AE9B3E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "225861CE-FFF8-4AFA-A07B-CB8D5BC9C361",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD08C4E8-3ADB-4048-9B3C-4F0385201523",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4875811-F209-49ED-B310-8377B2F87FF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "99C52C7B-B626-4A3C-A2EC-28A20E7FA95F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "27ACBA2A-87A7-4836-A474-AFD7D22F820D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "C73E0B2E-BABF-4998-A1D7-4E803F9D78AD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "61FB47CF-2A6A-4121-BFF7-5862E163B8E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE8390C-87EB-4170-8B7D-8F212C89296D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9873ABAC-9A3D-40E1-B7FF-F2AB74F82C22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEB8D76B-A9D6-4B94-AB94-1080872DE4D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "B77F521E-640D-4A79-A0B3-B6F9D6453A68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C6F9B4F-2837-4034-B45C-C131303FF06B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.1.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A2FF9AC-185F-4E63-A152-DAD6340A5B9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.1.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D669C54-77A2-41BC-A193-A847037FC606",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1DC52A8B-7DF4-47B2-9F49-627F59656E5E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "445CC2C4-EAD4-43C4-ACD9-559B9022DD24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "01C9D2DC-17CE-499D-ACF3-BBA75E7AEEE5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDFF1182-CE28-4C2E-B849-0D4CEB6C7511",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6CD85DB4-0105-4A8C-8CAA-AFB4F5DEBE10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEC6744D-67DF-4867-9B7A-7F4F28E9061F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "58F5570C-EC63-4F1E-AEC8-F624C46C136C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD48BE40-C647-429A-81B6-59E125BBE415",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "42496A5B-1644-4088-BBCF-2ED810A5694B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C05B06B5-C906-4DE8-BA56-9A11002EE1F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6523CD09-7610-4D0E-8585-B7CA82DACDA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8F54502-F1AC-4898-85F0-915BABD26D75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "117E2988-45C9-4F68-8C92-1356E0293E77",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE490473-C9A4-44AD-9AF1-23D3B72D49D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D726F07-06F1-4B0A-B010-E607E0C2A280",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FAD2427-82A3-4E64-ADB5-FA4F40B568F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "08D5A647-AC21-40AC-8B3C-EE5D3EDA038A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BAE999A-5244-46CF-8C12-D68E789BDEE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6468D3D-C5A7-4FAE-B4B9-AD862CD11055",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6E4808D-592E-46A6-A83A-A46227D817B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AB45136-ACCD-4230-8975-0EBB30D5B375",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2C39AC1-1B96-4253-9FC8-4CC26D6261F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE9102C8-F211-4E50-967F-FD51C7FC904F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4933642-89E5-4909-AD3C-862CD3B77790",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9A6C776-79B3-47ED-B013-100B8F08E1C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "E504F28A-44CE-4B3E-9330-6A98728E3AEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEA0DD43-D206-4C1C-8B17-DA47F96B3BAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "1983172D-4F52-479F-BF14-A84B92D36864",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "4122D982-A57A-4249-A8DC-CE9FC6C98803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "96464380-F665-4266-B0AD-693E078C9F82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C230B8A-570D-4F58-83E1-AFA50B813EA4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD3F39CB-C4C2-4B13-94F0-9E44322314BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "59A71873-0EB2-418F-AE33-8474A1010FA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3ED58B0E-FCC7-48E3-A5C0-6CC54A38BAE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3D4DAC2-D22A-495B-A6FD-D683B9295FFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.3.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBE5CF6D-C8EF-4B89-BC42-6E6873FB6A84",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.3.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBD703E2-54B0-4403-8C5C-70E02738C444",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.3.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C08950D-4785-434E-8537-00C212DC6DCD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.3.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB81CA22-3E98-41A0-8646-7B6F787D56C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2DF0B07-8C2A-4341-8AFF-DE7E5E5B3A43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E6BD0EE-649E-4ED6-A09C-8364335DEF52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AE11554-FE3C-4C8B-8986-5D88E4967342",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1C11983-22A8-4859-A240-571A7815FF54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "24CD0B0A-2B91-45DD-9522-8D1D3850CC9B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7026F0E-72A7-4CDF-BADC-E34FE6FADC51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "63B85369-FBAE-456C-BC99-5418B043688A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "86434346-D5F0-49BA-803E-244C3266E361",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2FA7B3C-002D-4755-B323-CA24B770A5B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1CB7EBC-F3D5-4855-A8D8-BA5AB21FD719",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2A5530C-DF29-421B-9712-3454C1769446",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "41170977-FEEA-4B51-BF98-8493096CD691",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "B05791F9-0B31-4C4C-A9BA-9268CAA45FB2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D975CBA-7F01-4A4C-991B-9571410C4F07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6D7AF29-4E08-4BFD-AFE0-994309E66F08",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "41E168ED-D664-4749-805E-77644407EAFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABE3433E-529B-4CEA-9810-2A68C8A97643",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.5.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F297A5CF-AF50-4F8B-B89F-8453A323AA1D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.5.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5609F866-4665-4D1A-9706-8D2EE9EB4CA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.5.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD9E1C43-6634-43FF-96DC-8D89E3DE9908",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.5.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C813F1E-B4E7-4B5E-B89F-65170D2B272D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCD69468-8067-4A5D-B2B0-EC510D889AA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "20AE4051-FA3B-4F0B-BD3D-083A14269FF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "46A42D07-FF3E-41B4-BA39-3A5BDA4E0E61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3985EA37-2B77-45F2-ABA5-5CCC7B35CA2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "67FB5ABE-3C40-4C58-B91F-0621C2180FAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "53909FD6-EC74-4D2F-99DA-26E70400B53F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "55FE024D-0D43-40AD-9645-8C54ECF17824",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC411A8D-CD39-46F5-B8FC-6753E618FAEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "85F22403-B4EE-4303-9C94-915D3E0AC944",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "828E3DE1-B62E-4FEC-AAD3-EB0E452C9CBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "596EC5DD-D7F4-44C8-B4B5-E2DC142FC486",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C356E0E6-5B87-40CF-996E-6FFEDFD82A31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBCA75A6-0A3E-4393-8884-9F3CE190641E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F3C12D3-7662-46C5-9E88-D1BE6CF605E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "046B53A0-6BC1-461A-9C28-C534CE12C4BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA889E1-4E8F-4ECE-88AC-7A240D5CBF0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D619BF54-1BA9-45D0-A876-92D7010088A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "469EA365-DED5-4436-AAC2-5553529DE700",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D94F400-5A35-41F5-B37F-E9DA6F87ED8E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the authentication and authorization flows for VPN connections in Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to establish a connection as a different user.\r\n\r This vulnerability is due to a flaw in the authorization verifications during the VPN authentication flow. An attacker could exploit this vulnerability by sending a crafted packet during a VPN authentication. The attacker must have valid credentials to establish a VPN connection. A successful exploit could allow the attacker to establish a VPN connection with access privileges from a different user."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en los flujos de autenticaci\u00f3n y autorizaci\u00f3n para conexiones VPN en el software Cisco Adaptive Security Appliance (ASA) y el software Firepower Threat Defense (FTD) podr\u00eda permitir que un atacante remoto no autenticado establezca una conexi\u00f3n como un usuario diferente. Esta vulnerabilidad se debe a una falla en las verificaciones de autorizaci\u00f3n durante el flujo de autenticaci\u00f3n de VPN. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando un paquete manipulado durante una autenticaci\u00f3n VPN. El atacante debe tener credenciales v\u00e1lidas para establecer una conexi\u00f3n VPN. Un exploit exitoso podr\u00eda permitir al atacante establecer una conexi\u00f3n VPN con privilegios de acceso de un usuario diferente."
    }
  ],
  "id": "CVE-2022-20928",
  "lastModified": "2024-11-21T06:43:50.513",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-11-15T21:15:32.720",
  "references": [
    {
      "source": "psirt@cisco.com",
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-vp-authz-N2GckjN6"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-vp-authz-N2GckjN6"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-863"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-863"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2022-11-15 21:15

Modified

2024-11-21 06:43

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

A vulnerability in the generic routing encapsulation (GRE) tunnel decapsulation feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to a memory handling error that occurs when GRE traffic is processed. An attacker could exploit this vulnerability by sending a crafted GRE payload through an affected device. A successful exploit could allow the attacker to cause the device to restart, resulting in a DoS condition. https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-gre-dos-hmedHQPM ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-gre-dos-hmedHQPM"] This advisory is part of the November 2022 release of the Cisco ASA, FTD, and FMC Security Advisory Bundled publication.

References

▼	URL	Tags
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-gre-dos-hmedHQPM
	af854a3a-2127-422b-91ae-364da2661108	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-gre-dos-hmedHQPM

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	7.1.0.0
cisco	firepower_threat_defense	7.1.0.1
cisco	firepower_threat_defense	7.1.0.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDE0C110-518D-4E51-BCEB-F4E9FC448278",
              "versionEndIncluding": "6.3.0.5",
              "versionStartIncluding": "6.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "874E0E13-4A9E-4296-BEE6-F5B1077411A0",
              "versionEndIncluding": "6.4.0.15",
              "versionStartIncluding": "6.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "171E1C5D-68C5-4BBC-AE18-D1518A1B7277",
              "versionEndIncluding": "6.5.0.5",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6362D78F-F131-46E4-8F0E-C7F218500017",
              "versionEndIncluding": "6.6.5.2",
              "versionStartIncluding": "6.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1110632C-526F-4025-A7BE-0CF9F37E5F9E",
              "versionEndIncluding": "6.7.0.3",
              "versionStartIncluding": "6.7.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "89DFD86B-768D-4301-92DB-B73C14255123",
              "versionEndIncluding": "7.0.3",
              "versionStartIncluding": "7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7533780-0DF9-41BE-8455-F60676785689",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "469EA365-DED5-4436-AAC2-5553529DE700",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D94F400-5A35-41F5-B37F-E9DA6F87ED8E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the generic routing encapsulation (GRE) tunnel decapsulation feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\r\n\r This vulnerability is due to a memory handling error that occurs when GRE traffic is processed. An attacker could exploit this vulnerability by sending a crafted GRE payload through an affected device. A successful exploit could allow the attacker to cause the device to restart, resulting in a DoS condition.\r\n\r    \r\n\r  https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-gre-dos-hmedHQPM [\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-gre-dos-hmedHQPM\"]\r\n\r \r This advisory is part of the November 2022 release of the Cisco ASA, FTD, and FMC Security Advisory Bundled publication."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la funci\u00f3n de decapsulaci\u00f3n de t\u00fanel de Generic Routing Encapsulation (GRE) del software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir que un atacante remoto no autenticado cause una condici\u00f3n de Denegaci\u00f3n de Servicio (DoS) en un dispositivo afectado. Esta vulnerabilidad se debe a un error de manejo de memoria que ocurre cuando se procesa el tr\u00e1fico GRE. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando un payload GRE manipulado a trav\u00e9s de un dispositivo afectado. Un exploit exitoso podr\u00eda permitir que el atacante reinicie el dispositivo, lo que provocar\u00eda una condici\u00f3n DoS. \nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-gre-dos-hmedHQPM \nEste aviso es parte de la versi\u00f3n de noviembre de 2022 de la publicaci\u00f3n del Security Advisory Bundled de Cisco ASA, FTD y FMC."
    }
  ],
  "id": "CVE-2022-20946",
  "lastModified": "2024-11-21T06:43:52.687",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-11-15T21:15:35.317",
  "references": [
    {
      "source": "psirt@cisco.com",
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-gre-dos-hmedHQPM"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-gre-dos-hmedHQPM"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-122"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-05-06 17:15

Modified

2024-11-21 05:30

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

A vulnerability in the packet processing functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to inefficient memory management. An attacker could exploit this vulnerability by sending a high rate of IPv4 or IPv6 traffic through an affected device. This traffic would need to match a configured block action in an access control policy. An exploit could allow the attacker to cause a memory exhaustion condition on the affected device, which would result in a DoS for traffic transiting the device, as well as sluggish performance of the management interface. Once the flood is stopped, performance should return to previous states.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-N2vQZASR	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-N2vQZASR	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	asa_5505_firmware	9.10\(1.3\)
cisco	asa_5505	-
cisco	asa_5510_firmware	9.10\(1.3\)
cisco	asa_5510	-
cisco	asa_5512-x_firmware	9.10\(1.3\)
cisco	asa_5512-x	-
cisco	asa_5515-x_firmware	9.10\(1.3\)
cisco	asa_5515-x	-
cisco	asa_5520_firmware	9.10\(1.3\)
cisco	asa_5520	-
cisco	asa_5525-x_firmware	9.10\(1.3\)
cisco	asa_5525-x	-
cisco	asa_5540_firmware	9.10\(1.3\)
cisco	asa_5540	-
cisco	asa_5545-x_firmware	9.10\(1.3\)
cisco	asa_5545-x	-
cisco	asa_5550_firmware	9.10\(1.3\)
cisco	asa_5550	-
cisco	asa_5555-x_firmware	9.10\(1.3\)
cisco	asa_5555-x	-
cisco	asa_5580_firmware	9.10\(1.3\)
cisco	asa_5580	-
cisco	asa_5585-x_firmware	9.10\(1.3\)
cisco	asa_5585-x	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4B2E5D3-ED34-4A7E-BD8F-8492B6737677",
              "versionEndExcluding": "6.2.3.16",
              "versionStartIncluding": "6.2.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D27DE97-510A-4761-8184-6940745B54E2",
              "versionEndExcluding": "6.3.0.6",
              "versionStartIncluding": "6.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "06741056-2BFD-4F88-917A-F581F813B69E",
              "versionEndExcluding": "6.4.0.9",
              "versionStartIncluding": "6.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5505_firmware:9.10\\(1.3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "DEC2BDDE-4CBD-43C8-BFD9-DD2BE6A20E91",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E6A8BB7-2000-4CA2-9DD7-89573CE4C73A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5510_firmware:9.10\\(1.3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "FC8EC7CF-6207-4A2E-89CE-13A0B2E4BC36",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B091B9BA-D4CA-435B-8D66-602B45F0E0BD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5512-x_firmware:9.10\\(1.3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "1B2408C9-AAE7-48D2-ACEC-1BEE95AC95F9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08F0F160-DAD2-48D4-B7B2-4818B2526F35",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5515-x_firmware:9.10\\(1.3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "EAB0DFDC-3111-44BE-ADCC-4F3B984AADB2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "977D597B-F6DE-4438-AB02-06BE64D71EBE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5520_firmware:9.10\\(1.3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "B94CB6D9-39AA-4EA6-AC1E-2A2B26828AC7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5520:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B387F62-6341-434D-903F-9B72E7F84ECB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5525-x_firmware:9.10\\(1.3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "BEF25129-A5FE-4B05-BE69-F3D35F7A9F7C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB71EB29-0115-4307-A9F7-262394FD9FB0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5540_firmware:9.10\\(1.3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "C4AD2A96-FF85-4BFD-8B3E-AD2D5D51A6CA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5540:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C5A524-E1D9-480F-B655-0680AA5BF720",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5545-x_firmware:9.10\\(1.3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "DF9159BA-CBE1-43F4-864C-3CF0B8AE8260",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5545-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57179F60-E330-4FF0-9664-B1E4637FF210",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5550_firmware:9.10\\(1.3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "9FB38210-78F2-4414-A4A5-E885F3C9057B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5550:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6287D95-F564-44B7-A0F9-91396D7C2C4E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5555-x_firmware:9.10\\(1.3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "E7F69272-B20B-4467-AA04-3C47AF2C1F58",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5535C936-391B-4619-AA03-B35265FC15D7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5580_firmware:9.10\\(1.3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "63EB7842-7311-4868-906C-13173E6F0149",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1E828B8-5ECC-4A09-B2AD-DEDC558713DE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5585-x_firmware:9.10\\(1.3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "37C822CE-5DCB-4E71-8876-CCC5DC664DAD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16AE20C2-C77E-4E04-BF13-A48696E52426",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the packet processing functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to inefficient memory management. An attacker could exploit this vulnerability by sending a high rate of IPv4 or IPv6 traffic through an affected device. This traffic would need to match a configured block action in an access control policy. An exploit could allow the attacker to cause a memory exhaustion condition on the affected device, which would result in a DoS for traffic transiting the device, as well as sluggish performance of the management interface. Once the flood is stopped, performance should return to previous states."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la funcionalidad de procesamiento de paquetes del Cisco Firepower Threat Defense (FTD) Software, podr\u00eda permitir a un atacante remoto no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) sobre un dispositivo afectado. La vulnerabilidad es debido a una administraci\u00f3n ineficiente de la memoria. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de una alta tasa de tr\u00e1fico IPv4 o IPv6 a trav\u00e9s de un dispositivo afectado. Este tr\u00e1fico necesitar\u00eda coincidir con una acci\u00f3n de bloqueo configurada en una pol\u00edtica de control de acceso. Una explotaci\u00f3n podr\u00eda permitir a un atacante causar una condici\u00f3n de agotamiento de la memoria en el dispositivo afectado, lo que resultar\u00eda en una DoS para el tr\u00e1fico que transita el dispositivo, as\u00ed como un rendimiento lento de la interfaz de administraci\u00f3n. Una vez que se detiene la inundaci\u00f3n, el rendimiento debe volver a los estados anteriores."
    }
  ],
  "id": "CVE-2020-3255",
  "lastModified": "2024-11-21T05:30:40.023",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-05-06T17:15:12.667",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-N2vQZASR"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-N2vQZASR"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-10-21 19:15

Modified

2025-02-24 15:36

Severity ?

6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Summary

Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the web services interface of an affected device. The vulnerabilities are due to insufficient validation of user-supplied input by the web services interface of an affected device. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive, browser-based information. Note: These vulnerabilities affect only specific AnyConnect and WebVPN configurations. For more information, see the Vulnerable Products section.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-xss-multiple-FCB3vPZe	Patch, Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-xss-multiple-FCB3vPZe	Patch, Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*

JSON

To clipboard

{
  "cisaActionDue": "2022-05-03",
  "cisaExploitAdd": "2021-11-03",
  "cisaRequiredAction": "Apply updates per vendor instructions.",
  "cisaVulnerabilityName": "Cisco ASA and FTD Cross-Site Scripting (XSS) Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2449A498-7072-4C05-8BA9-614A950B3C3E",
              "versionEndExcluding": "6.4.0.12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3DA331CB-9D54-47F9-B48A-36268278C2EE",
              "versionEndExcluding": "6.6.4",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "05A1A309-650A-4E6C-AFCE-CD0FB62492D6",
              "versionEndExcluding": "6.7.0.2",
              "versionStartIncluding": "6.7.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0362F9B-B1B5-405A-A984-09B29B173888",
              "versionEndExcluding": "9.8.4.34",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A9BFFBC-F577-47CD-83E8-A6227B17D557",
              "versionEndExcluding": "9.9.2.85",
              "versionStartIncluding": "9.9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C70E158-4028-4CA4-91CB-22E549CFBC07",
              "versionEndExcluding": "9.12.4.13",
              "versionStartIncluding": "9.10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B74C14F-C95B-4AF5-A255-1CA824AA7FDE",
              "versionEndExcluding": "9.13.1.21",
              "versionStartIncluding": "9.13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "282F4D3B-CCBB-484E-BDEE-C316637E2F21",
              "versionEndExcluding": "9.14.2.8",
              "versionStartIncluding": "9.14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D2794F2-BC8F-42CC-910A-203BE7B3475F",
              "versionEndExcluding": "9.15.1.15",
              "versionStartIncluding": "9.15",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the web services interface of an affected device. The vulnerabilities are due to insufficient validation of user-supplied input by the web services interface of an affected device. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive, browser-based information. Note: These vulnerabilities affect only specific AnyConnect and WebVPN configurations. For more information, see the Vulnerable Products section."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades en la interfaz de servicios web de Cisco Adaptive Security Appliance (ASA) Software y Cisco Firepower Threat Defense (FTD) Software, podr\u00edan permitir a un atacante remoto no autenticado conducir ataques de tipo cross-site scripting (XSS) contra un usuario de la interfaz de servicios web de un dispositivo afectado.\u0026#xa0;Las vulnerabilidades son debido a una comprobaci\u00f3n insuficiente de la entrada suministrada por el usuario mediante la interfaz de servicios web de un dispositivo afectado.\u0026#xa0;Un atacante podr\u00eda explotar estas vulnerabilidades al persuadir a un usuario de la interfaz para que haga clic en un enlace dise\u00f1ado.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir a un atacante ejecutar un c\u00f3digo script arbitrario en el contexto de la interfaz o permitir a un atacante acceder a informaci\u00f3n confidencial basada en el navegador.\u0026#xa0;Nota: Estas vulnerabilidades afectan solo a configuraciones espec\u00edficas de AnyConnect y WebVPN.\u0026#xa0;Para m\u00e1s informaci\u00f3n, consulte la secci\u00f3n Vulnerable Products"
    }
  ],
  "id": "CVE-2020-3580",
  "lastModified": "2025-02-24T15:36:35.007",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 2.6,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 4.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.1,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 2.7,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.1,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 2.7,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-10-21T19:15:18.607",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-xss-multiple-FCB3vPZe"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-xss-multiple-FCB3vPZe"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2025-09-25 16:15

Modified

2025-09-26 14:08

Severity ?

9.9 (Critical) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Summary

A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to improper validation of user-supplied input in HTTP(S) requests. An attacker with valid VPN user credentials could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as root, possibly resulting in the complete compromise of the affected device.

References

▼	URL	Tags
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-webvpn-z5xP8EUB	Vendor Advisory
	134c704f-9b21-4f2e-91b3-4a467353bcc0	https://sec.cloudapps.cisco.com/security/center/resources/asa_ftd_continued_attacks	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	7.6.0

JSON

To clipboard

{
  "cisaActionDue": "2025-09-26",
  "cisaExploitAdd": "2025-09-25",
  "cisaRequiredAction": "The KEV due date refers to the deadline by which FCEB agencies are expected to review and begin implementing the guidance outlined in Emergency Directive (ED) 25-03 (URL listed below in Notes). Agencies must follow the mitigation steps provided by CISA (URL listed below in Notes) and vendor\u2019s instructions (URL listed below in Notes). Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available.",
  "cisaVulnerabilityName": "Cisco Secure Firewall Adaptive Security Appliance (ASA) and Secure Firewall Threat Defense (FTD) Buffer Overflow Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "775B3D5F-25D3-4B1C-9BA2-985263A6CE83",
              "versionEndExcluding": "9.12.4.72",
              "versionStartIncluding": "9.12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9AD381CE-3B2E-4633-AA43-7A82BA7D39CF",
              "versionEndExcluding": "9.14.4.28",
              "versionStartIncluding": "9.14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8D232A4-8AB6-4B7B-A603-4F31B8BAE40C",
              "versionEndExcluding": "9.16.4.85",
              "versionStartIncluding": "9.16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA289FE8-F22B-4709-8BD9-5C3774922491",
              "versionEndExcluding": "9.17.1.45",
              "versionStartIncluding": "9.17.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "80858CAB-E722-4B07-B7FB-56B31D49DD56",
              "versionEndExcluding": "9.18.4.47",
              "versionStartIncluding": "9.18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE2128F5-BE28-4EE8-ACA7-E4691BF0058A",
              "versionEndExcluding": "9.19.1.37",
              "versionStartIncluding": "9.19",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1B37E40-EB7C-4587-9AA8-9C47BA04AE0D",
              "versionEndExcluding": "9.20.3.7",
              "versionStartIncluding": "9.20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6526ADF9-BA83-451B-8331-B15877954F77",
              "versionEndExcluding": "9.22.1.3",
              "versionStartIncluding": "9.22",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DAC10ECF-61D6-495F-9377-FE4DF6CF02FC",
              "versionEndExcluding": "7.0.8.1",
              "versionStartIncluding": "7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3A6C96B-2873-4F94-B136-E5F6436DE16F",
              "versionEndExcluding": "7.2.9",
              "versionStartIncluding": "7.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C63DAB4E-72E6-4016-B665-9957A69F49F1",
              "versionEndExcluding": "7.4.2.4",
              "versionStartIncluding": "7.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "76B73F03-93B6-48C3-BF97-FEAF26895A2D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, remote attacker to execute arbitrary code on an affected device.\r\n\r This vulnerability is due to improper validation of user-supplied input in HTTP(S) requests. An attacker with valid VPN user credentials could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as root, possibly resulting in the complete compromise of the affected device."
    }
  ],
  "id": "CVE-2025-20333",
  "lastModified": "2025-09-26T14:08:43.430",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.9,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.1,
        "impactScore": 6.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-09-25T16:15:32.073",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-webvpn-z5xP8EUB"
    },
    {
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/resources/asa_ftd_continued_attacks"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-120"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2019-05-03 15:29

Modified

2024-11-21 03:50

Severity ?

8.6 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

A vulnerability in the TCP ingress handler for the data interfaces that are configured with management access to Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an increase in CPU and memory usage, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient ingress TCP rate limiting for TCP ports 22 (SSH) and 443 (HTTPS). An attacker could exploit this vulnerability by sending a crafted, steady stream of TCP traffic to port 22 or 443 on the data interfaces that are configured with management access to the affected device.

References

URL	Tags
psirt@cisco.com	http://www.securityfocus.com/bid/108178
psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-firepower-dos	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/108178
af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-firepower-dos	Vendor Advisory

Impacted products

	Vendor	Product	Version
	cisco	firepower_threat_defense	*
	cisco	firepower_threat_defense	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "15251834-D900-42F9-AC0B-4167CE851116",
              "versionEndExcluding": "6.2.3.12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A16803C-579C-4992-B37E-7CEC17307659",
              "versionEndExcluding": "6.3.0.3",
              "versionStartIncluding": "6.3.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the TCP ingress handler for the data interfaces that are configured with management access to Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an increase in CPU and memory usage, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient ingress TCP rate limiting for TCP ports 22 (SSH) and 443 (HTTPS). An attacker could exploit this vulnerability by sending a crafted, steady stream of TCP traffic to port 22 or 443 on the data interfaces that are configured with management access to the affected device."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el controlador de ingreso de TCP para las interfaces de datos que est\u00e1n configuradas con acceso de administraci\u00f3n al programa Cisco Firepower Threat Defense (FTD) podr\u00eda permitir que un atacante remoto no autenticado provoque un aumento en el uso de la CPU y la memoria, dando como resultado una denegaci\u00f3n de servicio( DoS) condici\u00f3n. La vulnerabilidad se debe a una limitaci\u00f3n de la tasa de TCP de ingreso insuficiente para los puertos TCP 22 (SSH) y 443 (HTTPS). Un atacante podr\u00eda atacar esta vulnerabilidad enviando un flujo de tr\u00e1fico TCP continuo y creado al puerto 22 o 443 en las interfaces de datos que est\u00e1n configuradas con acceso de administraci\u00f3n al dispositivo afectado."
    }
  ],
  "id": "CVE-2018-15462",
  "lastModified": "2024-11-21T03:50:51.507",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-05-03T15:29:00.290",
  "references": [
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securityfocus.com/bid/108178"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-firepower-dos"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/108178"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-firepower-dos"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-770"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-10-21 19:15

Modified

2024-11-26 16:09

Severity ?

8.2 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Summary

A vulnerability in the multi-instance feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to escape the container for their Cisco FTD instance and execute commands with root privileges in the host namespace. The attacker must have valid credentials on the device.The vulnerability exists because a configuration file that is used at container startup has insufficient protections. An attacker could exploit this vulnerability by modifying a specific container configuration file on the underlying file system. A successful exploit could allow the attacker to execute commands with root privileges within the host namespace. This could allow the attacker to impact other running Cisco FTD instances or the host Cisco FXOS device.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-container-esc-FmYqFBQV	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-container-esc-FmYqFBQV	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	6.6.0
cisco	secure_firewall_management_center	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D27DE97-510A-4761-8184-6940745B54E2",
              "versionEndExcluding": "6.3.0.6",
              "versionStartIncluding": "6.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "53C69C8B-5A19-4613-8861-683CF21806B7",
              "versionEndExcluding": "6.4.0.10",
              "versionStartIncluding": "6.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3ED0E59C-146C-494F-AD46-F6FB43F9C575",
              "versionEndExcluding": "6.5.0.5",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCD69468-8067-4A5D-B2B0-EC510D889AA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "49ED2A60-CA5B-4AE7-A45B-8444353C753A",
              "versionEndExcluding": "6.6.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the multi-instance feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to escape the container for their Cisco FTD instance and execute commands with root privileges in the host namespace. The attacker must have valid credentials on the device.The vulnerability exists because a configuration file that is used at container startup has insufficient protections. An attacker could exploit this vulnerability by modifying a specific container configuration file on the underlying file system. A successful exploit could allow the attacker to execute commands with root privileges within the host namespace. This could allow the attacker to impact other running Cisco FTD instances or the host Cisco FXOS device."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la funcionalidad multi-instance de Cisco Firepower Threat Defense (FTD) Software, podr\u00eda permitir a un atacante local autenticado escapar del contenedor para su instancia Cisco FTD y ejecutar comandos con privilegios root en el espacio de nombres del host.\u0026#xa0;El atacante debe tener credenciales v\u00e1lidas en el dispositivo. La vulnerabilidad se presenta porque un archivo de configuraci\u00f3n que es usado en el inicio del contenedor no posee protecciones suficientes.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad mediante la modificaci\u00f3n de un archivo de configuraci\u00f3n de contenedor espec\u00edfico en el sistema de archivos subyacente.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir a un atacante ejecutar comandos con privilegios root dentro del espacio de nombres del host.\u0026#xa0;Esto podr\u00eda permitir que el atacante afecte a otras instancias de Cisco FTD en ejecuci\u00f3n o al dispositivo host Cisco FXOS"
    }
  ],
  "id": "CVE-2020-3514",
  "lastModified": "2024-11-26T16:09:02.407",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 8.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.5,
        "impactScore": 6.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-10-21T19:15:16.717",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-container-esc-FmYqFBQV"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-container-esc-FmYqFBQV"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-216"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2022-01-11 19:15

Modified

2024-11-21 06:10

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. This vulnerability is due to improper input validation when parsing HTTPS requests. An attacker could exploit this vulnerability by sending a malicious HTTPS request to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asafdt-webvpn-dos-KSqJAKPA	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asafdt-webvpn-dos-KSqJAKPA	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	7.0.0
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "98DEDDAB-B8C5-4753-A208-94638E694FC1",
              "versionEndExcluding": "6.7.0.3",
              "versionStartIncluding": "6.7.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBCA75A6-0A3E-4393-8884-9F3CE190641E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE55D049-D331-45CF-B4CB-9519DCC48241",
              "versionEndExcluding": "9.15.1.17",
              "versionStartIncluding": "9.15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA33B7BB-2304-4445-BBA1-B80F8573A642",
              "versionEndExcluding": "9.16.2",
              "versionStartIncluding": "9.16",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. This vulnerability is due to improper input validation when parsing HTTPS requests. An attacker could exploit this vulnerability by sending a malicious HTTPS request to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la interfaz de servicios web del software Cisco Adaptive Security Appliance (ASA) y del software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir a un atacante remoto no autenticado desencadenar una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Esta vulnerabilidad es debido a una comprobaci\u00f3n inapropiada de entradas cuando son analizadas las peticiones HTTPS. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de una petici\u00f3n HTTPS maliciosa a un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar la recarga del dispositivo, resultando en una condici\u00f3n de DoS"
    }
  ],
  "id": "CVE-2021-34704",
  "lastModified": "2024-11-21T06:10:59.650",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-01-11T19:15:07.827",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asafdt-webvpn-dos-KSqJAKPA"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asafdt-webvpn-dos-KSqJAKPA"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-121"
        },
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2021-10-27 19:15

Modified

2024-11-26 16:09

Severity ?

6.8 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

Multiple Cisco products are affected by a vulnerability in the way the Snort detection engine processes ICMP traffic that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper memory resource management while the Snort detection engine is processing ICMP packets. An attacker could exploit this vulnerability by sending a series of ICMP packets through an affected device. A successful exploit could allow the attacker to exhaust resources on the affected device, causing the device to reload.

References

URL	Tags
psirt@cisco.com	https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html
psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-dos-s2R7W9UU	Vendor Advisory
psirt@cisco.com	https://www.debian.org/security/2023/dsa-5354
af854a3a-2127-422b-91ae-364da2661108	https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html
af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-dos-s2R7W9UU	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.debian.org/security/2023/dsa-5354

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	secure_firewall_management_center	2.9.14.0
cisco	secure_firewall_management_center	2.9.15
cisco	secure_firewall_management_center	2.9.16
cisco	secure_firewall_management_center	2.9.17
cisco	unified_threat_defense	*
cisco	unified_threat_defense	*
cisco	unified_threat_defense	*
snort	snort	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAE65CB5-08E5-41B6-9AC0-02451C90E833",
              "versionEndExcluding": "6.4.0.12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D042ED9F-3702-4959-AAA0-D98684EB4556",
              "versionEndExcluding": "6.6.3",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FDDF492B-BC61-4814-B05F-3F6CD07080F7",
              "versionEndExcluding": "6.7.0.2",
              "versionStartIncluding": "6.7.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:2.9.14.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2986D5BD-1936-41BD-A992-7672C019F27E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:2.9.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "42493B4F-0CF2-45F0-B72D-36F0597CC274",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:2.9.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "06F2E7D8-BB95-480D-AE3E-F9B97C3A5379",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:2.9.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F41C382-C849-465C-AF77-0A787CA03BA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "174C4020-E642-48F7-BCC5-884834D3EBBB",
              "versionEndExcluding": "16.12.6",
              "versionStartIncluding": "16.12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4521953-E027-498C-8484-A4E76A737347",
              "versionEndExcluding": "17.3.4a",
              "versionStartIncluding": "17.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3248706E-3F8C-4F74-900E-3302ACF2E716",
              "versionEndExcluding": "17.4.2",
              "versionStartIncluding": "17.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:snort:snort:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DEEA69A-4557-409E-A0EC-981F2C7C828A",
              "versionEndExcluding": "2.9.18",
              "versionStartIncluding": "2.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple Cisco products are affected by a vulnerability in the way the Snort detection engine processes ICMP traffic that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper memory resource management while the Snort detection engine is processing ICMP packets. An attacker could exploit this vulnerability by sending a series of ICMP packets through an affected device. A successful exploit could allow the attacker to exhaust resources on the affected device, causing the device to reload."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples productos de Cisco est\u00e1n afectados por una vulnerabilidad en la forma en que el motor de detecci\u00f3n Snort procesa el tr\u00e1fico ICMP que podr\u00eda permitir a un atacante remoto no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado. La vulnerabilidad es debido a una administraci\u00f3n inapropiada de los recursos de memoria mientras el motor de detecci\u00f3n Snort procesa paquetes ICMP. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de una serie de paquetes ICMP mediante un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante agotar los recursos del dispositivo afectado, causando la recarga del mismo"
    }
  ],
  "id": "CVE-2021-40114",
  "lastModified": "2024-11-26T16:09:02.407",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-10-27T19:15:08.667",
  "references": [
    {
      "source": "psirt@cisco.com",
      "url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-dos-s2R7W9UU"
    },
    {
      "source": "psirt@cisco.com",
      "url": "https://www.debian.org/security/2023/dsa-5354"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-dos-s2R7W9UU"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.debian.org/security/2023/dsa-5354"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-770"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-401"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2022-01-11 19:15

Modified

2024-11-21 05:44

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. This vulnerability is due to improper input validation when parsing HTTPS requests. An attacker could exploit this vulnerability by sending a malicious HTTPS request to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asafdt-webvpn-dos-KSqJAKPA	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asafdt-webvpn-dos-KSqJAKPA	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	7.0.0
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "713E8185-E75D-4470-9C6A-6021DF154897",
              "versionEndIncluding": "9.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2330600D-6AB1-4912-A595-2AE167853B93",
              "versionEndIncluding": "6.2.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "21EE9386-0DCF-4F04-A05D-387B83D668D0",
              "versionEndExcluding": "6.4.0.13",
              "versionStartIncluding": "6.2.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "18589C74-19D2-44F0-AF26-68910E26655D",
              "versionEndExcluding": "6.6.5",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "98DEDDAB-B8C5-4753-A208-94638E694FC1",
              "versionEndExcluding": "6.7.0.3",
              "versionStartIncluding": "6.7.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBCA75A6-0A3E-4393-8884-9F3CE190641E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "371C8F32-C2BB-49E2-A9AB-BEBCDB6709C1",
              "versionEndExcluding": "9.8.4.40",
              "versionStartIncluding": "9.8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9138F19B-2402-4A19-B37E-2EDAE9EFF8EB",
              "versionEndExcluding": "9.12.4.26",
              "versionStartIncluding": "9.9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DBA21489-FED1-4FA7-B5DA-41ED129D716B",
              "versionEndExcluding": "9.14.3",
              "versionStartIncluding": "9.13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE55D049-D331-45CF-B4CB-9519DCC48241",
              "versionEndExcluding": "9.15.1.17",
              "versionStartIncluding": "9.15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A40C76E7-07C6-4DE4-9B7D-3D9726011AC3",
              "versionEndExcluding": "9.16.1.28",
              "versionStartIncluding": "9.16",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. This vulnerability is due to improper input validation when parsing HTTPS requests. An attacker could exploit this vulnerability by sending a malicious HTTPS request to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la interfaz de servicios web del software Cisco Adaptive Security Appliance (ASA) y del software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir a un atacante remoto no autenticado desencadenar una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Esta vulnerabilidad es debido a una comprobaci\u00f3n inapropiada de entradas cuando son analizadas las peticiones HTTPS. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de una petici\u00f3n HTTPS maliciosa a un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar que el dispositivo se recargue, resultando en una condici\u00f3n de DoS"
    }
  ],
  "id": "CVE-2021-1573",
  "lastModified": "2024-11-21T05:44:39.157",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-01-11T19:15:07.743",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asafdt-webvpn-dos-KSqJAKPA"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asafdt-webvpn-dos-KSqJAKPA"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-121"
        },
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2019-10-02 19:15

Modified

2024-11-21 04:23

Severity ?

6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Summary

A vulnerability in the Clientless SSL VPN (WebVPN) portal of Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-xss	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-xss	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	asa_5505	-
cisco	asa_5510	-
cisco	asa_5512-x	-
cisco	asa_5515-x	-
cisco	asa_5520	-
cisco	asa_5525-x	-
cisco	asa_5550	-
cisco	asa_5555-x	-
cisco	asa_5580	-
cisco	asa_5585-x	-
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF7C3150-AC51-4C6E-B0D2-B1E820C62F0B",
              "versionEndExcluding": "9.6.4.31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9401338-5D6D-46E6-918C-AE11FC6DBC9E",
              "versionEndExcluding": "9.8.4.9",
              "versionStartIncluding": "9.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3118855-5066-4FB7-B63E-EB694D6E00FA",
              "versionEndExcluding": "9.9.2.56",
              "versionStartIncluding": "9.9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADA230E4-4D7F-4186-842A-27B3741EE468",
              "versionEndExcluding": "9.10.1.30",
              "versionStartIncluding": "9.10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C0F64F2-0DFE-4904-85D6-ECD3D37E7385",
              "versionEndExcluding": "9.12.2.9",
              "versionStartIncluding": "9.12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FA268E0-220A-4D15-8816-6F69F7773590",
              "versionEndExcluding": "9.13.1",
              "versionStartIncluding": "9.13",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E6A8BB7-2000-4CA2-9DD7-89573CE4C73A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B091B9BA-D4CA-435B-8D66-602B45F0E0BD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08F0F160-DAD2-48D4-B7B2-4818B2526F35",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "977D597B-F6DE-4438-AB02-06BE64D71EBE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5520:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B387F62-6341-434D-903F-9B72E7F84ECB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB71EB29-0115-4307-A9F7-262394FD9FB0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5550:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6287D95-F564-44B7-A0F9-91396D7C2C4E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5535C936-391B-4619-AA03-B35265FC15D7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1E828B8-5ECC-4A09-B2AD-DEDC558713DE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16AE20C2-C77E-4E04-BF13-A48696E52426",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A1910D8-107F-4BD1-90D2-5653AA75F54A",
              "versionEndExcluding": "6.2.3.15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3920B277-4643-4601-A4C8-05C0C3D76C42",
              "versionEndExcluding": "6.3.0.5",
              "versionStartIncluding": "6.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3EDD3A04-6832-4533-8CE6-6083720E8654",
              "versionEndExcluding": "6.4.0.6",
              "versionStartIncluding": "6.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the Clientless SSL VPN (WebVPN) portal of Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el portal Clientless SSL VPN (WebVPN) de Cisco Adaptive Security Appliance (ASA) y el Software Cisco Firepower Threat Defense (FTD), podr\u00eda permitir a un atacante remoto no autenticado realizar un ataque de tipo cross-site scripting (XSS) contra un usuario de la interfaz de administraci\u00f3n basada en web de un dispositivo afectado. La vulnerabilidad es debido a una comprobaci\u00f3n insuficiente de la entrada suministrada por el usuario mediante la interfaz de administraci\u00f3n basada en web de un dispositivo afectado. Un atacante podr\u00eda explotar esta vulnerabilidad al persuadir a un usuario de la interfaz para que haga clic en un enlace dise\u00f1ado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante ejecutar c\u00f3digo script arbitrario en el contexto de la interfaz o permitirle al atacante acceder a informaci\u00f3n confidencial basada en navegador."
    }
  ],
  "id": "CVE-2019-12695",
  "lastModified": "2024-11-21T04:23:22.757",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.1,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 2.7,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.1,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 2.7,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-10-02T19:15:13.467",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-xss"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-xss"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2021-10-27 19:15

Modified

2024-11-21 06:11

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Summary

A vulnerability in the TCP Normalizer of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software operating in transparent mode could allow an unauthenticated, remote attacker to poison MAC address tables, resulting in a denial of service (DoS) vulnerability. This vulnerability is due to incorrect handling of certain TCP segments when the affected device is operating in transparent mode. An attacker could exploit this vulnerability by sending a crafted TCP segment through an affected device. A successful exploit could allow the attacker to poison the MAC address tables in adjacent devices, resulting in network disruption.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-dos-JxYWMJyL	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-dos-JxYWMJyL	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	asa_5512-x_firmware	009.008\(004.025\)
cisco	asa_5512-x	-
cisco	asa_5505_firmware	009.008\(004.025\)
cisco	asa_5505	-
cisco	asa_5515-x_firmware	009.008\(004.025\)
cisco	asa_5515-x	-
cisco	asa_5525-x_firmware	009.008\(004.025\)
cisco	asa_5525-x	-
cisco	asa_5545-x_firmware	009.008\(004.025\)
cisco	asa_5545-x	-
cisco	asa_5555-x_firmware	009.008\(004.025\)
cisco	asa_5555-x	-
cisco	asa_5580_firmware	009.008\(004.025\)
cisco	asa_5580	-
cisco	asa_5585-x_firmware	009.008\(004.025\)
cisco	asa_5585-x	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C7F329B-4EF5-411A-9AB6-02E6A4162D6D",
              "versionEndExcluding": "9.8.4.40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5429F29E-BEE8-4989-B5F3-A9BABBF64D31",
              "versionEndExcluding": "6.4.0.13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "18589C74-19D2-44F0-AF26-68910E26655D",
              "versionEndExcluding": "6.6.5",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "98DEDDAB-B8C5-4753-A208-94638E694FC1",
              "versionEndExcluding": "6.7.0.3",
              "versionStartIncluding": "6.7.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "796D02D8-AD57-49E8-93F6-5CC0E4D2F883",
              "versionEndExcluding": "9.12.4.29",
              "versionStartIncluding": "9.9.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "333EFE8A-1514-4F7A-BBF4-876DC1B2E5A4",
              "versionEndExcluding": "9.14.3.9",
              "versionStartIncluding": "9.13.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6EC0723-CBC7-45A7-8B30-B680E8A771EF",
              "versionEndExcluding": "9.15.1.17",
              "versionStartIncluding": "9.15.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "310B86D1-730D-4D8A-AC95-31FBE4F7D1E6",
              "versionEndExcluding": "9.16.2.3",
              "versionStartIncluding": "9.16.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5512-x_firmware:009.008\\(004.025\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "A8A0AC98-6994-4055-99FC-C24E7DD2964D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08F0F160-DAD2-48D4-B7B2-4818B2526F35",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5505_firmware:009.008\\(004.025\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "325AF17C-5C97-44CC-9F72-E077E2E5968C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E6A8BB7-2000-4CA2-9DD7-89573CE4C73A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5515-x_firmware:009.008\\(004.025\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "FC3C43A2-BFA1-4A53-8D7B-0270050D3CE9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "977D597B-F6DE-4438-AB02-06BE64D71EBE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5525-x_firmware:009.008\\(004.025\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "6CC7F335-8D93-408F-A9B6-427AEC590BE7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB71EB29-0115-4307-A9F7-262394FD9FB0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5545-x_firmware:009.008\\(004.025\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "50319E62-91FD-40EC-98C0-F2ADB51EA8B8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5545-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57179F60-E330-4FF0-9664-B1E4637FF210",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5555-x_firmware:009.008\\(004.025\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "73A3286F-B9A7-407C-A08A-C4BBF6EAF03D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5535C936-391B-4619-AA03-B35265FC15D7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5580_firmware:009.008\\(004.025\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "4205DEA9-C321-4845-B86A-07EABA461DD9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1E828B8-5ECC-4A09-B2AD-DEDC558713DE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5585-x_firmware:009.008\\(004.025\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "6D8296D0-BEE7-4788-AE23-E880345CD06A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16AE20C2-C77E-4E04-BF13-A48696E52426",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the TCP Normalizer of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software operating in transparent mode could allow an unauthenticated, remote attacker to poison MAC address tables, resulting in a denial of service (DoS) vulnerability. This vulnerability is due to incorrect handling of certain TCP segments when the affected device is operating in transparent mode. An attacker could exploit this vulnerability by sending a crafted TCP segment through an affected device. A successful exploit could allow the attacker to poison the MAC address tables in adjacent devices, resulting in network disruption."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el Normalizador TCP del software Cisco Adaptive Security Appliance (ASA) y del software Firepower Threat Defense (FTD) que funciona en modo transparente podr\u00eda permitir a un atacante remoto no autenticado envenenar las tablas de direcciones MAC, lo que provocar\u00eda una vulnerabilidad de denegaci\u00f3n de servicio (DoS). Esta vulnerabilidad es debido al manejo incorrecto de determinados segmentos TCP cuando el dispositivo afectado est\u00e1 operando en modo transparente. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de un segmento TCP dise\u00f1ado mediante un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante envenenar las tablas de direcciones MAC en los dispositivos adyacentes, resultando en una interrupci\u00f3n de la red"
    }
  ],
  "id": "CVE-2021-34793",
  "lastModified": "2024-11-21T06:11:13.063",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-10-27T19:15:08.563",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-dos-JxYWMJyL"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-dos-JxYWMJyL"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-924"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-924"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2024-10-23 18:15

Modified

2024-11-26 16:09

Severity ?

5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Summary

A vulnerability in the password change feature of Cisco Firepower Management Center (FMC) software could allow an unauthenticated, remote attacker to determine valid user names on an affected device. This vulnerability is due to improper authentication of password update responses. An attacker could exploit this vulnerability by forcing a password reset on an affected device. A successful exploit could allow the attacker to determine valid user names in the unauthenticated response to a forced password reset.

References

▼	URL	Tags
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-infodisc-RL4mJFer	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_management_center	6.4.0.17
cisco	firepower_management_center	6.4.0.18
cisco	firepower_management_center	6.6.7.2
cisco	firepower_management_center	7.0.6.1
cisco	firepower_management_center	7.0.6.2
cisco	firepower_management_center	7.2.5.1
cisco	firepower_management_center	7.2.5.2
cisco	firepower_management_center	7.2.6
cisco	firepower_management_center	7.2.7
cisco	firepower_management_center	7.2.8
cisco	firepower_management_center	7.2.8.1
cisco	firepower_management_center	7.4.0
cisco	firepower_management_center	7.4.1
cisco	firepower_management_center	7.4.1.1
cisco	secure_firewall_management_center	6.2.3
cisco	secure_firewall_management_center	6.2.3.1
cisco	secure_firewall_management_center	6.2.3.2
cisco	secure_firewall_management_center	6.2.3.3
cisco	secure_firewall_management_center	6.2.3.4
cisco	secure_firewall_management_center	6.2.3.5
cisco	secure_firewall_management_center	6.2.3.6
cisco	secure_firewall_management_center	6.2.3.7
cisco	secure_firewall_management_center	6.2.3.8
cisco	secure_firewall_management_center	6.2.3.9
cisco	secure_firewall_management_center	6.2.3.10
cisco	secure_firewall_management_center	6.2.3.11
cisco	secure_firewall_management_center	6.2.3.12
cisco	secure_firewall_management_center	6.2.3.13
cisco	secure_firewall_management_center	6.2.3.14
cisco	secure_firewall_management_center	6.2.3.15
cisco	secure_firewall_management_center	6.2.3.16
cisco	secure_firewall_management_center	6.2.3.17
cisco	secure_firewall_management_center	6.2.3.18
cisco	secure_firewall_management_center	6.4.0
cisco	secure_firewall_management_center	6.4.0.1
cisco	secure_firewall_management_center	6.4.0.2
cisco	secure_firewall_management_center	6.4.0.3
cisco	secure_firewall_management_center	6.4.0.4
cisco	secure_firewall_management_center	6.4.0.5
cisco	secure_firewall_management_center	6.4.0.6
cisco	secure_firewall_management_center	6.4.0.7
cisco	secure_firewall_management_center	6.4.0.8
cisco	secure_firewall_management_center	6.4.0.9
cisco	secure_firewall_management_center	6.4.0.10
cisco	secure_firewall_management_center	6.4.0.11
cisco	secure_firewall_management_center	6.4.0.12
cisco	secure_firewall_management_center	6.4.0.13
cisco	secure_firewall_management_center	6.4.0.14
cisco	secure_firewall_management_center	6.4.0.15
cisco	secure_firewall_management_center	6.4.0.16
cisco	secure_firewall_management_center	6.6.0
cisco	secure_firewall_management_center	6.6.0.1
cisco	secure_firewall_management_center	6.6.1
cisco	secure_firewall_management_center	6.6.3
cisco	secure_firewall_management_center	6.6.4
cisco	secure_firewall_management_center	6.6.5
cisco	secure_firewall_management_center	6.6.5.1
cisco	secure_firewall_management_center	6.6.5.2
cisco	secure_firewall_management_center	6.6.7
cisco	secure_firewall_management_center	6.6.7.1
cisco	secure_firewall_management_center	6.7.0
cisco	secure_firewall_management_center	6.7.0.1
cisco	secure_firewall_management_center	6.7.0.2
cisco	secure_firewall_management_center	6.7.0.3
cisco	secure_firewall_management_center	7.0.0
cisco	secure_firewall_management_center	7.0.0.1
cisco	secure_firewall_management_center	7.0.1
cisco	secure_firewall_management_center	7.0.1.1
cisco	secure_firewall_management_center	7.0.2
cisco	secure_firewall_management_center	7.0.2.1
cisco	secure_firewall_management_center	7.0.3
cisco	secure_firewall_management_center	7.0.4
cisco	secure_firewall_management_center	7.0.5
cisco	secure_firewall_management_center	7.0.6
cisco	secure_firewall_management_center	7.1.0
cisco	secure_firewall_management_center	7.1.0.1
cisco	secure_firewall_management_center	7.1.0.2
cisco	secure_firewall_management_center	7.1.0.3
cisco	secure_firewall_management_center	7.2.0
cisco	secure_firewall_management_center	7.2.0.1
cisco	secure_firewall_management_center	7.2.1
cisco	secure_firewall_management_center	7.2.2
cisco	secure_firewall_management_center	7.2.3
cisco	secure_firewall_management_center	7.2.3.1
cisco	secure_firewall_management_center	7.2.4
cisco	secure_firewall_management_center	7.2.4.1
cisco	secure_firewall_management_center	7.2.5
cisco	secure_firewall_management_center	7.3.0
cisco	secure_firewall_management_center	7.3.1
cisco	secure_firewall_management_center	7.3.1.1
cisco	secure_firewall_management_center	7.3.1.2
cisco	firepower_threat_defense	6.4.0.4
cisco	firepower_threat_defense	6.4.0.10
cisco	firepower_threat_defense	6.4.0.12
cisco	firepower_threat_defense	6.4.0.14
cisco	firepower_threat_defense	6.4.0.16
cisco	firepower_threat_defense	6.4.0.18
cisco	firepower_threat_defense	6.6.5.1
cisco	firepower_threat_defense	6.6.7
cisco	firepower_threat_defense	6.7.0.2
cisco	firepower_threat_defense	7.1.0.1
cisco	firepower_threat_defense	7.1.0.3
cisco	firepower_threat_defense	7.2.2
cisco	firepower_threat_defense	7.4.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center:6.4.0.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A95D8B6-2D90-4EA8-B468-356EB396A273",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center:6.4.0.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "1CDEF2CC-D485-4E66-9818-7C9740F37840",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center:6.6.7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D748B16-1C2A-4E00-807F-647569C271D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center:7.0.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "62950A6C-8467-4215-BCD1-010B8C491714",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center:7.0.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D97494F-BA89-4E95-A01F-C2CE02505A27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center:7.2.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4BB537CA-0E37-471E-8DD3-7710A443224A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center:7.2.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9022BCA-EDBF-4FD1-B427-573CA07E5134",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center:7.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "23BA0BE4-B06D-45AE-9C9D-280F1BFA7EDA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center:7.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B79ABCC-C95B-45AB-BE9D-454BD8174651",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center:7.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4FD7D25-704B-47EB-AF36-DC684AD07807",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center:7.2.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D33E431-39F5-4F73-99A1-19A05A594C90",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center:7.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "579DC0CE-1CEA-449F-BF76-AD7087573ACD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center:7.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB3E28C0-675B-4C30-B248-BE1EB5E961C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center:7.4.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C7E7A89-A9CA-45DA-8378-A50B1F9D260E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "6175407A-207E-4844-B150-EA0129C4CBBD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "45B6E615-F42A-468F-8E40-AD28994B4B1D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4B08264-DA65-4BFF-A973-FF733C7325B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE2A5330-8180-48CE-B22A-1CF24B7B1631",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "ACC1D72F-9542-4A62-AA90-C0E6B2095068",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4F3A97A-3359-40C7-95B0-2AB41C067141",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "B68BA14B-1752-4F05-9331-D556247462C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "1DE72ABB-B573-43CC-A2AC-D81807970BD4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "535E8ECF-5CE5-4E78-A9EF-6167F4C59C45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "3AE3F1C4-8C7A-48AA-83E5-6F832FA94DD3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "C40B7DC8-220C-4C34-A370-F1EB4B3F9EF1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DB186DC-6C03-4868-8218-06BEFC0CE400",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "B29670B8-F2D3-46D7-8F34-F44B320DD6FE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F04DDF5-2058-4208-A608-3673872450EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9A483AC-A8CF-439C-9009-4DFAB0484BCE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "94E7D836-46E5-4CD5-8BDC-4697D915FE05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "06220CB8-7F16-4D3C-A835-558D5F4D97ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "82917F5C-CF20-4D97-A981-FE3F8476CCFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "47E42025-1D1E-4390-AC21-9A1B0FBE8D82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "52651664-CA65-4812-8226-E104E1BE7864",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "64E0FDB2-D5A4-4749-A182-B0B145DC00D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "23B58490-C403-44D5-BDB9-88FAD19ABC2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE33A280-84E4-4B5B-AB31-7A78754413F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA3F9410-02E1-4FE9-9A4B-E504515F4615",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8AAAF924-1ADE-4267-9957-DF060D1D3538",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D02863A-1355-4FFE-A6BD-C912697774A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "704E4D3D-D1D2-48D8-A68C-227CC92A1C1D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "80A3D0F1-DA29-4A66-A698-082DB0CFA4B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6B9B536-ADF9-4CE1-86EC-07BCDD65FB92",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "1755E718-C726-442B-B203-E9536C546DF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB80FC39-0FCE-49F7-9A28-CE733DBB3572",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "F61496C8-9ADE-4A4E-9788-447050691727",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0780AD6-4F38-4400-AA63-E41879F74B68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "86BA5BA6-1F79-4C89-A3F4-A56E2B664AED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "52C7994F-AA17-467B-919E-A49F0CC9DB47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F007F6B-1EAA-468C-8159-78B020DF1E58",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "81F9AF68-70BD-46DE-B7F2-97C9BD5182A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1D808CD-B030-4334-A286-9B3A1D35C61D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0DFE9115-3E32-4A55-AB5A-83513322FE97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "09BD6616-B2B9-49B1-AD20-9B13D93C8F2C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "35A9634E-FCF4-4C67-A463-6BA5F63DD2A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D8CF5AA-7B41-4E98-8E7E-A399AAA510B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.6.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8452BA9A-F56C-48E0-BDBA-9095AF78F521",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2CE3B06-353C-4623-9EF4-78814DCB0D7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.6.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD968EA0-616D-4A22-A15D-C66918E71761",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.6.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE45FF20-1E52-46B6-9B38-07E5A6D6FD6D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "978284EE-8BE8-43ED-ADA0-B90151D83EA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BA140F9-4706-4B05-826E-962A277E625A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E7D3C93-B0FC-475E-9CCA-AA8A2101781D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "270CA092-1AF1-48D4-8695-E7DB694969C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFA94312-376E-4785-888F-3C07612E1DF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "29E73FBF-2579-4660-AFFA-7F9607004226",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "87FAAFFB-0589-441B-8289-8B8A6E18F705",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "73B92119-793D-4A43-A056-24DB6826E759",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "093A0BC2-037C-463F-AFC5-EF11C2954EAD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.0.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4F434FC-CAA4-4DBB-8094-C4ECC28B31E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "68C70BB3-33B3-4E7E-99D5-FF76D4ED96AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "B881B8DF-A96D-4B64-B98A-71F0D3388641",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6A97625-D39C-42D5-89E4-415A868A0972",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E4D83B4-9697-4071-AC9F-7ADC86A6B529",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A58A2DA5-3EE7-408D-AAFA-82330F0325B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FA98EEC-2059-4CA9-92F1-72C1E0BB7EC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4C51EE7-866B-410C-B75E-EF260D5062B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F1FFD07-B874-4D3C-8E2C-9A204F1E994E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB5ACB9E-86AF-4EC1-9F36-A202429CD0F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD1E4527-AAE2-4DA9-AFDA-6375839F7843",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F0AF047-EAE9-4C77-BCEF-5CB26F84C742",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2ED03874-4071-4382-8A46-8B3A59E601FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF84E043-DF3C-4A95-8FDA-B0FDCD795377",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.2.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9498087-9642-4A86-B3EE-1513C55A86E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "36C229AB-2851-48D4-815A-63AAB4462A24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.2.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6DA4BCFC-8237-4F5C-9863-523EE7D8619B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "07693A92-7D84-45A1-ACD6-D83AE41D504B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D401072-6709-4921-8918-720F28D61E24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0EA3467-4205-4C41-AF24-689330F7396B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BE94E38-5F29-4AE1-8129-7F7582C2CC75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.3.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEF603AD-D69B-4DD8-A7F4-6BEFD355EF29",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "24CD0B0A-2B91-45DD-9522-8D1D3850CC9B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2A5530C-DF29-421B-9712-3454C1769446",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "B05791F9-0B31-4C4C-A9BA-9268CAA45FB2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6D7AF29-4E08-4BFD-AFE0-994309E66F08",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6E3A5DC-A237-46E4-A4E5-F135482F984A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "1CE51492-8C9B-459E-9F80-64F426009905",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "55FE024D-0D43-40AD-9645-8C54ECF17824",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "D46E2E00-BA86-4002-B67B-2C1A6C1AAAE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "596EC5DD-D7F4-44C8-B4B5-E2DC142FC486",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "469EA365-DED5-4436-AAC2-5553529DE700",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5364CB94-BEA3-4E9A-A2F9-EE96A2D7F8AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "795ED164-7800-4D50-8E37-665BE30190D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "724A3B6F-DDAB-4A2F-8430-9E1F352D755F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the password change feature of Cisco Firepower Management Center (FMC) software could allow an unauthenticated, remote attacker to determine valid user names on an affected device.\r\n\r This vulnerability is due to improper authentication of password update responses. An attacker could exploit this vulnerability by forcing a password reset on an affected device. A successful exploit could allow the attacker to determine valid user names in the unauthenticated response to a forced password reset."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la funci\u00f3n de cambio de contrase\u00f1a del software Cisco Firepower Management Center (FMC) podr\u00eda permitir que un atacante remoto no autenticado determine nombres de usuario v\u00e1lidos en un dispositivo afectado. Esta vulnerabilidad se debe a una autenticaci\u00f3n incorrecta de las respuestas de actualizaci\u00f3n de contrase\u00f1a. Un atacante podr\u00eda aprovechar esta vulnerabilidad al forzar el restablecimiento de contrase\u00f1a en un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante determinar nombres de usuario v\u00e1lidos en la respuesta no autenticada a un restablecimiento forzado de contrase\u00f1a."
    }
  ],
  "id": "CVE-2024-20388",
  "lastModified": "2024-11-26T16:09:02.407",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-10-23T18:15:07.697",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-infodisc-RL4mJFer"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-202"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2022-11-15 21:15

Modified

2024-11-21 06:43

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

A vulnerability in dynamic access policies (DAP) functionality of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. This vulnerability is due to improper processing of HostScan data received from the Posture (HostScan) module. An attacker could exploit this vulnerability by sending crafted HostScan data to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-dap-dos-GhYZBxDU ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-dap-dos-GhYZBxDU"] This advisory is part of the November 2022 release of the Cisco ASA, FTD, and FMC Security Advisory Bundled publication.

References

▼	URL	Tags
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-dap-dos-GhYZBxDU
	af854a3a-2127-422b-91ae-364da2661108	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-dap-dos-GhYZBxDU

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance_software	9.6.1
cisco	adaptive_security_appliance_software	9.6.1.3
cisco	adaptive_security_appliance_software	9.6.1.5
cisco	adaptive_security_appliance_software	9.6.1.10
cisco	adaptive_security_appliance_software	9.6.2
cisco	adaptive_security_appliance_software	9.6.2.1
cisco	adaptive_security_appliance_software	9.6.2.2
cisco	adaptive_security_appliance_software	9.6.2.3
cisco	adaptive_security_appliance_software	9.6.2.7
cisco	adaptive_security_appliance_software	9.6.2.11
cisco	adaptive_security_appliance_software	9.6.2.13
cisco	adaptive_security_appliance_software	9.6.2.22
cisco	adaptive_security_appliance_software	9.6.2.23
cisco	adaptive_security_appliance_software	9.6.3
cisco	adaptive_security_appliance_software	9.6.3.1
cisco	adaptive_security_appliance_software	9.6.3.3
cisco	adaptive_security_appliance_software	9.6.3.8
cisco	adaptive_security_appliance_software	9.6.3.9
cisco	adaptive_security_appliance_software	9.6.3.11
cisco	adaptive_security_appliance_software	9.6.3.12
cisco	adaptive_security_appliance_software	9.6.3.14
cisco	adaptive_security_appliance_software	9.6.3.17
cisco	adaptive_security_appliance_software	9.6.3.20
cisco	adaptive_security_appliance_software	9.6.4
cisco	adaptive_security_appliance_software	9.6.4.3
cisco	adaptive_security_appliance_software	9.6.4.5
cisco	adaptive_security_appliance_software	9.6.4.6
cisco	adaptive_security_appliance_software	9.6.4.8
cisco	adaptive_security_appliance_software	9.6.4.10
cisco	adaptive_security_appliance_software	9.6.4.12
cisco	adaptive_security_appliance_software	9.6.4.14
cisco	adaptive_security_appliance_software	9.6.4.17
cisco	adaptive_security_appliance_software	9.6.4.18
cisco	adaptive_security_appliance_software	9.6.4.20
cisco	adaptive_security_appliance_software	9.6.4.22
cisco	adaptive_security_appliance_software	9.6.4.23
cisco	adaptive_security_appliance_software	9.6.4.24
cisco	adaptive_security_appliance_software	9.6.4.25
cisco	adaptive_security_appliance_software	9.6.4.29
cisco	adaptive_security_appliance_software	9.6.4.30
cisco	adaptive_security_appliance_software	9.6.4.34
cisco	adaptive_security_appliance_software	9.6.4.36
cisco	adaptive_security_appliance_software	9.6.4.40
cisco	adaptive_security_appliance_software	9.6.4.41
cisco	adaptive_security_appliance_software	9.6.4.42
cisco	adaptive_security_appliance_software	9.6.4.45
cisco	adaptive_security_appliance_software	9.7.1
cisco	adaptive_security_appliance_software	9.7.1.2
cisco	adaptive_security_appliance_software	9.7.1.4
cisco	adaptive_security_appliance_software	9.7.1.8
cisco	adaptive_security_appliance_software	9.7.1.15
cisco	adaptive_security_appliance_software	9.7.1.16
cisco	adaptive_security_appliance_software	9.7.1.21
cisco	adaptive_security_appliance_software	9.7.1.24
cisco	adaptive_security_appliance_software	9.8.1
cisco	adaptive_security_appliance_software	9.8.1.5
cisco	adaptive_security_appliance_software	9.8.1.7
cisco	adaptive_security_appliance_software	9.8.2
cisco	adaptive_security_appliance_software	9.8.2.8
cisco	adaptive_security_appliance_software	9.8.2.14
cisco	adaptive_security_appliance_software	9.8.2.15
cisco	adaptive_security_appliance_software	9.8.2.17
cisco	adaptive_security_appliance_software	9.8.2.20
cisco	adaptive_security_appliance_software	9.8.2.24
cisco	adaptive_security_appliance_software	9.8.2.26
cisco	adaptive_security_appliance_software	9.8.2.28
cisco	adaptive_security_appliance_software	9.8.2.33
cisco	adaptive_security_appliance_software	9.8.2.35
cisco	adaptive_security_appliance_software	9.8.2.38
cisco	adaptive_security_appliance_software	9.8.3
cisco	adaptive_security_appliance_software	9.8.3.8
cisco	adaptive_security_appliance_software	9.8.3.11
cisco	adaptive_security_appliance_software	9.8.3.14
cisco	adaptive_security_appliance_software	9.8.3.16
cisco	adaptive_security_appliance_software	9.8.3.18
cisco	adaptive_security_appliance_software	9.8.3.21
cisco	adaptive_security_appliance_software	9.8.3.26
cisco	adaptive_security_appliance_software	9.8.3.29
cisco	adaptive_security_appliance_software	9.8.4
cisco	adaptive_security_appliance_software	9.8.4.3
cisco	adaptive_security_appliance_software	9.8.4.7
cisco	adaptive_security_appliance_software	9.8.4.8
cisco	adaptive_security_appliance_software	9.8.4.10
cisco	adaptive_security_appliance_software	9.8.4.12
cisco	adaptive_security_appliance_software	9.8.4.15
cisco	adaptive_security_appliance_software	9.8.4.17
cisco	adaptive_security_appliance_software	9.8.4.20
cisco	adaptive_security_appliance_software	9.8.4.22
cisco	adaptive_security_appliance_software	9.8.4.25
cisco	adaptive_security_appliance_software	9.8.4.26
cisco	adaptive_security_appliance_software	9.8.4.29
cisco	adaptive_security_appliance_software	9.8.4.32
cisco	adaptive_security_appliance_software	9.8.4.33
cisco	adaptive_security_appliance_software	9.8.4.34
cisco	adaptive_security_appliance_software	9.8.4.35
cisco	adaptive_security_appliance_software	9.8.4.39
cisco	adaptive_security_appliance_software	9.8.4.40
cisco	adaptive_security_appliance_software	9.8.4.41
cisco	adaptive_security_appliance_software	9.8.4.43
cisco	adaptive_security_appliance_software	9.9.1
cisco	adaptive_security_appliance_software	9.9.1.2
cisco	adaptive_security_appliance_software	9.9.1.3
cisco	adaptive_security_appliance_software	9.9.1.4
cisco	adaptive_security_appliance_software	9.9.1.5
cisco	adaptive_security_appliance_software	9.9.2
cisco	adaptive_security_appliance_software	9.9.2.1
cisco	adaptive_security_appliance_software	9.9.2.9
cisco	adaptive_security_appliance_software	9.9.2.14
cisco	adaptive_security_appliance_software	9.9.2.18
cisco	adaptive_security_appliance_software	9.9.2.25
cisco	adaptive_security_appliance_software	9.9.2.27
cisco	adaptive_security_appliance_software	9.9.2.32
cisco	adaptive_security_appliance_software	9.9.2.36
cisco	adaptive_security_appliance_software	9.9.2.40
cisco	adaptive_security_appliance_software	9.9.2.47
cisco	adaptive_security_appliance_software	9.9.2.50
cisco	adaptive_security_appliance_software	9.9.2.52
cisco	adaptive_security_appliance_software	9.9.2.56
cisco	adaptive_security_appliance_software	9.9.2.59
cisco	adaptive_security_appliance_software	9.9.2.61
cisco	adaptive_security_appliance_software	9.9.2.66
cisco	adaptive_security_appliance_software	9.9.2.67
cisco	adaptive_security_appliance_software	9.9.2.74
cisco	adaptive_security_appliance_software	9.9.2.80
cisco	adaptive_security_appliance_software	9.9.2.83
cisco	adaptive_security_appliance_software	9.9.2.85
cisco	adaptive_security_appliance_software	9.10.1
cisco	adaptive_security_appliance_software	9.10.1.2
cisco	adaptive_security_appliance_software	9.10.1.7
cisco	adaptive_security_appliance_software	9.10.1.10
cisco	adaptive_security_appliance_software	9.10.1.11
cisco	adaptive_security_appliance_software	9.10.1.17
cisco	adaptive_security_appliance_software	9.10.1.22
cisco	adaptive_security_appliance_software	9.10.1.27
cisco	adaptive_security_appliance_software	9.10.1.30
cisco	adaptive_security_appliance_software	9.10.1.32
cisco	adaptive_security_appliance_software	9.10.1.37
cisco	adaptive_security_appliance_software	9.10.1.40
cisco	adaptive_security_appliance_software	9.10.1.42
cisco	adaptive_security_appliance_software	9.10.1.44
cisco	adaptive_security_appliance_software	9.12.1
cisco	adaptive_security_appliance_software	9.12.1.2
cisco	adaptive_security_appliance_software	9.12.1.3
cisco	adaptive_security_appliance_software	9.12.2
cisco	adaptive_security_appliance_software	9.12.2.1
cisco	adaptive_security_appliance_software	9.12.2.4
cisco	adaptive_security_appliance_software	9.12.2.5
cisco	adaptive_security_appliance_software	9.12.2.9
cisco	adaptive_security_appliance_software	9.12.3
cisco	adaptive_security_appliance_software	9.12.3.2
cisco	adaptive_security_appliance_software	9.12.3.7
cisco	adaptive_security_appliance_software	9.12.3.9
cisco	adaptive_security_appliance_software	9.12.3.12
cisco	adaptive_security_appliance_software	9.12.4
cisco	adaptive_security_appliance_software	9.12.4.2
cisco	adaptive_security_appliance_software	9.12.4.4
cisco	adaptive_security_appliance_software	9.12.4.7
cisco	adaptive_security_appliance_software	9.12.4.8
cisco	adaptive_security_appliance_software	9.12.4.10
cisco	adaptive_security_appliance_software	9.12.4.13
cisco	adaptive_security_appliance_software	9.12.4.18
cisco	adaptive_security_appliance_software	9.12.4.24
cisco	adaptive_security_appliance_software	9.12.4.26
cisco	adaptive_security_appliance_software	9.12.4.29
cisco	adaptive_security_appliance_software	9.12.4.30
cisco	adaptive_security_appliance_software	9.12.4.35
cisco	adaptive_security_appliance_software	9.12.4.37
cisco	adaptive_security_appliance_software	9.13.1
cisco	adaptive_security_appliance_software	9.13.1.2
cisco	adaptive_security_appliance_software	9.13.1.7
cisco	adaptive_security_appliance_software	9.13.1.10
cisco	adaptive_security_appliance_software	9.13.1.12
cisco	adaptive_security_appliance_software	9.13.1.13
cisco	adaptive_security_appliance_software	9.13.1.16
cisco	adaptive_security_appliance_software	9.13.1.19
cisco	adaptive_security_appliance_software	9.13.1.21
cisco	adaptive_security_appliance_software	9.14.1
cisco	adaptive_security_appliance_software	9.14.1.6
cisco	adaptive_security_appliance_software	9.14.1.10
cisco	adaptive_security_appliance_software	9.14.1.15
cisco	adaptive_security_appliance_software	9.14.1.19
cisco	adaptive_security_appliance_software	9.14.1.30
cisco	adaptive_security_appliance_software	9.14.2
cisco	adaptive_security_appliance_software	9.14.2.4
cisco	adaptive_security_appliance_software	9.14.2.8
cisco	adaptive_security_appliance_software	9.14.2.13
cisco	adaptive_security_appliance_software	9.14.2.15
cisco	adaptive_security_appliance_software	9.14.3
cisco	adaptive_security_appliance_software	9.14.3.1
cisco	adaptive_security_appliance_software	9.14.3.9
cisco	adaptive_security_appliance_software	9.14.3.11
cisco	adaptive_security_appliance_software	9.14.3.13
cisco	adaptive_security_appliance_software	9.14.3.15
cisco	adaptive_security_appliance_software	9.15.1
cisco	adaptive_security_appliance_software	9.15.1.1
cisco	adaptive_security_appliance_software	9.15.1.7
cisco	adaptive_security_appliance_software	9.15.1.10
cisco	adaptive_security_appliance_software	9.15.1.15
cisco	adaptive_security_appliance_software	9.15.1.16
cisco	adaptive_security_appliance_software	9.15.1.17
cisco	adaptive_security_appliance_software	9.16.1
cisco	adaptive_security_appliance_software	9.16.1.28
cisco	adaptive_security_appliance_software	9.16.2
cisco	adaptive_security_appliance_software	9.16.2.3
cisco	adaptive_security_appliance_software	9.16.2.7
cisco	adaptive_security_appliance_software	9.16.2.11
cisco	adaptive_security_appliance_software	9.17.1
cisco	firepower_threat_defense	6.1.0
cisco	firepower_threat_defense	6.1.0.1
cisco	firepower_threat_defense	6.1.0.2
cisco	firepower_threat_defense	6.1.0.3
cisco	firepower_threat_defense	6.1.0.4
cisco	firepower_threat_defense	6.1.0.5
cisco	firepower_threat_defense	6.1.0.6
cisco	firepower_threat_defense	6.1.0.7
cisco	firepower_threat_defense	6.2.0
cisco	firepower_threat_defense	6.2.0.1
cisco	firepower_threat_defense	6.2.0.2
cisco	firepower_threat_defense	6.2.0.3
cisco	firepower_threat_defense	6.2.0.4
cisco	firepower_threat_defense	6.2.0.5
cisco	firepower_threat_defense	6.2.0.6
cisco	firepower_threat_defense	6.2.1
cisco	firepower_threat_defense	6.2.2
cisco	firepower_threat_defense	6.2.2.1
cisco	firepower_threat_defense	6.2.2.2
cisco	firepower_threat_defense	6.2.2.3
cisco	firepower_threat_defense	6.2.2.4
cisco	firepower_threat_defense	6.2.2.5
cisco	firepower_threat_defense	6.2.3
cisco	firepower_threat_defense	6.2.3.1
cisco	firepower_threat_defense	6.2.3.2
cisco	firepower_threat_defense	6.2.3.3
cisco	firepower_threat_defense	6.2.3.4
cisco	firepower_threat_defense	6.2.3.5
cisco	firepower_threat_defense	6.2.3.6
cisco	firepower_threat_defense	6.2.3.7
cisco	firepower_threat_defense	6.2.3.8
cisco	firepower_threat_defense	6.2.3.9
cisco	firepower_threat_defense	6.2.3.10
cisco	firepower_threat_defense	6.2.3.11
cisco	firepower_threat_defense	6.2.3.12
cisco	firepower_threat_defense	6.2.3.13
cisco	firepower_threat_defense	6.2.3.14
cisco	firepower_threat_defense	6.2.3.15
cisco	firepower_threat_defense	6.2.3.16
cisco	firepower_threat_defense	6.2.3.17
cisco	firepower_threat_defense	6.2.3.18
cisco	firepower_threat_defense	6.3.0
cisco	firepower_threat_defense	6.3.0.1
cisco	firepower_threat_defense	6.3.0.2
cisco	firepower_threat_defense	6.3.0.3
cisco	firepower_threat_defense	6.3.0.4
cisco	firepower_threat_defense	6.3.0.5
cisco	firepower_threat_defense	6.4.0
cisco	firepower_threat_defense	6.4.0.1
cisco	firepower_threat_defense	6.4.0.2
cisco	firepower_threat_defense	6.4.0.3
cisco	firepower_threat_defense	6.4.0.4
cisco	firepower_threat_defense	6.4.0.5
cisco	firepower_threat_defense	6.4.0.6
cisco	firepower_threat_defense	6.4.0.7
cisco	firepower_threat_defense	6.4.0.8
cisco	firepower_threat_defense	6.4.0.9
cisco	firepower_threat_defense	6.4.0.10
cisco	firepower_threat_defense	6.4.0.11
cisco	firepower_threat_defense	6.4.0.12
cisco	firepower_threat_defense	6.4.0.13
cisco	firepower_threat_defense	6.4.0.14
cisco	firepower_threat_defense	6.5.0
cisco	firepower_threat_defense	6.5.0.1
cisco	firepower_threat_defense	6.5.0.2
cisco	firepower_threat_defense	6.5.0.3
cisco	firepower_threat_defense	6.5.0.4
cisco	firepower_threat_defense	6.5.0.5
cisco	firepower_threat_defense	6.6.0
cisco	firepower_threat_defense	6.6.0.1
cisco	firepower_threat_defense	6.6.1
cisco	firepower_threat_defense	6.6.3
cisco	firepower_threat_defense	6.6.4
cisco	firepower_threat_defense	6.6.5
cisco	firepower_threat_defense	6.6.5.1
cisco	firepower_threat_defense	6.7.0
cisco	firepower_threat_defense	6.7.0.1
cisco	firepower_threat_defense	6.7.0.2
cisco	firepower_threat_defense	6.7.0.3
cisco	firepower_threat_defense	7.0.0
cisco	firepower_threat_defense	7.0.0.1
cisco	firepower_threat_defense	7.0.1
cisco	firepower_threat_defense	7.0.1.1
cisco	firepower_threat_defense	7.1.0
cisco	firepower_threat_defense	7.1.0.1
cisco	firepower_threat_defense	7.1.0.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2780DD07-79B8-4096-A435-DB8FD6301E7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F2D8411-7317-4865-ADF9-279648210E0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E7AA7A9-F4DB-4BC1-9233-F72B66191F40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "03D8C893-BA42-4EE5-A790-13614A6B436F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "339ACF13-0E1F-48D6-9939-96B16AE857CE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D5D09C9-4559-4FED-B4B7-EAE5935EBCEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "074A5E58-A066-470B-840A-1148A8979DFA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEF2C556-48E6-4572-8FD9-4DC8BAD90B90",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDAD792D-70DB-4123-8BCC-B6890A9BCAA8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.2.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F273C29-0615-45E9-9860-178227E726B5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.2.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "A173A871-4186-4F3B-B40A-893DD3E1F13E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.2.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "904CE795-DC6F-4CB2-AD3D-6AB893FCB3EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.2.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C94EA10-799F-4B6F-AFF5-5CB39A641C46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "05E59B31-CBCB-46BC-A2CE-98754FC8C36B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6279892E-BB24-428F-95AE-07257400444B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3214E142-DDB6-4082-9F76-7F173EFDB6E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B0CB62A-AE50-49C0-940E-9F9C799CF1E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3650CBD-D1CB-40D5-9397-C6683396A4DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED7BF89A-465D-4B48-B38C-977859F6D613",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.3.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BCA4CF6-7D0B-400B-BF66-DB86C11EABA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8DEF3AE-A561-46F6-81A2-424512B58BBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.3.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC636946-33D5-4070-9541-1874DDE4A30A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.3.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE448D5D-6724-4E5D-8D25-699BDCC71160",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAC7A642-121A-4A8C-B055-0296EA5D6E10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "04CF50BE-1D0A-4182-BF07-3097C1FEC85A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF0A3A55-8787-4F33-A491-F32A4AFB21A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A460A3C-AFAD-41D5-A2A8-4D38D307CDCB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "10E65607-CF28-4494-8978-22C7AD142AB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "964F9FC6-AC2C-40DE-A62F-3C9724CA1276",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A62501B-A43B-4A60-8572-797AA7CBA876",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.4.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A20C2CB-9C1C-4403-B9CE-0211481A258F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.4.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2EE2F86-9EAF-47A8-9BD2-9C62D11814C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.4.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "032675B3-83C7-46A5-B13C-D98934E70057",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.4.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "689F4FE8-FA45-41AC-965E-132380FD12DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.4.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "545845CF-AD67-42B2-A943-3974A84241CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.4.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "D45673C2-8303-456E-9BF5-8882A1EA1631",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.4.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "C88C4B52-C2A1-44D4-9D33-B95AE5671AF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.4.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "67B36032-DB43-4C4B-97C4-DE47F241EF2A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.4.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBE16A02-472D-4963-9DF1-B6583E115721",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.4.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5EEC3F4-14FA-4538-B832-B196020BC96F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.4.34:*:*:*:*:*:*:*",
              "matchCriteriaId": "93548414-23A8-4B2C-A026-D84E689B08AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.4.36:*:*:*:*:*:*:*",
              "matchCriteriaId": "35C5EAC5-4F93-4E46-B774-50BE32FFC642",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.4.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA38450A-8127-4C32-A28F-951AAB2DA3E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.4.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A298344-FAD3-43E1-A687-A189C1F62A28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.4.42:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FBD7EB1-BE9C-4448-9D17-4254ACD3086B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.4.45:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C49883D-67EA-4C7F-AB4F-65205134E185",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8208A38E-5B6E-4669-ADAE-E40A4C0E3A6B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.7.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "49FCBAFC-41BE-4650-B7D1-39F8C7688870",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.7.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "953954B6-CB7F-417F-BDB3-A722A88A3F16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.7.1.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "807ECF9D-51D7-4C62-A76D-BB5C635C3AB8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.7.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "8461D662-DE9F-43F7-89D2-978BC83DB33B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.7.1.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4D87ACA-9235-44C9-86A0-3356A105297B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.7.1.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "30468FB9-D2B7-4905-AD81-E2D1DA30B916",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.7.1.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CED805E-D656-4582-9578-51AD165C1D76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D482F818-0A8E-49D7-8E3E-0958019FA629",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E7BFB57-BC02-4930-A02F-83583E6A0FC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "026F1960-C879-4611-A60A-96311B63CCA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAF8B33E-0C95-467D-A865-0A234E69D0CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFF144F5-D933-4DE4-818C-001BD9E3958A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "00112ED3-FE7B-425B-9A28-1E5F2BC8BB01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDD491D5-FAAB-493F-91A6-D2F3B5F5970E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "1519F49D-588F-4B70-B38F-EF4F3E13FEAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "15354443-5EB7-4712-B2DE-61DB33830759",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "248D6B44-E134-4DEC-A947-636824E3FDFA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "0820A79C-F3EF-407F-9AC7-DCAB4CD39C89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D3E8805-85D2-4345-8076-039513209A31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "14BB907B-D75A-4F5E-B20D-5457A71A70EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "F118B803-4C55-436A-A136-0C1FEA49858F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.38:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A272121-408E-45F6-A2A1-0BA6EBC060A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "980CEA3B-5A81-4E8C-BEA3-DD31BE7DA2CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3910211-D4DB-4CA7-BBEA-DD8246FF10ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "C260BF30-7A33-4C70-9509-404856C93666",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF894850-39EC-4B57-BBFF-F1AB4F8389A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1FAFCF9-0ABE-483E-9604-329762BB7870",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "83DB4278-3126-4765-97C4-6C0A8C78DA78",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "174E631B-6099-47DE-8790-BBF4B7FDB8CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FE3538B-F612-4105-BFDE-A4B594482DCF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "3143B0FF-C855-485E-A908-E48974B1643C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "26DD9992-6D98-4E03-9599-ECF38A186FBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "24DCEAE6-355B-40AE-A7C8-AF744FCA8A86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "2097E81E-B422-4B93-AF09-F300A0E8AF71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "454DEA31-A607-4054-82D3-24A4FEB7358F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "57F0B213-8187-4465-84F1-FB8D92B36020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "E540771E-BA0B-42D1-8251-B576B0F142C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEC2A833-BECF-4000-A592-6113A84C2D20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "077F1416-924A-4D25-9CEE-3BD66A96A019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BDC8D92-D6E0-40EE-B190-D2B32C7DEB75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "23CD5619-E534-4F40-998D-39DC19FA0451",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5D0EB11-14B1-44B3-8D46-B9DD872F772C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FA399CF-12DB-42E0-A66F-14508B52A453",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B5A7608-E737-420E-9B5E-836600DAC701",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.32:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7EB6801-336D-4F41-ADE7-1C58C63C3F6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "8413DA41-02A5-4269-8C88-9DD5076AF91B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.34:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA00285F-6914-4749-8A47-FC4EDAFFF3C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "4AA4D367-32B9-4F54-8352-A959F61A1FDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "2259FF9E-0C8B-440F-B1AC-51BDE3F60E68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C522B55-904D-4C08-B73E-1457D877C0AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "4483056A-FBF3-4E00-81EB-1E97334EF240",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.43:*:*:*:*:*:*:*",
              "matchCriteriaId": "48677330-06AB-4C7F-B2AD-F7E465A9632A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C50642A-B123-4503-9EBB-32CDB67E44D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "39B646DA-3317-4285-9CB3-1D90B8F54266",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "97AC204B-9376-4760-8EF7-58F6EC68C936",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "75846B12-CC4D-4277-B12D-2C2D0DF1C706",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "289317DE-77AB-48AF-8CF2-00E9EB85F364",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC44F77D-C48E-46DA-B7B7-9D772D043B4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6445101B-54E3-4511-9D45-001CBE70203A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA4A0F4E-1330-456C-8C5E-C9F76BAF651F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "F181EF65-D795-4ABB-B464-40B24B29ECA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "C49A0CF5-EF87-4228-8B88-859A1E1AB7B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2CC4146-D447-4E5A-8CBB-60664CDE05BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.27:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF1150A5-B314-4798-BE10-25E6F979ADA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.32:*:*:*:*:*:*:*",
              "matchCriteriaId": "44FC4B71-584F-444F-957C-99E045AA4140",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.36:*:*:*:*:*:*:*",
              "matchCriteriaId": "E25FBC5B-3FD8-461A-99DE-4120D62CA914",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1608733-4D00-4169-AAA2-2ACB7DCE01E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.47:*:*:*:*:*:*:*",
              "matchCriteriaId": "390781EE-6B38-4C25-9BBC-10D67F858678",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.50:*:*:*:*:*:*:*",
              "matchCriteriaId": "332C4752-27EA-43ED-A42D-9C0E250C2F15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.52:*:*:*:*:*:*:*",
              "matchCriteriaId": "A29D95A7-C9FB-424C-90E4-1D2F0FB27917",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.56:*:*:*:*:*:*:*",
              "matchCriteriaId": "16C3345B-61DA-4565-80DC-7C0645E076D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.59:*:*:*:*:*:*:*",
              "matchCriteriaId": "547BBEE2-E4C8-43C7-B0CB-A40DBF0457AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.61:*:*:*:*:*:*:*",
              "matchCriteriaId": "86F29A49-1E28-4483-BE05-6409DFBF6FC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.66:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD0E70B2-E401-4F27-9033-5061BD8BA3D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.67:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5D43506-BB40-4490-A3D0-D4B56D01F931",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.74:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6F94E7F-2455-4C23-B055-3C759571D986",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.80:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B3FB946-FEC6-42F8-AFC3-40F581F7126B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.83:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A6CF74B-A6AC-4081-BA20-AB1C7DCF8850",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.85:*:*:*:*:*:*:*",
              "matchCriteriaId": "6ED3B3FD-B44F-464B-9B4E-2650A62EEF3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "69289C72-01B5-4280-A382-665C1224C850",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.10.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A774BF55-3B8C-4E0A-BE73-93189E8E1CC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.10.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC46F5E6-5385-46A9-997B-ED543B71CE25",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.10.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F083BA6-04C8-44DF-8E3E-77C550F31C89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.10.1.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "C445E350-259B-41DB-BAFF-EB1B023C4648",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.10.1.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "E65D4505-C562-41C1-8CFE-1ABE807D83FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.10.1.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3F91FE1-433C-4263-AA0C-1EB5166B07D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.10.1.27:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF4E6F0E-1729-4EFD-9B4B-76A39F1B7ABF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.10.1.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D1A5740-7C1A-45D7-8767-5C50E09F2268",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.10.1.32:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA9D78E4-EFEB-4D2F-989C-CB976E1B5C91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.10.1.37:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1B8ADDF-2845-4F6D-8920-A4909150927C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.10.1.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "B422EED4-C9AA-411A-8203-270862FFFFA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.10.1.42:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF1F99D0-F529-44DE-BB26-2279688DFCCA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.10.1.44:*:*:*:*:*:*:*",
              "matchCriteriaId": "46CE7CFE-6DAB-47D5-87EB-9607BBD41E1F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F002FD55-F881-450E-BC1B-8073E188F47E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA940C4F-13BB-465F-BB8D-CBD0109BF012",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B0434F5-9A50-4B57-9C5B-E09415D098C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE727035-06CB-4E37-A9D2-96BD54502120",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FE52B81-2CF8-48E5-A7BA-A163A25A669B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8E8D7C9-5272-40E6-869B-B33959F9F0CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE8D5D71-5C85-4644-8A84-F073549ADB50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "0790DDC2-7BA0-42DC-A157-754C0CBBE178",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "882394EA-70C8-4D86-9AEF-5D273D8E518C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "855AD3CC-F404-48C5-80D2-7F2765D16D72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "26B6BF72-9124-4213-B3C0-BD31B46E8C91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE8FBE89-8FDA-4B9B-BA1A-90FFD482A585",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "149C3872-8DA9-48DD-ADD0-2E84C1A76A40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2D33E8C-294A-4C43-8DB6-9DA9F61F0B3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E23ACB0-DF8B-4672-A819-4DCD3104CE4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4723B88-62BA-40E6-AA89-BAC02D6A036F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C698819-3C8E-4A16-8F52-42FF1E54C076",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D3CE74E-59E7-448A-8417-18F97C05C798",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "0986C171-0E75-4F6F-A9BD-276830104E5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "66A2777A-7831-4324-AEB2-5D93B5F6C04B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "37045680-9189-4B7F-A4F7-4E682FE20A09",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6C9F37B-CF3C-4861-A969-C7CF4946274A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A1DAF21-3FED-4691-9D4C-8FD8CEA7FB3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB938E58-4963-4A31-8836-88E958592B30",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E317897-EE97-44F3-96BB-E54228D72A7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EF7FAB2-158D-4C48-9246-E7AD3BF1D801",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.37:*:*:*:*:*:*:*",
              "matchCriteriaId": "056D43AE-ECDB-40D2-A196-18DDCD02629E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.13.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D9AE545-A469-41C7-BD95-3CC80AF8067B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.13.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3255DB9E-85A5-48ED-90AA-6A7A55A0B1F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.13.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "02B6C9A0-B941-4C7C-BFE9-F1D837D5ADBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.13.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "77E783FD-5D4B-4C4F-BBFE-1186EFDFEF3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.13.1.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "40145CFB-CEE8-4ABA-A9C2-BA262B7A9AEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.13.1.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "23C82327-5362-4876-8058-EB51030CD5DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.13.1.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C700CC9-E16F-4C05-915D-1CA39257ACCB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.13.1.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "3ABDBB94-BA4F-4991-A703-0D7DDF999CBF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.13.1.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "D59B6947-1953-4C86-A76C-7A881CD3A502",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "52D83C3A-ED0B-42D5-A08A-97D27E189875",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "A649E319-D408-4AA2-8293-C9E37AF14BA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4187EFE-4D7E-4493-A6E0-24C98256CF79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "6730194F-5069-40AB-AE66-871D3992560C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E257F98-D1A0-4D28-9504-1749CC090D49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FF1A5FC-73BE-4218-86D9-2E81FA64EABD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E492943-6EC0-4E34-9DBC-DD1C2CF1CDCC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "589E46F3-8038-4B87-8C40-55C6268B82F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F3B73F6-139E-42DC-B895-DDD17B5A1138",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A2590E7-FE04-4B29-B36B-AABAA5F3B9AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E4FD5E3-7E82-4294-8B05-D2045D857029",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E998A4A-5346-4CFA-A617-FD1106C6B7A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "91265549-A16E-4A00-A031-4F1EB8D6881C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA3C316B-5485-4CDD-A1A1-6C0A9CB4719F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECE6D033-7B8B-4F61-B653-0C0EF13466EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "14441650-DAD5-4959-83DF-4D6F3D6A05FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B21ABC9-A64B-43E4-8951-1E6C0F427DBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA0B9B73-A9E6-4924-9EAE-B57E534938FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "012812C4-EFF8-465F-A771-134BEB617CC9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "E06141A9-8C37-445A-B58A-45739AFE7D4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "7EDC09E5-51D3-4672-B910-B34A9CBD6128",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "71ED7A71-81CB-444C-A4ED-EA4A58D5E73C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "CAD13331-0EB8-4C8D-85CC-D96CA9F829AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "7137F22B-F993-4620-9378-9412DAEA9EF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "13F57A86-6284-4269-823E-B30C57185D14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.1.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6560447-039C-40FA-A24D-C8994AC2743B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "378ED826-F5FE-40BA-9FC0-9C185A13518B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "130B6FD9-764D-4EF8-91AA-37E52AE9B3E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "225861CE-FFF8-4AFA-A07B-CB8D5BC9C361",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD08C4E8-3ADB-4048-9B3C-4F0385201523",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "27ACBA2A-87A7-4836-A474-AFD7D22F820D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "61FB47CF-2A6A-4121-BFF7-5862E163B8E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE8390C-87EB-4170-8B7D-8F212C89296D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9873ABAC-9A3D-40E1-B7FF-F2AB74F82C22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEB8D76B-A9D6-4B94-AB94-1080872DE4D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "B77F521E-640D-4A79-A0B3-B6F9D6453A68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C6F9B4F-2837-4034-B45C-C131303FF06B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.1.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A2FF9AC-185F-4E63-A152-DAD6340A5B9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.1.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D669C54-77A2-41BC-A193-A847037FC606",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1DC52A8B-7DF4-47B2-9F49-627F59656E5E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "445CC2C4-EAD4-43C4-ACD9-559B9022DD24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "01C9D2DC-17CE-499D-ACF3-BBA75E7AEEE5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDFF1182-CE28-4C2E-B849-0D4CEB6C7511",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6CD85DB4-0105-4A8C-8CAA-AFB4F5DEBE10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEC6744D-67DF-4867-9B7A-7F4F28E9061F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "58F5570C-EC63-4F1E-AEC8-F624C46C136C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD48BE40-C647-429A-81B6-59E125BBE415",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "42496A5B-1644-4088-BBCF-2ED810A5694B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C05B06B5-C906-4DE8-BA56-9A11002EE1F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6523CD09-7610-4D0E-8585-B7CA82DACDA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8F54502-F1AC-4898-85F0-915BABD26D75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "117E2988-45C9-4F68-8C92-1356E0293E77",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE490473-C9A4-44AD-9AF1-23D3B72D49D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D726F07-06F1-4B0A-B010-E607E0C2A280",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FAD2427-82A3-4E64-ADB5-FA4F40B568F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "08D5A647-AC21-40AC-8B3C-EE5D3EDA038A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BAE999A-5244-46CF-8C12-D68E789BDEE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6468D3D-C5A7-4FAE-B4B9-AD862CD11055",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6E4808D-592E-46A6-A83A-A46227D817B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AB45136-ACCD-4230-8975-0EBB30D5B375",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2C39AC1-1B96-4253-9FC8-4CC26D6261F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE9102C8-F211-4E50-967F-FD51C7FC904F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4933642-89E5-4909-AD3C-862CD3B77790",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9A6C776-79B3-47ED-B013-100B8F08E1C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "E504F28A-44CE-4B3E-9330-6A98728E3AEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEA0DD43-D206-4C1C-8B17-DA47F96B3BAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "1983172D-4F52-479F-BF14-A84B92D36864",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "4122D982-A57A-4249-A8DC-CE9FC6C98803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "96464380-F665-4266-B0AD-693E078C9F82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C230B8A-570D-4F58-83E1-AFA50B813EA4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD3F39CB-C4C2-4B13-94F0-9E44322314BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "59A71873-0EB2-418F-AE33-8474A1010FA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3ED58B0E-FCC7-48E3-A5C0-6CC54A38BAE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3D4DAC2-D22A-495B-A6FD-D683B9295FFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.3.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBE5CF6D-C8EF-4B89-BC42-6E6873FB6A84",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.3.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBD703E2-54B0-4403-8C5C-70E02738C444",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.3.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C08950D-4785-434E-8537-00C212DC6DCD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.3.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB81CA22-3E98-41A0-8646-7B6F787D56C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2DF0B07-8C2A-4341-8AFF-DE7E5E5B3A43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E6BD0EE-649E-4ED6-A09C-8364335DEF52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AE11554-FE3C-4C8B-8986-5D88E4967342",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1C11983-22A8-4859-A240-571A7815FF54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "24CD0B0A-2B91-45DD-9522-8D1D3850CC9B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7026F0E-72A7-4CDF-BADC-E34FE6FADC51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "63B85369-FBAE-456C-BC99-5418B043688A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "86434346-D5F0-49BA-803E-244C3266E361",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2FA7B3C-002D-4755-B323-CA24B770A5B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1CB7EBC-F3D5-4855-A8D8-BA5AB21FD719",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2A5530C-DF29-421B-9712-3454C1769446",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "41170977-FEEA-4B51-BF98-8493096CD691",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "B05791F9-0B31-4C4C-A9BA-9268CAA45FB2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D975CBA-7F01-4A4C-991B-9571410C4F07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6D7AF29-4E08-4BFD-AFE0-994309E66F08",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "41E168ED-D664-4749-805E-77644407EAFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABE3433E-529B-4CEA-9810-2A68C8A97643",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.5.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F297A5CF-AF50-4F8B-B89F-8453A323AA1D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.5.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5609F866-4665-4D1A-9706-8D2EE9EB4CA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.5.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD9E1C43-6634-43FF-96DC-8D89E3DE9908",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.5.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C813F1E-B4E7-4B5E-B89F-65170D2B272D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCD69468-8067-4A5D-B2B0-EC510D889AA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "20AE4051-FA3B-4F0B-BD3D-083A14269FF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "46A42D07-FF3E-41B4-BA39-3A5BDA4E0E61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3985EA37-2B77-45F2-ABA5-5CCC7B35CA2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "67FB5ABE-3C40-4C58-B91F-0621C2180FAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "53909FD6-EC74-4D2F-99DA-26E70400B53F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "55FE024D-0D43-40AD-9645-8C54ECF17824",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "85F22403-B4EE-4303-9C94-915D3E0AC944",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "828E3DE1-B62E-4FEC-AAD3-EB0E452C9CBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "596EC5DD-D7F4-44C8-B4B5-E2DC142FC486",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C356E0E6-5B87-40CF-996E-6FFEDFD82A31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBCA75A6-0A3E-4393-8884-9F3CE190641E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F3C12D3-7662-46C5-9E88-D1BE6CF605E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "046B53A0-6BC1-461A-9C28-C534CE12C4BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA889E1-4E8F-4ECE-88AC-7A240D5CBF0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D619BF54-1BA9-45D0-A876-92D7010088A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "469EA365-DED5-4436-AAC2-5553529DE700",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D94F400-5A35-41F5-B37F-E9DA6F87ED8E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in dynamic access policies (DAP) functionality of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition.\r\n\r This vulnerability is due to improper processing of HostScan data received from the Posture (HostScan) module. An attacker could exploit this vulnerability by sending crafted HostScan data to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition.   \r\n\r    \r\n\r  https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-dap-dos-GhYZBxDU [\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-dap-dos-GhYZBxDU\"]\r\n\r \r This advisory is part of the November 2022 release of the Cisco ASA, FTD, and FMC Security Advisory Bundled publication."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la funcionalidad de las pol\u00edticas de acceso din\u00e1mico (DAP) del software Cisco Adaptive Security Appliance (ASA) y del software Firepower Threat Defense (FTD) podr\u00eda permitir que un atacante remoto no autenticado provoque que un dispositivo afectado se recargue, lo que resultar\u00eda en una condici\u00f3n de Denegaci\u00f3n de Servicio (DoS). Esta vulnerabilidad se debe al procesamiento inadecuado de los datos de HostScan recibidos del m\u00f3dulo Posture (HostScan). Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando datos de HostScan manipulados a un dispositivo afectado. Un exploit exitoso podr\u00eda permitir al atacante hacer que el dispositivo afectado se recargue, lo que resultar\u00eda en una condici\u00f3n DoS. \nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-dap-dos-GhYZBxDU \nEste aviso es parte de la versi\u00f3n de noviembre de 2022 de la publicaci\u00f3n del Security Advisory Bundled de Cisco ASA, FTD y FMC."
    }
  ],
  "id": "CVE-2022-20947",
  "lastModified": "2024-11-21T06:43:52.793",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-11-15T21:15:35.590",
  "references": [
    {
      "source": "psirt@cisco.com",
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-dap-dos-GhYZBxDU"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-dap-dos-GhYZBxDU"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2021-04-29 18:15

Modified

2024-11-21 05:44

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

Multiple vulnerabilities in Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. These vulnerabilities are due to lack of proper input validation of the HTTPS request. An attacker could exploit these vulnerabilities by sending a crafted HTTPS request to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Note: This vulnerability affects only specific AnyConnect and WebVPN configurations. For more information, see the Vulnerable Products section.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-vpn-dos-fpBcpEcD	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-vpn-dos-fpBcpEcD	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "04202164-FCC4-413E-90B5-01FE08AC6EEC",
              "versionEndExcluding": "6.6.4",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "599292E2-4F97-462D-93E0-7CCAEA7C5ED8",
              "versionEndExcluding": "6.7.0.1",
              "versionStartIncluding": "6.7.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D22BC1F6-4020-409B-B00B-D9560167724F",
              "versionEndExcluding": "9.8.4.35",
              "versionStartIncluding": "9.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A9BFFBC-F577-47CD-83E8-A6227B17D557",
              "versionEndExcluding": "9.9.2.85",
              "versionStartIncluding": "9.9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "74A15137-2788-4924-8CAC-93AE228F8B74",
              "versionEndExcluding": "9.12.4.10",
              "versionStartIncluding": "9.10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B74C14F-C95B-4AF5-A255-1CA824AA7FDE",
              "versionEndExcluding": "9.13.1.21",
              "versionStartIncluding": "9.13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "250E5443-1B48-4BD6-8315-B232EA46FBF0",
              "versionEndExcluding": "9.14.2.4",
              "versionStartIncluding": "9.14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE692449-D353-4726-82EF-4396E3336890",
              "versionEndExcluding": "9.15.1.7",
              "versionStartIncluding": "9.15",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple vulnerabilities in Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. These vulnerabilities are due to lack of proper input validation of the HTTPS request. An attacker could exploit these vulnerabilities by sending a crafted HTTPS request to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Note: This vulnerability affects only specific AnyConnect and WebVPN configurations. For more information, see the Vulnerable Products section."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades en el software Cisco Adaptive Security Appliance (ASA) y el software Firepower Threat Defense (FTD), podr\u00edan permitir a un atacante remoto no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado.\u0026#xa0;Estas vulnerabilidades son debido a una falta de comprobaci\u00f3n de entrada apropiada de la petici\u00f3n HTTPS.\u0026#xa0;Un atacante podr\u00eda explotar estas vulnerabilidades mediante el env\u00edo de una petici\u00f3n HTTPS dise\u00f1ada hacia un dispositivo afectado.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar que el dispositivo afectado se recargue, resultando en una condici\u00f3n DoS.\u0026#xa0;Nota: Esta vulnerabilidad afecta solo a configuraciones espec\u00edficas de AnyConnect y WebVPN.\u0026#xa0;Para obtener m\u00e1s informaci\u00f3n, consulte la secci\u00f3n Productos vulnerables"
    }
  ],
  "id": "CVE-2021-1504",
  "lastModified": "2024-11-21T05:44:30.027",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-04-29T18:15:09.500",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-vpn-dos-fpBcpEcD"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-vpn-dos-fpBcpEcD"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-05-06 17:15

Modified

2024-11-21 05:30

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Summary

A vulnerability in the VPN System Logging functionality for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a memory leak that can deplete system memory over time, which can cause unexpected system behaviors or device crashes. The vulnerability is due to the system memory not being properly freed for a VPN System Logging event generated when a VPN session is created or deleted. An attacker could exploit this vulnerability by repeatedly creating or deleting a VPN tunnel connection, which could leak a small amount of system memory for each logging event. A successful exploit could allow the attacker to cause system memory depletion, which can lead to a systemwide denial of service (DoS) condition. The attacker does not have any control of whether VPN System Logging is configured or not on the device, but it is enabled by default.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-Rdpe34sd8	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-Rdpe34sd8	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	6.2.3.12
cisco	firepower_threat_defense	6.2.3.13
cisco	firepower_threat_defense	6.2.3.14
cisco	firepower_threat_defense	6.2.3.15
cisco	asa_5505_firmware	9.9\(2\)
cisco	asa_5505_firmware	9.9\(2.21\)
cisco	asa_5505_firmware	9.9\(2.52\)
cisco	asa_5505_firmware	9.9\(2.55\)
cisco	asa_5505	-
cisco	asa_5510_firmware	9.9\(2\)
cisco	asa_5510_firmware	9.9\(2.21\)
cisco	asa_5510_firmware	9.9\(2.52\)
cisco	asa_5510_firmware	9.9\(2.55\)
cisco	asa_5510	-
cisco	asa_5512-x_firmware	9.9\(2\)
cisco	asa_5512-x_firmware	9.9\(2.21\)
cisco	asa_5512-x_firmware	9.9\(2.52\)
cisco	asa_5512-x_firmware	9.9\(2.55\)
cisco	asa_5512-x	-
cisco	asa_5515-x_firmware	9.9\(2\)
cisco	asa_5515-x_firmware	9.9\(2.21\)
cisco	asa_5515-x_firmware	9.9\(2.52\)
cisco	asa_5515-x_firmware	9.9\(2.55\)
cisco	asa_5515-x	-
cisco	asa_5520_firmware	9.9\(2\)
cisco	asa_5520_firmware	9.9\(2.21\)
cisco	asa_5520_firmware	9.9\(2.52\)
cisco	asa_5520_firmware	9.9\(2.55\)
cisco	asa_5520	-
cisco	asa_5525-x_firmware	9.9\(2\)
cisco	asa_5525-x_firmware	9.9\(2.21\)
cisco	asa_5525-x_firmware	9.9\(2.52\)
cisco	asa_5525-x_firmware	9.9\(2.55\)
cisco	asa_5525-x	-
cisco	asa_5540_firmware	9.9\(2\)
cisco	asa_5540_firmware	9.9\(2.21\)
cisco	asa_5540_firmware	9.9\(2.52\)
cisco	asa_5540_firmware	9.9\(2.55\)
cisco	asa_5540	-
cisco	asa_5545-x_firmware	9.9\(2\)
cisco	asa_5545-x_firmware	9.9\(2.21\)
cisco	asa_5545-x_firmware	9.9\(2.52\)
cisco	asa_5545-x_firmware	9.9\(2.55\)
cisco	asa_5545-x	-
cisco	asa_5550_firmware	9.9\(2\)
cisco	asa_5550_firmware	9.9\(2.21\)
cisco	asa_5550_firmware	9.9\(2.52\)
cisco	asa_5550_firmware	9.9\(2.55\)
cisco	asa_5550	-
cisco	asa_5555-x_firmware	9.9\(2\)
cisco	asa_5555-x_firmware	9.9\(2.21\)
cisco	asa_5555-x_firmware	9.9\(2.52\)
cisco	asa_5555-x_firmware	9.9\(2.55\)
cisco	asa_5555-x	-
cisco	asa_5580_firmware	9.9\(2\)
cisco	asa_5580_firmware	9.9\(2.21\)
cisco	asa_5580_firmware	9.9\(2.52\)
cisco	asa_5580_firmware	9.9\(2.55\)
cisco	asa_5580	-
cisco	asa_5585-x_firmware	9.9\(2\)
cisco	asa_5585-x_firmware	9.9\(2.21\)
cisco	asa_5585-x_firmware	9.9\(2.52\)
cisco	asa_5585-x_firmware	9.9\(2.55\)
cisco	asa_5585-x	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEA0DD43-D206-4C1C-8B17-DA47F96B3BAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "1983172D-4F52-479F-BF14-A84B92D36864",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "4122D982-A57A-4249-A8DC-CE9FC6C98803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "96464380-F665-4266-B0AD-693E078C9F82",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5505_firmware:9.9\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "A83DD80F-BA91-4963-9BCB-86E29CDBCD40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5505_firmware:9.9\\(2.21\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "C449D684-DD47-4468-94FE-6A982526F97A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5505_firmware:9.9\\(2.52\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "58C9BCE5-B172-42B6-9389-9FD5F9A3ADA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5505_firmware:9.9\\(2.55\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "83E09189-E7D4-448D-888C-9E4D3E4EA564",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E6A8BB7-2000-4CA2-9DD7-89573CE4C73A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5510_firmware:9.9\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "0124350A-B946-4E2E-9022-91F36283FD1F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5510_firmware:9.9\\(2.21\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "E9D810C9-F8C0-48E1-A9C4-7129395B5E1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5510_firmware:9.9\\(2.52\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "68D1BC56-7726-4EEC-8110-3FEDF3EC8569",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5510_firmware:9.9\\(2.55\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "3583465E-A714-4E4C-8837-664E0330FB6A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B091B9BA-D4CA-435B-8D66-602B45F0E0BD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5512-x_firmware:9.9\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "445B2018-0C36-4548-AA11-5FCD114957B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5512-x_firmware:9.9\\(2.21\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "11618BDC-57E9-44BA-981E-BF9BEE7633E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5512-x_firmware:9.9\\(2.52\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "4F79B47C-4232-42E2-BAB3-DCE6C93230FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5512-x_firmware:9.9\\(2.55\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "EC3E2912-C2EC-4045-A44D-52F693671F27",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08F0F160-DAD2-48D4-B7B2-4818B2526F35",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5515-x_firmware:9.9\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "296C12B8-B49C-4D54-802C-B839973598E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5515-x_firmware:9.9\\(2.21\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "650591E6-FA4E-41E7-9763-FDD8D77F38E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5515-x_firmware:9.9\\(2.52\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "C0455258-89B5-4AEC-AAC2-FD685B72729E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5515-x_firmware:9.9\\(2.55\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "D5180544-7770-41FA-844C-125C302D8907",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "977D597B-F6DE-4438-AB02-06BE64D71EBE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5520_firmware:9.9\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "C7DFA877-2983-49DC-9C51-1C8BC9E3C0B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5520_firmware:9.9\\(2.21\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "CE8C8C2B-D0E6-45F6-AD44-8E76D35FB6AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5520_firmware:9.9\\(2.52\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "9E83543B-10E8-4B08-9158-7B10E18F862A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5520_firmware:9.9\\(2.55\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "41BFD9DB-FE0B-4B67-B80C-489117AD7A6D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5520:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B387F62-6341-434D-903F-9B72E7F84ECB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5525-x_firmware:9.9\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "925F2CEC-99EA-40AF-827C-A002900041B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5525-x_firmware:9.9\\(2.21\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "0B2157FD-BE9D-4AEA-B25C-0394CDC253EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5525-x_firmware:9.9\\(2.52\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "6F215BAC-E847-43EC-8808-635E242765C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5525-x_firmware:9.9\\(2.55\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "C87C4B68-76B2-4C8A-86E9-4D82765DCD59",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB71EB29-0115-4307-A9F7-262394FD9FB0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5540_firmware:9.9\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "8A2E5A45-7AA9-43F1-A937-7EA588CA306D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5540_firmware:9.9\\(2.21\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "93731F51-393C-41F3-BE74-54177E18F03D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5540_firmware:9.9\\(2.52\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "5B288C31-5F92-4BB6-9794-9D6D69863A40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5540_firmware:9.9\\(2.55\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "235647DF-756E-4777-B4B1-71A40FE2CD85",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5540:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C5A524-E1D9-480F-B655-0680AA5BF720",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5545-x_firmware:9.9\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "18F1F84D-1BDC-4C83-9AFD-8D6A7C4ECBF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5545-x_firmware:9.9\\(2.21\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "784CDAC9-AD3C-4D46-B410-5629190E4DE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5545-x_firmware:9.9\\(2.52\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "D39DC81A-2C34-4A70-9E40-CCE5B1F7FF5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5545-x_firmware:9.9\\(2.55\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "99E0CA51-3368-4240-B5BA-DEE5A32DE82C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5545-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57179F60-E330-4FF0-9664-B1E4637FF210",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5550_firmware:9.9\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "670A91E8-730B-4201-9CAA-5B0436EDDAF8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5550_firmware:9.9\\(2.21\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "58C4F7BC-82AC-4DE9-AE02-CF5D9808F4C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5550_firmware:9.9\\(2.52\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "C02BD5BE-487C-444A-87B4-65CB1476C04E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5550_firmware:9.9\\(2.55\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "3656E96E-0895-4B19-B911-6FB2B2D3408E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5550:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6287D95-F564-44B7-A0F9-91396D7C2C4E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5555-x_firmware:9.9\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "9C3147FE-8A2B-4147-903B-1ED59C020B70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5555-x_firmware:9.9\\(2.21\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "5B00D280-ABE5-4DB9-A84D-B2D8C580B4E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5555-x_firmware:9.9\\(2.52\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "4D818573-0DC3-40AA-B46E-D04A9EF4DD7F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5555-x_firmware:9.9\\(2.55\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "099556C2-795B-418B-B5F6-56A9A345E882",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5535C936-391B-4619-AA03-B35265FC15D7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5580_firmware:9.9\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "9E83C904-A31F-4883-9967-675C1C850BA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5580_firmware:9.9\\(2.21\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "FBBF331E-193C-47C7-84F6-11453BA27D76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5580_firmware:9.9\\(2.52\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "8DE6A20D-BEA2-4F90-90AB-0D8567611C42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5580_firmware:9.9\\(2.55\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "E1069262-8BA1-491A-A2B0-566155947994",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1E828B8-5ECC-4A09-B2AD-DEDC558713DE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5585-x_firmware:9.9\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "B98477E0-C039-454A-A1BE-7423E0E467A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5585-x_firmware:9.9\\(2.21\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "F57B80B9-FF2E-40BB-AAEE-944A30753037",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5585-x_firmware:9.9\\(2.52\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "732AB027-F0BA-4B90-A13C-D4F61816CF7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5585-x_firmware:9.9\\(2.55\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "D47315CF-94A5-4CD8-87F8-0A7FE923104A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16AE20C2-C77E-4E04-BF13-A48696E52426",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the VPN System Logging functionality for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a memory leak that can deplete system memory over time, which can cause unexpected system behaviors or device crashes. The vulnerability is due to the system memory not being properly freed for a VPN System Logging event generated when a VPN session is created or deleted. An attacker could exploit this vulnerability by repeatedly creating or deleting a VPN tunnel connection, which could leak a small amount of system memory for each logging event. A successful exploit could allow the attacker to cause system memory depletion, which can lead to a systemwide denial of service (DoS) condition. The attacker does not have any control of whether VPN System Logging is configured or not on the device, but it is enabled by default."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la funcionalidad VPN System Logging para el Cisco Firepower Threat Defense (FTD) Software, podr\u00eda permitir a un atacante remoto no autenticado causar una p\u00e9rdida de memoria que puede agotar la memoria del sistema con el tiempo, lo que puede causar comportamientos inesperados del sistema o bloqueos del dispositivo. La vulnerabilidad es debido a que la memoria del sistema no est\u00e1 siendo liberada apropiadamente para un evento de la VPN System Logging cuando es creada o eliminada una sesi\u00f3n VPN. Un atacante podr\u00eda explotar esta vulnerabilidad creando o eliminando repetidamente una conexi\u00f3n de t\u00fanel VPN, lo cual podr\u00eda filtrar una peque\u00f1a cantidad de memoria del sistema para cada evento de registro. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir a un atacante causar el agotamiento de la memoria del sistema, lo que puede conllevar a una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en todo el sistema. El atacante no posee ning\u00fan control sobre si VPN System Logging est\u00e1 configurado o no en el dispositivo, pero est\u00e1 habilitado por defecto."
    }
  ],
  "id": "CVE-2020-3189",
  "lastModified": "2024-11-21T05:30:30.713",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-05-06T17:15:12.230",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-Rdpe34sd8"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-Rdpe34sd8"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-401"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2018-04-19 20:29

Modified

2024-11-21 03:37

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Summary

Multiple vulnerabilities in the Application Layer Protocol Inspection feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerabilities are due to logical errors during traffic inspection. An attacker could exploit these vulnerabilities by sending a high volume of malicious traffic across an affected device. An exploit could allow the attacker to cause a deadlock condition, resulting in a reload of an affected device. These vulnerabilities affect Cisco ASA Software and Cisco FTD Software configured for Application Layer Protocol Inspection running on the following Cisco products: 3000 Series Industrial Security Appliance (ISA), ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4100 Series Security Appliance, Firepower 9300 ASA Security Module, FTD Virtual (FTDv). Cisco Bug IDs: CSCve61540, CSCvh23085, CSCvh95456.

References

URL	Tags
psirt@cisco.com	http://www.securityfocus.com/bid/103934	Third Party Advisory, VDB Entry
psirt@cisco.com	http://www.securitytracker.com/id/1040722	Broken Link, Third Party Advisory, VDB Entry
psirt@cisco.com	https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01	Third Party Advisory, US Government Resource
psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa_inspect	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/103934	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1040722	Broken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01	Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa_inspect	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_virtual_appliance	-
cisco	firepower_threat_defense_virtual	-
cisco	7604	-
cisco	7606-s	-
cisco	7609-s	-
cisco	7613-s	-
cisco	asa-5505	-
cisco	asa-5506-x	-
cisco	asa-5506h-x	-
cisco	asa-5512-x	-
cisco	asa-5515-x	-
cisco	asa-5520	-
cisco	asa-5540	-
cisco	asa-5545-x	-
cisco	asa-5555-x	-
cisco	asa-5585-x	-
cisco	asa_5506-x	-
cisco	asa_5506w-x	-
cisco	asa_5508-x	-
cisco	asa_5510	-
cisco	asa_5516-x	-
cisco	asa_5525-x	-
cisco	asa_5550	-
cisco	asa_5555-x	-
cisco	asa_5580	-
cisco	catalyst_6500-e	-
cisco	catalyst_6503-e	-
cisco	catalyst_6504-e	-
cisco	catalyst_6506-e	-
cisco	catalyst_6509-e	-
cisco	catalyst_6509-neb-a	-
cisco	catalyst_6509-v-e	-
cisco	catalyst_6513	-
cisco	catalyst_6513-e	-
cisco	firepower_2110	-
cisco	firepower_2120	-
cisco	firepower_2130	-
cisco	firepower_2140	-
cisco	firepower_4110	-
cisco	firepower_4120	-
cisco	firepower_4140	-
cisco	firepower_4150	-
cisco	firepower_9300	-
cisco	isa-3000-2c2f	-
cisco	isa-3000-4c	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "64116F5B-671C-46DB-A78D-AB14AAF946FD",
              "versionEndIncluding": "6.1.0.7",
              "versionStartIncluding": "6.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC8A9EB8-D0BF-453B-BB21-5EE5D8E29728",
              "versionEndExcluding": "6.2.0.5",
              "versionStartIncluding": "6.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F78E5B29-1033-4151-A1C2-063D590C0B34",
              "versionEndExcluding": "6.2.2.2",
              "versionStartIncluding": "6.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FA3D6C9-26CC-4E6C-A71A-C50119CC434B",
              "versionEndExcluding": "9.6.4.6",
              "versionStartIncluding": "9.6.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC4174F9-9031-437E-82DE-F58F35594ED0",
              "versionEndExcluding": "9.7.1.24",
              "versionStartIncluding": "9.7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F0EB447-BAF2-4ED2-BE4A-02F7FE9E35EE",
              "versionEndExcluding": "9.8.2.24",
              "versionStartIncluding": "9.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B68B0C20-2628-4355-A48F-619E755305DD",
              "versionEndExcluding": "9.9.1.4",
              "versionStartIncluding": "9.9.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:adaptive_security_virtual_appliance:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E785C602-BE11-4FFC-A2A7-EC520E220C0F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense_virtual:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A38E373E-438F-44F6-AABF-2C57142507EE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:7604:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "65973B50-2AA1-4B83-925A-8DB2D4720ADB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:7606-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "25DD80A8-F664-4C30-A89F-C2299CCACB7E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:7609-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "385DBA44-E84B-4752-8E8E-170EF13784D7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:7613-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1E30F72-0218-496D-BFAD-CED0AAC5E58E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa-5505:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "42EACCF8-8E5F-4227-9B09-9F3B40462B29",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa-5506-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4916B846-AEAD-4C06-9705-048627F27236",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa-5506h-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "931B9C8E-6AD7-4E05-8E48-27D3931DC8BB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa-5512-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B202C089-E348-42E0-8818-BB3874B28AFD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa-5515-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F449766B-F279-41B3-B0D6-049EF05B8DCE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa-5520:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7293B424-1022-4013-8A5F-5A023D3DB181",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa-5540:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5FF447F-AE88-4B08-BDE8-26B642BEA80C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa-5545-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EF47542-3C2E-4BDB-823F-9A901312C634",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa-5555-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A567EFB6-9A19-4BC0-8EE2-6E2219D09961",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa-5585-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "70928713-E277-4707-9A8A-3438D1760ECE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5506-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "763B801D-CA1E-4C56-8B06-3373EA307C7E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5506w-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D11AF728-8EB0-45EB-A7DD-F2D52B3BB7B8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5508-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "92AE506A-E710-465B-B795-470FDE0E0ECA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B091B9BA-D4CA-435B-8D66-602B45F0E0BD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5516-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E07AF10-FFB2-4AC7-BBE7-199C3EFED81F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB71EB29-0115-4307-A9F7-262394FD9FB0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5550:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6287D95-F564-44B7-A0F9-91396D7C2C4E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5535C936-391B-4619-AA03-B35265FC15D7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1E828B8-5ECC-4A09-B2AD-DEDC558713DE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_6500-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "15B48565-92C7-4AE1-AE3A-6FF7DD010745",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_6503-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F202892E-2E58-4D77-B983-38AFA51CDBC6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_6504-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F57DF3E-4069-4EF0-917E-84CDDFCEBEEF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_6506-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BE25114-ABBC-47A0-9C20-E8D40D721313",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_6509-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FADD5F49-2817-40EC-861C-C922825708BD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_6509-neb-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E628F9C4-98C6-4A95-AF81-F1E6A56E8648",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_6509-v-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4AFF899C-1EB3-46D8-9003-EA36A68C90B3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_6513:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6463491-F63E-44CB-A1D4-C029BE7D3D3D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_6513-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8668D34-096B-4FC3-B9B1-0ECFD6265778",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "52D96810-5F79-4A83-B8CA-D015790FCF72",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FE2945-4975-4003-AE48-7E134E167A7F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2130:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCE7122A-5AA7-4ECD-B024-E27C9D0CFB7B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2140:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "976901BF-C52C-4F81-956A-711AF8A60140",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "38AE6DC0-2B03-4D36-9856-42530312CC46",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3DB2822B-B752-4CD9-A178-934957E306B4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "65378F3A-777C-4AE2-87FB-1E7402F9EA1B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "07DAFDDA-718B-4B69-A524-B0CEB80FE960",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:isa-3000-2c2f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "646795EF-D545-44FE-ADD9-E950783CF976",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:isa-3000-4c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A81184F2-631A-46FA-AB96-2B2D20FBEC8D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple vulnerabilities in the Application Layer Protocol Inspection feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerabilities are due to logical errors during traffic inspection. An attacker could exploit these vulnerabilities by sending a high volume of malicious traffic across an affected device. An exploit could allow the attacker to cause a deadlock condition, resulting in a reload of an affected device. These vulnerabilities affect Cisco ASA Software and Cisco FTD Software configured for Application Layer Protocol Inspection running on the following Cisco products: 3000 Series Industrial Security Appliance (ISA), ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4100 Series Security Appliance, Firepower 9300 ASA Security Module, FTD Virtual (FTDv). Cisco Bug IDs: CSCve61540, CSCvh23085, CSCvh95456."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades en la caracter\u00edstica Application Layer Protocol de Cisco Adaptive Security Appliance (ASA) Software y Cisco Firepower Threat Defense (FTD) Software podr\u00edan permitir que un atacante remoto no autenticado desencadene una recarga del dispositivo afectado, lo que resulta en una denegaci\u00f3n de servicio (DoS). Las vulnerabilidades se deben a errores de l\u00f3gica durante la inspecci\u00f3n de tr\u00e1fico. Un atacante podr\u00eda explotar estas vulnerabilidades enviando un gran volumen de tr\u00e1fico malicioso a trav\u00e9s de un dispositivo afectado. Su explotaci\u00f3n podr\u00eda permitir que el atacante provoque una condici\u00f3n de deadlock, lo que resulta en la recarga del dispositivo afectado. Estas vulnerabilidades afectan a las versiones de Cisco ASA Software y Cisco FTD Software configuradas para la inspecci\u00f3n de Application Layer Protocol en los siguientes productos de Cisco: 3000 Series Industrial Security Appliance (ISA), ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4100 Series Security Appliance, Firepower 9300 ASA Security Module y FTD Virtual (FTDv). Cisco Bug IDs: CSCve61540, CSCvh23085, CSCvh95456."
    }
  ],
  "id": "CVE-2018-0240",
  "lastModified": "2024-11-21T03:37:47.810",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-04-19T20:29:00.817",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/103934"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1040722"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa_inspect"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/103934"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1040722"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa_inspect"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2022-05-03 04:15

Modified

2024-11-21 06:43

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

A vulnerability in the connection handling function in Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper traffic handling when platform limits are reached. An attacker could exploit this vulnerability by sending a high rate of UDP traffic through an affected device. A successful exploit could allow the attacker to cause all new, incoming connections to be dropped, resulting in a DoS condition.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-JnnJm4wB	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-JnnJm4wB	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	7.1.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "35AD28D3-1C08-44EF-9148-371C9E7912E5",
              "versionEndExcluding": "6.4.0.15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD7675E1-AE0A-4C69-915D-144597F1250E",
              "versionEndExcluding": "6.6.5.2",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "22E1337C-A0EE-467D-A06E-FBE1541DDFD2",
              "versionEndExcluding": "7.0.2",
              "versionStartIncluding": "6.7.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D619BF54-1BA9-45D0-A876-92D7010088A0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the connection handling function in Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper traffic handling when platform limits are reached. An attacker could exploit this vulnerability by sending a high rate of UDP traffic through an affected device. A successful exploit could allow the attacker to cause all new, incoming connections to be dropped, resulting in a DoS condition."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la funci\u00f3n de administraci\u00f3n de conexiones del software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir a un atacante remoto no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado. Esta vulnerabilidad es debido al manejo inapropiado del tr\u00e1fico cuando son alcanzados los l\u00edmites de la plataforma. Un atacante podr\u00eda explotar esta vulnerabilidad  mediante el env\u00edo de una alta tasa de tr\u00e1fico UDP a trav\u00e9s de un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar el bloqueo de todas las nuevas conexiones entrantes, resultando en una condici\u00f3n de DoS"
    }
  ],
  "id": "CVE-2022-20757",
  "lastModified": "2024-11-21T06:43:29.483",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-05-03T04:15:09.763",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-JnnJm4wB"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-JnnJm4wB"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-770"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-770"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2021-10-27 19:15

Modified

2024-11-21 06:11

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

A vulnerability in the processing of SSH connections for multi-instance deployments of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. This vulnerability is due to a lack of proper error handling when an SSH session fails to be established. An attacker could exploit this vulnerability by sending a high rate of crafted SSH connections to the instance. A successful exploit could allow the attacker to cause resource exhaustion, which causes a DoS condition on the affected device. The device must be manually reloaded to recover.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-rUDseW3r	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-rUDseW3r	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_management_center_virtual_appliance	6.3.0
cisco	firepower_management_center_virtual_appliance	6.4.0
cisco	firepower_management_center_virtual_appliance	6.4.0.13
cisco	firepower_management_center_virtual_appliance	6.5.0
cisco	firepower_management_center_virtual_appliance	6.6.0
cisco	firepower_management_center_virtual_appliance	6.7.0.3
cisco	firepower_management_center_virtual_appliance	6.7.1
cisco	firepower_management_center_virtual_appliance	7.0.0
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	sourcefire_defense_center	6.3.0
cisco	sourcefire_defense_center	6.4.0
cisco	sourcefire_defense_center	6.4.0.13
cisco	sourcefire_defense_center	6.5.0
cisco	sourcefire_defense_center	6.6.0
cisco	sourcefire_defense_center	6.7.0.3
cisco	sourcefire_defense_center	6.7.1
cisco	sourcefire_defense_center	7.0.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C16F3BD-2ACD-44A0-9033-13CB59A50FE4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C0FC62F-65AD-4855-953A-DA5BBFC1B2E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.4.0.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADCD7132-CB3D-4C8A-A8A4-CB2F225F2103",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "28629BA3-B1ED-409B-9FB1-E2159D95D975",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "49436378-0578-48F6-AE54-7C8D88574864",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "08D53D5A-C40D-4E34-95DE-4F7BCD69C44C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB554C1B-F215-4E2B-A47A-FAE73A2AFBCC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CB38685-4255-4565-98AA-234B9DEEADE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F27ABB44-FC9A-457D-AFB7-D7CB8119C9AE",
              "versionEndExcluding": "6.4.0.13",
              "versionStartIncluding": "6.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "18589C74-19D2-44F0-AF26-68910E26655D",
              "versionEndExcluding": "6.6.5",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "98DEDDAB-B8C5-4753-A208-94638E694FC1",
              "versionEndExcluding": "6.7.0.3",
              "versionStartIncluding": "6.7.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B2F537A-A488-45B6-AD4B-48B7064AE84C",
              "versionEndExcluding": "7.0.1",
              "versionStartIncluding": "7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B273B25-634A-48FF-B290-4A332F84E0B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2EBC6544-6ADF-4F95-A969-A8D953D11B3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.4.0.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F80E8A9-704D-44DC-B886-59D97036EC82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "04DF03B7-9C70-4BEE-8AE4-6AA134322C0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4F47E43-116B-4176-9E79-0BA7CBA16869",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "97B8B789-5C61-4C15-9F2A-91C18B1D9FC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0AAD56A-563F-48FB-A8D0-E482425B79FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "52ED507A-5075-4444-A2D1-F5657453AD3F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the processing of SSH connections for multi-instance deployments of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. This vulnerability is due to a lack of proper error handling when an SSH session fails to be established. An attacker could exploit this vulnerability by sending a high rate of crafted SSH connections to the instance. A successful exploit could allow the attacker to cause resource exhaustion, which causes a DoS condition on the affected device. The device must be manually reloaded to recover."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el procesamiento de las conexiones SSH para las implementaciones de m\u00faltiples instancias del software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir a un atacante remoto no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en el dispositivo afectado. Esta vulnerabilidad es debido a una falta de administraci\u00f3n adecuada de errores cuando no es posible establecer una sesi\u00f3n SSH. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de una alta tasa de conexiones SSH dise\u00f1adas a la instancia. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar un agotamiento de los recursos, que causa una condici\u00f3n de DoS en el dispositivo afectado. El dispositivo debe ser recargado manualmente para recuperarse"
    }
  ],
  "id": "CVE-2021-34781",
  "lastModified": "2024-11-21T06:11:11.290",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-10-27T19:15:08.233",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-rUDseW3r"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-rUDseW3r"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-755"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2019-11-05 20:15

Modified

2024-11-26 16:09

Severity ?

5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

Summary

A vulnerability in the normalization functionality of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow an unauthenticated, remote attacker to bypass filtering protections. The vulnerability is due to insufficient normalization of a text-based payload. An attacker could exploit this vulnerability by sending traffic that contains specifically obfuscated payloads through an affected device. An exploit could allow the attacker to bypass filtering and deliver malicious payloads to protected systems that would otherwise be blocked.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190816-ftd-null	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190816-ftd-null	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_services_software_for_asa	*
cisco	firepower_threat_defense	*
cisco	secure_firewall_management_center	*
cisco	secure_firewall_management_center	*
cisco	secure_firewall_management_center	*
cisco	secure_firewall_management_center	2.9.15
cisco	secure_firewall_management_center	2.9.16

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_services_software_for_asa:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A70505F-E716-439B-BE8C-B4CC3DF080E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E102D5C4-D296-4F09-B4FA-62CD8E2E5CB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BD5CFAE-5696-419C-B24E-7CF9E7EC7B92",
              "versionEndIncluding": "2.9.12.15",
              "versionStartIncluding": "2.9.12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "27A4DC81-DD37-46A6-8751-D0B4671E23BA",
              "versionEndIncluding": "2.9.13.6",
              "versionStartIncluding": "2.9.13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C37F0EAC-42D5-4D10-A5C8-6D975B7BF176",
              "versionEndIncluding": "2.9.14.5",
              "versionStartIncluding": "2.9.14.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:2.9.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "42493B4F-0CF2-45F0-B72D-36F0597CC274",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:2.9.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "06F2E7D8-BB95-480D-AE3E-F9B97C3A5379",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the normalization functionality of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow an unauthenticated, remote attacker to bypass filtering protections. The vulnerability is due to insufficient normalization of a text-based payload. An attacker could exploit this vulnerability by sending traffic that contains specifically obfuscated payloads through an affected device. An exploit could allow the attacker to bypass filtering and deliver malicious payloads to protected systems that would otherwise be blocked."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la funcionalidad de normalizaci\u00f3n del software Cisco Firepower Threat Defense, el software Cisco FirePOWER Services para ASA y el software Cisco Firepower Management Center, podr\u00eda permitir a un atacante remoto no autenticado omitir las protecciones de filtrado. La vulnerabilidad es debido a la insuficiente normalizaci\u00f3n de una carga \u00fatil basada en texto. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de tr\u00e1fico que contenga cargas \u00fatiles especialmente ofuscadas por medio de un dispositivo afectado. Una explotaci\u00f3n podr\u00eda permitir al atacante evitar el filtrado y entregar cargas maliciosas hacia los sistemas protegidos que de otra manera se bloquear\u00edan."
    }
  ],
  "id": "CVE-2019-1981",
  "lastModified": "2024-11-26T16:09:02.407",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-11-05T20:15:11.783",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190816-ftd-null"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190816-ftd-null"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2022-05-03 04:15

Modified

2024-11-21 06:43

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

A vulnerability in the DNS inspection handler of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service condition (DoS) on an affected device. This vulnerability is due to a lack of proper processing of incoming requests. An attacker could exploit this vulnerability by sending crafted DNS requests at a high rate to an affected device. A successful exploit could allow the attacker to cause the device to stop responding, resulting in a DoS condition.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dos-nJVAwOeq	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dos-nJVAwOeq	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	7.1.0
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "35AD28D3-1C08-44EF-9148-371C9E7912E5",
              "versionEndExcluding": "6.4.0.15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD7675E1-AE0A-4C69-915D-144597F1250E",
              "versionEndExcluding": "6.6.5.2",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "536C9927-B64A-4959-BE92-9F2665AEA811",
              "versionEndExcluding": "7.0.2",
              "versionStartIncluding": "7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D619BF54-1BA9-45D0-A876-92D7010088A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "66C2579F-1E8B-4FB1-AA40-B164F4F2BBED",
              "versionEndExcluding": "9.12.4.38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFE84A5D-FFD6-4A82-BDFA-367D29625300",
              "versionEndExcluding": "9.14.4",
              "versionStartIncluding": "9.13.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B120E68-DA48-4B87-A549-6BA7009C056D",
              "versionEndExcluding": "9.15.1.21",
              "versionStartIncluding": "9.15.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "99DD72E2-E389-453E-8A99-1B633C4E2AE3",
              "versionEndExcluding": "9.16.2.14",
              "versionStartIncluding": "9.16.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "573E61F7-8311-4095-BD75-8F3D3E2499E5",
              "versionEndExcluding": "9.17.1.7",
              "versionStartIncluding": "9.17.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the DNS inspection handler of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service condition (DoS) on an affected device. This vulnerability is due to a lack of proper processing of incoming requests. An attacker could exploit this vulnerability by sending crafted DNS requests at a high rate to an affected device. A successful exploit could allow the attacker to cause the device to stop responding, resulting in a DoS condition."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el controlador de inspecci\u00f3n de DNS del software Cisco Adaptive Security Appliance (ASA) y del software Firepower Threat Defense (FTD) podr\u00eda permitir a un atacante remoto no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado. Esta vulnerabilidad es debido a una falta de procesamiento apropiado de las peticiones entrantes. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de peticiones DNS dise\u00f1adas a un alto ritmo a un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar que el dispositivo dejara de responder, resultando en una condici\u00f3n de DoS"
    }
  ],
  "id": "CVE-2022-20760",
  "lastModified": "2024-11-21T06:43:29.897",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-05-03T04:15:09.893",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dos-nJVAwOeq"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dos-nJVAwOeq"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2023-11-01 17:15

Modified

2024-11-21 07:40

Severity ?

4.0 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:L
4.0 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:L

Summary

A vulnerability in the SSL file policy implementation of Cisco Firepower Threat Defense (FTD) Software that occurs when the SSL/TLS connection is configured with a URL Category and the Snort 3 detection engine could allow an unauthenticated, remote attacker to cause the Snort 3 detection engine to unexpectedly restart. This vulnerability exists because a logic error occurs when a Snort 3 detection engine inspects an SSL/TLS connection that has either a URL Category configured on the SSL file policy or a URL Category configured on an access control policy with TLS server identity discovery enabled. Under specific, time-based constraints, an attacker could exploit this vulnerability by sending a crafted SSL/TLS connection through an affected device. A successful exploit could allow the attacker to trigger an unexpected reload of the Snort 3 detection engine, resulting in either a bypass or denial of service (DoS) condition, depending on device configuration. The Snort 3 detection engine will restart automatically. No manual intervention is required.

References

▼	URL	Tags
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sa-ftd-snort3-urldos-OccFQTeX	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sa-ftd-snort3-urldos-OccFQTeX	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	7.0.0
cisco	firepower_threat_defense	7.0.0.1
cisco	firepower_threat_defense	7.0.1
cisco	firepower_threat_defense	7.0.1.1
cisco	firepower_threat_defense	7.0.2
cisco	firepower_threat_defense	7.0.2.1
cisco	firepower_threat_defense	7.0.3
cisco	firepower_threat_defense	7.0.4
cisco	firepower_threat_defense	7.0.5
cisco	firepower_threat_defense	7.1.0
cisco	firepower_threat_defense	7.1.0.1
cisco	firepower_threat_defense	7.1.0.2
cisco	firepower_threat_defense	7.1.0.3
cisco	firepower_threat_defense	7.2.0
cisco	firepower_threat_defense	7.2.0.1
cisco	firepower_threat_defense	7.2.1
cisco	firepower_threat_defense	7.2.2
cisco	firepower_threat_defense	7.2.3
cisco	firepower_threat_defense	7.3.0
cisco	firepower_threat_defense	7.3.1
cisco	firepower_threat_defense	7.3.1.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBCA75A6-0A3E-4393-8884-9F3CE190641E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F3C12D3-7662-46C5-9E88-D1BE6CF605E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "046B53A0-6BC1-461A-9C28-C534CE12C4BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA889E1-4E8F-4ECE-88AC-7A240D5CBF0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D1C767F-3E06-43B7-A0CC-D51D97A053EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "43A950B0-A7CA-4CE7-A393-A18C8C41B08E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7E221CB-BD0F-4AEE-8646-998B75647714",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "225382DE-2919-48F4-9CC0-DE685EAAFDF4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBA2DFE7-F478-46EC-9832-4B2C738FC879",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D619BF54-1BA9-45D0-A876-92D7010088A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "469EA365-DED5-4436-AAC2-5553529DE700",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D94F400-5A35-41F5-B37F-E9DA6F87ED8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5364CB94-BEA3-4E9A-A2F9-EE96A2D7F8AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FD5D12-CF1A-4990-99B3-1840EFBA5611",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCD2D11D-FF08-44E4-BF67-D8DD1E701FCD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F788D156-1F1F-4A08-848B-257BC4CCE000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "795ED164-7800-4D50-8E37-665BE30190D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B0664B8-1670-4F47-A01E-089D05A9618A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBC0C3DC-4761-488A-90A9-6EA45EE61526",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "62EE065B-F8B6-4125-8486-B2EE0566B27A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5245DEF8-64BE-47C9-AA3C-DF3F7F92A89F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the SSL file policy implementation of Cisco Firepower Threat Defense (FTD) Software that occurs when the SSL/TLS connection is configured with a URL Category and the Snort 3 detection engine could allow an unauthenticated, remote attacker to cause the Snort 3 detection engine to unexpectedly restart. This vulnerability exists because a logic error occurs when a Snort 3 detection engine inspects an SSL/TLS connection that has either a URL Category configured on the SSL file policy or a URL Category configured on an access control policy with TLS server identity discovery enabled. Under specific, time-based constraints, an attacker could exploit this vulnerability by sending a crafted SSL/TLS connection through an affected device. A successful exploit could allow the attacker to trigger an unexpected reload of the Snort 3 detection engine, resulting in either a bypass or denial of service (DoS) condition, depending on device configuration. The Snort 3 detection engine will restart automatically. No manual intervention is required."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la implementaci\u00f3n de la pol\u00edtica de archivos SSL del software Cisco Firepower Threat Defense (FTD) que ocurre cuando la conexi\u00f3n SSL/TLS est\u00e1 configurada con una categor\u00eda de URL y el motor de detecci\u00f3n Snort 3 podr\u00eda permitir que un atacante remoto no autenticado provoque la detecci\u00f3n de Snort 3. el motor se reinicie inesperadamente. Esta vulnerabilidad existe porque se produce un error l\u00f3gico cuando un motor de detecci\u00f3n Snort 3 inspecciona una conexi\u00f3n SSL/TLS que tiene una categor\u00eda de URL configurada en la pol\u00edtica de archivos SSL o una categor\u00eda de URL configurada en una pol\u00edtica de control de acceso con el descubrimiento de identidad del servidor TLS habilitado. Bajo limitaciones espec\u00edficas basadas en el tiempo, un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una conexi\u00f3n SSL/TLS manipulada a trav\u00e9s de un dispositivo afectado. Un exploit exitoso podr\u00eda permitir al atacante activar una recarga inesperada del motor de detecci\u00f3n de Snort 3, lo que resultar\u00eda en una condici\u00f3n de omisi\u00f3n o Denegaci\u00f3n de Servicio (DoS), seg\u00fan la configuraci\u00f3n del dispositivo. El motor de detecci\u00f3n de Snort 3 se reiniciar\u00e1 autom\u00e1ticamente. No se requiere intervenci\u00f3n manual."
    }
  ],
  "id": "CVE-2023-20177",
  "lastModified": "2024-11-21T07:40:45.160",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 4.0,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 1.4,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 4.0,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-11-01T17:15:11.287",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sa-ftd-snort3-urldos-OccFQTeX"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sa-ftd-snort3-urldos-OccFQTeX"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-244"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2023-11-01 17:15

Modified

2024-11-21 07:41

Severity ?

5.0 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N
5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

Summary

Multiple vulnerabilities in the per-user-override feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should be denied to flow through an affected device. These vulnerabilities are due to a logic error that could occur when the affected software constructs and applies per-user-override rules. An attacker could exploit these vulnerabilities by connecting to a network through an affected device that has a vulnerable configuration. A successful exploit could allow the attacker to bypass the interface ACL and access resources that would should be protected.

References

▼	URL	Tags
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ac-acl-bypass-bwd7q6Gb	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ac-acl-bypass-bwd7q6Gb	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance_software	9.8.4.22
cisco	adaptive_security_appliance_software	9.8.4.25
cisco	adaptive_security_appliance_software	9.8.4.26
cisco	adaptive_security_appliance_software	9.8.4.29
cisco	adaptive_security_appliance_software	9.8.4.32
cisco	adaptive_security_appliance_software	9.8.4.33
cisco	adaptive_security_appliance_software	9.8.4.34
cisco	adaptive_security_appliance_software	9.8.4.35
cisco	adaptive_security_appliance_software	9.8.4.39
cisco	adaptive_security_appliance_software	9.8.4.40
cisco	adaptive_security_appliance_software	9.8.4.41
cisco	adaptive_security_appliance_software	9.8.4.43
cisco	adaptive_security_appliance_software	9.8.4.44
cisco	adaptive_security_appliance_software	9.8.4.45
cisco	adaptive_security_appliance_software	9.8.4.46
cisco	adaptive_security_appliance_software	9.8.4.48
cisco	adaptive_security_appliance_software	9.12.4.2
cisco	adaptive_security_appliance_software	9.12.4.4
cisco	adaptive_security_appliance_software	9.12.4.7
cisco	adaptive_security_appliance_software	9.12.4.8
cisco	adaptive_security_appliance_software	9.12.4.10
cisco	adaptive_security_appliance_software	9.12.4.13
cisco	adaptive_security_appliance_software	9.12.4.18
cisco	adaptive_security_appliance_software	9.12.4.24
cisco	adaptive_security_appliance_software	9.12.4.26
cisco	adaptive_security_appliance_software	9.12.4.29
cisco	adaptive_security_appliance_software	9.12.4.30
cisco	adaptive_security_appliance_software	9.12.4.35
cisco	adaptive_security_appliance_software	9.12.4.37
cisco	adaptive_security_appliance_software	9.12.4.38
cisco	adaptive_security_appliance_software	9.12.4.39
cisco	adaptive_security_appliance_software	9.12.4.40
cisco	adaptive_security_appliance_software	9.12.4.41
cisco	adaptive_security_appliance_software	9.12.4.47
cisco	adaptive_security_appliance_software	9.12.4.48
cisco	adaptive_security_appliance_software	9.12.4.50
cisco	adaptive_security_appliance_software	9.12.4.52
cisco	adaptive_security_appliance_software	9.12.4.54
cisco	adaptive_security_appliance_software	9.12.4.55
cisco	adaptive_security_appliance_software	9.12.4.56
cisco	adaptive_security_appliance_software	9.14.1.10
cisco	adaptive_security_appliance_software	9.14.1.15
cisco	adaptive_security_appliance_software	9.14.1.19
cisco	adaptive_security_appliance_software	9.14.1.30
cisco	adaptive_security_appliance_software	9.14.2
cisco	adaptive_security_appliance_software	9.14.2.4
cisco	adaptive_security_appliance_software	9.14.2.8
cisco	adaptive_security_appliance_software	9.14.2.13
cisco	adaptive_security_appliance_software	9.14.2.15
cisco	adaptive_security_appliance_software	9.14.3
cisco	adaptive_security_appliance_software	9.14.3.1
cisco	adaptive_security_appliance_software	9.14.3.9
cisco	adaptive_security_appliance_software	9.14.3.11
cisco	adaptive_security_appliance_software	9.14.3.13
cisco	adaptive_security_appliance_software	9.14.3.15
cisco	adaptive_security_appliance_software	9.14.3.18
cisco	adaptive_security_appliance_software	9.14.4
cisco	adaptive_security_appliance_software	9.14.4.6
cisco	adaptive_security_appliance_software	9.14.4.7
cisco	adaptive_security_appliance_software	9.14.4.12
cisco	adaptive_security_appliance_software	9.14.4.13
cisco	adaptive_security_appliance_software	9.14.4.14
cisco	adaptive_security_appliance_software	9.14.4.15
cisco	adaptive_security_appliance_software	9.14.4.17
cisco	adaptive_security_appliance_software	9.14.4.22
cisco	adaptive_security_appliance_software	9.14.4.23
cisco	adaptive_security_appliance_software	9.15.1
cisco	adaptive_security_appliance_software	9.15.1.1
cisco	adaptive_security_appliance_software	9.15.1.7
cisco	adaptive_security_appliance_software	9.15.1.10
cisco	adaptive_security_appliance_software	9.15.1.15
cisco	adaptive_security_appliance_software	9.15.1.16
cisco	adaptive_security_appliance_software	9.15.1.17
cisco	adaptive_security_appliance_software	9.15.1.21
cisco	adaptive_security_appliance_software	9.16.1
cisco	adaptive_security_appliance_software	9.16.1.28
cisco	adaptive_security_appliance_software	9.16.2
cisco	adaptive_security_appliance_software	9.16.2.3
cisco	adaptive_security_appliance_software	9.16.2.7
cisco	adaptive_security_appliance_software	9.16.2.11
cisco	adaptive_security_appliance_software	9.16.2.13
cisco	adaptive_security_appliance_software	9.16.2.14
cisco	adaptive_security_appliance_software	9.16.3
cisco	adaptive_security_appliance_software	9.16.3.3
cisco	adaptive_security_appliance_software	9.16.3.14
cisco	adaptive_security_appliance_software	9.16.3.15
cisco	adaptive_security_appliance_software	9.16.3.19
cisco	adaptive_security_appliance_software	9.16.3.23
cisco	adaptive_security_appliance_software	9.16.4
cisco	adaptive_security_appliance_software	9.16.4.9
cisco	adaptive_security_appliance_software	9.16.4.14
cisco	adaptive_security_appliance_software	9.17.1
cisco	adaptive_security_appliance_software	9.17.1.7
cisco	adaptive_security_appliance_software	9.17.1.9
cisco	adaptive_security_appliance_software	9.17.1.10
cisco	adaptive_security_appliance_software	9.17.1.11
cisco	adaptive_security_appliance_software	9.17.1.13
cisco	adaptive_security_appliance_software	9.17.1.15
cisco	adaptive_security_appliance_software	9.17.1.20
cisco	adaptive_security_appliance_software	9.17.1.30
cisco	adaptive_security_appliance_software	9.18.1
cisco	adaptive_security_appliance_software	9.18.1.3
cisco	adaptive_security_appliance_software	9.18.2
cisco	adaptive_security_appliance_software	9.18.2.5
cisco	adaptive_security_appliance_software	9.18.2.7
cisco	adaptive_security_appliance_software	9.18.2.8
cisco	adaptive_security_appliance_software	9.18.3
cisco	adaptive_security_appliance_software	9.19.1
cisco	adaptive_security_appliance_software	9.19.1.5
cisco	firepower_threat_defense	6.2.3.16
cisco	firepower_threat_defense	6.2.3.17
cisco	firepower_threat_defense	6.2.3.18
cisco	firepower_threat_defense	6.4.0.10
cisco	firepower_threat_defense	6.4.0.11
cisco	firepower_threat_defense	6.4.0.12
cisco	firepower_threat_defense	6.4.0.13
cisco	firepower_threat_defense	6.4.0.14
cisco	firepower_threat_defense	6.4.0.15
cisco	firepower_threat_defense	6.4.0.16
cisco	firepower_threat_defense	6.6.1
cisco	firepower_threat_defense	6.6.3
cisco	firepower_threat_defense	6.6.4
cisco	firepower_threat_defense	6.6.5
cisco	firepower_threat_defense	6.6.5.1
cisco	firepower_threat_defense	6.6.5.2
cisco	firepower_threat_defense	6.6.7
cisco	firepower_threat_defense	6.6.7.1
cisco	firepower_threat_defense	6.7.0
cisco	firepower_threat_defense	6.7.0.1
cisco	firepower_threat_defense	6.7.0.2
cisco	firepower_threat_defense	6.7.0.3
cisco	firepower_threat_defense	7.0.0
cisco	firepower_threat_defense	7.0.0.1
cisco	firepower_threat_defense	7.0.1
cisco	firepower_threat_defense	7.0.1.1
cisco	firepower_threat_defense	7.0.2
cisco	firepower_threat_defense	7.0.2.1
cisco	firepower_threat_defense	7.0.3
cisco	firepower_threat_defense	7.0.4
cisco	firepower_threat_defense	7.0.5
cisco	firepower_threat_defense	7.1.0
cisco	firepower_threat_defense	7.1.0.1
cisco	firepower_threat_defense	7.1.0.2
cisco	firepower_threat_defense	7.1.0.3
cisco	firepower_threat_defense	7.2.0
cisco	firepower_threat_defense	7.2.0.1
cisco	firepower_threat_defense	7.2.1
cisco	firepower_threat_defense	7.2.2
cisco	firepower_threat_defense	7.2.3
cisco	firepower_threat_defense	7.3.0
cisco	firepower_threat_defense	7.3.1
cisco	firepower_threat_defense	7.3.1.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "23CD5619-E534-4F40-998D-39DC19FA0451",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5D0EB11-14B1-44B3-8D46-B9DD872F772C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FA399CF-12DB-42E0-A66F-14508B52A453",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B5A7608-E737-420E-9B5E-836600DAC701",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.32:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7EB6801-336D-4F41-ADE7-1C58C63C3F6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "8413DA41-02A5-4269-8C88-9DD5076AF91B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.34:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA00285F-6914-4749-8A47-FC4EDAFFF3C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "4AA4D367-32B9-4F54-8352-A959F61A1FDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "2259FF9E-0C8B-440F-B1AC-51BDE3F60E68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C522B55-904D-4C08-B73E-1457D877C0AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "4483056A-FBF3-4E00-81EB-1E97334EF240",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.43:*:*:*:*:*:*:*",
              "matchCriteriaId": "48677330-06AB-4C7F-B2AD-F7E465A9632A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.44:*:*:*:*:*:*:*",
              "matchCriteriaId": "7AEA80D2-5DB8-4334-9A88-7DDE395832C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.45:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB1C38A5-1028-4AD3-8CC7-A00091091E76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.46:*:*:*:*:*:*:*",
              "matchCriteriaId": "848147B2-C49A-43F6-9069-FC8885BDFDA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.48:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6FEF0DA-741E-4361-8143-068EB47D6520",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E23ACB0-DF8B-4672-A819-4DCD3104CE4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4723B88-62BA-40E6-AA89-BAC02D6A036F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C698819-3C8E-4A16-8F52-42FF1E54C076",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D3CE74E-59E7-448A-8417-18F97C05C798",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "0986C171-0E75-4F6F-A9BD-276830104E5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "66A2777A-7831-4324-AEB2-5D93B5F6C04B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "37045680-9189-4B7F-A4F7-4E682FE20A09",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6C9F37B-CF3C-4861-A969-C7CF4946274A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A1DAF21-3FED-4691-9D4C-8FD8CEA7FB3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB938E58-4963-4A31-8836-88E958592B30",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E317897-EE97-44F3-96BB-E54228D72A7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EF7FAB2-158D-4C48-9246-E7AD3BF1D801",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.37:*:*:*:*:*:*:*",
              "matchCriteriaId": "056D43AE-ECDB-40D2-A196-18DDCD02629E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.38:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3E555F3-3580-4D71-8D8D-92FE72763D62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "93013503-8B9A-4160-AF7E-277958FA6E9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3B009FD-0F2B-4511-8EDF-C3E670623F89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "52579D8D-E855-42B3-B406-32DD1C39F721",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.47:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7E44FC6-12A2-4F76-A095-28F3804B619F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.48:*:*:*:*:*:*:*",
              "matchCriteriaId": "42917E5E-E362-4B40-B2B2-3C77BA35641C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.50:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF317FA3-EBF3-49BB-A9E6-0D4295FA3F60",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.52:*:*:*:*:*:*:*",
              "matchCriteriaId": "F98B1683-914F-43D3-AE1C-311D3A90BE8C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.54:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8D24656-CAB1-4A98-A440-482927FEDD16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.55:*:*:*:*:*:*:*",
              "matchCriteriaId": "E504557C-DA5D-4D0F-A813-4CE7D5109F15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.56:*:*:*:*:*:*:*",
              "matchCriteriaId": "04D2A067-C717-4921-BBF5-3EFBE02736EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4187EFE-4D7E-4493-A6E0-24C98256CF79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "6730194F-5069-40AB-AE66-871D3992560C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E257F98-D1A0-4D28-9504-1749CC090D49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FF1A5FC-73BE-4218-86D9-2E81FA64EABD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E492943-6EC0-4E34-9DBC-DD1C2CF1CDCC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "589E46F3-8038-4B87-8C40-55C6268B82F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F3B73F6-139E-42DC-B895-DDD17B5A1138",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A2590E7-FE04-4B29-B36B-AABAA5F3B9AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E4FD5E3-7E82-4294-8B05-D2045D857029",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E998A4A-5346-4CFA-A617-FD1106C6B7A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "91265549-A16E-4A00-A031-4F1EB8D6881C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA3C316B-5485-4CDD-A1A1-6C0A9CB4719F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECE6D033-7B8B-4F61-B653-0C0EF13466EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "14441650-DAD5-4959-83DF-4D6F3D6A05FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B21ABC9-A64B-43E4-8951-1E6C0F427DBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "A48EC041-322F-422D-B95B-0FC07BDA2B6B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE0D50C0-DADB-4747-8649-8A5257111FE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEE2699F-353F-44CB-A778-981783DDC31F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D8E50BD-1FBD-483B-9C27-70E95C732E55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "F46E5E4F-787C-4C05-B1E7-C39BB9125D16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6A29312-38E7-456B-94DD-4D7329691114",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "27F7BB31-C733-4C32-BF0F-33B5AF020156",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC313568-33A6-435B-98FF-8A7091D9C451",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F85710A-28CE-4913-8523-356461908FBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6069950-016B-419A-B754-D58956CB6D14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A2F3FEC-624F-47C5-B056-836861BB038A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA0B9B73-A9E6-4924-9EAE-B57E534938FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "012812C4-EFF8-465F-A771-134BEB617CC9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "E06141A9-8C37-445A-B58A-45739AFE7D4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "7EDC09E5-51D3-4672-B910-B34A9CBD6128",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "71ED7A71-81CB-444C-A4ED-EA4A58D5E73C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "CAD13331-0EB8-4C8D-85CC-D96CA9F829AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "7137F22B-F993-4620-9378-9412DAEA9EF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "923A40E8-6456-4288-B9AB-DBF5F9C4246A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "13F57A86-6284-4269-823E-B30C57185D14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.1.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6560447-039C-40FA-A24D-C8994AC2743B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "378ED826-F5FE-40BA-9FC0-9C185A13518B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "130B6FD9-764D-4EF8-91AA-37E52AE9B3E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "225861CE-FFF8-4AFA-A07B-CB8D5BC9C361",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD08C4E8-3ADB-4048-9B3C-4F0385201523",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4875811-F209-49ED-B310-8377B2F87FF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "99C52C7B-B626-4A3C-A2EC-28A20E7FA95F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "08CCBF5E-257A-4A1F-8930-3643A9588838",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "782BC9ED-1395-472B-9F34-DED812AA5BFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "153449C0-B93F-49A2-8A6A-BE84305E8D2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "853A002C-839A-4372-8485-750A86E9F6E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "C62BB5D6-CE75-4C83-82DC-4148EF8CB1F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "D32F1365-EAF8-4570-B2FF-45E47E8586F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFD07F9B-6BB3-4423-8DBE-4E89A6478E65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "34FE4F28-B704-4325-AE8A-C790163FEE71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "E832BC0C-8439-4779-9064-C2D93F231031",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "27ACBA2A-87A7-4836-A474-AFD7D22F820D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "C73E0B2E-BABF-4998-A1D7-4E803F9D78AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "59306ADF-FAA6-4970-ADFB-C5D9A5AEF1AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "959107AC-E9EC-467C-901B-A3164E3762E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F944F8F-0255-42BE-BD44-D21EC9F0FFC4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F39C535-5A41-47CE-A9CF-B360998D4BF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9CEAEFC-7B82-41F9-A09D-C86A3A60A4FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "40FAC31D-19C0-4BA0-A019-C7E7A0BA0B5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "6CAAFE0F-416F-4BCA-BA37-30EAEADA8AFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BA16A6D-2747-4DAC-A30A-166F1FD906FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "289F9874-FC01-4809-9BDA-1AF583FB60B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "74EDFC67-E4EE-4D2C-BF9F-5881C987C662",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "826869BE-4874-4BBA-9392-14851560BA10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF52D477-3045-45D1-9FD3-12F396266463",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "88E310BF-F1F6-4124-A875-81967B9B531E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B330F8F-F0DA-472C-A932-AD1D232C7DB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEE52F59-AABA-4069-A909-64AD5DFD2B18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "20D7966E-B02B-48C8-BF96-723DD6C25314",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C230B8A-570D-4F58-83E1-AFA50B813EA4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD3F39CB-C4C2-4B13-94F0-9E44322314BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "59A71873-0EB2-418F-AE33-8474A1010FA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2A5530C-DF29-421B-9712-3454C1769446",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "41170977-FEEA-4B51-BF98-8493096CD691",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "B05791F9-0B31-4C4C-A9BA-9268CAA45FB2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D975CBA-7F01-4A4C-991B-9571410C4F07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6D7AF29-4E08-4BFD-AFE0-994309E66F08",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2EFA476-5021-4A00-859E-1643009D6156",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6E3A5DC-A237-46E4-A4E5-F135482F984A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "46A42D07-FF3E-41B4-BA39-3A5BDA4E0E61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3985EA37-2B77-45F2-ABA5-5CCC7B35CA2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "67FB5ABE-3C40-4C58-B91F-0621C2180FAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "53909FD6-EC74-4D2F-99DA-26E70400B53F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "55FE024D-0D43-40AD-9645-8C54ECF17824",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC411A8D-CD39-46F5-B8FC-6753E618FAEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "D46E2E00-BA86-4002-B67B-2C1A6C1AAAE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "91AD8BA2-EB8D-4D8B-B707-AF5C2A831998",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "85F22403-B4EE-4303-9C94-915D3E0AC944",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "828E3DE1-B62E-4FEC-AAD3-EB0E452C9CBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "596EC5DD-D7F4-44C8-B4B5-E2DC142FC486",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C356E0E6-5B87-40CF-996E-6FFEDFD82A31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBCA75A6-0A3E-4393-8884-9F3CE190641E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F3C12D3-7662-46C5-9E88-D1BE6CF605E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "046B53A0-6BC1-461A-9C28-C534CE12C4BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA889E1-4E8F-4ECE-88AC-7A240D5CBF0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D1C767F-3E06-43B7-A0CC-D51D97A053EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "43A950B0-A7CA-4CE7-A393-A18C8C41B08E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7E221CB-BD0F-4AEE-8646-998B75647714",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "225382DE-2919-48F4-9CC0-DE685EAAFDF4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBA2DFE7-F478-46EC-9832-4B2C738FC879",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D619BF54-1BA9-45D0-A876-92D7010088A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "469EA365-DED5-4436-AAC2-5553529DE700",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D94F400-5A35-41F5-B37F-E9DA6F87ED8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5364CB94-BEA3-4E9A-A2F9-EE96A2D7F8AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FD5D12-CF1A-4990-99B3-1840EFBA5611",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCD2D11D-FF08-44E4-BF67-D8DD1E701FCD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F788D156-1F1F-4A08-848B-257BC4CCE000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "795ED164-7800-4D50-8E37-665BE30190D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B0664B8-1670-4F47-A01E-089D05A9618A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBC0C3DC-4761-488A-90A9-6EA45EE61526",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "62EE065B-F8B6-4125-8486-B2EE0566B27A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5245DEF8-64BE-47C9-AA3C-DF3F7F92A89F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple vulnerabilities in the per-user-override feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should be denied to flow through an affected device. These vulnerabilities are due to a logic error that could occur when the affected software constructs and applies per-user-override rules. An attacker could exploit these vulnerabilities by connecting to a network through an affected device that has a vulnerable configuration. A successful exploit could allow the attacker to bypass the interface ACL and access resources that would should be protected."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades en la funci\u00f3n de anulaci\u00f3n por usuario del software Cisco Adaptive Security Appliance (ASA) y el software Cisco Firepower Threat Defense (FTD) podr\u00edan permitir que un atacante remoto no autenticado omita una Lista de Control de Acceso (ACL) configurada y permita el tr\u00e1fico que deber\u00eda se le negar\u00e1 el flujo a trav\u00e9s de un dispositivo afectado. Estas vulnerabilidades se deben a un error l\u00f3gico que podr\u00eda ocurrir cuando el software afectado construye y aplica reglas de anulaci\u00f3n por usuario. Un atacante podr\u00eda aprovechar estas vulnerabilidades conect\u00e1ndose a una red a trav\u00e9s de un dispositivo afectado que tenga una configuraci\u00f3n vulnerable. Un exploit exitoso podr\u00eda permitir al atacante omitir la ACL de la interfaz y acceder a recursos que deber\u00edan estar protegidos."
    }
  ],
  "id": "CVE-2023-20256",
  "lastModified": "2024-11-21T07:41:00.497",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.1,
        "impactScore": 1.4,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-11-01T17:15:11.717",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ac-acl-bypass-bwd7q6Gb"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ac-acl-bypass-bwd7q6Gb"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-290"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-10-21 19:15

Modified

2024-11-21 05:31

Severity ?

4.7 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N

Summary

A vulnerability in the Clientless SSL VPN (WebVPN) of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to inject arbitrary HTTP headers in the responses of the affected system. The vulnerability is due to improper input sanitization. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to conduct a CRLF injection attack, adding arbitrary HTTP headers in the responses of the system and redirecting the user to arbitrary websites.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-crlf-inj-BX9uRwSn	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-crlf-inj-BX9uRwSn	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4A429E3-8304-4D15-A281-FBFD663ADBD5",
              "versionEndExcluding": "9.6.4.35",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB4FADF7-A3CD-44B4-85DF-75F28369B459",
              "versionEndExcluding": "6.3.0.6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "53C69C8B-5A19-4613-8861-683CF21806B7",
              "versionEndExcluding": "6.4.0.10",
              "versionStartIncluding": "6.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3ED0E59C-146C-494F-AD46-F6FB43F9C575",
              "versionEndExcluding": "6.5.0.5",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "754010DE-2C33-4BA1-9567-90C46309B664",
              "versionEndExcluding": "6.6.1",
              "versionStartIncluding": "6.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D958835-489A-430C-B23F-8A95E604DF16",
              "versionEndExcluding": "9.8.4.20",
              "versionStartIncluding": "9.8.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E16D2CA3-B494-4348-BF0C-03969D1423D0",
              "versionEndExcluding": "9.9.2.80",
              "versionStartIncluding": "9.9.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7036D010-F764-4899-A7B3-456084FC1392",
              "versionEndExcluding": "9.10.1.43",
              "versionStartIncluding": "9.10.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0AD15FF4-61C0-4506-86AD-5381AF09FFDC",
              "versionEndExcluding": "9.12.3.9",
              "versionStartIncluding": "9.12.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "572CB59F-1D5E-47FB-A09C-E456F6B66A95",
              "versionEndExcluding": "9.13.1.10",
              "versionStartIncluding": "9.13.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FCB8C11-7C49-472E-A003-DCEC9071D00F",
              "versionEndExcluding": "9.14.1.10",
              "versionStartIncluding": "9.14.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the Clientless SSL VPN (WebVPN) of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to inject arbitrary HTTP headers in the responses of the affected system. The vulnerability is due to improper input sanitization. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to conduct a CRLF injection attack, adding arbitrary HTTP headers in the responses of the system and redirecting the user to arbitrary websites."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el Clientless SSL VPN (WebVPN) de Cisco Adaptive Security Appliance (ASA) Software y Cisco Firepower Threat Defense (FTD) Software, podr\u00eda permitir a un atacante remoto no autenticado inyectar encabezados HTTP arbitrarios en las respuestas del sistema afectado.\u0026#xa0;La vulnerabilidad es debido a un saneamiento de entrada inapropiada.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad al persuadir a un usuario de la interfaz para que haga clic en un enlace dise\u00f1ado.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir a un atacante conducir un ataque de inyecci\u00f3n CRLF, agregando encabezados HTTP arbitrarios en las respuestas del sistema y redireccionando al usuario a sitios web arbitrarios"
    }
  ],
  "id": "CVE-2020-3561",
  "lastModified": "2024-11-21T05:31:19.147",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 1.4,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-10-21T19:15:17.793",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-crlf-inj-BX9uRwSn"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-crlf-inj-BX9uRwSn"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-93"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-74"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-10-21 19:15

Modified

2024-11-21 05:31

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

A vulnerability in the OSPF Version 2 (OSPFv2) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to incomplete input validation when the affected software processes certain OSPFv2 packets with Link-Local Signaling (LLS) data. An attacker could exploit this vulnerability by sending a malformed OSPFv2 packet to an affected device. A successful exploit could allow the attacker to cause an affected device to reload, resulting in a DoS condition.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ospflls-37Xy2q6r	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ospflls-37Xy2q6r	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AED88F6A-9C56-4005-B809-00E5637CCA27",
              "versionEndExcluding": "9.6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB4FADF7-A3CD-44B4-85DF-75F28369B459",
              "versionEndExcluding": "6.3.0.6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "53C69C8B-5A19-4613-8861-683CF21806B7",
              "versionEndExcluding": "6.4.0.10",
              "versionStartIncluding": "6.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3ED0E59C-146C-494F-AD46-F6FB43F9C575",
              "versionEndExcluding": "6.5.0.5",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "754010DE-2C33-4BA1-9567-90C46309B664",
              "versionEndExcluding": "6.6.1",
              "versionStartIncluding": "6.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E38D6F74-E407-4232-86C9-178AC3D00F1C",
              "versionEndExcluding": "9.8.4.26",
              "versionStartIncluding": "9.8.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E16D2CA3-B494-4348-BF0C-03969D1423D0",
              "versionEndExcluding": "9.9.2.80",
              "versionStartIncluding": "9.9.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFF8B79C-41E6-4367-8A37-C1A41DA8345E",
              "versionEndExcluding": "9.10.1.44",
              "versionStartIncluding": "9.10.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F71893A1-284B-453E-A9F4-579FAB514E9B",
              "versionEndExcluding": "9.12.4.4",
              "versionStartIncluding": "9.12.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4148D30-F285-4045-A017-82F5BF074233",
              "versionEndExcluding": "9.13.1.13",
              "versionStartIncluding": "9.13.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "97B216C8-49C2-43DA-9D7C-3290B5EBF334",
              "versionEndExcluding": "9.14.1.19",
              "versionStartIncluding": "9.14.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the OSPF Version 2 (OSPFv2) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to incomplete input validation when the affected software processes certain OSPFv2 packets with Link-Local Signaling (LLS) data. An attacker could exploit this vulnerability by sending a malformed OSPFv2 packet to an affected device. A successful exploit could allow the attacker to cause an affected device to reload, resulting in a DoS condition."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la implementaci\u00f3n OSPF versi\u00f3n 2 (OSPFv2) de Cisco Adaptive Security Appliance (ASA) Software y Cisco Firepower Threat Defense (FTD) Software, podr\u00eda permitir a un atacante remoto no autenticado causar la recarga de un dispositivo afectado, resultando en una condici\u00f3n de denegaci\u00f3n de servicio (DoS).\u0026#xa0;La vulnerabilidad es debido a una comprobaci\u00f3n de entrada incompleta cuando el software afectado procesa ciertos paquetes OSPFv2 con datos Link-Local Signaling (LLS).\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de un paquete OSPFv2 malformado a un dispositivo afectado.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir a un atacante causar que un dispositivo afectado se recargue, resultando en una condici\u00f3n de DoS"
    }
  ],
  "id": "CVE-2020-3528",
  "lastModified": "2024-11-21T05:31:15.430",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-10-21T19:15:16.887",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ospflls-37Xy2q6r"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ospflls-37Xy2q6r"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2018-10-05 14:29

Modified

2024-11-21 03:50

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

A vulnerability in the cryptographic hardware accelerator driver of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a temporary denial of service (DoS) condition. The vulnerability exists because the affected devices have a limited amount of Direct Memory Access (DMA) memory and the affected software improperly handles resources in low-memory conditions. An attacker could exploit this vulnerability by sending a sustained, high rate of malicious traffic to an affected device to exhaust memory on the device. A successful exploit could allow the attacker to exhaust DMA memory on the affected device, which could cause the device to reload and result in a temporary DoS condition.

References

URL	Tags
psirt@cisco.com	http://www.securitytracker.com/id/1041787	Third Party Advisory, VDB Entry
psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-asa-dma-dos	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1041787	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-asa-dma-dos	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	6.0
cisco	firepower_threat_defense	6.0.1
cisco	firepower_threat_defense	6.1.0
cisco	firepower_threat_defense	6.2.0
cisco	firepower_threat_defense	6.2.2
cisco	firepower_threat_defense	6.2.3
cisco	adaptive_security_appliance_software	9.3
cisco	adaptive_security_appliance_software	9.4
cisco	adaptive_security_appliance_software	9.5
cisco	adaptive_security_appliance_software	9.6
cisco	adaptive_security_appliance_software	9.6\(43\)
cisco	adaptive_security_appliance_software	9.7
cisco	adaptive_security_appliance_software	9.8
cisco	adaptive_security_appliance_software	9.9
cisco	adaptive_security_appliance_software	9.9\(28\)

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6C12225-4467-4D0B-AB6A-01F4DDFD1728",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "995667FD-35F1-49E5-96DB-2FDFF5E0B523",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "61FB47CF-2A6A-4121-BFF7-5862E163B8E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1DC52A8B-7DF4-47B2-9F49-627F59656E5E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "42496A5B-1644-4088-BBCF-2ED810A5694B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D726F07-06F1-4B0A-B010-E607E0C2A280",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "36BA3B77-4350-4E76-BA77-4DDA00D4244A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "B821471B-2911-4BE0-9C1F-B765857BCFD2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C55D658-3BBF-4815-AEC1-FA0800CB8679",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B95C853-AD3D-4505-B042-41BA55B896D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6\\(43\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "C764DCB9-5CA0-4923-B492-CAC16C61CD08",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB39A818-8529-4A6A-9504-74816DA28962",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D09B350-9C53-4004-A1E9-968100B71372",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "F19059F1-AC91-417B-A9C9-877D020481D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9\\(28\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "4244DB42-EDA2-4E63-96C2-D3C1DBFA1838",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the cryptographic hardware accelerator driver of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a temporary denial of service (DoS) condition. The vulnerability exists because the affected devices have a limited amount of Direct Memory Access (DMA) memory and the affected software improperly handles resources in low-memory conditions. An attacker could exploit this vulnerability by sending a sustained, high rate of malicious traffic to an affected device to exhaust memory on the device. A successful exploit could allow the attacker to exhaust DMA memory on the affected device, which could cause the device to reload and result in a temporary DoS condition."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el controlador del acelerador de hardware criptogr\u00e1fico de Cisco Adaptive Security Appliance (ASA) Software y Cisco Firepower Threat Defense (FTD) Software podr\u00eda permitir que un atacante remoto no autenticado provoque que un dispositivo afectado se recargue, lo que resulta en una denegaci\u00f3n de servicio (DoS) temporal. La vulnerabilidad existe debido a que los dispositivos afectados tienen una cantidad limitada de memoria Direct Memory Access (DMA) y el software afectado gestiona incorrectamente los recursos en condiciones de poca memoria. Un atacante podr\u00eda explotar esta vulnerabilidad enviando continuamente un gran volumen de tr\u00e1fico a un dispositivo afectado para agotar la memoria del dispositivo. Si se explota con \u00e9xito, esta vulnerabilidad podr\u00eda permitir que el atacante agote la memoria DMA en el dispositivo afectado, lo que podr\u00eda provocar que el dispositivo se recargue y desemboque en una denegaci\u00f3n de servicio (DoS) temporal."
    }
  ],
  "id": "CVE-2018-15383",
  "lastModified": "2024-11-21T03:50:40.370",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-10-05T14:29:07.230",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1041787"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-asa-dma-dos"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1041787"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-asa-dma-dos"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-770"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2023-09-06 18:15

Modified

2025-02-24 15:08

Severity ?

5.0 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Summary

A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a brute force attack in an attempt to identify valid username and password combinations or an authenticated, remote attacker to establish a clientless SSL VPN session with an unauthorized user. This vulnerability is due to improper separation of authentication, authorization, and accounting (AAA) between the remote access VPN feature and the HTTPS management and site-to-site VPN features. An attacker could exploit this vulnerability by specifying a default connection profile/tunnel group while conducting a brute force attack or while establishing a clientless SSL VPN session using valid credentials. A successful exploit could allow the attacker to achieve one or both of the following: Identify valid credentials that could then be used to establish an unauthorized remote access VPN session. Establish a clientless SSL VPN session (only when running Cisco ASA Software Release 9.16 or earlier). Notes: Establishing a client-based remote access VPN tunnel is not possible as these default connection profiles/tunnel groups do not and cannot have an IP address pool configured. This vulnerability does not allow an attacker to bypass authentication. To successfully establish a remote access VPN session, valid credentials are required, including a valid second factor if multi-factor authentication (MFA) is configured. Cisco will release software updates that address this vulnerability. There are workarounds that address this vulnerability.

References

▼	URL	Tags
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ravpn-auth-8LyfCkeC	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ravpn-auth-8LyfCkeC	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance_software	9.8.1
cisco	adaptive_security_appliance_software	9.8.1.5
cisco	adaptive_security_appliance_software	9.8.1.7
cisco	adaptive_security_appliance_software	9.8.2
cisco	adaptive_security_appliance_software	9.8.2.8
cisco	adaptive_security_appliance_software	9.8.2.14
cisco	adaptive_security_appliance_software	9.8.2.15
cisco	adaptive_security_appliance_software	9.8.2.17
cisco	adaptive_security_appliance_software	9.8.2.20
cisco	adaptive_security_appliance_software	9.8.2.24
cisco	adaptive_security_appliance_software	9.8.2.26
cisco	adaptive_security_appliance_software	9.8.2.28
cisco	adaptive_security_appliance_software	9.8.2.33
cisco	adaptive_security_appliance_software	9.8.2.35
cisco	adaptive_security_appliance_software	9.8.2.38
cisco	adaptive_security_appliance_software	9.8.3
cisco	adaptive_security_appliance_software	9.8.3.8
cisco	adaptive_security_appliance_software	9.8.3.11
cisco	adaptive_security_appliance_software	9.8.3.14
cisco	adaptive_security_appliance_software	9.8.3.16
cisco	adaptive_security_appliance_software	9.8.3.18
cisco	adaptive_security_appliance_software	9.8.3.21
cisco	adaptive_security_appliance_software	9.8.3.26
cisco	adaptive_security_appliance_software	9.8.3.29
cisco	adaptive_security_appliance_software	9.8.4
cisco	adaptive_security_appliance_software	9.8.4.3
cisco	adaptive_security_appliance_software	9.8.4.7
cisco	adaptive_security_appliance_software	9.8.4.8
cisco	adaptive_security_appliance_software	9.8.4.10
cisco	adaptive_security_appliance_software	9.8.4.12
cisco	adaptive_security_appliance_software	9.8.4.15
cisco	adaptive_security_appliance_software	9.8.4.17
cisco	adaptive_security_appliance_software	9.8.4.20
cisco	adaptive_security_appliance_software	9.8.4.22
cisco	adaptive_security_appliance_software	9.8.4.25
cisco	adaptive_security_appliance_software	9.8.4.26
cisco	adaptive_security_appliance_software	9.8.4.29
cisco	adaptive_security_appliance_software	9.8.4.32
cisco	adaptive_security_appliance_software	9.8.4.33
cisco	adaptive_security_appliance_software	9.8.4.34
cisco	adaptive_security_appliance_software	9.8.4.35
cisco	adaptive_security_appliance_software	9.8.4.39
cisco	adaptive_security_appliance_software	9.8.4.40
cisco	adaptive_security_appliance_software	9.8.4.41
cisco	adaptive_security_appliance_software	9.8.4.43
cisco	adaptive_security_appliance_software	9.8.4.44
cisco	adaptive_security_appliance_software	9.8.4.45
cisco	adaptive_security_appliance_software	9.8.4.46
cisco	adaptive_security_appliance_software	9.8.4.48
cisco	adaptive_security_appliance_software	9.12.1
cisco	adaptive_security_appliance_software	9.12.1.2
cisco	adaptive_security_appliance_software	9.12.1.3
cisco	adaptive_security_appliance_software	9.12.2
cisco	adaptive_security_appliance_software	9.12.2.1
cisco	adaptive_security_appliance_software	9.12.2.4
cisco	adaptive_security_appliance_software	9.12.2.5
cisco	adaptive_security_appliance_software	9.12.2.9
cisco	adaptive_security_appliance_software	9.12.3
cisco	adaptive_security_appliance_software	9.12.3.2
cisco	adaptive_security_appliance_software	9.12.3.7
cisco	adaptive_security_appliance_software	9.12.3.9
cisco	adaptive_security_appliance_software	9.12.3.12
cisco	adaptive_security_appliance_software	9.12.4
cisco	adaptive_security_appliance_software	9.12.4.2
cisco	adaptive_security_appliance_software	9.12.4.4
cisco	adaptive_security_appliance_software	9.12.4.7
cisco	adaptive_security_appliance_software	9.12.4.8
cisco	adaptive_security_appliance_software	9.12.4.10
cisco	adaptive_security_appliance_software	9.12.4.13
cisco	adaptive_security_appliance_software	9.12.4.18
cisco	adaptive_security_appliance_software	9.12.4.24
cisco	adaptive_security_appliance_software	9.12.4.26
cisco	adaptive_security_appliance_software	9.12.4.29
cisco	adaptive_security_appliance_software	9.12.4.30
cisco	adaptive_security_appliance_software	9.12.4.35
cisco	adaptive_security_appliance_software	9.12.4.37
cisco	adaptive_security_appliance_software	9.12.4.38
cisco	adaptive_security_appliance_software	9.12.4.39
cisco	adaptive_security_appliance_software	9.12.4.40
cisco	adaptive_security_appliance_software	9.12.4.41
cisco	adaptive_security_appliance_software	9.12.4.47
cisco	adaptive_security_appliance_software	9.12.4.48
cisco	adaptive_security_appliance_software	9.12.4.50
cisco	adaptive_security_appliance_software	9.12.4.52
cisco	adaptive_security_appliance_software	9.12.4.54
cisco	adaptive_security_appliance_software	9.12.4.55
cisco	adaptive_security_appliance_software	9.12.4.56
cisco	adaptive_security_appliance_software	9.12.4.58
cisco	adaptive_security_appliance_software	9.14.1
cisco	adaptive_security_appliance_software	9.14.1.6
cisco	adaptive_security_appliance_software	9.14.1.10
cisco	adaptive_security_appliance_software	9.14.1.15
cisco	adaptive_security_appliance_software	9.14.1.19
cisco	adaptive_security_appliance_software	9.14.1.30
cisco	adaptive_security_appliance_software	9.14.2
cisco	adaptive_security_appliance_software	9.14.2.4
cisco	adaptive_security_appliance_software	9.14.2.8
cisco	adaptive_security_appliance_software	9.14.2.13
cisco	adaptive_security_appliance_software	9.14.2.15
cisco	adaptive_security_appliance_software	9.14.3
cisco	adaptive_security_appliance_software	9.14.3.1
cisco	adaptive_security_appliance_software	9.14.3.9
cisco	adaptive_security_appliance_software	9.14.3.11
cisco	adaptive_security_appliance_software	9.14.3.13
cisco	adaptive_security_appliance_software	9.14.3.15
cisco	adaptive_security_appliance_software	9.14.3.18
cisco	adaptive_security_appliance_software	9.14.4
cisco	adaptive_security_appliance_software	9.14.4.6
cisco	adaptive_security_appliance_software	9.14.4.7
cisco	adaptive_security_appliance_software	9.14.4.12
cisco	adaptive_security_appliance_software	9.14.4.13
cisco	adaptive_security_appliance_software	9.14.4.14
cisco	adaptive_security_appliance_software	9.14.4.15
cisco	adaptive_security_appliance_software	9.14.4.17
cisco	adaptive_security_appliance_software	9.14.4.22
cisco	adaptive_security_appliance_software	9.14.4.23
cisco	adaptive_security_appliance_software	9.15.1
cisco	adaptive_security_appliance_software	9.15.1.1
cisco	adaptive_security_appliance_software	9.15.1.7
cisco	adaptive_security_appliance_software	9.15.1.10
cisco	adaptive_security_appliance_software	9.15.1.15
cisco	adaptive_security_appliance_software	9.15.1.16
cisco	adaptive_security_appliance_software	9.15.1.17
cisco	adaptive_security_appliance_software	9.15.1.21
cisco	adaptive_security_appliance_software	9.16.1
cisco	adaptive_security_appliance_software	9.16.1.28
cisco	adaptive_security_appliance_software	9.16.2
cisco	adaptive_security_appliance_software	9.16.2.3
cisco	adaptive_security_appliance_software	9.16.2.7
cisco	adaptive_security_appliance_software	9.16.2.11
cisco	adaptive_security_appliance_software	9.16.2.13
cisco	adaptive_security_appliance_software	9.16.2.14
cisco	adaptive_security_appliance_software	9.16.3
cisco	adaptive_security_appliance_software	9.16.3.3
cisco	adaptive_security_appliance_software	9.16.3.14
cisco	adaptive_security_appliance_software	9.16.3.15
cisco	adaptive_security_appliance_software	9.16.3.19
cisco	adaptive_security_appliance_software	9.16.3.23
cisco	adaptive_security_appliance_software	9.16.4
cisco	adaptive_security_appliance_software	9.16.4.9
cisco	adaptive_security_appliance_software	9.16.4.14
cisco	adaptive_security_appliance_software	9.16.4.18
cisco	adaptive_security_appliance_software	9.16.4.19
cisco	adaptive_security_appliance_software	9.16.4.27
cisco	adaptive_security_appliance_software	9.16.4.38
cisco	adaptive_security_appliance_software	9.17.1
cisco	adaptive_security_appliance_software	9.17.1.7
cisco	adaptive_security_appliance_software	9.17.1.9
cisco	adaptive_security_appliance_software	9.17.1.10
cisco	adaptive_security_appliance_software	9.17.1.11
cisco	adaptive_security_appliance_software	9.17.1.13
cisco	adaptive_security_appliance_software	9.17.1.15
cisco	adaptive_security_appliance_software	9.17.1.20
cisco	adaptive_security_appliance_software	9.17.1.30
cisco	adaptive_security_appliance_software	9.18.1
cisco	adaptive_security_appliance_software	9.18.1.3
cisco	adaptive_security_appliance_software	9.18.2
cisco	adaptive_security_appliance_software	9.18.2.5
cisco	adaptive_security_appliance_software	9.18.2.7
cisco	adaptive_security_appliance_software	9.18.2.8
cisco	adaptive_security_appliance_software	9.18.3
cisco	adaptive_security_appliance_software	9.18.3.39
cisco	adaptive_security_appliance_software	9.18.3.46
cisco	adaptive_security_appliance_software	9.18.3.53
cisco	adaptive_security_appliance_software	9.18.3.55
cisco	adaptive_security_appliance_software	9.19.1
cisco	adaptive_security_appliance_software	9.19.1.5
cisco	adaptive_security_appliance_software	9.19.1.9
cisco	adaptive_security_appliance_software	9.19.1.12
cisco	adaptive_security_appliance_software	9.19.1.18
cisco	firepower_threat_defense	6.2.3
cisco	firepower_threat_defense	6.2.3.1
cisco	firepower_threat_defense	6.2.3.2
cisco	firepower_threat_defense	6.2.3.3
cisco	firepower_threat_defense	6.2.3.4
cisco	firepower_threat_defense	6.2.3.5
cisco	firepower_threat_defense	6.2.3.6
cisco	firepower_threat_defense	6.2.3.7
cisco	firepower_threat_defense	6.2.3.8
cisco	firepower_threat_defense	6.2.3.9
cisco	firepower_threat_defense	6.2.3.10
cisco	firepower_threat_defense	6.2.3.11
cisco	firepower_threat_defense	6.2.3.12
cisco	firepower_threat_defense	6.2.3.13
cisco	firepower_threat_defense	6.2.3.14
cisco	firepower_threat_defense	6.2.3.15
cisco	firepower_threat_defense	6.2.3.16
cisco	firepower_threat_defense	6.2.3.17
cisco	firepower_threat_defense	6.2.3.18
cisco	firepower_threat_defense	6.4.0
cisco	firepower_threat_defense	6.4.0.1
cisco	firepower_threat_defense	6.4.0.2
cisco	firepower_threat_defense	6.4.0.3
cisco	firepower_threat_defense	6.4.0.4
cisco	firepower_threat_defense	6.4.0.5
cisco	firepower_threat_defense	6.4.0.6
cisco	firepower_threat_defense	6.4.0.7
cisco	firepower_threat_defense	6.4.0.8
cisco	firepower_threat_defense	6.4.0.9
cisco	firepower_threat_defense	6.4.0.10
cisco	firepower_threat_defense	6.4.0.11
cisco	firepower_threat_defense	6.4.0.12
cisco	firepower_threat_defense	6.4.0.13
cisco	firepower_threat_defense	6.4.0.14
cisco	firepower_threat_defense	6.4.0.15
cisco	firepower_threat_defense	6.4.0.16
cisco	firepower_threat_defense	6.6.0
cisco	firepower_threat_defense	6.6.0.1
cisco	firepower_threat_defense	6.6.1
cisco	firepower_threat_defense	6.6.3
cisco	firepower_threat_defense	6.6.4
cisco	firepower_threat_defense	6.6.5
cisco	firepower_threat_defense	6.6.5.1
cisco	firepower_threat_defense	6.6.5.2
cisco	firepower_threat_defense	6.6.7
cisco	firepower_threat_defense	6.6.7.1
cisco	firepower_threat_defense	6.7.0
cisco	firepower_threat_defense	6.7.0.1
cisco	firepower_threat_defense	6.7.0.2
cisco	firepower_threat_defense	6.7.0.3
cisco	firepower_threat_defense	7.0.0
cisco	firepower_threat_defense	7.0.0.1
cisco	firepower_threat_defense	7.0.1
cisco	firepower_threat_defense	7.0.1.1
cisco	firepower_threat_defense	7.0.2
cisco	firepower_threat_defense	7.0.2.1
cisco	firepower_threat_defense	7.0.3
cisco	firepower_threat_defense	7.0.4
cisco	firepower_threat_defense	7.0.5
cisco	firepower_threat_defense	7.0.6
cisco	firepower_threat_defense	7.1.0
cisco	firepower_threat_defense	7.1.0.1
cisco	firepower_threat_defense	7.1.0.2
cisco	firepower_threat_defense	7.1.0.3
cisco	firepower_threat_defense	7.2.0
cisco	firepower_threat_defense	7.2.0.1
cisco	firepower_threat_defense	7.2.1
cisco	firepower_threat_defense	7.2.2
cisco	firepower_threat_defense	7.2.3
cisco	firepower_threat_defense	7.2.4
cisco	firepower_threat_defense	7.2.4.1
cisco	firepower_threat_defense	7.2.5
cisco	firepower_threat_defense	7.3.0
cisco	firepower_threat_defense	7.3.1
cisco	firepower_threat_defense	7.3.1.1
cisco	firepower_threat_defense	7.4.0

JSON

To clipboard

{
  "cisaActionDue": "2023-10-04",
  "cisaExploitAdd": "2023-09-13",
  "cisaRequiredAction": "Apply mitigations per vendor instructions for group-lock and vpn-simultaneous-logins or discontinue use of the product for unsupported devices.",
  "cisaVulnerabilityName": "Cisco Adaptive Security Appliance and Firepower Threat Defense Unauthorized Access Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D482F818-0A8E-49D7-8E3E-0958019FA629",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E7BFB57-BC02-4930-A02F-83583E6A0FC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "026F1960-C879-4611-A60A-96311B63CCA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAF8B33E-0C95-467D-A865-0A234E69D0CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFF144F5-D933-4DE4-818C-001BD9E3958A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "00112ED3-FE7B-425B-9A28-1E5F2BC8BB01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDD491D5-FAAB-493F-91A6-D2F3B5F5970E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "1519F49D-588F-4B70-B38F-EF4F3E13FEAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "15354443-5EB7-4712-B2DE-61DB33830759",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "248D6B44-E134-4DEC-A947-636824E3FDFA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "0820A79C-F3EF-407F-9AC7-DCAB4CD39C89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D3E8805-85D2-4345-8076-039513209A31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "14BB907B-D75A-4F5E-B20D-5457A71A70EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "F118B803-4C55-436A-A136-0C1FEA49858F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.38:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A272121-408E-45F6-A2A1-0BA6EBC060A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "980CEA3B-5A81-4E8C-BEA3-DD31BE7DA2CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3910211-D4DB-4CA7-BBEA-DD8246FF10ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "C260BF30-7A33-4C70-9509-404856C93666",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF894850-39EC-4B57-BBFF-F1AB4F8389A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1FAFCF9-0ABE-483E-9604-329762BB7870",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "83DB4278-3126-4765-97C4-6C0A8C78DA78",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "174E631B-6099-47DE-8790-BBF4B7FDB8CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FE3538B-F612-4105-BFDE-A4B594482DCF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "3143B0FF-C855-485E-A908-E48974B1643C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "26DD9992-6D98-4E03-9599-ECF38A186FBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "24DCEAE6-355B-40AE-A7C8-AF744FCA8A86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "2097E81E-B422-4B93-AF09-F300A0E8AF71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "454DEA31-A607-4054-82D3-24A4FEB7358F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "57F0B213-8187-4465-84F1-FB8D92B36020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "E540771E-BA0B-42D1-8251-B576B0F142C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEC2A833-BECF-4000-A592-6113A84C2D20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "077F1416-924A-4D25-9CEE-3BD66A96A019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BDC8D92-D6E0-40EE-B190-D2B32C7DEB75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "23CD5619-E534-4F40-998D-39DC19FA0451",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5D0EB11-14B1-44B3-8D46-B9DD872F772C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FA399CF-12DB-42E0-A66F-14508B52A453",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B5A7608-E737-420E-9B5E-836600DAC701",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.32:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7EB6801-336D-4F41-ADE7-1C58C63C3F6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "8413DA41-02A5-4269-8C88-9DD5076AF91B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.34:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA00285F-6914-4749-8A47-FC4EDAFFF3C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "4AA4D367-32B9-4F54-8352-A959F61A1FDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "2259FF9E-0C8B-440F-B1AC-51BDE3F60E68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C522B55-904D-4C08-B73E-1457D877C0AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "4483056A-FBF3-4E00-81EB-1E97334EF240",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.43:*:*:*:*:*:*:*",
              "matchCriteriaId": "48677330-06AB-4C7F-B2AD-F7E465A9632A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.44:*:*:*:*:*:*:*",
              "matchCriteriaId": "7AEA80D2-5DB8-4334-9A88-7DDE395832C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.45:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB1C38A5-1028-4AD3-8CC7-A00091091E76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.46:*:*:*:*:*:*:*",
              "matchCriteriaId": "848147B2-C49A-43F6-9069-FC8885BDFDA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.48:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6FEF0DA-741E-4361-8143-068EB47D6520",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F002FD55-F881-450E-BC1B-8073E188F47E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA940C4F-13BB-465F-BB8D-CBD0109BF012",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B0434F5-9A50-4B57-9C5B-E09415D098C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE727035-06CB-4E37-A9D2-96BD54502120",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FE52B81-2CF8-48E5-A7BA-A163A25A669B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8E8D7C9-5272-40E6-869B-B33959F9F0CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE8D5D71-5C85-4644-8A84-F073549ADB50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "0790DDC2-7BA0-42DC-A157-754C0CBBE178",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "882394EA-70C8-4D86-9AEF-5D273D8E518C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "855AD3CC-F404-48C5-80D2-7F2765D16D72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "26B6BF72-9124-4213-B3C0-BD31B46E8C91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE8FBE89-8FDA-4B9B-BA1A-90FFD482A585",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "149C3872-8DA9-48DD-ADD0-2E84C1A76A40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2D33E8C-294A-4C43-8DB6-9DA9F61F0B3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E23ACB0-DF8B-4672-A819-4DCD3104CE4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4723B88-62BA-40E6-AA89-BAC02D6A036F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C698819-3C8E-4A16-8F52-42FF1E54C076",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D3CE74E-59E7-448A-8417-18F97C05C798",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "0986C171-0E75-4F6F-A9BD-276830104E5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "66A2777A-7831-4324-AEB2-5D93B5F6C04B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "37045680-9189-4B7F-A4F7-4E682FE20A09",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6C9F37B-CF3C-4861-A969-C7CF4946274A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A1DAF21-3FED-4691-9D4C-8FD8CEA7FB3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB938E58-4963-4A31-8836-88E958592B30",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E317897-EE97-44F3-96BB-E54228D72A7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EF7FAB2-158D-4C48-9246-E7AD3BF1D801",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.37:*:*:*:*:*:*:*",
              "matchCriteriaId": "056D43AE-ECDB-40D2-A196-18DDCD02629E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.38:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3E555F3-3580-4D71-8D8D-92FE72763D62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "93013503-8B9A-4160-AF7E-277958FA6E9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3B009FD-0F2B-4511-8EDF-C3E670623F89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "52579D8D-E855-42B3-B406-32DD1C39F721",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.47:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7E44FC6-12A2-4F76-A095-28F3804B619F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.48:*:*:*:*:*:*:*",
              "matchCriteriaId": "42917E5E-E362-4B40-B2B2-3C77BA35641C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.50:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF317FA3-EBF3-49BB-A9E6-0D4295FA3F60",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.52:*:*:*:*:*:*:*",
              "matchCriteriaId": "F98B1683-914F-43D3-AE1C-311D3A90BE8C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.54:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8D24656-CAB1-4A98-A440-482927FEDD16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.55:*:*:*:*:*:*:*",
              "matchCriteriaId": "E504557C-DA5D-4D0F-A813-4CE7D5109F15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.56:*:*:*:*:*:*:*",
              "matchCriteriaId": "04D2A067-C717-4921-BBF5-3EFBE02736EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.58:*:*:*:*:*:*:*",
              "matchCriteriaId": "36DDEC5B-4BEA-499C-9F34-BB3D39B7A963",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "52D83C3A-ED0B-42D5-A08A-97D27E189875",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "A649E319-D408-4AA2-8293-C9E37AF14BA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4187EFE-4D7E-4493-A6E0-24C98256CF79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "6730194F-5069-40AB-AE66-871D3992560C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E257F98-D1A0-4D28-9504-1749CC090D49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FF1A5FC-73BE-4218-86D9-2E81FA64EABD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E492943-6EC0-4E34-9DBC-DD1C2CF1CDCC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "589E46F3-8038-4B87-8C40-55C6268B82F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F3B73F6-139E-42DC-B895-DDD17B5A1138",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A2590E7-FE04-4B29-B36B-AABAA5F3B9AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E4FD5E3-7E82-4294-8B05-D2045D857029",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E998A4A-5346-4CFA-A617-FD1106C6B7A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "91265549-A16E-4A00-A031-4F1EB8D6881C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA3C316B-5485-4CDD-A1A1-6C0A9CB4719F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECE6D033-7B8B-4F61-B653-0C0EF13466EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "14441650-DAD5-4959-83DF-4D6F3D6A05FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B21ABC9-A64B-43E4-8951-1E6C0F427DBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "A48EC041-322F-422D-B95B-0FC07BDA2B6B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE0D50C0-DADB-4747-8649-8A5257111FE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEE2699F-353F-44CB-A778-981783DDC31F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D8E50BD-1FBD-483B-9C27-70E95C732E55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "F46E5E4F-787C-4C05-B1E7-C39BB9125D16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6A29312-38E7-456B-94DD-4D7329691114",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "27F7BB31-C733-4C32-BF0F-33B5AF020156",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC313568-33A6-435B-98FF-8A7091D9C451",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F85710A-28CE-4913-8523-356461908FBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6069950-016B-419A-B754-D58956CB6D14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A2F3FEC-624F-47C5-B056-836861BB038A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA0B9B73-A9E6-4924-9EAE-B57E534938FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "012812C4-EFF8-465F-A771-134BEB617CC9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "E06141A9-8C37-445A-B58A-45739AFE7D4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "7EDC09E5-51D3-4672-B910-B34A9CBD6128",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "71ED7A71-81CB-444C-A4ED-EA4A58D5E73C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "CAD13331-0EB8-4C8D-85CC-D96CA9F829AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "7137F22B-F993-4620-9378-9412DAEA9EF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "923A40E8-6456-4288-B9AB-DBF5F9C4246A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "13F57A86-6284-4269-823E-B30C57185D14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.1.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6560447-039C-40FA-A24D-C8994AC2743B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "378ED826-F5FE-40BA-9FC0-9C185A13518B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "130B6FD9-764D-4EF8-91AA-37E52AE9B3E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "225861CE-FFF8-4AFA-A07B-CB8D5BC9C361",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD08C4E8-3ADB-4048-9B3C-4F0385201523",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4875811-F209-49ED-B310-8377B2F87FF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "99C52C7B-B626-4A3C-A2EC-28A20E7FA95F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "08CCBF5E-257A-4A1F-8930-3643A9588838",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "782BC9ED-1395-472B-9F34-DED812AA5BFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "153449C0-B93F-49A2-8A6A-BE84305E8D2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "853A002C-839A-4372-8485-750A86E9F6E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "C62BB5D6-CE75-4C83-82DC-4148EF8CB1F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "D32F1365-EAF8-4570-B2FF-45E47E8586F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFD07F9B-6BB3-4423-8DBE-4E89A6478E65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "34FE4F28-B704-4325-AE8A-C790163FEE71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "E832BC0C-8439-4779-9064-C2D93F231031",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA99DF94-D031-4375-9A16-306606FE28F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC149D03-5609-46E6-A1B3-F4D91F282B49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.27:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5D7FC6F-1370-4272-97E5-226C2ED1D335",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.38:*:*:*:*:*:*:*",
              "matchCriteriaId": "164D5774-D51B-47C6-AD32-ED6B84E78BBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "27ACBA2A-87A7-4836-A474-AFD7D22F820D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "C73E0B2E-BABF-4998-A1D7-4E803F9D78AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "59306ADF-FAA6-4970-ADFB-C5D9A5AEF1AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "959107AC-E9EC-467C-901B-A3164E3762E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F944F8F-0255-42BE-BD44-D21EC9F0FFC4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F39C535-5A41-47CE-A9CF-B360998D4BF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9CEAEFC-7B82-41F9-A09D-C86A3A60A4FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "40FAC31D-19C0-4BA0-A019-C7E7A0BA0B5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "6CAAFE0F-416F-4BCA-BA37-30EAEADA8AFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BA16A6D-2747-4DAC-A30A-166F1FD906FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "289F9874-FC01-4809-9BDA-1AF583FB60B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "74EDFC67-E4EE-4D2C-BF9F-5881C987C662",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "826869BE-4874-4BBA-9392-14851560BA10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF52D477-3045-45D1-9FD3-12F396266463",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "88E310BF-F1F6-4124-A875-81967B9B531E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B330F8F-F0DA-472C-A932-AD1D232C7DB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BF59DAA-268C-4FCF-A0AA-7967128AEBC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.46:*:*:*:*:*:*:*",
              "matchCriteriaId": "140ED95D-173C-4ADB-A2E6-97F0D595D1AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.53:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC9B00E1-3E50-4356-B6D9-F84BCD552402",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.55:*:*:*:*:*:*:*",
              "matchCriteriaId": "552319A9-01F7-47BA-83B3-B2DD648AA07E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEE52F59-AABA-4069-A909-64AD5DFD2B18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "20D7966E-B02B-48C8-BF96-723DD6C25314",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA618249-E76F-4104-9326-C9F2DC8DE3D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C925E1F-6BD9-4CD1-8AC4-4263A9094786",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5EE76D9-6D18-4823-B6B0-E1394A4D140C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D726F07-06F1-4B0A-B010-E607E0C2A280",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FAD2427-82A3-4E64-ADB5-FA4F40B568F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "08D5A647-AC21-40AC-8B3C-EE5D3EDA038A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BAE999A-5244-46CF-8C12-D68E789BDEE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6468D3D-C5A7-4FAE-B4B9-AD862CD11055",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6E4808D-592E-46A6-A83A-A46227D817B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AB45136-ACCD-4230-8975-0EBB30D5B375",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2C39AC1-1B96-4253-9FC8-4CC26D6261F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE9102C8-F211-4E50-967F-FD51C7FC904F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4933642-89E5-4909-AD3C-862CD3B77790",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9A6C776-79B3-47ED-B013-100B8F08E1C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "E504F28A-44CE-4B3E-9330-6A98728E3AEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEA0DD43-D206-4C1C-8B17-DA47F96B3BAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "1983172D-4F52-479F-BF14-A84B92D36864",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "4122D982-A57A-4249-A8DC-CE9FC6C98803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "96464380-F665-4266-B0AD-693E078C9F82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C230B8A-570D-4F58-83E1-AFA50B813EA4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD3F39CB-C4C2-4B13-94F0-9E44322314BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "59A71873-0EB2-418F-AE33-8474A1010FA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2DF0B07-8C2A-4341-8AFF-DE7E5E5B3A43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E6BD0EE-649E-4ED6-A09C-8364335DEF52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AE11554-FE3C-4C8B-8986-5D88E4967342",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1C11983-22A8-4859-A240-571A7815FF54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "24CD0B0A-2B91-45DD-9522-8D1D3850CC9B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7026F0E-72A7-4CDF-BADC-E34FE6FADC51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "63B85369-FBAE-456C-BC99-5418B043688A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "86434346-D5F0-49BA-803E-244C3266E361",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2FA7B3C-002D-4755-B323-CA24B770A5B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1CB7EBC-F3D5-4855-A8D8-BA5AB21FD719",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2A5530C-DF29-421B-9712-3454C1769446",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "41170977-FEEA-4B51-BF98-8493096CD691",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "B05791F9-0B31-4C4C-A9BA-9268CAA45FB2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D975CBA-7F01-4A4C-991B-9571410C4F07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6D7AF29-4E08-4BFD-AFE0-994309E66F08",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2EFA476-5021-4A00-859E-1643009D6156",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6E3A5DC-A237-46E4-A4E5-F135482F984A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCD69468-8067-4A5D-B2B0-EC510D889AA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "20AE4051-FA3B-4F0B-BD3D-083A14269FF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "46A42D07-FF3E-41B4-BA39-3A5BDA4E0E61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3985EA37-2B77-45F2-ABA5-5CCC7B35CA2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "67FB5ABE-3C40-4C58-B91F-0621C2180FAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "53909FD6-EC74-4D2F-99DA-26E70400B53F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "55FE024D-0D43-40AD-9645-8C54ECF17824",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC411A8D-CD39-46F5-B8FC-6753E618FAEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "D46E2E00-BA86-4002-B67B-2C1A6C1AAAE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "91AD8BA2-EB8D-4D8B-B707-AF5C2A831998",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "85F22403-B4EE-4303-9C94-915D3E0AC944",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "828E3DE1-B62E-4FEC-AAD3-EB0E452C9CBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "596EC5DD-D7F4-44C8-B4B5-E2DC142FC486",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C356E0E6-5B87-40CF-996E-6FFEDFD82A31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBCA75A6-0A3E-4393-8884-9F3CE190641E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F3C12D3-7662-46C5-9E88-D1BE6CF605E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "046B53A0-6BC1-461A-9C28-C534CE12C4BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA889E1-4E8F-4ECE-88AC-7A240D5CBF0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D1C767F-3E06-43B7-A0CC-D51D97A053EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "43A950B0-A7CA-4CE7-A393-A18C8C41B08E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7E221CB-BD0F-4AEE-8646-998B75647714",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "225382DE-2919-48F4-9CC0-DE685EAAFDF4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBA2DFE7-F478-46EC-9832-4B2C738FC879",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "39FE5927-2421-4CBE-97EA-6AED892DA1C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D619BF54-1BA9-45D0-A876-92D7010088A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "469EA365-DED5-4436-AAC2-5553529DE700",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D94F400-5A35-41F5-B37F-E9DA6F87ED8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5364CB94-BEA3-4E9A-A2F9-EE96A2D7F8AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FD5D12-CF1A-4990-99B3-1840EFBA5611",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCD2D11D-FF08-44E4-BF67-D8DD1E701FCD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F788D156-1F1F-4A08-848B-257BC4CCE000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "795ED164-7800-4D50-8E37-665BE30190D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B0664B8-1670-4F47-A01E-089D05A9618A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6826018-5620-4924-BE92-6A245378F610",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A49A07CF-12BA-481C-B5FF-754520080A8A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "F203C7D1-AA92-4367-B7A5-EBAE6B76EE6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBC0C3DC-4761-488A-90A9-6EA45EE61526",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "62EE065B-F8B6-4125-8486-B2EE0566B27A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5245DEF8-64BE-47C9-AA3C-DF3F7F92A89F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3E08AAC-9C5E-4D18-817C-C466D1D6C4DE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a brute force attack in an attempt to identify valid username and password combinations or an authenticated, remote attacker to establish a clientless SSL VPN session with an unauthorized user.\r\n\r This vulnerability is due to improper separation of authentication, authorization, and accounting (AAA) between the remote access VPN feature and the HTTPS management and site-to-site VPN features. An attacker could exploit this vulnerability by specifying a default connection profile/tunnel group while conducting a brute force attack or while establishing a clientless SSL VPN session using valid credentials. A successful exploit could allow the attacker to achieve one or both of the following:\r\n\r \r Identify valid credentials that could then be used to establish an unauthorized remote access VPN session.\r Establish a clientless SSL VPN session (only when running Cisco ASA Software Release 9.16 or earlier).\r \r Notes:\r\n\r \r Establishing a client-based remote access VPN tunnel is not possible as these default connection profiles/tunnel groups do not and cannot have an IP address pool configured.\r This vulnerability does not allow an attacker to bypass authentication. To successfully establish a remote access VPN session, valid credentials are required, including a valid second factor if multi-factor authentication (MFA) is configured.\r \r Cisco will release software updates that address this vulnerability. There are workarounds that address this vulnerability."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la funci\u00f3n VPN de acceso remoto del software Cisco Adaptive Security Appliance (ASA) y el Software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir que un atacante remoto no autenticado lleve a cabo un ataque de fuerza bruta en un intento de identificar combinaciones v\u00e1lidas de nombre de usuario y contrase\u00f1a o un atacante remoto autenticado para establecer una sesi\u00f3n VPN SSL sin cliente con un usuario no autorizado. Esta vulnerabilidad se debe a una separaci\u00f3n inadecuada de autenticaci\u00f3n, autorizaci\u00f3n y contabilidad (AAA) entre la funci\u00f3n VPN de acceso remoto y las funciones de administraci\u00f3n HTTPS y VPN de sitio a sitio. Un atacante podr\u00eda aprovechar esta vulnerabilidad especificando un perfil de conexi\u00f3n predeterminada profile/tunnel group mientras realiza un ataque de fuerza bruta o establece una sesi\u00f3n VPN SSL sin cliente utilizando credenciales v\u00e1lidas. Un exploit exitoso podr\u00eda permitir al atacante lograr uno o ambos de los siguientes: Identificar credenciales v\u00e1lidas que luego podr\u00edan usarse para establecer una sesi\u00f3n VPN de acceso remoto no autorizada. Establezca una sesi\u00f3n VPN SSL sin cliente (solo cuando ejecute la versi\u00f3n 9.16 o anterior del software Cisco ASA). Notas: No es posible establecer un t\u00fanel VPN de acceso remoto basado en cliente ya que estos perfiles de conexi\u00f3n predeterminados profile/tunnel group no tienen ni pueden tener un grupo de direcciones IP configurado. Esta vulnerabilidad no permite que un atacante eluda la autenticaci\u00f3n. Para establecer con \u00e9xito una sesi\u00f3n VPN de acceso remoto, se requieren credenciales v\u00e1lidas, incluido un segundo factor v\u00e1lido si est\u00e1 configurada la autenticaci\u00f3n multifactor (MFA). Cisco lanzar\u00e1 actualizaciones de software que aborden esta vulnerabilidad. Existen workarounds que abordan esta vulnerabilidad."
    }
  ],
  "id": "CVE-2023-20269",
  "lastModified": "2025-02-24T15:08:29.397",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.1,
        "impactScore": 1.4,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 9.1,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.2,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-09-06T18:15:08.303",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ravpn-auth-8LyfCkeC"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ravpn-auth-8LyfCkeC"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-288"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-863"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2021-10-27 19:15

Modified

2025-07-07 12:40

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

Multiple Cisco products are affected by a vulnerability in Snort rules that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.The vulnerability is due to improper handling of the Block with Reset or Interactive Block with Reset actions if a rule is configured without proper constraints. An attacker could exploit this vulnerability by sending a crafted IP packet to the affected device. A successful exploit could allow the attacker to cause through traffic to be dropped. Note: Only products with Snort3 configured and either a rule with Block with Reset or Interactive Block with Reset actions configured are vulnerable. Products configured with Snort2 are not vulnerable.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-dos-RywH7ezM	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-dos-RywH7ezM	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	secure_firewall_management_center	3.1.0.1
cisco	snort	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "17F461B5-E600-4C81-BA3C-1DBC90D4D438",
              "versionEndExcluding": "6.4.0.13",
              "versionStartIncluding": "6.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDF402F7-DFC5-4A83-A209-9905AE54C49F",
              "versionEndExcluding": "6.6.5.1",
              "versionStartIncluding": "6.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "98DEDDAB-B8C5-4753-A208-94638E694FC1",
              "versionEndExcluding": "6.7.0.3",
              "versionStartIncluding": "6.7.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B2F537A-A488-45B6-AD4B-48B7064AE84C",
              "versionEndExcluding": "7.0.1",
              "versionStartIncluding": "7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:3.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E394E28-4638-426A-B2A1-5EB15C36D711",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:snort:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "48DC22E6-B93B-4700-99C1-D6C95F0A1683",
              "versionEndExcluding": "3.1.0.100",
              "versionStartIncluding": "3.0.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple Cisco products are affected by a vulnerability in Snort rules that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.The vulnerability is due to improper handling of the Block with Reset or Interactive Block with Reset actions if a rule is configured without proper constraints. An attacker could exploit this vulnerability by sending a crafted IP packet to the affected device. A successful exploit could allow the attacker to cause through traffic to be dropped. Note: Only products with Snort3 configured and either a rule with Block with Reset or Interactive Block with Reset actions configured are vulnerable. Products configured with Snort2 are not vulnerable."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples productos de Cisco est\u00e1n afectados por una vulnerabilidad en las reglas de Snort que podr\u00eda permitir a un atacante remoto no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado. La vulnerabilidad es debido al manejo inapropiado de las acciones de Bloqueo con Reinicio o Bloqueo Interactivo con Reinicio si una regla est\u00e1 configurada sin las restricciones apropiadas. Un atacante podr\u00eda aprovechar esta vulnerabilidad mediante el env\u00edo de un paquete IP dise\u00f1ado al dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar una ca\u00edda del tr\u00e1fico de paso. Nota: S\u00f3lo son vulnerables los productos con Snort3 configurado y con una regla con acciones de bloqueo con reinicio o de bloqueo interactivo con reinicio. Los productos configurados con Snort2 no son vulnerables"
    }
  ],
  "id": "CVE-2021-40116",
  "lastModified": "2025-07-07T12:40:02.540",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-10-27T19:15:08.717",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-dos-RywH7ezM"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-dos-RywH7ezM"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-241"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-10-21 19:15

Modified

2024-11-21 05:30

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Summary

A vulnerability in the web interface of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to a lack of proper input validation of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. An exploit could allow the attacker to cause a DoS condition. Note: This vulnerability applies to IP Version 4 (IPv4) and IP Version 6 (IPv6) HTTP traffic.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-webdos-fBzM5Ynw	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-webdos-fBzM5Ynw	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDD51404-99D0-45D6-8998-02861FF10108",
              "versionEndExcluding": "9.6.4.45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB4FADF7-A3CD-44B4-85DF-75F28369B459",
              "versionEndExcluding": "6.3.0.6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "53C69C8B-5A19-4613-8861-683CF21806B7",
              "versionEndExcluding": "6.4.0.10",
              "versionStartIncluding": "6.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3ED0E59C-146C-494F-AD46-F6FB43F9C575",
              "versionEndExcluding": "6.5.0.5",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "754010DE-2C33-4BA1-9567-90C46309B664",
              "versionEndExcluding": "6.6.1",
              "versionStartIncluding": "6.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B21DFF6A-F104-4636-9372-8F94AED29354",
              "versionEndExcluding": "9.8.4.22",
              "versionStartIncluding": "9.8.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E16D2CA3-B494-4348-BF0C-03969D1423D0",
              "versionEndExcluding": "9.9.2.80",
              "versionStartIncluding": "9.9.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFF8B79C-41E6-4367-8A37-C1A41DA8345E",
              "versionEndExcluding": "9.10.1.44",
              "versionStartIncluding": "9.10.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A295D790-92A2-43E1-805B-EB033E8DFA27",
              "versionEndExcluding": "9.12.3.12",
              "versionStartIncluding": "9.12.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "00E5D38D-07C2-4543-96B0-7FB9582A37FB",
              "versionEndExcluding": "9.13.1.12",
              "versionStartIncluding": "9.13.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FCB8C11-7C49-472E-A003-DCEC9071D00F",
              "versionEndExcluding": "9.14.1.10",
              "versionStartIncluding": "9.14.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the web interface of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to a lack of proper input validation of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. An exploit could allow the attacker to cause a DoS condition. Note: This vulnerability applies to IP Version 4 (IPv4) and IP Version 6 (IPv6) HTTP traffic."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la interfaz web de Cisco Adaptive Security Appliance (ASA) Software y Firepower Threat Defense (FTD) Software, podr\u00eda permitir a un atacante remoto no autenticado causar que un dispositivo afectado se recargue inesperadamente, resultando en una condici\u00f3n de denegaci\u00f3n de servicio (DoS).\u0026#xa0;La vulnerabilidad es debido a una falta de comprobaci\u00f3n apropiada de entrada de las peticiones HTTP.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de una petici\u00f3n HTTP dise\u00f1ada hacia un dispositivo afectado.\u0026#xa0;Una explotaci\u00f3n podr\u00eda permitir al atacante causar una condici\u00f3n de DoS.\u0026#xa0;Nota: Esta vulnerabilidad se aplica al tr\u00e1fico HTTP IP versi\u00f3n 4 (IPv4) e IP versi\u00f3n 6 (IPv6)"
    }
  ],
  "id": "CVE-2020-3304",
  "lastModified": "2024-11-21T05:30:46.330",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-10-21T19:15:15.623",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-webdos-fBzM5Ynw"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-webdos-fBzM5Ynw"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2019-05-03 15:29

Modified

2024-11-21 04:37

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Summary

A vulnerability in the TCP processing engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to the improper handling of TCP traffic. An attacker could exploit this vulnerability by sending a specific sequence of packets at a high rate through an affected device. A successful exploit could allow the attacker to temporarily disrupt traffic through the device while it reboots.

References

URL	Tags
psirt@cisco.com	http://www.securityfocus.com/bid/108160	Third Party Advisory, VDB Entry
psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-frpwrtd-dos	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/108160	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-frpwrtd-dos	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	asa_5505	-
cisco	asa_5510	-
cisco	asa_5512-x	-
cisco	asa_5515-x	-
cisco	asa_5520	-
cisco	asa_5525-x	-
cisco	asa_5540	-
cisco	asa_5545-x	-
cisco	asa_5550	-
cisco	asa_5555-x	-
cisco	asa_5580	-
cisco	asa_5585-x	-
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "79F0345E-5661-4119-8620-8A1F42E97128",
              "versionEndExcluding": "9.4.4.34",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7789E32-76B1-4D16-A556-B6B5A8CDB5A0",
              "versionEndExcluding": "9.6.4.25",
              "versionStartIncluding": "9.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C812C8D5-3159-434C-8B9F-8CB0A8767923",
              "versionEndExcluding": "9.8.4",
              "versionStartIncluding": "9.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABCD2AF8-97D4-45C6-B80E-D5FA9B719BD5",
              "versionEndExcluding": "9.9.2.50",
              "versionStartIncluding": "9.9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4C6B343-2D4D-4C7E-A59E-629773DD2E60",
              "versionEndExcluding": "9.10.1.17",
              "versionStartIncluding": "9.10",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E6A8BB7-2000-4CA2-9DD7-89573CE4C73A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B091B9BA-D4CA-435B-8D66-602B45F0E0BD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08F0F160-DAD2-48D4-B7B2-4818B2526F35",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "977D597B-F6DE-4438-AB02-06BE64D71EBE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5520:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B387F62-6341-434D-903F-9B72E7F84ECB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB71EB29-0115-4307-A9F7-262394FD9FB0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5540:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C5A524-E1D9-480F-B655-0680AA5BF720",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5545-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57179F60-E330-4FF0-9664-B1E4637FF210",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5550:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6287D95-F564-44B7-A0F9-91396D7C2C4E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5535C936-391B-4619-AA03-B35265FC15D7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1E828B8-5ECC-4A09-B2AD-DEDC558713DE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16AE20C2-C77E-4E04-BF13-A48696E52426",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "15251834-D900-42F9-AC0B-4167CE851116",
              "versionEndExcluding": "6.2.3.12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A16803C-579C-4992-B37E-7CEC17307659",
              "versionEndExcluding": "6.3.0.3",
              "versionStartIncluding": "6.3.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the TCP processing engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to the improper handling of TCP traffic. An attacker could exploit this vulnerability by sending a specific sequence of packets at a high rate through an affected device. A successful exploit could allow the attacker to temporarily disrupt traffic through the device while it reboots."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el  TCP processing engine of Cisco Adaptive Security Appliance (ASA) el Programa y Cisco Firepower Threat Defense (FTD) El programa podr\u00eda permitir que un atacante remoto no autenticado provoque la recarga de un dispositivo afectado, lo que provocar\u00eda una condici\u00f3n de denegaci\u00f3n de servicio(DoS). La vulnerabilidad se debe al manejo inapropiado del tr\u00e1fico TCP. Un atacante podr\u00eda explotar esta vulnerabilidad enviando una secuencia espec\u00edfica de paquetes a una alta velocidad a trav\u00e9s de un dispositivo afectado. Un exploit con \u00e9xito podr\u00eda permitir al atacante interrumpir temporalmente el tr\u00e1fico a trav\u00e9s del dispositivo mientras se reinicia."
    }
  ],
  "id": "CVE-2019-1694",
  "lastModified": "2024-11-21T04:37:07.030",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-05-03T15:29:01.040",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/108160"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-frpwrtd-dos"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/108160"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-frpwrtd-dos"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-10-21 19:15

Modified

2024-11-21 05:31

Severity ?

6.8 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

A vulnerability in the SIP inspection process of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a crash and reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to a watchdog timeout and crash during the cleanup of threads that are associated with a SIP connection that is being deleted from the connection list. An attacker could exploit this vulnerability by sending a high rate of crafted SIP traffic through an affected device. A successful exploit could allow the attacker to cause a watchdog timeout and crash, resulting in a crash and reload of the affected device.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-sipdos-3DGvdjvg	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-sipdos-3DGvdjvg	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	6.6.0
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "149E9B2D-1E8D-481B-B4C2-687723A78CE5",
              "versionEndExcluding": "9.6.4.43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2330600D-6AB1-4912-A595-2AE167853B93",
              "versionEndIncluding": "6.2.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D27DE97-510A-4761-8184-6940745B54E2",
              "versionEndExcluding": "6.3.0.6",
              "versionStartIncluding": "6.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "53C69C8B-5A19-4613-8861-683CF21806B7",
              "versionEndExcluding": "6.4.0.10",
              "versionStartIncluding": "6.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3ED0E59C-146C-494F-AD46-F6FB43F9C575",
              "versionEndExcluding": "6.5.0.5",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCD69468-8067-4A5D-B2B0-EC510D889AA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6AD3C10-9525-4D50-BAF4-1989B3763ED5",
              "versionEndExcluding": "9.8.4.24",
              "versionStartIncluding": "9.7.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E16D2CA3-B494-4348-BF0C-03969D1423D0",
              "versionEndExcluding": "9.9.2.80",
              "versionStartIncluding": "9.9.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7036D010-F764-4899-A7B3-456084FC1392",
              "versionEndExcluding": "9.10.1.43",
              "versionStartIncluding": "9.10.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7A573BF-C6E7-4985-9B93-928584F7A986",
              "versionEndExcluding": "9.12.4.2",
              "versionStartIncluding": "9.12.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4148D30-F285-4045-A017-82F5BF074233",
              "versionEndExcluding": "9.13.1.13",
              "versionStartIncluding": "9.13.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "97B216C8-49C2-43DA-9D7C-3290B5EBF334",
              "versionEndExcluding": "9.14.1.19",
              "versionStartIncluding": "9.14.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the SIP inspection process of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a crash and reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to a watchdog timeout and crash during the cleanup of threads that are associated with a SIP connection that is being deleted from the connection list. An attacker could exploit this vulnerability by sending a high rate of crafted SIP traffic through an affected device. A successful exploit could allow the attacker to cause a watchdog timeout and crash, resulting in a crash and reload of the affected device."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el proceso de inspecci\u00f3n SIP de Cisco Adaptive Security Appliance (ASA) Software y Cisco Firepower Threat Defense (FTD) Software, podr\u00eda permitir a un atacante remoto no autenticado causar un bloqueo y la recarga de un dispositivo afectado, resultando en una condici\u00f3n de denegaci\u00f3n de servicio ( DoS).\u0026#xa0;La vulnerabilidad es debido a un tiempo de espera del watchdog y un bloqueo durante la limpieza de los subprocesos que est\u00e1n asociados con una conexi\u00f3n SIP que est\u00e1 siendo eliminada de la lista de conexiones.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de una alta tasa de tr\u00e1fico SIP dise\u00f1ado por medio de un dispositivo afectado.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir a un atacante causar un tiempo de espera del watchdog y un bloqueo, resultando en un bloqueo y la recarga del dispositivo afectado"
    }
  ],
  "id": "CVE-2020-3555",
  "lastModified": "2024-11-21T05:31:18.387",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-10-21T19:15:17.513",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-sipdos-3DGvdjvg"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-sipdos-3DGvdjvg"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-404"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-404"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2019-10-02 19:15

Modified

2024-11-21 04:23

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

Multiple vulnerabilities in the CLI of Cisco FXOS Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute commands on the underlying operating system (OS) with root privileges. These vulnerabilities are due to insufficient input validation. An attacker could exploit these vulnerabilities by including crafted arguments to specific CLI commands. A successful exploit could allow the attacker to execute commands on the underlying OS with root privileges.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-fxos-cmd-inject	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-fxos-cmd-inject	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_9300_firmware	2.4\(1.214\)
cisco	firepower_9300_firmware	2.4\(1.216\)
cisco	firepower_9300_firmware	2.4\(2.54\)
cisco	firepower_9300_firmware	r241
cisco	firepower_9300	-
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_1000	-
cisco	firepower_2100	-
cisco	firepower_extensible_operating_system	*
cisco	firepower_extensible_operating_system	*
cisco	firepower_extensible_operating_system	*
cisco	firepower_4100	-
cisco	firepower_9300	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:firepower_9300_firmware:2.4\\(1.214\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "161C90D0-2257-48B6-A77F-D3BDBE129B04",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_9300_firmware:2.4\\(1.216\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "92DD9BE2-301F-4773-8028-CFE376E775FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_9300_firmware:2.4\\(2.54\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "AFA20FE6-2364-43C9-BCD4-720159BD08B5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_9300_firmware:r241:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9204F1F-5094-40F5-88C2-A709E599FFE8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "07DAFDDA-718B-4B69-A524-B0CEB80FE960",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC5F3455-0918-4F29-987F-376FF74F8CE0",
              "versionEndIncluding": "6.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C50547D-4EEE-40B2-80F3-DC0059DF5B27",
              "versionEndExcluding": "6.2.3.14",
              "versionStartIncluding": "6.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A16803C-579C-4992-B37E-7CEC17307659",
              "versionEndExcluding": "6.3.0.3",
              "versionStartIncluding": "6.3.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6F79864-CA70-4192-AC2C-E174DF3F25B2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D23A26EF-5B43-437C-A962-4FC69D8A0FF4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E80B3246-5C14-4F5E-B105-DA354CE54E99",
              "versionEndExcluding": "2.2.2.101",
              "versionStartIncluding": "2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D69E67A-C3CE-4714-9DFF-6D4FAD4FA3BB",
              "versionEndExcluding": "2.3.1.155",
              "versionStartIncluding": "2.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "205AC1E3-B978-45B9-A6C2-FDCC7EBB73D4",
              "versionEndExcluding": "2.4.1.238",
              "versionStartIncluding": "2.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E9552E6-0B9B-4B32-BE79-90D4E3887A7B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_9300:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5F3E15A-5407-4C25-97AF-7E53173C6892",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple vulnerabilities in the CLI of Cisco FXOS Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute commands on the underlying operating system (OS) with root privileges. These vulnerabilities are due to insufficient input validation. An attacker could exploit these vulnerabilities by including crafted arguments to specific CLI commands. A successful exploit could allow the attacker to execute commands on the underlying OS with root privileges."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades en la CLI del Software Cisco FXOS y del Software Cisco Firepower Threat Defense (FTD), podr\u00edan permitir a un atacante local autenticado ejecutar comandos en el sistema operativo (SO) subyacente con privilegios de root. Estas vulnerabilidades son debido a una comprobaci\u00f3n de entrada insuficiente. Un atacante podr\u00eda explotar estas vulnerabilidades mediante la incorporaci\u00f3n de argumentos dise\u00f1ados en comandos espec\u00edficos de la CLI. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante ejecutar comandos sobre el sistema operativo subyacente con privilegios de root."
    }
  ],
  "id": "CVE-2019-12699",
  "lastModified": "2024-11-21T04:23:23.350",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.0,
        "impactScore": 6.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-10-02T19:15:13.733",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-fxos-cmd-inject"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-fxos-cmd-inject"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-05-06 17:15

Modified

2024-11-21 05:30

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Summary

A vulnerability in the Secure Sockets Layer (SSL)/Transport Layer Security (TLS) handler of Cisco Firepower Threat Defense (FTD) Software when running on the Cisco Firepower 1000 Series platform could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition on an affected device. The vulnerability is due to a communication error between internal functions. An attacker could exploit this vulnerability by sending a crafted SSL/TLS message to an affected device. A successful exploit could allow the attacker to cause a buffer underrun, which leads to a crash. The crash causes the affected device to reload.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tls-dos-4v5nmWtZ	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tls-dos-4v5nmWtZ	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	firepower_1010	-
cisco	firepower_1020	-
cisco	firepower_1030	-
cisco	firepower_1040	-
cisco	asa_5505_firmware	9.12\(2.12\)
cisco	asa_5505_firmware	9.13\(0.33\)
cisco	asa_5505	-
cisco	asa_5510_firmware	9.12\(2.12\)
cisco	asa_5510_firmware	9.13\(0.33\)
cisco	asa_5510	-
cisco	asa_5512-x_firmware	9.12\(2.12\)
cisco	asa_5512-x_firmware	9.13\(0.33\)
cisco	asa_5512-x	-
cisco	asa_5515-x_firmware	9.12\(2.12\)
cisco	asa_5515-x_firmware	9.13\(0.33\)
cisco	asa_5515-x	-
cisco	asa_5520_firmware	9.12\(2.12\)
cisco	asa_5520_firmware	9.13\(0.33\)
cisco	asa_5520	-
cisco	asa_5525-x_firmware	9.12\(2.12\)
cisco	asa_5525-x_firmware	9.13\(0.33\)
cisco	asa_5525-x	-
cisco	asa_5540_firmware	9.12\(2.12\)
cisco	asa_5540_firmware	9.13\(0.33\)
cisco	asa_5540	-
cisco	asa_5545-x_firmware	9.12\(2.12\)
cisco	asa_5545-x_firmware	9.13\(0.33\)
cisco	asa_5545-x	-
cisco	asa_5550_firmware	9.12\(2.12\)
cisco	asa_5550_firmware	9.13\(0.33\)
cisco	asa_5550	-
cisco	asa_5555-x_firmware	9.12\(2.12\)
cisco	asa_5555-x_firmware	9.13\(0.33\)
cisco	asa_5555-x	-
cisco	asa_5580_firmware	9.12\(2.12\)
cisco	asa_5580_firmware	9.13\(0.33\)
cisco	asa_5580	-
cisco	asa_5585-x_firmware	9.12\(2.12\)
cisco	asa_5585-x_firmware	9.13\(0.33\)
cisco	asa_5585-x	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "06741056-2BFD-4F88-917A-F581F813B69E",
              "versionEndExcluding": "6.4.0.9",
              "versionStartIncluding": "6.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FFE3880-4B85-4E23-9836-70875D5109F7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA8B5AF8-6A57-482A-9442-E857EE7E207B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1030:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9929280-2AAC-4B56-A42C-1F6EDE83988E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F29B6BC3-D716-4A3D-9679-B7BE81F719C8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5505_firmware:9.12\\(2.12\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "9D0B3813-F3A0-4513-828B-7990F899DA48",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5505_firmware:9.13\\(0.33\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "AAEA9C9F-F72A-4265-A5F6-A9D9A541991C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E6A8BB7-2000-4CA2-9DD7-89573CE4C73A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5510_firmware:9.12\\(2.12\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "58E04E88-F836-4220-9961-C46D5AF2285F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5510_firmware:9.13\\(0.33\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "DD25D50A-C319-453A-8690-38747CC061E5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B091B9BA-D4CA-435B-8D66-602B45F0E0BD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5512-x_firmware:9.12\\(2.12\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "83524681-0B3A-492A-BBA5-1E905529EEF0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5512-x_firmware:9.13\\(0.33\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "ED129635-7BB2-43FC-9FE9-C269E9D30BC4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08F0F160-DAD2-48D4-B7B2-4818B2526F35",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5515-x_firmware:9.12\\(2.12\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "A289F236-9D8D-4E6D-9E48-FD62E6AA5A2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5515-x_firmware:9.13\\(0.33\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "5DADAFCF-C950-4B8D-B88A-A446D1DA3635",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "977D597B-F6DE-4438-AB02-06BE64D71EBE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5520_firmware:9.12\\(2.12\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "10409979-E312-48FA-B690-4851C602652A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5520_firmware:9.13\\(0.33\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "65FE5EA5-1AD2-4FA6-9D3A-D21CDB7DA037",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5520:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B387F62-6341-434D-903F-9B72E7F84ECB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5525-x_firmware:9.12\\(2.12\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "8E517D3B-C730-4CD8-B15A-10151D81A1DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5525-x_firmware:9.13\\(0.33\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "DB3A269B-1C99-4D54-810A-389AF6F2B717",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB71EB29-0115-4307-A9F7-262394FD9FB0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5540_firmware:9.12\\(2.12\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "D2F4D4E6-E1AD-4B07-8DDF-B57C2A0EDC65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5540_firmware:9.13\\(0.33\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "50AAD56A-2238-4A94-A4E6-15DB26751EBC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5540:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C5A524-E1D9-480F-B655-0680AA5BF720",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5545-x_firmware:9.12\\(2.12\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "58E83502-8147-4B06-93E6-506154C7F120",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5545-x_firmware:9.13\\(0.33\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "F33C4821-430E-4962-8A1A-4E5353303507",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5545-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57179F60-E330-4FF0-9664-B1E4637FF210",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5550_firmware:9.12\\(2.12\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "0C953E75-EA5F-4FA5-927B-1F7E431B9C86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5550_firmware:9.13\\(0.33\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "EB1467EB-0AFB-4792-8DB8-9F134FA1529D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5550:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6287D95-F564-44B7-A0F9-91396D7C2C4E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5555-x_firmware:9.12\\(2.12\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "7126BDC6-13A8-4ABB-824B-DE71C73095CE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5555-x_firmware:9.13\\(0.33\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "D0DBF19E-F275-461E-9BD2-EA8645289407",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5535C936-391B-4619-AA03-B35265FC15D7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5580_firmware:9.12\\(2.12\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "188196CB-F5AE-4A6F-ABF6-3BF8CF43485D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5580_firmware:9.13\\(0.33\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "44ABBDC4-BB79-41F5-8BF9-46779098DE91",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1E828B8-5ECC-4A09-B2AD-DEDC558713DE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5585-x_firmware:9.12\\(2.12\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "D7DEA476-508E-4354-9602-56D305A85A0C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5585-x_firmware:9.13\\(0.33\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "062210FE-2A86-478F-90B1-DDEAE35639B9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16AE20C2-C77E-4E04-BF13-A48696E52426",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the Secure Sockets Layer (SSL)/Transport Layer Security (TLS) handler of Cisco Firepower Threat Defense (FTD) Software when running on the Cisco Firepower 1000 Series platform could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition on an affected device. The vulnerability is due to a communication error between internal functions. An attacker could exploit this vulnerability by sending a crafted SSL/TLS message to an affected device. A successful exploit could allow the attacker to cause a buffer underrun, which leads to a crash. The crash causes the affected device to reload."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el manejador de Secure Sockets Layer (SSL)/Transport Layer Security (TLS) del Cisco Firepower Threat Defense (FTD) Software cuando se ejecuta en la plataforma Cisco Firepower 1000 Series, podr\u00eda permitir a un atacante remoto no autenticado desencadenar una denegaci\u00f3n de servicio ( DoS) sobre un dispositivo afectado. La vulnerabilidad es debido a un error de comunicaci\u00f3n entre funciones internas. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de un mensaje SSL/TLS dise\u00f1ado hacia un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir a un atacante causar una subdesbordamiento del b\u00fafer, que conlleva a un bloqueo. El bloqueo causa que el dispositivo afectado se sobrecargue."
    }
  ],
  "id": "CVE-2020-3283",
  "lastModified": "2024-11-21T05:30:43.263",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-05-06T17:15:12.837",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tls-dos-4v5nmWtZ"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tls-dos-4v5nmWtZ"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-10-21 19:15

Modified

2024-11-21 05:31

Severity ?

6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Summary

Multiple vulnerabilities in the secure boot process of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software for the Firepower 1000 Series and Firepower 2100 Series Appliances could allow an authenticated, local attacker to bypass the secure boot mechanism. The vulnerabilities are due to insufficient protections of the secure boot process. An attacker could exploit these vulnerabilities by injecting code into specific files that are then referenced during the device boot process. A successful exploit could allow the attacker to break the chain of trust and inject code into the boot process of the device, which would be executed at each boot and maintain persistence across reboots.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-sbbyp-KqP6NgrE	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-sbbyp-KqP6NgrE	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	firepower_1010	*
cisco	firepower_1010	-
cisco	firepower_1120	-
cisco	firepower_1140	-
cisco	firepower_1150	-
cisco	firepower_2110	-
cisco	firepower_2120	-
cisco	firepower_2130	-
cisco	firepower_2140	-
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	6.6.0
cisco	firepower_1010	-
cisco	firepower_1120	-
cisco	firepower_1140	-
cisco	firepower_1150	-
cisco	firepower_2110	-
cisco	firepower_2120	-
cisco	firepower_2130	-
cisco	firepower_2140	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E38D6F74-E407-4232-86C9-178AC3D00F1C",
              "versionEndExcluding": "9.8.4.26",
              "versionStartIncluding": "9.8.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E16D2CA3-B494-4348-BF0C-03969D1423D0",
              "versionEndExcluding": "9.9.2.80",
              "versionStartIncluding": "9.9.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7036D010-F764-4899-A7B3-456084FC1392",
              "versionEndExcluding": "9.10.1.43",
              "versionStartIncluding": "9.10.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "88977C36-3EF9-44FD-8406-2A223A8FDF4A",
              "versionEndExcluding": "9.12.4.3",
              "versionStartIncluding": "9.12.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4148D30-F285-4045-A017-82F5BF074233",
              "versionEndExcluding": "9.13.1.13",
              "versionStartIncluding": "9.13.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8353B0CD-5C3F-4F18-966B-DB43DA92838E",
              "versionEndExcluding": "9.14.1.15",
              "versionStartIncluding": "9.14.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1010:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "018CB46C-D151-4D5C-9ED8-D5F57E2723CF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FFE3880-4B85-4E23-9836-70875D5109F7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "727A02E8-40A1-4DFE-A3A2-91D628D3044F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1140:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "19F6546E-28F4-40DC-97D6-E0E023FE939B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB3B0EC3-4654-4D90-9D41-7EC2AD1DDF99",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "52D96810-5F79-4A83-B8CA-D015790FCF72",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FE2945-4975-4003-AE48-7E134E167A7F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2130:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCE7122A-5AA7-4ECD-B024-E27C9D0CFB7B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2140:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "976901BF-C52C-4F81-956A-711AF8A60140",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2330600D-6AB1-4912-A595-2AE167853B93",
              "versionEndIncluding": "6.2.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D27DE97-510A-4761-8184-6940745B54E2",
              "versionEndExcluding": "6.3.0.6",
              "versionStartIncluding": "6.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "53C69C8B-5A19-4613-8861-683CF21806B7",
              "versionEndExcluding": "6.4.0.10",
              "versionStartIncluding": "6.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3ED0E59C-146C-494F-AD46-F6FB43F9C575",
              "versionEndExcluding": "6.5.0.5",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCD69468-8067-4A5D-B2B0-EC510D889AA0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FFE3880-4B85-4E23-9836-70875D5109F7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "727A02E8-40A1-4DFE-A3A2-91D628D3044F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1140:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "19F6546E-28F4-40DC-97D6-E0E023FE939B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB3B0EC3-4654-4D90-9D41-7EC2AD1DDF99",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "52D96810-5F79-4A83-B8CA-D015790FCF72",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FE2945-4975-4003-AE48-7E134E167A7F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2130:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCE7122A-5AA7-4ECD-B024-E27C9D0CFB7B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2140:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "976901BF-C52C-4F81-956A-711AF8A60140",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple vulnerabilities in the secure boot process of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software for the Firepower 1000 Series and Firepower 2100 Series Appliances could allow an authenticated, local attacker to bypass the secure boot mechanism. The vulnerabilities are due to insufficient protections of the secure boot process. An attacker could exploit these vulnerabilities by injecting code into specific files that are then referenced during the device boot process. A successful exploit could allow the attacker to break the chain of trust and inject code into the boot process of the device, which would be executed at each boot and maintain persistence across reboots."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades en el proceso de inicio seguro de Cisco Adaptive Security Appliance (ASA) Software y Firepower Threat Defense (FTD) Software para Dispositivos Firepower 1000 Series y Firepower 2100 Series podr\u00edan permitir a un atacante local autenticado omitir el mecanismo de inicio seguro.\u0026#xa0;Las vulnerabilidades son debido a protecciones insuficientes del proceso de arranque seguro.\u0026#xa0;Un atacante podr\u00eda explotar estas vulnerabilidades inyectando c\u00f3digo en archivos espec\u00edficos a los que luego se hace referencia durante el proceso de inicio del dispositivo.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir a un atacante romper la cadena de confianza e inyectar c\u00f3digo en el proceso de arranque del dispositivo, que se ejecutar\u00eda en cada arranque y mantendr\u00eda la persistencia entre los reinicios"
    }
  ],
  "id": "CVE-2020-3458",
  "lastModified": "2024-11-21T05:31:06.670",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.6,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.9,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-10-21T19:15:16.450",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-sbbyp-KqP6NgrE"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-sbbyp-KqP6NgrE"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-693"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2019-10-02 19:15

Modified

2024-11-21 04:23

Severity ?

8.2 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Summary

Multiple vulnerabilities in the multi-instance feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to escape the container for their FTD instance and execute commands with root privileges in the host namespace. These vulnerabilities are due to insufficient protections on the underlying filesystem. An attacker could exploit these vulnerabilities by modifying critical files on the underlying filesystem. A successful exploit could allow the attacker to execute commands with root privileges within the host namespace. This could allow the attacker to impact other running FTD instances.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-ftd-container-esc	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-ftd-container-esc	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	firepower_9300_firmware	-
cisco	firepower_9300	-
cisco	firepower_4115_firmware	-
cisco	firepower_4115	-
cisco	firepower_4125_firmware	-
cisco	firepower_4125	-
cisco	firepower_4145_firmware	-
cisco	firepower_4145	-
cisco	firepower_4110_firmware	-
cisco	firepower_4110	-
cisco	firepower_4120_firmware	-
cisco	firepower_4120	-
cisco	firepower_4140_firmware	-
cisco	firepower_4140	-
cisco	firepower_4150_firmware	-
cisco	firepower_4150	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4627DAB3-AEC2-4E64-A787-B2A59388422C",
              "versionEndExcluding": "6.4.0.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:firepower_9300_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "758D00BF-FE5B-4B90-8337-63E7832ABBF7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "07DAFDDA-718B-4B69-A524-B0CEB80FE960",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:firepower_4115_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E47E6035-3C82-4540-A582-0F6A3205AC8D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A694AD51-9008-4AE6-8240-98B17AB527EE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:firepower_4125_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7F8C83C-935A-46A6-882F-0622E92568AC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71DCEF22-ED20-4330-8502-EC2DD4C9838F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:firepower_4145_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "265955A5-3285-4697-8E37-4D8F75C05E41",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "81F4868A-6D62-479C-9C19-F9AABDBB6B24",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:firepower_4110_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6417E0C-87B6-4C3B-B8A5-FC1C232E188E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:firepower_4120_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C24A01DF-056B-456B-ACC7-D5C2940996B3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "38AE6DC0-2B03-4D36-9856-42530312CC46",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:firepower_4140_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "24679CC8-00D9-4DD7-A47B-F8DEB7E2A735",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3DB2822B-B752-4CD9-A178-934957E306B4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:firepower_4150_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "769776E9-4463-4F32-88FE-FA69C96D2070",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "65378F3A-777C-4AE2-87FB-1E7402F9EA1B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple vulnerabilities in the multi-instance feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to escape the container for their FTD instance and execute commands with root privileges in the host namespace. These vulnerabilities are due to insufficient protections on the underlying filesystem. An attacker could exploit these vulnerabilities by modifying critical files on the underlying filesystem. A successful exploit could allow the attacker to execute commands with root privileges within the host namespace. This could allow the attacker to impact other running FTD instances."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades en la funcionalidad de m\u00faltiples instancias del Software Cisco Firepower Threat Defense (FTD), podr\u00edan permitir a un atacante local autenticado escapar del contenedor para su instancia FTD y ejecutar comandos con privilegios de root en el espacio de nombres del host. Estas vulnerabilidades son debido a protecciones insuficientes en el sistema de archivos subyacente. Un atacante podr\u00eda explotar estas vulnerabilidades mediante la modificaci\u00f3n de archivos cr\u00edticos en el sistema de archivos subyacente. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante ejecutar comandos con privilegios de root dentro del espacio de nombres del host. Esto podr\u00eda permitir al atacante afectar otras instancias de FTD en ejecuci\u00f3n."
    }
  ],
  "id": "CVE-2019-12674",
  "lastModified": "2024-11-21T04:23:19.917",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 8.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 1.5,
        "impactScore": 6.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 8.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.5,
        "impactScore": 6.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-10-02T19:15:12.123",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-ftd-container-esc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-ftd-container-esc"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-216"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-116"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-10-21 19:15

Modified

2024-11-26 16:09

Severity ?

8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Summary

A vulnerability in the sfmgr daemon of Cisco Firepower Management Center (FMC) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to perform directory traversal and access directories outside the restricted path. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by using a relative path in specific sfmgr commands. An exploit could allow the attacker to read or write arbitrary files on an sftunnel-connected peer device.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftdfmc-dirtrav-NW8XcuSB	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftdfmc-dirtrav-NW8XcuSB	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	6.2.0
cisco	firepower_threat_defense	6.2.1
cisco	secure_firewall_management_center	*
cisco	secure_firewall_management_center	*
cisco	secure_firewall_management_center	*
cisco	secure_firewall_management_center	6.2.0
cisco	secure_firewall_management_center	6.2.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD83F585-B278-44C6-92AE-5B1CF434B17D",
              "versionEndIncluding": "6.0.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D27DE97-510A-4761-8184-6940745B54E2",
              "versionEndExcluding": "6.3.0.6",
              "versionStartIncluding": "6.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "53C69C8B-5A19-4613-8861-683CF21806B7",
              "versionEndExcluding": "6.4.0.10",
              "versionStartIncluding": "6.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1DC52A8B-7DF4-47B2-9F49-627F59656E5E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD48BE40-C647-429A-81B6-59E125BBE415",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AFD334C0-7B9C-4550-A005-86EF209B5C9A",
              "versionEndIncluding": "6.0.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7960516D-9A46-41EE-A0FE-E139A64DD62C",
              "versionEndExcluding": "6.3.0.6",
              "versionStartIncluding": "6.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4BCE8F18-CC15-40E5-8419-5BC6E761E37E",
              "versionEndExcluding": "6.4.0.10",
              "versionStartIncluding": "6.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EEEB9A40-0062-406D-B56D-3163CBBE08D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A4A52EA-D464-4855-ABEC-FD98E0F3BD97",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the sfmgr daemon of Cisco Firepower Management Center (FMC) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to perform directory traversal and access directories outside the restricted path. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by using a relative path in specific sfmgr commands. An exploit could allow the attacker to read or write arbitrary files on an sftunnel-connected peer device."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el demonio sfmgr de Cisco Firepower Management Center (FMC) Software y Cisco Firepower Threat Defense (FTD) Software, podr\u00eda permitir a un atacante remoto autenticado llevar a cabo un salto de directorio y acceder a directorios fuera de la ruta restringida.\u0026#xa0;La vulnerabilidad es debido a una comprobaci\u00f3n insuficiente de la entrada.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad mediante el uso de una ruta relativa en comandos sfmgr espec\u00edficos.\u0026#xa0;Una explotaci\u00f3n podr\u00eda permitir a un atacante leer o escribir archivos arbitrarios en un dispositivo peer conectado a sftunnel"
    }
  ],
  "id": "CVE-2020-3550",
  "lastModified": "2024-11-26T16:09:02.407",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "NONE",
          "baseScore": 5.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 4.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 8.1,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.2,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 8.1,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.2,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-10-21T19:15:17.217",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftdfmc-dirtrav-NW8XcuSB"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftdfmc-dirtrav-NW8XcuSB"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2017-02-03 07:59

Modified

2025-04-20 01:37

Severity ?

5.3 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Summary

A vulnerability in the logging subsystem of the Cisco Firepower Threat Defense (FTD) Firepower Device Manager (FDM) could allow an unauthenticated, remote attacker to add arbitrary entries to the audit log. This vulnerability affects Cisco Firepower Threat Defense Software versions 6.1.x on the following vulnerable products that have enabled FDM: ASA5506-X ASA5506W-X ASA5506H-X ASA5508-X ASA5516-X ASA5512-X ASA5515-X ASA5525-X ASA5545-X ASA5555-X. More Information: CSCvb86860. Known Affected Releases: FRANGELICO. Known Fixed Releases: 6.2.0.

References

URL	Tags
psirt@cisco.com	http://www.securityfocus.com/bid/95944	Third Party Advisory, VDB Entry
psirt@cisco.com	http://www.securitytracker.com/id/1037775
psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-fpw2	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/95944	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1037775
af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-fpw2	Vendor Advisory

Impacted products

	Vendor	Product	Version
	cisco	firepower_threat_defense	6.1.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "61FB47CF-2A6A-4121-BFF7-5862E163B8E5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the logging subsystem of the Cisco Firepower Threat Defense (FTD) Firepower Device Manager (FDM) could allow an unauthenticated, remote attacker to add arbitrary entries to the audit log. This vulnerability affects Cisco Firepower Threat Defense Software versions 6.1.x on the following vulnerable products that have enabled FDM: ASA5506-X ASA5506W-X ASA5506H-X ASA5508-X ASA5516-X ASA5512-X ASA5515-X ASA5525-X ASA5545-X ASA5555-X. More Information: CSCvb86860. Known Affected Releases: FRANGELICO. Known Fixed Releases: 6.2.0."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el subsistema de registro del Cisco Firepower Threat Defense (FTD) Firepower Device Manager (FDM) podr\u00eda permitir a un atacante remoto no autenticado agregar entradas arbitrarias al registro de auditor\u00eda. Esta vulnerabilidad afecta a las versiones 6.1.x de Cisco Firepower Threat Defense Software en los siguientes productos vulnerables que han habilitado FDM: ASA5506-X ASA5506-X ASA5506-X ASA5508-X ASA5516-X ASA5512-X ASA5515-X ASA5525-X ASA5545-X ASA5555 -X. M\u00e1s Informaci\u00f3n: CSCvb86860. Lanzamientos Afectados Conocidos: FRANGELICO. Lanzamientos Reparados Conocidos: 6.2.0."
    }
  ],
  "id": "CVE-2017-3822",
  "lastModified": "2025-04-20T01:37:25.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-02-03T07:59:00.890",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/95944"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securitytracker.com/id/1037775"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-fpw2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/95944"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1037775"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-fpw2"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-10-21 19:15

Modified

2024-11-21 05:31

Severity ?

6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Summary

Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the web services interface of an affected device. The vulnerabilities are due to insufficient validation of user-supplied input by the web services interface of an affected device. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive, browser-based information. Note: These vulnerabilities affect only specific AnyConnect and WebVPN configurations. For more information, see the Vulnerable Products section.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-xss-multiple-FCB3vPZe	Patch, Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-xss-multiple-FCB3vPZe	Patch, Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9F6C9AD-0838-4CE7-BF34-3BDAA4909704",
              "versionEndExcluding": "6.3.0.6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "739E387B-4E43-4BD7-8799-F62791963508",
              "versionEndExcluding": "6.4.0.10",
              "versionStartIncluding": "6.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "38DCBF6C-AA34-4A5B-B2B1-57684DD5BB42",
              "versionEndExcluding": "6.5.0.5",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F0C6D76-9652-4EE6-9CA2-96BFBB469539",
              "versionEndExcluding": "6.6.1",
              "versionStartIncluding": "6.6.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "946D19EB-56E7-4F67-BB77-E8BD1E7F3DC7",
              "versionEndExcluding": "9.8.4.29",
              "versionStartIncluding": "9.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "86B181C5-34C2-4BD5-B012-841B978A26C4",
              "versionEndExcluding": "9.9.2.80",
              "versionStartIncluding": "9.9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0854546-E8AC-41FC-9419-E3E31534D4FE",
              "versionEndExcluding": "9.10.1.44",
              "versionStartIncluding": "9.10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9B6C101-3EEF-430F-9191-7DDB3DDF40E8",
              "versionEndExcluding": "9.12.4.4",
              "versionStartIncluding": "9.12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F21E8FD7-6BBB-4D7B-B21A-D5D57630800A",
              "versionEndExcluding": "9.13.1.13",
              "versionStartIncluding": "9.13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5E49F5A-F8E9-4D0D-A58F-9F5BB5F0C9EE",
              "versionEndExcluding": "9.14.1.30",
              "versionStartIncluding": "9.14",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the web services interface of an affected device. The vulnerabilities are due to insufficient validation of user-supplied input by the web services interface of an affected device. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive, browser-based information. Note: These vulnerabilities affect only specific AnyConnect and WebVPN configurations. For more information, see the Vulnerable Products section."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades en la interfaz de servicios web de Cisco Adaptive Security Appliance (ASA) Software y Cisco Firepower Threat Defense (FTD) Software, podr\u00edan permitir a un atacante remoto no autenticado conducir ataques de tipo cross-site scripting (XSS) contra un usuario de la interfaz de servicios web de un dispositivo afectado.\u0026#xa0;Las vulnerabilidades son debido a una comprobaci\u00f3n insuficiente de la entrada suministrada por el usuario mediante la interfaz de servicios web de un dispositivo afectado.\u0026#xa0;Un atacante podr\u00eda explotar estas vulnerabilidades al persuadir a un usuario de la interfaz para que haga clic en un enlace dise\u00f1ado.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir a un atacante ejecutar un c\u00f3digo script arbitrario en el contexto de la interfaz o permitir a un atacante acceder a informaci\u00f3n confidencial basada en el navegador.\u0026#xa0;Nota: Estas vulnerabilidades afectan solo a configuraciones espec\u00edficas de AnyConnect y WebVPN.\u0026#xa0;Para m\u00e1s informaci\u00f3n, consulte la secci\u00f3n Vulnerable Products"
    }
  ],
  "id": "CVE-2020-3583",
  "lastModified": "2024-11-21T05:31:21.503",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.1,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 2.7,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.1,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 2.7,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-10-21T19:15:18.887",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-xss-multiple-FCB3vPZe"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-xss-multiple-FCB3vPZe"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2022-11-15 21:15

Modified

2024-11-21 06:43

Severity ?

7.7 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Summary

A vulnerability in the SSL/TLS client of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper memory management when a device initiates SSL/TLS connections. An attacker could exploit this vulnerability by ensuring that the device will connect to an SSL/TLS server that is using specific encryption parameters. A successful exploit could allow the attacker to cause the affected device to unexpectedly reload, resulting in a DoS condition.

References

▼	URL	Tags
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ssl-client-dos-cCrQPkA
	af854a3a-2127-422b-91ae-364da2661108	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ssl-client-dos-cCrQPkA

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance_software	9.13.1
cisco	adaptive_security_appliance_software	9.13.1.2
cisco	adaptive_security_appliance_software	9.13.1.7
cisco	adaptive_security_appliance_software	9.13.1.10
cisco	adaptive_security_appliance_software	9.13.1.12
cisco	adaptive_security_appliance_software	9.13.1.13
cisco	adaptive_security_appliance_software	9.13.1.16
cisco	adaptive_security_appliance_software	9.13.1.19
cisco	adaptive_security_appliance_software	9.13.1.21
cisco	adaptive_security_appliance_software	9.14.1
cisco	adaptive_security_appliance_software	9.14.1.10
cisco	adaptive_security_appliance_software	9.14.1.15
cisco	adaptive_security_appliance_software	9.14.1.19
cisco	adaptive_security_appliance_software	9.14.1.30
cisco	adaptive_security_appliance_software	9.14.2
cisco	adaptive_security_appliance_software	9.14.2.4
cisco	adaptive_security_appliance_software	9.14.2.8
cisco	adaptive_security_appliance_software	9.14.2.13
cisco	adaptive_security_appliance_software	9.14.2.15
cisco	adaptive_security_appliance_software	9.14.3
cisco	adaptive_security_appliance_software	9.14.3.1
cisco	adaptive_security_appliance_software	9.14.3.9
cisco	adaptive_security_appliance_software	9.14.3.11
cisco	adaptive_security_appliance_software	9.14.3.13
cisco	adaptive_security_appliance_software	9.14.3.15
cisco	adaptive_security_appliance_software	9.14.3.18
cisco	adaptive_security_appliance_software	9.15.1
cisco	adaptive_security_appliance_software	9.15.1.1
cisco	adaptive_security_appliance_software	9.15.1.7
cisco	adaptive_security_appliance_software	9.15.1.10
cisco	adaptive_security_appliance_software	9.15.1.15
cisco	adaptive_security_appliance_software	9.15.1.16
cisco	adaptive_security_appliance_software	9.15.1.17
cisco	adaptive_security_appliance_software	9.15.1.21
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	6.6.0
cisco	firepower_threat_defense	6.6.0.1
cisco	firepower_threat_defense	6.6.1
cisco	firepower_threat_defense	6.6.3
cisco	firepower_threat_defense	6.6.4
cisco	firepower_threat_defense	6.6.5
cisco	firepower_threat_defense	6.6.5.1
cisco	firepower_services_software_for_asa	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.13.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D9AE545-A469-41C7-BD95-3CC80AF8067B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.13.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3255DB9E-85A5-48ED-90AA-6A7A55A0B1F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.13.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "02B6C9A0-B941-4C7C-BFE9-F1D837D5ADBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.13.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "77E783FD-5D4B-4C4F-BBFE-1186EFDFEF3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.13.1.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "40145CFB-CEE8-4ABA-A9C2-BA262B7A9AEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.13.1.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "23C82327-5362-4876-8058-EB51030CD5DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.13.1.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C700CC9-E16F-4C05-915D-1CA39257ACCB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.13.1.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "3ABDBB94-BA4F-4991-A703-0D7DDF999CBF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.13.1.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "D59B6947-1953-4C86-A76C-7A881CD3A502",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "52D83C3A-ED0B-42D5-A08A-97D27E189875",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4187EFE-4D7E-4493-A6E0-24C98256CF79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "6730194F-5069-40AB-AE66-871D3992560C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E257F98-D1A0-4D28-9504-1749CC090D49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FF1A5FC-73BE-4218-86D9-2E81FA64EABD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E492943-6EC0-4E34-9DBC-DD1C2CF1CDCC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "589E46F3-8038-4B87-8C40-55C6268B82F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F3B73F6-139E-42DC-B895-DDD17B5A1138",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A2590E7-FE04-4B29-B36B-AABAA5F3B9AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E4FD5E3-7E82-4294-8B05-D2045D857029",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E998A4A-5346-4CFA-A617-FD1106C6B7A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "91265549-A16E-4A00-A031-4F1EB8D6881C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA3C316B-5485-4CDD-A1A1-6C0A9CB4719F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECE6D033-7B8B-4F61-B653-0C0EF13466EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "14441650-DAD5-4959-83DF-4D6F3D6A05FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B21ABC9-A64B-43E4-8951-1E6C0F427DBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "A48EC041-322F-422D-B95B-0FC07BDA2B6B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA0B9B73-A9E6-4924-9EAE-B57E534938FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "012812C4-EFF8-465F-A771-134BEB617CC9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "E06141A9-8C37-445A-B58A-45739AFE7D4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "7EDC09E5-51D3-4672-B910-B34A9CBD6128",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "71ED7A71-81CB-444C-A4ED-EA4A58D5E73C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "CAD13331-0EB8-4C8D-85CC-D96CA9F829AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "7137F22B-F993-4620-9378-9412DAEA9EF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "923A40E8-6456-4288-B9AB-DBF5F9C4246A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "171E1C5D-68C5-4BBC-AE18-D1518A1B7277",
              "versionEndIncluding": "6.5.0.5",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1110632C-526F-4025-A7BE-0CF9F37E5F9E",
              "versionEndIncluding": "6.7.0.3",
              "versionStartIncluding": "6.7.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCD69468-8067-4A5D-B2B0-EC510D889AA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "20AE4051-FA3B-4F0B-BD3D-083A14269FF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "46A42D07-FF3E-41B4-BA39-3A5BDA4E0E61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3985EA37-2B77-45F2-ABA5-5CCC7B35CA2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "67FB5ABE-3C40-4C58-B91F-0621C2180FAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "53909FD6-EC74-4D2F-99DA-26E70400B53F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "55FE024D-0D43-40AD-9645-8C54ECF17824",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_services_software_for_asa:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4C5EF69-498C-4433-8B86-91EB343C3F63",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the SSL/TLS client of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\r\n\r This vulnerability is due to improper memory management when a device initiates SSL/TLS connections. An attacker could exploit this vulnerability by ensuring that the device will connect to an SSL/TLS server that is using specific encryption parameters. A successful exploit could allow the attacker to cause the affected device to unexpectedly reload, resulting in a DoS condition."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el cliente SSL/TLS del software Cisco Adaptive Security Appliance (ASA) y el software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir que un atacante remoto autenticado cause una condici\u00f3n de Denegaci\u00f3n de Servicio (DoS) en un dispositivo afectado. Esta vulnerabilidad se debe a una gesti\u00f3n inadecuada de la memoria cuando un dispositivo inicia conexiones SSL/TLS. Un atacante podr\u00eda aprovechar esta vulnerabilidad asegur\u00e1ndose de que el dispositivo se conecte a un servidor SSL/TLS que utilice par\u00e1metros de cifrado espec\u00edficos. Un exploit exitoso podr\u00eda permitir al atacante hacer que el dispositivo afectado entre en bucle de carga inesperadamente, lo que resultar\u00eda en una condici\u00f3n DoS."
    }
  ],
  "id": "CVE-2022-20927",
  "lastModified": "2024-11-21T06:43:50.390",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.7,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.1,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-11-15T21:15:32.607",
  "references": [
    {
      "source": "psirt@cisco.com",
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ssl-client-dos-cCrQPkA"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ssl-client-dos-cCrQPkA"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-120"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2018-05-17 03:29

Modified

2024-11-21 03:37

Severity ?

5.8 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

Summary

A vulnerability in the detection engine of Cisco Firepower Threat Defense software could allow an unauthenticated, remote attacker to bypass a configured Secure Sockets Layer (SSL) Access Control (AC) policy to block SSL traffic. The vulnerability is due to the incorrect handling of TCP SSL packets received out of order. An attacker could exploit this vulnerability by sending a crafted SSL connection through the affected device. A successful exploit could allow the attacker to bypass a configured SSL AC policy to block SSL traffic. Cisco Bug IDs: CSCvg09316.

References

URL	Tags
psirt@cisco.com	http://www.securityfocus.com/bid/104197	Third Party Advisory, VDB Entry
psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180516-firepwr-pb	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/104197	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180516-firepwr-pb	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	6.0.0
cisco	firepower_threat_defense	6.1.0
cisco	firepower_threat_defense	6.2.0
cisco	firepower_threat_defense	6.2.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1AC6A67-82EF-4D31-AFCB-499A0C6EC0F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "61FB47CF-2A6A-4121-BFF7-5862E163B8E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1DC52A8B-7DF4-47B2-9F49-627F59656E5E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "42496A5B-1644-4088-BBCF-2ED810A5694B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the detection engine of Cisco Firepower Threat Defense software could allow an unauthenticated, remote attacker to bypass a configured Secure Sockets Layer (SSL) Access Control (AC) policy to block SSL traffic. The vulnerability is due to the incorrect handling of TCP SSL packets received out of order. An attacker could exploit this vulnerability by sending a crafted SSL connection through the affected device. A successful exploit could allow the attacker to bypass a configured SSL AC policy to block SSL traffic. Cisco Bug IDs: CSCvg09316."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el motor de detecci\u00f3n del software Cisco Firepower Threat Defense podr\u00eda permitir que un atacante remoto no autenticado omita una pol\u00edtica de control de acceso (AC) Secure Sockets Layer (SSL) para bloquear el tr\u00e1fico SSL. Esta vulnerabilidad se debe a la gesti\u00f3n incorrecta de ciertos paquetes TCP SSL recibidos fuera de orden. Un atacante podr\u00eda explotar esta vulnerabilidad enviando una conexi\u00f3n SSL manipulada a trav\u00e9s de un dispositivo afectado. Su explotaci\u00f3n con \u00e9xito podr\u00eda permitir que el atacante omita una pol\u00edtica AC SSL para bloquear el tr\u00e1fico SSL. Cisco Bug IDs: CSCvg09316."
    }
  ],
  "id": "CVE-2018-0297",
  "lastModified": "2024-11-21T03:37:55.373",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-05-17T03:29:00.667",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/104197"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180516-firepwr-pb"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/104197"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180516-firepwr-pb"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-693"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-693"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-05-06 17:15

Modified

2024-11-21 05:30

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

A vulnerability in the implementation of the Border Gateway Protocol (BGP) module in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incorrect processing of certain BGP packets. An attacker could exploit this vulnerability by sending a crafted BGP packet. A successful exploit could allow the attacker to cause a DoS condition on the affected device.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-dos-P43GCE5j	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-dos-P43GCE5j	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	asa_5505	-
cisco	asa_5510	-
cisco	asa_5512-x	-
cisco	asa_5515-x	-
cisco	asa_5520	-
cisco	asa_5525-x	-
cisco	asa_5550	-
cisco	asa_5555-x	-
cisco	asa_5580	-
cisco	asa_5585-x	-
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "94146309-66F7-4349-83CF-7969E13F3A7A",
              "versionEndExcluding": "9.6.4.36",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B25DFB28-C8FF-47B8-B619-CDA94ED9AFFF",
              "versionEndExcluding": "9.8.4.10",
              "versionStartIncluding": "9.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8B7269E-E076-497D-8EBD-8B19BCB211FE",
              "versionEndExcluding": "9.10.1.30",
              "versionStartIncluding": "9.9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C0F64F2-0DFE-4904-85D6-ECD3D37E7385",
              "versionEndExcluding": "9.12.2.9",
              "versionStartIncluding": "9.12",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E6A8BB7-2000-4CA2-9DD7-89573CE4C73A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B091B9BA-D4CA-435B-8D66-602B45F0E0BD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08F0F160-DAD2-48D4-B7B2-4818B2526F35",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "977D597B-F6DE-4438-AB02-06BE64D71EBE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5520:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B387F62-6341-434D-903F-9B72E7F84ECB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB71EB29-0115-4307-A9F7-262394FD9FB0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5550:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6287D95-F564-44B7-A0F9-91396D7C2C4E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5535C936-391B-4619-AA03-B35265FC15D7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1E828B8-5ECC-4A09-B2AD-DEDC558713DE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16AE20C2-C77E-4E04-BF13-A48696E52426",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "885E5B33-1658-4B86-9B47-D89CA3FA2EF6",
              "versionEndExcluding": "6.3.0.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3EDD3A04-6832-4533-8CE6-6083720E8654",
              "versionEndExcluding": "6.4.0.6",
              "versionStartIncluding": "6.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the implementation of the Border Gateway Protocol (BGP) module in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incorrect processing of certain BGP packets. An attacker could exploit this vulnerability by sending a crafted BGP packet. A successful exploit could allow the attacker to cause a DoS condition on the affected device."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la implementaci\u00f3n del m\u00f3dulo Border Gateway Protocol (BGP) en el Cisco Adaptive Security Appliance (ASA) Software y el Cisco Firepower Threat Defense (FTD) Software, podr\u00eda permitir a un atacante remoto no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS). La vulnerabilidad es debido al procesamiento incorrecto de determinados paquetes BGP. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de un paquete BGP dise\u00f1ado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir a un atacante causar una condici\u00f3n DoS sobre el dispositivo afectado."
    }
  ],
  "id": "CVE-2020-3305",
  "lastModified": "2024-11-21T05:30:46.487",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-05-06T17:15:13.197",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-dos-P43GCE5j"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-dos-P43GCE5j"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2019-10-02 19:15

Modified

2024-11-21 04:23

Severity ?

6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Summary

A vulnerability in the command line interface (CLI) of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker with administrative privileges to execute commands on the underlying operating system with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by executing a specific CLI command that includes crafted arguments. A successful exploit could allow the attacker to execute commands on the underlying OS with root privileges.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-ftd-cmdinj	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-ftd-cmdinj	Vendor Advisory

Impacted products

	Vendor	Product	Version
	cisco	firepower_threat_defense	*
	cisco	firepower_threat_defense	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "885E5B33-1658-4B86-9B47-D89CA3FA2EF6",
              "versionEndExcluding": "6.3.0.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "17D8647E-1FA8-486E-B150-1EEFE52C31BB",
              "versionEndExcluding": "6.4.0.4",
              "versionStartIncluding": "6.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the command line interface (CLI) of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker with administrative privileges to execute commands on the underlying operating system with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by executing a specific CLI command that includes crafted arguments. A successful exploit could allow the attacker to execute commands on the underlying OS with root privileges."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la interfaz de l\u00ednea de comando (CLI) del Software Cisco Firepower Threat Defense (FTD), podr\u00eda permitir a un atacante local autenticado con privilegios administrativos ejecutar comandos sobre el sistema operativo subyacente con privilegios de root. La vulnerabilidad es debido a una comprobaci\u00f3n de entrada insuficiente. Un atacante podr\u00eda explotar esta vulnerabilidad mediante la ejecuci\u00f3n de un comando de la CLI  espec\u00edfico que incluye argumentos dise\u00f1ados. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante ejecutar comandos sobre el sistema operativo subyacente con privilegios de root."
    }
  ],
  "id": "CVE-2019-12694",
  "lastModified": "2024-11-21T04:23:22.610",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.9,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-10-02T19:15:13.390",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-ftd-cmdinj"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-ftd-cmdinj"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2019-11-05 20:15

Modified

2024-11-26 16:09

Severity ?

5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Summary

A vulnerability in the protocol detection component of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow an unauthenticated, remote attacker to bypass filtering protections. The vulnerability is due to improper detection of the initial use of a protocol on a nonstandard port. An attacker could exploit this vulnerability by sending traffic on a nonstandard port for the protocol in use through an affected device. An exploit could allow the attacker to bypass filtering and deliver malicious requests to protected systems that would otherwise be blocked. Once the initial protocol flow on the nonstandard port is detected, future flows on the nonstandard port will be successfully detected and handled as configured by the applied policy.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190816-ftd-nspd	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190816-ftd-nspd	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_services_software_for_asa	*
cisco	firepower_threat_defense	*
cisco	secure_firewall_management_center	*
cisco	secure_firewall_management_center	*
cisco	secure_firewall_management_center	*
cisco	secure_firewall_management_center	2.9.15
cisco	secure_firewall_management_center	2.9.16

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_services_software_for_asa:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A70505F-E716-439B-BE8C-B4CC3DF080E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E102D5C4-D296-4F09-B4FA-62CD8E2E5CB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BD5CFAE-5696-419C-B24E-7CF9E7EC7B92",
              "versionEndIncluding": "2.9.12.15",
              "versionStartIncluding": "2.9.12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "27A4DC81-DD37-46A6-8751-D0B4671E23BA",
              "versionEndIncluding": "2.9.13.6",
              "versionStartIncluding": "2.9.13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C37F0EAC-42D5-4D10-A5C8-6D975B7BF176",
              "versionEndIncluding": "2.9.14.5",
              "versionStartIncluding": "2.9.14.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:2.9.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "42493B4F-0CF2-45F0-B72D-36F0597CC274",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:2.9.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "06F2E7D8-BB95-480D-AE3E-F9B97C3A5379",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the protocol detection component of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow an unauthenticated, remote attacker to bypass filtering protections. The vulnerability is due to improper detection of the initial use of a protocol on a nonstandard port. An attacker could exploit this vulnerability by sending traffic on a nonstandard port for the protocol in use through an affected device. An exploit could allow the attacker to bypass filtering and deliver malicious requests to protected systems that would otherwise be blocked. Once the initial protocol flow on the nonstandard port is detected, future flows on the nonstandard port will be successfully detected and handled as configured by the applied policy."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el componente de detecci\u00f3n de protocolo del software Cisco Firepower Threat Defense, el software Cisco FirePOWER Services para ASA y el software Cisco Firepower Management Center, podr\u00eda permitir a un atacante remoto no autenticado omitir las protecciones de filtrado. La vulnerabilidad es debido a la detecci\u00f3n inapropiada del uso inicial de un protocolo en un puerto no est\u00e1ndar. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de tr\u00e1fico sobre un puerto no est\u00e1ndar para el protocolo en uso por medio de un dispositivo afectado. Una explotaci\u00f3n podr\u00eda permitir al atacante omitir el filtrado y entregar peticiones maliciosas hacia los sistemas protegidos que de otra manera se bloquear\u00edan. Una vez que se detecta el flujo de protocolo inicial sobre el puerto no est\u00e1ndar, los flujos futuros sobre el puerto no est\u00e1ndar ser\u00e1n detectados con \u00e9xito y manejados seg\u00fan lo configurado mediante la pol\u00edtica aplicada."
    }
  ],
  "id": "CVE-2019-1980",
  "lastModified": "2024-11-26T16:09:02.407",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-11-05T20:15:11.690",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190816-ftd-nspd"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190816-ftd-nspd"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-287"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2023-11-01 18:15

Modified

2024-11-21 07:40

Severity ?

6.8 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Summary

A vulnerability in the AnyConnect SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to an implementation error within the SSL/TLS session handling process that can prevent the release of a session handler under specific conditions. An attacker could exploit this vulnerability by sending crafted SSL/TLS traffic to an affected device, increasing the probability of session handler leaks. A successful exploit could allow the attacker to eventually deplete the available session handler pool, preventing new sessions from being established and causing a DoS condition.

References

▼	URL	Tags
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ssl-dos-kxG8mpUA	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ssl-dos-kxG8mpUA	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	7.0.0
cisco	firepower_threat_defense	7.0.0.1
cisco	firepower_threat_defense	7.0.1
cisco	firepower_threat_defense	7.0.1.1
cisco	firepower_threat_defense	7.0.2
cisco	firepower_threat_defense	7.0.2.1
cisco	firepower_threat_defense	7.0.3
cisco	firepower_threat_defense	7.0.4
cisco	firepower_threat_defense	7.0.5
cisco	firepower_threat_defense	7.1.0
cisco	firepower_threat_defense	7.1.0.1
cisco	firepower_threat_defense	7.1.0.2
cisco	firepower_threat_defense	7.1.0.3
cisco	firepower_threat_defense	7.2.0
cisco	firepower_threat_defense	7.2.0.1
cisco	firepower_threat_defense	7.2.1
cisco	firepower_threat_defense	7.2.2
cisco	firepower_threat_defense	7.2.3
cisco	firepower_threat_defense	7.3.0
cisco	firepower_threat_defense	7.3.1
cisco	firepower_threat_defense	7.3.1.1
cisco	adaptive_security_appliance_software	9.16.1
cisco	adaptive_security_appliance_software	9.16.1.28
cisco	adaptive_security_appliance_software	9.16.2
cisco	adaptive_security_appliance_software	9.16.2.3
cisco	adaptive_security_appliance_software	9.16.2.7
cisco	adaptive_security_appliance_software	9.16.2.11
cisco	adaptive_security_appliance_software	9.16.2.13
cisco	adaptive_security_appliance_software	9.16.2.14
cisco	adaptive_security_appliance_software	9.16.3
cisco	adaptive_security_appliance_software	9.16.3.3
cisco	adaptive_security_appliance_software	9.16.3.14
cisco	adaptive_security_appliance_software	9.16.3.15
cisco	adaptive_security_appliance_software	9.16.3.19
cisco	adaptive_security_appliance_software	9.16.3.23
cisco	adaptive_security_appliance_software	9.16.4
cisco	adaptive_security_appliance_software	9.16.4.9
cisco	adaptive_security_appliance_software	9.17.1
cisco	adaptive_security_appliance_software	9.17.1.7
cisco	adaptive_security_appliance_software	9.17.1.9
cisco	adaptive_security_appliance_software	9.17.1.10
cisco	adaptive_security_appliance_software	9.17.1.11
cisco	adaptive_security_appliance_software	9.17.1.13
cisco	adaptive_security_appliance_software	9.17.1.15
cisco	adaptive_security_appliance_software	9.17.1.20
cisco	adaptive_security_appliance_software	9.18.1
cisco	adaptive_security_appliance_software	9.18.1.3
cisco	adaptive_security_appliance_software	9.18.2
cisco	adaptive_security_appliance_software	9.18.2.5
cisco	adaptive_security_appliance_software	9.18.2.7
cisco	adaptive_security_appliance_software	9.19.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBCA75A6-0A3E-4393-8884-9F3CE190641E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F3C12D3-7662-46C5-9E88-D1BE6CF605E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "046B53A0-6BC1-461A-9C28-C534CE12C4BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA889E1-4E8F-4ECE-88AC-7A240D5CBF0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D1C767F-3E06-43B7-A0CC-D51D97A053EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "43A950B0-A7CA-4CE7-A393-A18C8C41B08E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7E221CB-BD0F-4AEE-8646-998B75647714",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "225382DE-2919-48F4-9CC0-DE685EAAFDF4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBA2DFE7-F478-46EC-9832-4B2C738FC879",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D619BF54-1BA9-45D0-A876-92D7010088A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "469EA365-DED5-4436-AAC2-5553529DE700",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D94F400-5A35-41F5-B37F-E9DA6F87ED8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5364CB94-BEA3-4E9A-A2F9-EE96A2D7F8AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FD5D12-CF1A-4990-99B3-1840EFBA5611",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCD2D11D-FF08-44E4-BF67-D8DD1E701FCD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F788D156-1F1F-4A08-848B-257BC4CCE000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "795ED164-7800-4D50-8E37-665BE30190D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B0664B8-1670-4F47-A01E-089D05A9618A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBC0C3DC-4761-488A-90A9-6EA45EE61526",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "62EE065B-F8B6-4125-8486-B2EE0566B27A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5245DEF8-64BE-47C9-AA3C-DF3F7F92A89F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "13F57A86-6284-4269-823E-B30C57185D14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.1.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6560447-039C-40FA-A24D-C8994AC2743B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "378ED826-F5FE-40BA-9FC0-9C185A13518B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "130B6FD9-764D-4EF8-91AA-37E52AE9B3E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "225861CE-FFF8-4AFA-A07B-CB8D5BC9C361",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD08C4E8-3ADB-4048-9B3C-4F0385201523",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4875811-F209-49ED-B310-8377B2F87FF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "99C52C7B-B626-4A3C-A2EC-28A20E7FA95F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "08CCBF5E-257A-4A1F-8930-3643A9588838",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "782BC9ED-1395-472B-9F34-DED812AA5BFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "153449C0-B93F-49A2-8A6A-BE84305E8D2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "853A002C-839A-4372-8485-750A86E9F6E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "C62BB5D6-CE75-4C83-82DC-4148EF8CB1F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "D32F1365-EAF8-4570-B2FF-45E47E8586F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFD07F9B-6BB3-4423-8DBE-4E89A6478E65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "34FE4F28-B704-4325-AE8A-C790163FEE71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "27ACBA2A-87A7-4836-A474-AFD7D22F820D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "C73E0B2E-BABF-4998-A1D7-4E803F9D78AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "59306ADF-FAA6-4970-ADFB-C5D9A5AEF1AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "959107AC-E9EC-467C-901B-A3164E3762E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F944F8F-0255-42BE-BD44-D21EC9F0FFC4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F39C535-5A41-47CE-A9CF-B360998D4BF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9CEAEFC-7B82-41F9-A09D-C86A3A60A4FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "40FAC31D-19C0-4BA0-A019-C7E7A0BA0B5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BA16A6D-2747-4DAC-A30A-166F1FD906FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "289F9874-FC01-4809-9BDA-1AF583FB60B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "74EDFC67-E4EE-4D2C-BF9F-5881C987C662",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "826869BE-4874-4BBA-9392-14851560BA10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF52D477-3045-45D1-9FD3-12F396266463",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEE52F59-AABA-4069-A909-64AD5DFD2B18",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the AnyConnect SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to an implementation error within the SSL/TLS session handling process that can prevent the release of a session handler under specific conditions. An attacker could exploit this vulnerability by sending crafted SSL/TLS traffic to an affected device, increasing the probability of session handler leaks. A successful exploit could allow the attacker to eventually deplete the available session handler pool, preventing new sessions from being established and causing a DoS condition."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la funci\u00f3n AnyConnect SSL VPN del software Cisco Adaptive Security Appliance (ASA) y el software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir que un atacante remoto no autenticado cause una condici\u00f3n de Denegaci\u00f3n de Servicio (DoS) en un dispositivo afectado. Esta vulnerabilidad se debe a un error de implementaci\u00f3n dentro del proceso de manejo de sesiones SSL/TLS que puede impedir la liberaci\u00f3n de un controlador de sesi\u00f3n en condiciones espec\u00edficas. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando tr\u00e1fico SSL/TLS manipulado a un dispositivo afectado, lo que aumenta la probabilidad de fugas del controlador de sesi\u00f3n. Un exploit exitoso podr\u00eda permitir al atacante agotar eventualmente el grupo de controladores de sesiones disponible, impidiendo que se establezcan nuevas sesiones y provocando una condici\u00f3n DoS."
    }
  ],
  "id": "CVE-2023-20042",
  "lastModified": "2024-11-21T07:40:25.200",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-11-01T18:15:08.843",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ssl-dos-kxG8mpUA"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ssl-dos-kxG8mpUA"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-404"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-09-23 01:15

Modified

2024-11-26 16:09

Severity ?

7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Summary

A vulnerability in the implementation of the Lua interpreter integrated in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to execute arbitrary code with root privileges on the underlying Linux operating system of an affected device. The vulnerability is due to insufficient restrictions on the allowed Lua function calls within the context of user-supplied Lua scripts. A successful exploit could allow the attacker to trigger a heap overflow condition and execute arbitrary code with root privileges on the underlying Linux operating system of an affected device.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191112-asa-ftd-lua-rce	Patch, Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191112-asa-ftd-lua-rce	Patch, Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	secure_firewall_management_center	*
cisco	secure_firewall_management_center	*
cisco	secure_firewall_management_center	*
cisco	secure_firewall_management_center	*
cisco	firepower_threat_defense	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "94146309-66F7-4349-83CF-7969E13F3A7A",
              "versionEndExcluding": "9.6.4.36",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7734DDF0-8B78-4204-9C44-98A80F01CF87",
              "versionEndExcluding": "9.8.4.15",
              "versionStartIncluding": "9.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "83755BBD-15E6-44F9-976A-926B6639EBE4",
              "versionEndExcluding": "9.9.2.61",
              "versionStartIncluding": "9.9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B6D76A5-C479-4588-A571-B2E8268A3139",
              "versionEndExcluding": "9.10.1.32",
              "versionStartIncluding": "9.10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1419728-88C1-49C2-B269-5D2353E109D1",
              "versionEndExcluding": "9.12.3",
              "versionStartIncluding": "9.12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2EECA0E3-5C6E-41C1-AEA5-CE82ABEAC4FE",
              "versionEndExcluding": "9.13.1.4",
              "versionStartIncluding": "9.13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D4AA06A-42DA-43F8-94D5-3035AFF4FEF1",
              "versionEndExcluding": "9.14.2.7",
              "versionStartIncluding": "9.14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE9FD6FC-FA97-41EB-B75B-E2D0A6481D96",
              "versionEndExcluding": "9.15.1.4",
              "versionStartIncluding": "9.15",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3EABB3BD-4AF7-4FC1-9090-19B07F1B578D",
              "versionEndExcluding": "6.2.3.16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7960516D-9A46-41EE-A0FE-E139A64DD62C",
              "versionEndExcluding": "6.3.0.6",
              "versionStartIncluding": "6.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "970816D7-3FC8-430A-BEFB-D8F3E5F84301",
              "versionEndExcluding": "6.4.0.7",
              "versionStartIncluding": "6.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBC14B4B-D535-49DF-ABA2-BB4057A4BC47",
              "versionEndExcluding": "6.5.0.2",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E239E86-8CC7-4BE1-BE5F-AF623DB68058",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the implementation of the Lua interpreter integrated in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to execute arbitrary code with root privileges on the underlying Linux operating system of an affected device. The vulnerability is due to insufficient restrictions on the allowed Lua function calls within the context of user-supplied Lua scripts. A successful exploit could allow the attacker to trigger a heap overflow condition and execute arbitrary code with root privileges on the underlying Linux operating system of an affected device."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la implementaci\u00f3n del int\u00e9rprete Lua integrado en Cisco Adaptive Security Appliance (ASA) Software y Cisco Firepower Threat Defense (FTD) Software, podr\u00eda permitir a un atacante remoto autenticado ejecutar c\u00f3digo arbitrario con privilegios root en el sistema operativo Linux subyacente de un dispositivo afectado.\u0026#xa0;La vulnerabilidad es debido a restricciones insuficientes en las llamadas a funciones Lua permitidas dentro del contexto de los scripts Lua suministrados por el usuario.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante desencadenar una condici\u00f3n de desbordamiento de la pila y ejecutar c\u00f3digo arbitrario con privilegios root en el sistema operativo Linux subyacente de un dispositivo afectado"
    }
  ],
  "id": "CVE-2019-15992",
  "lastModified": "2024-11-26T16:09:02.407",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 5.9,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-09-23T01:15:13.333",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191112-asa-ftd-lua-rce"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191112-asa-ftd-lua-rce"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2019-10-02 19:15

Modified

2024-11-21 04:23

Severity ?

8.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Summary

Multiple vulnerabilities in the multi-instance feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to escape the container for their FTD instance and execute commands with root privileges in the host namespace. These vulnerabilities are due to insufficient protections on the underlying filesystem. An attacker could exploit these vulnerabilities by modifying critical files on the underlying filesystem. A successful exploit could allow the attacker to execute commands with root privileges within the host namespace. This could allow the attacker to impact other running FTD instances.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-ftd-container-esc	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-ftd-container-esc	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	firepower_9300_firmware	-
cisco	firepower_9300	-
cisco	firepower_4115_firmware	-
cisco	firepower_4115	-
cisco	firepower_4125_firmware	-
cisco	firepower_4125	-
cisco	firepower_4145_firmware	-
cisco	firepower_4145	-
cisco	firepower_4110_firmware	-
cisco	firepower_4110	-
cisco	firepower_4120_firmware	-
cisco	firepower_4120	-
cisco	firepower_4140_firmware	-
cisco	firepower_4140	-
cisco	firepower_4150_firmware	-
cisco	firepower_4150	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4627DAB3-AEC2-4E64-A787-B2A59388422C",
              "versionEndExcluding": "6.4.0.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:firepower_9300_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "758D00BF-FE5B-4B90-8337-63E7832ABBF7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "07DAFDDA-718B-4B69-A524-B0CEB80FE960",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:firepower_4115_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E47E6035-3C82-4540-A582-0F6A3205AC8D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A694AD51-9008-4AE6-8240-98B17AB527EE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:firepower_4125_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7F8C83C-935A-46A6-882F-0622E92568AC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71DCEF22-ED20-4330-8502-EC2DD4C9838F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:firepower_4145_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "265955A5-3285-4697-8E37-4D8F75C05E41",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "81F4868A-6D62-479C-9C19-F9AABDBB6B24",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:firepower_4110_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6417E0C-87B6-4C3B-B8A5-FC1C232E188E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:firepower_4120_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C24A01DF-056B-456B-ACC7-D5C2940996B3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "38AE6DC0-2B03-4D36-9856-42530312CC46",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:firepower_4140_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "24679CC8-00D9-4DD7-A47B-F8DEB7E2A735",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3DB2822B-B752-4CD9-A178-934957E306B4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:firepower_4150_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "769776E9-4463-4F32-88FE-FA69C96D2070",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "65378F3A-777C-4AE2-87FB-1E7402F9EA1B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple vulnerabilities in the multi-instance feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to escape the container for their FTD instance and execute commands with root privileges in the host namespace. These vulnerabilities are due to insufficient protections on the underlying filesystem. An attacker could exploit these vulnerabilities by modifying critical files on the underlying filesystem. A successful exploit could allow the attacker to execute commands with root privileges within the host namespace. This could allow the attacker to impact other running FTD instances."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades en la funcionalidad de m\u00faltiples instancias del Software Cisco Firepower Threat Defense (FTD), podr\u00edan permitir a un atacante local autenticado escapar del contenedor para su instancia FTD y ejecutar comandos con privilegios de root en el espacio de nombres del host. Estas vulnerabilidades son debido a protecciones insuficientes en el sistema de archivos subyacente. Un atacante podr\u00eda explotar estas vulnerabilidades mediante la modificaci\u00f3n de archivos cr\u00edticos en el sistema de archivos subyacente. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante ejecutar comandos con privilegios de root dentro del espacio de nombres del host. Esto podr\u00eda permitir al atacante afectar otras instancias de FTD en ejecuci\u00f3n."
    }
  ],
  "id": "CVE-2019-12675",
  "lastModified": "2024-11-21T04:23:20.060",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 8.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 1.5,
        "impactScore": 6.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.0,
        "impactScore": 6.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-10-02T19:15:12.203",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-ftd-container-esc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-ftd-container-esc"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-216"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-116"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2019-10-02 19:15

Modified

2024-11-21 04:23

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

A vulnerability in the WebVPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause increased CPU utilization on an affected device. The vulnerability is due to excessive processing load for a specific WebVPN HTTP page request. An attacker could exploit this vulnerability by sending multiple WebVPN HTTP page load requests for a specific URL. A successful exploit could allow the attacker to increase CPU load on the device, resulting in a denial of service (DoS) condition, which could cause traffic to be delayed through the device.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-ftd-dos	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-ftd-dos	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	asa_5505	-
cisco	asa_5510	-
cisco	asa_5512-x	-
cisco	asa_5515-x	-
cisco	asa_5520	-
cisco	asa_5525-x	-
cisco	asa_5550	-
cisco	asa_5555-x	-
cisco	asa_5580	-
cisco	asa_5585-x	-
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF7C3150-AC51-4C6E-B0D2-B1E820C62F0B",
              "versionEndExcluding": "9.6.4.31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9401338-5D6D-46E6-918C-AE11FC6DBC9E",
              "versionEndExcluding": "9.8.4.9",
              "versionStartIncluding": "9.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3118855-5066-4FB7-B63E-EB694D6E00FA",
              "versionEndExcluding": "9.9.2.56",
              "versionStartIncluding": "9.9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADA230E4-4D7F-4186-842A-27B3741EE468",
              "versionEndExcluding": "9.10.1.30",
              "versionStartIncluding": "9.10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C0F64F2-0DFE-4904-85D6-ECD3D37E7385",
              "versionEndExcluding": "9.12.2.9",
              "versionStartIncluding": "9.12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FA268E0-220A-4D15-8816-6F69F7773590",
              "versionEndExcluding": "9.13.1",
              "versionStartIncluding": "9.13",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E6A8BB7-2000-4CA2-9DD7-89573CE4C73A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B091B9BA-D4CA-435B-8D66-602B45F0E0BD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08F0F160-DAD2-48D4-B7B2-4818B2526F35",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "977D597B-F6DE-4438-AB02-06BE64D71EBE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5520:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B387F62-6341-434D-903F-9B72E7F84ECB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB71EB29-0115-4307-A9F7-262394FD9FB0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5550:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6287D95-F564-44B7-A0F9-91396D7C2C4E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5535C936-391B-4619-AA03-B35265FC15D7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1E828B8-5ECC-4A09-B2AD-DEDC558713DE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16AE20C2-C77E-4E04-BF13-A48696E52426",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A1910D8-107F-4BD1-90D2-5653AA75F54A",
              "versionEndExcluding": "6.2.3.15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3920B277-4643-4601-A4C8-05C0C3D76C42",
              "versionEndExcluding": "6.3.0.5",
              "versionStartIncluding": "6.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3EDD3A04-6832-4533-8CE6-6083720E8654",
              "versionEndExcluding": "6.4.0.6",
              "versionStartIncluding": "6.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the WebVPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause increased CPU utilization on an affected device. The vulnerability is due to excessive processing load for a specific WebVPN HTTP page request. An attacker could exploit this vulnerability by sending multiple WebVPN HTTP page load requests for a specific URL. A successful exploit could allow the attacker to increase CPU load on the device, resulting in a denial of service (DoS) condition, which could cause traffic to be delayed through the device."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la funcionalidad WebVPN del Software Cisco Adaptive Security Appliance (ASA) y el Software Cisco Firepower Threat Defense (FTD), podr\u00eda permitir a un atacante remoto no autenticado causar una mayor utilizaci\u00f3n de la CPU en un dispositivo afectado. La vulnerabilidad es debido a una carga de procesamiento excesiva para una petici\u00f3n de p\u00e1gina HTTP WebVPN espec\u00edfica. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de m\u00faltiples peticiones de carga de p\u00e1gina HTTP de WebVPN para una URL espec\u00edfica. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante aumentar la carga de la CPU en el dispositivo, resultando en una condici\u00f3n de denegaci\u00f3n de servicio (DoS), lo que podr\u00eda causar que el tr\u00e1fico sea retardado a trav\u00e9s del dispositivo."
    }
  ],
  "id": "CVE-2019-12698",
  "lastModified": "2024-11-21T04:23:23.187",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-10-02T19:15:13.657",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-ftd-dos"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-ftd-dos"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-10-21 19:15

Modified

2024-11-21 05:31

Severity ?

5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Summary

A vulnerability in the FTP inspection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass FTP inspection. The vulnerability is due to ineffective flow tracking of FTP traffic. An attacker could exploit this vulnerability by sending crafted FTP traffic through an affected device. A successful exploit could allow the attacker to bypass FTP inspection and successfully complete FTP connections.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ftpbypass-HY3UTxYu	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ftpbypass-HY3UTxYu	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AED88F6A-9C56-4005-B809-00E5637CCA27",
              "versionEndExcluding": "9.6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB4FADF7-A3CD-44B4-85DF-75F28369B459",
              "versionEndExcluding": "6.3.0.6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "53C69C8B-5A19-4613-8861-683CF21806B7",
              "versionEndExcluding": "6.4.0.10",
              "versionStartIncluding": "6.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3ED0E59C-146C-494F-AD46-F6FB43F9C575",
              "versionEndExcluding": "6.5.0.5",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "754010DE-2C33-4BA1-9567-90C46309B664",
              "versionEndExcluding": "6.6.1",
              "versionStartIncluding": "6.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E38D6F74-E407-4232-86C9-178AC3D00F1C",
              "versionEndExcluding": "9.8.4.26",
              "versionStartIncluding": "9.8.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E16D2CA3-B494-4348-BF0C-03969D1423D0",
              "versionEndExcluding": "9.9.2.80",
              "versionStartIncluding": "9.9.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFF8B79C-41E6-4367-8A37-C1A41DA8345E",
              "versionEndExcluding": "9.10.1.44",
              "versionStartIncluding": "9.10.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F71893A1-284B-453E-A9F4-579FAB514E9B",
              "versionEndExcluding": "9.12.4.4",
              "versionStartIncluding": "9.12.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4148D30-F285-4045-A017-82F5BF074233",
              "versionEndExcluding": "9.13.1.13",
              "versionStartIncluding": "9.13.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "97B216C8-49C2-43DA-9D7C-3290B5EBF334",
              "versionEndExcluding": "9.14.1.19",
              "versionStartIncluding": "9.14.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the FTP inspection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass FTP inspection. The vulnerability is due to ineffective flow tracking of FTP traffic. An attacker could exploit this vulnerability by sending crafted FTP traffic through an affected device. A successful exploit could allow the attacker to bypass FTP inspection and successfully complete FTP connections."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el motor de inspecci\u00f3n FTP de Cisco Adaptive Security Appliance (ASA) Software y Cisco Firepower Threat Defense (FTD) Software, podr\u00eda permitir a un atacante remoto no autenticado omitir la inspecci\u00f3n FTP.\u0026#xa0;La vulnerabilidad es debido a un seguimiento de flujo ineficiente del tr\u00e1fico FTP.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de tr\u00e1fico FTP dise\u00f1ado por medio de un dispositivo afectado.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir a un atacante omitir la inspecci\u00f3n de FTP y completar con \u00e9xito las conexiones FTP"
    }
  ],
  "id": "CVE-2020-3564",
  "lastModified": "2024-11-21T05:31:19.510",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-10-21T19:15:18.060",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ftpbypass-HY3UTxYu"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ftpbypass-HY3UTxYu"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-284"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-436"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2021-10-27 19:15

Modified

2024-11-21 06:11

Severity ?

4.7 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Summary

Multiple vulnerabilities in the Application Level Gateway (ALG) for the Network Address Translation (NAT) feature of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the ALG and open unauthorized connections with a host located behind the ALG. For more information about these vulnerabilities, see the Details section of this advisory. Note: These vulnerabilities have been publicly discussed as NAT Slipstreaming.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-natalg-bypass-cpKGqkng	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-natalg-bypass-cpKGqkng	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	asa_5512-x_firmware	009.008
cisco	asa_5512-x_firmware	009.015
cisco	asa_5512-x	-
cisco	asa_5505_firmware	009.008
cisco	asa_5505_firmware	009.015
cisco	asa_5505	-
cisco	asa_5515-x_firmware	009.008
cisco	asa_5515-x_firmware	009.015
cisco	asa_5515-x	-
cisco	asa_5525-x_firmware	009.008
cisco	asa_5525-x_firmware	009.015
cisco	asa_5525-x	-
cisco	asa_5545-x_firmware	009.008
cisco	asa_5545-x_firmware	009.015
cisco	asa_5545-x	-
cisco	asa_5555-x_firmware	009.008
cisco	asa_5555-x_firmware	009.015
cisco	asa_5555-x	-
cisco	asa_5580_firmware	009.008
cisco	asa_5580_firmware	009.015
cisco	asa_5580	-
cisco	asa_5585-x_firmware	009.008
cisco	asa_5585-x_firmware	009.015
cisco	asa_5585-x	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C7F329B-4EF5-411A-9AB6-02E6A4162D6D",
              "versionEndExcluding": "9.8.4.40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAE65CB5-08E5-41B6-9AC0-02451C90E833",
              "versionEndExcluding": "6.4.0.12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "18589C74-19D2-44F0-AF26-68910E26655D",
              "versionEndExcluding": "6.6.5",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FDDF492B-BC61-4814-B05F-3F6CD07080F7",
              "versionEndExcluding": "6.7.0.2",
              "versionStartIncluding": "6.7.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B10BB7F0-1CC7-4331-A05C-3C20B0584C04",
              "versionEndExcluding": "9.12.4.29",
              "versionStartIncluding": "9.12.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "185792EB-E12D-4ABD-938F-68EB7F65FA3C",
              "versionEndExcluding": "9.14.2.15",
              "versionStartIncluding": "9.13.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6DA106A-A2D9-4F9F-AF9B-88F67A8589FC",
              "versionEndExcluding": "9.15.1.15",
              "versionStartIncluding": "9.15.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5512-x_firmware:009.008:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C8EAF9E-15BB-4565-A131-B0B3F9E98B50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5512-x_firmware:009.015:*:*:*:*:*:*:*",
              "matchCriteriaId": "D81100E4-D5B3-4953-9EB3-A4335A96B0FC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08F0F160-DAD2-48D4-B7B2-4818B2526F35",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5505_firmware:009.008:*:*:*:*:*:*:*",
              "matchCriteriaId": "446D3F11-4E33-417E-8BC5-A0ADA2336748",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5505_firmware:009.015:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF62190B-96EE-4295-BF8B-5A8F65876979",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E6A8BB7-2000-4CA2-9DD7-89573CE4C73A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5515-x_firmware:009.008:*:*:*:*:*:*:*",
              "matchCriteriaId": "649BB8A1-7665-4312-9D34-8823CD8031B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5515-x_firmware:009.015:*:*:*:*:*:*:*",
              "matchCriteriaId": "2008D416-C0D8-41DB-9088-553665643A4D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "977D597B-F6DE-4438-AB02-06BE64D71EBE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5525-x_firmware:009.008:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D4DC944-D1C0-400F-92A2-852BED71210C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5525-x_firmware:009.015:*:*:*:*:*:*:*",
              "matchCriteriaId": "1CB81E9A-3CFF-406A-83D3-A62A650D1583",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB71EB29-0115-4307-A9F7-262394FD9FB0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5545-x_firmware:009.008:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F1951B0-E631-475B-9AC2-DD3EFC842D37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5545-x_firmware:009.015:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5054127-B933-4FBB-87D9-F90168ADE8A7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5545-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57179F60-E330-4FF0-9664-B1E4637FF210",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5555-x_firmware:009.008:*:*:*:*:*:*:*",
              "matchCriteriaId": "5FCA70F5-B62E-449E-BFB5-FE52039A43CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5555-x_firmware:009.015:*:*:*:*:*:*:*",
              "matchCriteriaId": "603C4110-1A74-4698-9882-F23FF05803BE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5535C936-391B-4619-AA03-B35265FC15D7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5580_firmware:009.008:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6B105A6-008E-46E4-8789-C718962C1F46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5580_firmware:009.015:*:*:*:*:*:*:*",
              "matchCriteriaId": "5FB5240E-52F4-4A1E-8B5B-25A6446A2BF9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1E828B8-5ECC-4A09-B2AD-DEDC558713DE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5585-x_firmware:009.008:*:*:*:*:*:*:*",
              "matchCriteriaId": "C662CBD3-FA7F-4BD4-8867-9796B38926A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5585-x_firmware:009.015:*:*:*:*:*:*:*",
              "matchCriteriaId": "1234B4DC-4C8E-48B5-BD05-01843C8083D5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16AE20C2-C77E-4E04-BF13-A48696E52426",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple vulnerabilities in the Application Level Gateway (ALG) for the Network Address Translation (NAT) feature of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the ALG and open unauthorized connections with a host located behind the ALG. For more information about these vulnerabilities, see the Details section of this advisory. Note: These vulnerabilities have been publicly discussed as NAT Slipstreaming."
    },
    {
      "lang": "es",
      "value": "Varias vulnerabilidades en la Puerta de Enlace de Nivel de Aplicaci\u00f3n (ALG) para la funcionalidad Network Address Translation (NAT) del software Cisco Adaptive Security Appliance (ASA) y el software Firepower Threat Defense (FTD) podr\u00edan permitir a un atacante remoto no autenticado omitir el ALG y abrir conexiones no autorizadas con un host situado detr\u00e1s del ALG. Para conseguir m\u00e1s informaci\u00f3n sobre estas vulnerabilidades, consulte la secci\u00f3n Detalles de este aviso. Nota: Estas vulnerabilidades han sido discutidas p\u00fablicamente como NAT Slipstreaming"
    }
  ],
  "id": "CVE-2021-34790",
  "lastModified": "2024-11-21T06:11:12.577",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 1.4,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-10-27T19:15:08.400",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-natalg-bypass-cpKGqkng"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-natalg-bypass-cpKGqkng"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-358"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-07-22 20:15

Modified

2025-02-24 15:40

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Summary

A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct directory traversal attacks and read sensitive files on a targeted system. The vulnerability is due to a lack of proper input validation of URLs in HTTP requests processed by an affected device. An attacker could exploit this vulnerability by sending a crafted HTTP request containing directory traversal character sequences to an affected device. A successful exploit could allow the attacker to view arbitrary files within the web services file system on the targeted device. The web services file system is enabled when the affected device is configured with either WebVPN or AnyConnect features. This vulnerability cannot be used to obtain access to ASA or FTD system files or underlying operating system (OS) files.

References

URL	Tags
psirt@cisco.com	http://packetstormsecurity.com/files/158646/Cisco-ASA-FTD-Remote-File-Disclosure.html	Third Party Advisory, VDB Entry
psirt@cisco.com	http://packetstormsecurity.com/files/158647/Cisco-Adaptive-Security-Appliance-Software-9.11-Local-File-Inclusion.html	Exploit, Third Party Advisory, VDB Entry
psirt@cisco.com	http://packetstormsecurity.com/files/159523/Cisco-ASA-FTD-9.6.4.42-Path-Traversal.html	Exploit, Third Party Advisory, VDB Entry
psirt@cisco.com	http://packetstormsecurity.com/files/160497/Cisco-ASA-9.14.1.10-FTD-6.6.0.1-Path-Traversal.html	Exploit, Third Party Advisory, VDB Entry
psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ro-path-KJuQhB86	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/158646/Cisco-ASA-FTD-Remote-File-Disclosure.html	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/158647/Cisco-Adaptive-Security-Appliance-Software-9.11-Local-File-Inclusion.html	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/159523/Cisco-ASA-FTD-9.6.4.42-Path-Traversal.html	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/160497/Cisco-ASA-9.14.1.10-FTD-6.6.0.1-Path-Traversal.html	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ro-path-KJuQhB86	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	asa_5505	-
cisco	asa_5510	-
cisco	asa_5512-x	-
cisco	asa_5515-x	-
cisco	asa_5520	-
cisco	asa_5525-x	-
cisco	asa_5540	-
cisco	asa_5545-x	-
cisco	asa_5550	-
cisco	asa_5555-x	-
cisco	asa_5580	-
cisco	asa_5585-x	-
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*

JSON

To clipboard

{
  "cisaActionDue": "2022-05-03",
  "cisaExploitAdd": "2021-11-03",
  "cisaRequiredAction": "Apply updates per vendor instructions.",
  "cisaVulnerabilityName": "Cisco ASA and FTD Read-Only Path Traversal Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B1F7D88-4774-47D9-BC1D-CAD49653EC52",
              "versionEndExcluding": "9.6.4.42",
              "versionStartIncluding": "9.6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEB1AF51-43DA-4399-8264-E0A2E629F799",
              "versionEndExcluding": "9.8.4.20",
              "versionStartIncluding": "9.8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2694D563-A5CF-4A3E-BC7E-80A9F9487573",
              "versionEndExcluding": "9.9.2.74",
              "versionStartIncluding": "9.9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "374FB489-272C-411D-8C3F-417D8760E8D7",
              "versionEndExcluding": "9.10.1.42",
              "versionStartIncluding": "9.10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0113BA1B-BBB3-4B2D-BB75-21C7CDB37DE0",
              "versionEndExcluding": "9.12.3.12",
              "versionStartIncluding": "9.12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "526A1138-61C7-44AD-A925-B38BDB353238",
              "versionEndExcluding": "9.13.1.10",
              "versionStartIncluding": "9.13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A0974DC-9A56-4099-ADEA-7938DBA3A27D",
              "versionEndExcluding": "9.14.1.10",
              "versionStartIncluding": "9.14",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E6A8BB7-2000-4CA2-9DD7-89573CE4C73A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B091B9BA-D4CA-435B-8D66-602B45F0E0BD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08F0F160-DAD2-48D4-B7B2-4818B2526F35",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "977D597B-F6DE-4438-AB02-06BE64D71EBE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5520:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B387F62-6341-434D-903F-9B72E7F84ECB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB71EB29-0115-4307-A9F7-262394FD9FB0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5540:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C5A524-E1D9-480F-B655-0680AA5BF720",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5545-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57179F60-E330-4FF0-9664-B1E4637FF210",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5550:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6287D95-F564-44B7-A0F9-91396D7C2C4E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5535C936-391B-4619-AA03-B35265FC15D7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1E828B8-5ECC-4A09-B2AD-DEDC558713DE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16AE20C2-C77E-4E04-BF13-A48696E52426",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4B2E5D3-ED34-4A7E-BD8F-8492B6737677",
              "versionEndExcluding": "6.2.3.16",
              "versionStartIncluding": "6.2.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D27DE97-510A-4761-8184-6940745B54E2",
              "versionEndExcluding": "6.3.0.6",
              "versionStartIncluding": "6.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "53C69C8B-5A19-4613-8861-683CF21806B7",
              "versionEndExcluding": "6.4.0.10",
              "versionStartIncluding": "6.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3ED0E59C-146C-494F-AD46-F6FB43F9C575",
              "versionEndExcluding": "6.5.0.5",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6193E3E2-CD18-415F-9F2D-9DD536C18323",
              "versionEndExcluding": "6.6.0.1",
              "versionStartIncluding": "6.6.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct directory traversal attacks and read sensitive files on a targeted system. The vulnerability is due to a lack of proper input validation of URLs in HTTP requests processed by an affected device. An attacker could exploit this vulnerability by sending a crafted HTTP request containing directory traversal character sequences to an affected device. A successful exploit could allow the attacker to view arbitrary files within the web services file system on the targeted device. The web services file system is enabled when the affected device is configured with either WebVPN or AnyConnect features. This vulnerability cannot be used to obtain access to ASA or FTD system files or underlying operating system (OS) files."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la interfaz de servicios web de Cisco Adaptive Security Appliance (ASA) Software y Cisco Firepower Threat Defense (FTD) Software, podr\u00eda permitir a un atacante remoto no autenticado conducir ataques de salto de directorio y leer archivos confidenciales en un sistema objetivo. La vulnerabilidad es debido a una falta de comprobaci\u00f3n de entrada apropiada de las URL en las peticiones HTTP procesadas por un dispositivo afectado. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de una petici\u00f3n HTTP dise\u00f1ada que contenga secuencias de caracteres salto de directorio en un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir a un atacante visualizar archivos arbitrarios dentro del sistema de archivos de servicios web en el dispositivo objetivo. El sistema de archivos de los servicios web es habilitado cuando el dispositivo afectado es configurado con las funcionalidades WebVPN o AnyConnect. Esta vulnerabilidad no puede ser utilizada para obtener acceso a los archivos del sistema ASA o FTD o los archivos del sistema operativo (SO) subyacente"
    }
  ],
  "id": "CVE-2020-3452",
  "lastModified": "2025-02-24T15:40:15.277",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-07-22T20:15:11.970",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/158646/Cisco-ASA-FTD-Remote-File-Disclosure.html"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/158647/Cisco-Adaptive-Security-Appliance-Software-9.11-Local-File-Inclusion.html"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/159523/Cisco-ASA-FTD-9.6.4.42-Path-Traversal.html"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/160497/Cisco-ASA-9.14.1.10-FTD-6.6.0.1-Path-Traversal.html"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ro-path-KJuQhB86"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/158646/Cisco-ASA-FTD-Remote-File-Disclosure.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/158647/Cisco-Adaptive-Security-Appliance-Software-9.11-Local-File-Inclusion.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/159523/Cisco-ASA-FTD-9.6.4.42-Path-Traversal.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/160497/Cisco-ASA-9.14.1.10-FTD-6.6.0.1-Path-Traversal.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ro-path-KJuQhB86"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2021-10-27 19:15

Modified

2024-11-21 06:11

Severity ?

4.7 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Summary

Multiple vulnerabilities in the Application Level Gateway (ALG) for the Network Address Translation (NAT) feature of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the ALG and open unauthorized connections with a host located behind the ALG. For more information about these vulnerabilities, see the Details section of this advisory. Note: These vulnerabilities have been publicly discussed as NAT Slipstreaming.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-natalg-bypass-cpKGqkng	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-natalg-bypass-cpKGqkng	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	asa_5512-x_firmware	009.008
cisco	asa_5512-x_firmware	009.015
cisco	asa_5512-x	-
cisco	asa_5505_firmware	009.008
cisco	asa_5505_firmware	009.015
cisco	asa_5505	-
cisco	asa_5515-x_firmware	009.008
cisco	asa_5515-x_firmware	009.015
cisco	asa_5515-x	-
cisco	asa_5525-x_firmware	009.008
cisco	asa_5525-x_firmware	009.015
cisco	asa_5525-x	-
cisco	asa_5545-x_firmware	009.008
cisco	asa_5545-x_firmware	009.015
cisco	asa_5545-x	-
cisco	asa_5555-x_firmware	009.008
cisco	asa_5555-x_firmware	009.015
cisco	asa_5555-x	-
cisco	asa_5580_firmware	009.008
cisco	asa_5580_firmware	009.015
cisco	asa_5580	-
cisco	asa_5585-x_firmware	009.008
cisco	asa_5585-x_firmware	009.015
cisco	asa_5585-x	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C7F329B-4EF5-411A-9AB6-02E6A4162D6D",
              "versionEndExcluding": "9.8.4.40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAE65CB5-08E5-41B6-9AC0-02451C90E833",
              "versionEndExcluding": "6.4.0.12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "18589C74-19D2-44F0-AF26-68910E26655D",
              "versionEndExcluding": "6.6.5",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FDDF492B-BC61-4814-B05F-3F6CD07080F7",
              "versionEndExcluding": "6.7.0.2",
              "versionStartIncluding": "6.7.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE618915-7057-4229-9672-0BCE77B6F67C",
              "versionEndExcluding": "9.12.4.18",
              "versionStartIncluding": "9.12.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "185792EB-E12D-4ABD-938F-68EB7F65FA3C",
              "versionEndExcluding": "9.14.2.15",
              "versionStartIncluding": "9.13.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6DA106A-A2D9-4F9F-AF9B-88F67A8589FC",
              "versionEndExcluding": "9.15.1.15",
              "versionStartIncluding": "9.15.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5512-x_firmware:009.008:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C8EAF9E-15BB-4565-A131-B0B3F9E98B50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5512-x_firmware:009.015:*:*:*:*:*:*:*",
              "matchCriteriaId": "D81100E4-D5B3-4953-9EB3-A4335A96B0FC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08F0F160-DAD2-48D4-B7B2-4818B2526F35",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5505_firmware:009.008:*:*:*:*:*:*:*",
              "matchCriteriaId": "446D3F11-4E33-417E-8BC5-A0ADA2336748",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5505_firmware:009.015:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF62190B-96EE-4295-BF8B-5A8F65876979",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E6A8BB7-2000-4CA2-9DD7-89573CE4C73A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5515-x_firmware:009.008:*:*:*:*:*:*:*",
              "matchCriteriaId": "649BB8A1-7665-4312-9D34-8823CD8031B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5515-x_firmware:009.015:*:*:*:*:*:*:*",
              "matchCriteriaId": "2008D416-C0D8-41DB-9088-553665643A4D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "977D597B-F6DE-4438-AB02-06BE64D71EBE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5525-x_firmware:009.008:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D4DC944-D1C0-400F-92A2-852BED71210C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5525-x_firmware:009.015:*:*:*:*:*:*:*",
              "matchCriteriaId": "1CB81E9A-3CFF-406A-83D3-A62A650D1583",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB71EB29-0115-4307-A9F7-262394FD9FB0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5545-x_firmware:009.008:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F1951B0-E631-475B-9AC2-DD3EFC842D37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5545-x_firmware:009.015:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5054127-B933-4FBB-87D9-F90168ADE8A7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5545-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57179F60-E330-4FF0-9664-B1E4637FF210",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5555-x_firmware:009.008:*:*:*:*:*:*:*",
              "matchCriteriaId": "5FCA70F5-B62E-449E-BFB5-FE52039A43CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5555-x_firmware:009.015:*:*:*:*:*:*:*",
              "matchCriteriaId": "603C4110-1A74-4698-9882-F23FF05803BE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5535C936-391B-4619-AA03-B35265FC15D7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5580_firmware:009.008:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6B105A6-008E-46E4-8789-C718962C1F46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5580_firmware:009.015:*:*:*:*:*:*:*",
              "matchCriteriaId": "5FB5240E-52F4-4A1E-8B5B-25A6446A2BF9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1E828B8-5ECC-4A09-B2AD-DEDC558713DE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5585-x_firmware:009.008:*:*:*:*:*:*:*",
              "matchCriteriaId": "C662CBD3-FA7F-4BD4-8867-9796B38926A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5585-x_firmware:009.015:*:*:*:*:*:*:*",
              "matchCriteriaId": "1234B4DC-4C8E-48B5-BD05-01843C8083D5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16AE20C2-C77E-4E04-BF13-A48696E52426",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple vulnerabilities in the Application Level Gateway (ALG) for the Network Address Translation (NAT) feature of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the ALG and open unauthorized connections with a host located behind the ALG. For more information about these vulnerabilities, see the Details section of this advisory. Note: These vulnerabilities have been publicly discussed as NAT Slipstreaming."
    },
    {
      "lang": "es",
      "value": "Varias vulnerabilidades en la Puerta de Enlace de Nivel de Aplicaci\u00f3n (ALG) para la funcionalidad Network Address Translation (NAT) del software Cisco Adaptive Security Appliance (ASA) y el software Firepower Threat Defense (FTD) podr\u00edan permitir a un atacante remoto no autenticado omitir la ALG y abrir conexiones no autorizadas con un host situado detr\u00e1s de la ALG. Para conseguir m\u00e1s informaci\u00f3n sobre estas vulnerabilidades, consulte la secci\u00f3n Detalles de este aviso. Nota: Estas vulnerabilidades se han discutido p\u00fablicamente como NAT Slipstreaming"
    }
  ],
  "id": "CVE-2021-34791",
  "lastModified": "2024-11-21T06:11:12.753",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 1.4,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-10-27T19:15:08.457",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-natalg-bypass-cpKGqkng"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-natalg-bypass-cpKGqkng"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-358"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2021-04-29 18:15

Modified

2024-11-21 05:44

Severity ?

8.5 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:H
7.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H

Summary

A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause a buffer overflow on an affected system. The vulnerability is due to insufficient boundary checks for specific data that is provided to the web services interface of an affected system. An attacker could exploit this vulnerability by sending a malicious HTTP request. A successful exploit could allow the attacker to cause a buffer overflow condition on the affected system, which could disclose data fragments or cause the device to reload, resulting in a denial of service (DoS) condition.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-memc-dos-fncTyYKG	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-memc-dos-fncTyYKG	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAE65CB5-08E5-41B6-9AC0-02451C90E833",
              "versionEndExcluding": "6.4.0.12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D042ED9F-3702-4959-AAA0-D98684EB4556",
              "versionEndExcluding": "6.6.3",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "599292E2-4F97-462D-93E0-7CCAEA7C5ED8",
              "versionEndExcluding": "6.7.0.1",
              "versionStartIncluding": "6.7.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "17BDCF23-5836-4E95-A0E6-81334FE3F7BE",
              "versionEndExcluding": "9.8.4.34",
              "versionStartIncluding": "9.8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A9BFFBC-F577-47CD-83E8-A6227B17D557",
              "versionEndExcluding": "9.9.2.85",
              "versionStartIncluding": "9.9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C70E158-4028-4CA4-91CB-22E549CFBC07",
              "versionEndExcluding": "9.12.4.13",
              "versionStartIncluding": "9.10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B74C14F-C95B-4AF5-A255-1CA824AA7FDE",
              "versionEndExcluding": "9.13.1.21",
              "versionStartIncluding": "9.13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "282F4D3B-CCBB-484E-BDEE-C316637E2F21",
              "versionEndExcluding": "9.14.2.8",
              "versionStartIncluding": "9.14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE692449-D353-4726-82EF-4396E3336890",
              "versionEndExcluding": "9.15.1.7",
              "versionStartIncluding": "9.15",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause a buffer overflow on an affected system. The vulnerability is due to insufficient boundary checks for specific data that is provided to the web services interface of an affected system. An attacker could exploit this vulnerability by sending a malicious HTTP request. A successful exploit could allow the attacker to cause a buffer overflow condition on the affected system, which could disclose data fragments or cause the device to reload, resulting in a denial of service (DoS) condition."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la interfaz de servicios web del software Cisco Adaptive Security Appliance (ASA) y el software Cisco Firepower Threat Defense (FTD), podr\u00eda permitir a un atacante remoto autenticado causar un desbordamiento del b\u00fafer en un sistema afectado.\u0026#xa0;La vulnerabilidad es debido a comprobaciones de l\u00edmites insuficientes para datos espec\u00edficos que se proporcionan a la interfaz de servicios web de un sistema afectado.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de una petici\u00f3n HTTP maliciosa.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar una condici\u00f3n de desbordamiento de b\u00fafer en el sistema afectado, lo que podr\u00eda revelar fragmentos de datos o hacer que el dispositivo se recargue, resultando en una condici\u00f3n de denegaci\u00f3n de servicio (DoS)"
    }
  ],
  "id": "CVE-2021-1493",
  "lastModified": "2024-11-21T05:44:28.583",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": true,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 7.8,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.1,
        "impactScore": 4.7,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.1,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 4.2,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-04-29T18:15:09.387",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-memc-dos-fncTyYKG"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-memc-dos-fncTyYKG"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-120"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2024-04-24 19:15

Modified

2025-07-30 19:25

Severity ?

6.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
6.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

Summary

A vulnerability in a legacy capability that allowed for the preloading of VPN clients and plug-ins and that has been available in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary code with root-level privileges. Administrator-level privileges are required to exploit this vulnerability. This vulnerability is due to improper validation of a file when it is read from system flash memory. An attacker could exploit this vulnerability by copying a crafted file to the disk0: file system of an affected device. A successful exploit could allow the attacker to execute arbitrary code on the affected device after the next reload of the device, which could alter system behavior. Because the injected code could persist across device reboots, Cisco has raised the Security Impact Rating (SIR) of this advisory from Medium to High.

References

URL	Tags
psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-persist-rce-FLsNXF4h	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-persist-rce-FLsNXF4h	Vendor Advisory
134c704f-9b21-4f2e-91b3-4a467353bcc0	https://blog.talosintelligence.com/arcanedoor-new-espionage-focused-campaign-found-targeting-perimeter-network-devices/	Exploit, Third Party Advisory

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance_software	9.8.1
cisco	adaptive_security_appliance_software	9.8.1.5
cisco	adaptive_security_appliance_software	9.8.1.7
cisco	adaptive_security_appliance_software	9.8.2
cisco	adaptive_security_appliance_software	9.8.2.8
cisco	adaptive_security_appliance_software	9.8.2.14
cisco	adaptive_security_appliance_software	9.8.2.15
cisco	adaptive_security_appliance_software	9.8.2.17
cisco	adaptive_security_appliance_software	9.8.2.20
cisco	adaptive_security_appliance_software	9.8.2.24
cisco	adaptive_security_appliance_software	9.8.2.26
cisco	adaptive_security_appliance_software	9.8.2.28
cisco	adaptive_security_appliance_software	9.8.2.33
cisco	adaptive_security_appliance_software	9.8.2.35
cisco	adaptive_security_appliance_software	9.8.2.38
cisco	adaptive_security_appliance_software	9.8.3
cisco	adaptive_security_appliance_software	9.8.3.8
cisco	adaptive_security_appliance_software	9.8.3.11
cisco	adaptive_security_appliance_software	9.8.3.14
cisco	adaptive_security_appliance_software	9.8.3.16
cisco	adaptive_security_appliance_software	9.8.3.18
cisco	adaptive_security_appliance_software	9.8.3.21
cisco	adaptive_security_appliance_software	9.8.3.26
cisco	adaptive_security_appliance_software	9.8.3.29
cisco	adaptive_security_appliance_software	9.8.4
cisco	adaptive_security_appliance_software	9.8.4.3
cisco	adaptive_security_appliance_software	9.8.4.7
cisco	adaptive_security_appliance_software	9.8.4.8
cisco	adaptive_security_appliance_software	9.8.4.10
cisco	adaptive_security_appliance_software	9.8.4.12
cisco	adaptive_security_appliance_software	9.8.4.15
cisco	adaptive_security_appliance_software	9.8.4.17
cisco	adaptive_security_appliance_software	9.8.4.20
cisco	adaptive_security_appliance_software	9.8.4.22
cisco	adaptive_security_appliance_software	9.8.4.25
cisco	adaptive_security_appliance_software	9.8.4.26
cisco	adaptive_security_appliance_software	9.8.4.29
cisco	adaptive_security_appliance_software	9.8.4.32
cisco	adaptive_security_appliance_software	9.8.4.33
cisco	adaptive_security_appliance_software	9.8.4.34
cisco	adaptive_security_appliance_software	9.8.4.35
cisco	adaptive_security_appliance_software	9.8.4.39
cisco	adaptive_security_appliance_software	9.8.4.40
cisco	adaptive_security_appliance_software	9.8.4.41
cisco	adaptive_security_appliance_software	9.8.4.43
cisco	adaptive_security_appliance_software	9.8.4.44
cisco	adaptive_security_appliance_software	9.8.4.45
cisco	adaptive_security_appliance_software	9.8.4.46
cisco	adaptive_security_appliance_software	9.8.4.48
cisco	adaptive_security_appliance_software	9.12.1
cisco	adaptive_security_appliance_software	9.12.1.2
cisco	adaptive_security_appliance_software	9.12.1.3
cisco	adaptive_security_appliance_software	9.12.2
cisco	adaptive_security_appliance_software	9.12.2.1
cisco	adaptive_security_appliance_software	9.12.2.4
cisco	adaptive_security_appliance_software	9.12.2.5
cisco	adaptive_security_appliance_software	9.12.2.9
cisco	adaptive_security_appliance_software	9.12.3
cisco	adaptive_security_appliance_software	9.12.3.2
cisco	adaptive_security_appliance_software	9.12.3.7
cisco	adaptive_security_appliance_software	9.12.3.9
cisco	adaptive_security_appliance_software	9.12.3.12
cisco	adaptive_security_appliance_software	9.12.4
cisco	adaptive_security_appliance_software	9.12.4.2
cisco	adaptive_security_appliance_software	9.12.4.4
cisco	adaptive_security_appliance_software	9.12.4.7
cisco	adaptive_security_appliance_software	9.12.4.8
cisco	adaptive_security_appliance_software	9.12.4.10
cisco	adaptive_security_appliance_software	9.12.4.13
cisco	adaptive_security_appliance_software	9.12.4.18
cisco	adaptive_security_appliance_software	9.12.4.24
cisco	adaptive_security_appliance_software	9.12.4.26
cisco	adaptive_security_appliance_software	9.12.4.29
cisco	adaptive_security_appliance_software	9.12.4.30
cisco	adaptive_security_appliance_software	9.12.4.35
cisco	adaptive_security_appliance_software	9.12.4.37
cisco	adaptive_security_appliance_software	9.12.4.38
cisco	adaptive_security_appliance_software	9.12.4.39
cisco	adaptive_security_appliance_software	9.12.4.40
cisco	adaptive_security_appliance_software	9.12.4.41
cisco	adaptive_security_appliance_software	9.12.4.47
cisco	adaptive_security_appliance_software	9.12.4.48
cisco	adaptive_security_appliance_software	9.12.4.50
cisco	adaptive_security_appliance_software	9.12.4.52
cisco	adaptive_security_appliance_software	9.12.4.54
cisco	adaptive_security_appliance_software	9.12.4.55
cisco	adaptive_security_appliance_software	9.12.4.56
cisco	adaptive_security_appliance_software	9.12.4.58
cisco	adaptive_security_appliance_software	9.12.4.62
cisco	adaptive_security_appliance_software	9.12.4.65
cisco	adaptive_security_appliance_software	9.14.1
cisco	adaptive_security_appliance_software	9.14.1.6
cisco	adaptive_security_appliance_software	9.14.1.10
cisco	adaptive_security_appliance_software	9.14.1.15
cisco	adaptive_security_appliance_software	9.14.1.19
cisco	adaptive_security_appliance_software	9.14.1.30
cisco	adaptive_security_appliance_software	9.14.2
cisco	adaptive_security_appliance_software	9.14.2.4
cisco	adaptive_security_appliance_software	9.14.2.8
cisco	adaptive_security_appliance_software	9.14.2.13
cisco	adaptive_security_appliance_software	9.14.2.15
cisco	adaptive_security_appliance_software	9.14.3
cisco	adaptive_security_appliance_software	9.14.3.1
cisco	adaptive_security_appliance_software	9.14.3.9
cisco	adaptive_security_appliance_software	9.14.3.11
cisco	adaptive_security_appliance_software	9.14.3.13
cisco	adaptive_security_appliance_software	9.14.3.15
cisco	adaptive_security_appliance_software	9.14.3.18
cisco	adaptive_security_appliance_software	9.14.4
cisco	adaptive_security_appliance_software	9.14.4.6
cisco	adaptive_security_appliance_software	9.14.4.7
cisco	adaptive_security_appliance_software	9.14.4.12
cisco	adaptive_security_appliance_software	9.14.4.13
cisco	adaptive_security_appliance_software	9.14.4.14
cisco	adaptive_security_appliance_software	9.14.4.15
cisco	adaptive_security_appliance_software	9.14.4.17
cisco	adaptive_security_appliance_software	9.14.4.22
cisco	adaptive_security_appliance_software	9.14.4.23
cisco	adaptive_security_appliance_software	9.15.1
cisco	adaptive_security_appliance_software	9.15.1.1
cisco	adaptive_security_appliance_software	9.15.1.7
cisco	adaptive_security_appliance_software	9.15.1.10
cisco	adaptive_security_appliance_software	9.15.1.15
cisco	adaptive_security_appliance_software	9.15.1.16
cisco	adaptive_security_appliance_software	9.15.1.17
cisco	adaptive_security_appliance_software	9.15.1.21
cisco	adaptive_security_appliance_software	9.16.1
cisco	adaptive_security_appliance_software	9.16.1.28
cisco	adaptive_security_appliance_software	9.16.2
cisco	adaptive_security_appliance_software	9.16.2.3
cisco	adaptive_security_appliance_software	9.16.2.7
cisco	adaptive_security_appliance_software	9.16.2.11
cisco	adaptive_security_appliance_software	9.16.2.13
cisco	adaptive_security_appliance_software	9.16.2.14
cisco	adaptive_security_appliance_software	9.16.3
cisco	adaptive_security_appliance_software	9.16.3.3
cisco	adaptive_security_appliance_software	9.16.3.14
cisco	adaptive_security_appliance_software	9.16.3.15
cisco	adaptive_security_appliance_software	9.16.3.19
cisco	adaptive_security_appliance_software	9.16.3.23
cisco	adaptive_security_appliance_software	9.16.4
cisco	adaptive_security_appliance_software	9.16.4.9
cisco	adaptive_security_appliance_software	9.16.4.14
cisco	adaptive_security_appliance_software	9.16.4.18
cisco	adaptive_security_appliance_software	9.16.4.19
cisco	adaptive_security_appliance_software	9.16.4.27
cisco	adaptive_security_appliance_software	9.16.4.38
cisco	adaptive_security_appliance_software	9.16.4.39
cisco	adaptive_security_appliance_software	9.16.4.42
cisco	adaptive_security_appliance_software	9.16.4.48
cisco	adaptive_security_appliance_software	9.16.4.55
cisco	adaptive_security_appliance_software	9.17.1
cisco	adaptive_security_appliance_software	9.17.1.7
cisco	adaptive_security_appliance_software	9.17.1.9
cisco	adaptive_security_appliance_software	9.17.1.10
cisco	adaptive_security_appliance_software	9.17.1.11
cisco	adaptive_security_appliance_software	9.17.1.13
cisco	adaptive_security_appliance_software	9.17.1.15
cisco	adaptive_security_appliance_software	9.17.1.20
cisco	adaptive_security_appliance_software	9.17.1.30
cisco	adaptive_security_appliance_software	9.17.1.33
cisco	adaptive_security_appliance_software	9.18.1
cisco	adaptive_security_appliance_software	9.18.1.3
cisco	adaptive_security_appliance_software	9.18.2
cisco	adaptive_security_appliance_software	9.18.2.5
cisco	adaptive_security_appliance_software	9.18.2.7
cisco	adaptive_security_appliance_software	9.18.2.8
cisco	adaptive_security_appliance_software	9.18.3
cisco	adaptive_security_appliance_software	9.18.3.39
cisco	adaptive_security_appliance_software	9.18.3.46
cisco	adaptive_security_appliance_software	9.18.3.53
cisco	adaptive_security_appliance_software	9.18.3.55
cisco	adaptive_security_appliance_software	9.18.3.56
cisco	adaptive_security_appliance_software	9.18.4
cisco	adaptive_security_appliance_software	9.18.4.5
cisco	adaptive_security_appliance_software	9.18.4.8
cisco	adaptive_security_appliance_software	9.19.1
cisco	adaptive_security_appliance_software	9.19.1.5
cisco	adaptive_security_appliance_software	9.19.1.9
cisco	adaptive_security_appliance_software	9.19.1.12
cisco	adaptive_security_appliance_software	9.19.1.18
cisco	adaptive_security_appliance_software	9.19.1.22
cisco	adaptive_security_appliance_software	9.19.1.24
cisco	adaptive_security_appliance_software	9.19.1.27
cisco	adaptive_security_appliance_software	9.20.1
cisco	adaptive_security_appliance_software	9.20.1.5
cisco	adaptive_security_appliance_software	9.20.2
cisco	firepower_threat_defense	6.2.3
cisco	firepower_threat_defense	6.2.3.1
cisco	firepower_threat_defense	6.2.3.2
cisco	firepower_threat_defense	6.2.3.3
cisco	firepower_threat_defense	6.2.3.4
cisco	firepower_threat_defense	6.2.3.5
cisco	firepower_threat_defense	6.2.3.6
cisco	firepower_threat_defense	6.2.3.7
cisco	firepower_threat_defense	6.2.3.8
cisco	firepower_threat_defense	6.2.3.9
cisco	firepower_threat_defense	6.2.3.10
cisco	firepower_threat_defense	6.2.3.11
cisco	firepower_threat_defense	6.2.3.12
cisco	firepower_threat_defense	6.2.3.13
cisco	firepower_threat_defense	6.2.3.14
cisco	firepower_threat_defense	6.2.3.15
cisco	firepower_threat_defense	6.2.3.16
cisco	firepower_threat_defense	6.2.3.17
cisco	firepower_threat_defense	6.2.3.18
cisco	firepower_threat_defense	6.4.0
cisco	firepower_threat_defense	6.4.0.1
cisco	firepower_threat_defense	6.4.0.2
cisco	firepower_threat_defense	6.4.0.3
cisco	firepower_threat_defense	6.4.0.4
cisco	firepower_threat_defense	6.4.0.5
cisco	firepower_threat_defense	6.4.0.6
cisco	firepower_threat_defense	6.4.0.7
cisco	firepower_threat_defense	6.4.0.8
cisco	firepower_threat_defense	6.4.0.9
cisco	firepower_threat_defense	6.4.0.10
cisco	firepower_threat_defense	6.4.0.11
cisco	firepower_threat_defense	6.4.0.12
cisco	firepower_threat_defense	6.4.0.13
cisco	firepower_threat_defense	6.4.0.14
cisco	firepower_threat_defense	6.4.0.15
cisco	firepower_threat_defense	6.4.0.16
cisco	firepower_threat_defense	6.4.0.17
cisco	firepower_threat_defense	6.6.0
cisco	firepower_threat_defense	6.6.0.1
cisco	firepower_threat_defense	6.6.1
cisco	firepower_threat_defense	6.6.3
cisco	firepower_threat_defense	6.6.4
cisco	firepower_threat_defense	6.6.5
cisco	firepower_threat_defense	6.6.5.1
cisco	firepower_threat_defense	6.6.5.2
cisco	firepower_threat_defense	6.6.7
cisco	firepower_threat_defense	6.6.7.1
cisco	firepower_threat_defense	6.7.0
cisco	firepower_threat_defense	6.7.0.1
cisco	firepower_threat_defense	6.7.0.2
cisco	firepower_threat_defense	6.7.0.3
cisco	firepower_threat_defense	7.0.0
cisco	firepower_threat_defense	7.0.0.1
cisco	firepower_threat_defense	7.0.1
cisco	firepower_threat_defense	7.0.1.1
cisco	firepower_threat_defense	7.0.2
cisco	firepower_threat_defense	7.0.2.1
cisco	firepower_threat_defense	7.0.3
cisco	firepower_threat_defense	7.0.4
cisco	firepower_threat_defense	7.0.5
cisco	firepower_threat_defense	7.0.6
cisco	firepower_threat_defense	7.0.6.1
cisco	firepower_threat_defense	7.1.0
cisco	firepower_threat_defense	7.1.0.1
cisco	firepower_threat_defense	7.1.0.2
cisco	firepower_threat_defense	7.1.0.3
cisco	firepower_threat_defense	7.2.0
cisco	firepower_threat_defense	7.2.0.1
cisco	firepower_threat_defense	7.2.1
cisco	firepower_threat_defense	7.2.2
cisco	firepower_threat_defense	7.2.3
cisco	firepower_threat_defense	7.2.4
cisco	firepower_threat_defense	7.2.4.1
cisco	firepower_threat_defense	7.2.5
cisco	firepower_threat_defense	7.2.5.1
cisco	firepower_threat_defense	7.3.0
cisco	firepower_threat_defense	7.3.1
cisco	firepower_threat_defense	7.3.1.1
cisco	firepower_threat_defense	7.4.0
cisco	firepower_threat_defense	7.4.1

JSON

To clipboard

{
  "cisaActionDue": "2024-05-01",
  "cisaExploitAdd": "2024-04-24",
  "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
  "cisaVulnerabilityName": "Cisco ASA and FTD Privilege Escalation Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D482F818-0A8E-49D7-8E3E-0958019FA629",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E7BFB57-BC02-4930-A02F-83583E6A0FC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "026F1960-C879-4611-A60A-96311B63CCA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAF8B33E-0C95-467D-A865-0A234E69D0CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFF144F5-D933-4DE4-818C-001BD9E3958A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "00112ED3-FE7B-425B-9A28-1E5F2BC8BB01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDD491D5-FAAB-493F-91A6-D2F3B5F5970E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "1519F49D-588F-4B70-B38F-EF4F3E13FEAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "15354443-5EB7-4712-B2DE-61DB33830759",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "248D6B44-E134-4DEC-A947-636824E3FDFA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "0820A79C-F3EF-407F-9AC7-DCAB4CD39C89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D3E8805-85D2-4345-8076-039513209A31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "14BB907B-D75A-4F5E-B20D-5457A71A70EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "F118B803-4C55-436A-A136-0C1FEA49858F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.38:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A272121-408E-45F6-A2A1-0BA6EBC060A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "980CEA3B-5A81-4E8C-BEA3-DD31BE7DA2CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3910211-D4DB-4CA7-BBEA-DD8246FF10ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "C260BF30-7A33-4C70-9509-404856C93666",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF894850-39EC-4B57-BBFF-F1AB4F8389A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1FAFCF9-0ABE-483E-9604-329762BB7870",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "83DB4278-3126-4765-97C4-6C0A8C78DA78",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "174E631B-6099-47DE-8790-BBF4B7FDB8CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FE3538B-F612-4105-BFDE-A4B594482DCF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "3143B0FF-C855-485E-A908-E48974B1643C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "26DD9992-6D98-4E03-9599-ECF38A186FBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "24DCEAE6-355B-40AE-A7C8-AF744FCA8A86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "2097E81E-B422-4B93-AF09-F300A0E8AF71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "454DEA31-A607-4054-82D3-24A4FEB7358F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "57F0B213-8187-4465-84F1-FB8D92B36020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "E540771E-BA0B-42D1-8251-B576B0F142C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEC2A833-BECF-4000-A592-6113A84C2D20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "077F1416-924A-4D25-9CEE-3BD66A96A019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BDC8D92-D6E0-40EE-B190-D2B32C7DEB75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "23CD5619-E534-4F40-998D-39DC19FA0451",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5D0EB11-14B1-44B3-8D46-B9DD872F772C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FA399CF-12DB-42E0-A66F-14508B52A453",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B5A7608-E737-420E-9B5E-836600DAC701",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.32:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7EB6801-336D-4F41-ADE7-1C58C63C3F6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "8413DA41-02A5-4269-8C88-9DD5076AF91B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.34:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA00285F-6914-4749-8A47-FC4EDAFFF3C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "4AA4D367-32B9-4F54-8352-A959F61A1FDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "2259FF9E-0C8B-440F-B1AC-51BDE3F60E68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C522B55-904D-4C08-B73E-1457D877C0AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "4483056A-FBF3-4E00-81EB-1E97334EF240",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.43:*:*:*:*:*:*:*",
              "matchCriteriaId": "48677330-06AB-4C7F-B2AD-F7E465A9632A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.44:*:*:*:*:*:*:*",
              "matchCriteriaId": "7AEA80D2-5DB8-4334-9A88-7DDE395832C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.45:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB1C38A5-1028-4AD3-8CC7-A00091091E76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.46:*:*:*:*:*:*:*",
              "matchCriteriaId": "848147B2-C49A-43F6-9069-FC8885BDFDA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.48:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6FEF0DA-741E-4361-8143-068EB47D6520",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F002FD55-F881-450E-BC1B-8073E188F47E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA940C4F-13BB-465F-BB8D-CBD0109BF012",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B0434F5-9A50-4B57-9C5B-E09415D098C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE727035-06CB-4E37-A9D2-96BD54502120",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FE52B81-2CF8-48E5-A7BA-A163A25A669B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8E8D7C9-5272-40E6-869B-B33959F9F0CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE8D5D71-5C85-4644-8A84-F073549ADB50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "0790DDC2-7BA0-42DC-A157-754C0CBBE178",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "882394EA-70C8-4D86-9AEF-5D273D8E518C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "855AD3CC-F404-48C5-80D2-7F2765D16D72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "26B6BF72-9124-4213-B3C0-BD31B46E8C91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE8FBE89-8FDA-4B9B-BA1A-90FFD482A585",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "149C3872-8DA9-48DD-ADD0-2E84C1A76A40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2D33E8C-294A-4C43-8DB6-9DA9F61F0B3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E23ACB0-DF8B-4672-A819-4DCD3104CE4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4723B88-62BA-40E6-AA89-BAC02D6A036F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C698819-3C8E-4A16-8F52-42FF1E54C076",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D3CE74E-59E7-448A-8417-18F97C05C798",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "0986C171-0E75-4F6F-A9BD-276830104E5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "66A2777A-7831-4324-AEB2-5D93B5F6C04B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "37045680-9189-4B7F-A4F7-4E682FE20A09",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6C9F37B-CF3C-4861-A969-C7CF4946274A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A1DAF21-3FED-4691-9D4C-8FD8CEA7FB3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB938E58-4963-4A31-8836-88E958592B30",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E317897-EE97-44F3-96BB-E54228D72A7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EF7FAB2-158D-4C48-9246-E7AD3BF1D801",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.37:*:*:*:*:*:*:*",
              "matchCriteriaId": "056D43AE-ECDB-40D2-A196-18DDCD02629E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.38:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3E555F3-3580-4D71-8D8D-92FE72763D62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "93013503-8B9A-4160-AF7E-277958FA6E9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3B009FD-0F2B-4511-8EDF-C3E670623F89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "52579D8D-E855-42B3-B406-32DD1C39F721",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.47:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7E44FC6-12A2-4F76-A095-28F3804B619F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.48:*:*:*:*:*:*:*",
              "matchCriteriaId": "42917E5E-E362-4B40-B2B2-3C77BA35641C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.50:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF317FA3-EBF3-49BB-A9E6-0D4295FA3F60",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.52:*:*:*:*:*:*:*",
              "matchCriteriaId": "F98B1683-914F-43D3-AE1C-311D3A90BE8C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.54:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8D24656-CAB1-4A98-A440-482927FEDD16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.55:*:*:*:*:*:*:*",
              "matchCriteriaId": "E504557C-DA5D-4D0F-A813-4CE7D5109F15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.56:*:*:*:*:*:*:*",
              "matchCriteriaId": "04D2A067-C717-4921-BBF5-3EFBE02736EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.58:*:*:*:*:*:*:*",
              "matchCriteriaId": "36DDEC5B-4BEA-499C-9F34-BB3D39B7A963",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.62:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4E44C37-0F6F-440B-BA26-FB6D0B179E44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.65:*:*:*:*:*:*:*",
              "matchCriteriaId": "6AEE0050-34DC-49CB-B859-8ED500FD79A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "52D83C3A-ED0B-42D5-A08A-97D27E189875",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "A649E319-D408-4AA2-8293-C9E37AF14BA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4187EFE-4D7E-4493-A6E0-24C98256CF79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "6730194F-5069-40AB-AE66-871D3992560C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E257F98-D1A0-4D28-9504-1749CC090D49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FF1A5FC-73BE-4218-86D9-2E81FA64EABD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E492943-6EC0-4E34-9DBC-DD1C2CF1CDCC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "589E46F3-8038-4B87-8C40-55C6268B82F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F3B73F6-139E-42DC-B895-DDD17B5A1138",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A2590E7-FE04-4B29-B36B-AABAA5F3B9AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E4FD5E3-7E82-4294-8B05-D2045D857029",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E998A4A-5346-4CFA-A617-FD1106C6B7A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "91265549-A16E-4A00-A031-4F1EB8D6881C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA3C316B-5485-4CDD-A1A1-6C0A9CB4719F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECE6D033-7B8B-4F61-B653-0C0EF13466EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "14441650-DAD5-4959-83DF-4D6F3D6A05FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B21ABC9-A64B-43E4-8951-1E6C0F427DBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "A48EC041-322F-422D-B95B-0FC07BDA2B6B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE0D50C0-DADB-4747-8649-8A5257111FE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEE2699F-353F-44CB-A778-981783DDC31F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D8E50BD-1FBD-483B-9C27-70E95C732E55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "F46E5E4F-787C-4C05-B1E7-C39BB9125D16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6A29312-38E7-456B-94DD-4D7329691114",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "27F7BB31-C733-4C32-BF0F-33B5AF020156",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC313568-33A6-435B-98FF-8A7091D9C451",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F85710A-28CE-4913-8523-356461908FBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6069950-016B-419A-B754-D58956CB6D14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A2F3FEC-624F-47C5-B056-836861BB038A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA0B9B73-A9E6-4924-9EAE-B57E534938FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "012812C4-EFF8-465F-A771-134BEB617CC9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "E06141A9-8C37-445A-B58A-45739AFE7D4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "7EDC09E5-51D3-4672-B910-B34A9CBD6128",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "71ED7A71-81CB-444C-A4ED-EA4A58D5E73C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "CAD13331-0EB8-4C8D-85CC-D96CA9F829AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "7137F22B-F993-4620-9378-9412DAEA9EF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "923A40E8-6456-4288-B9AB-DBF5F9C4246A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "13F57A86-6284-4269-823E-B30C57185D14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.1.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6560447-039C-40FA-A24D-C8994AC2743B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "378ED826-F5FE-40BA-9FC0-9C185A13518B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "130B6FD9-764D-4EF8-91AA-37E52AE9B3E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "225861CE-FFF8-4AFA-A07B-CB8D5BC9C361",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD08C4E8-3ADB-4048-9B3C-4F0385201523",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4875811-F209-49ED-B310-8377B2F87FF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "99C52C7B-B626-4A3C-A2EC-28A20E7FA95F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "08CCBF5E-257A-4A1F-8930-3643A9588838",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "782BC9ED-1395-472B-9F34-DED812AA5BFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "153449C0-B93F-49A2-8A6A-BE84305E8D2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "853A002C-839A-4372-8485-750A86E9F6E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "C62BB5D6-CE75-4C83-82DC-4148EF8CB1F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "D32F1365-EAF8-4570-B2FF-45E47E8586F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFD07F9B-6BB3-4423-8DBE-4E89A6478E65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "34FE4F28-B704-4325-AE8A-C790163FEE71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "E832BC0C-8439-4779-9064-C2D93F231031",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA99DF94-D031-4375-9A16-306606FE28F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC149D03-5609-46E6-A1B3-F4D91F282B49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.27:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5D7FC6F-1370-4272-97E5-226C2ED1D335",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.38:*:*:*:*:*:*:*",
              "matchCriteriaId": "164D5774-D51B-47C6-AD32-ED6B84E78BBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "24A810C8-1BB5-4589-84AB-C357C1937201",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.42:*:*:*:*:*:*:*",
              "matchCriteriaId": "F22D8D65-2E88-4557-BF85-1E3ABD4CCAE8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.48:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF62C9AF-70F5-4A12-9B0A-F32551FB2C40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.55:*:*:*:*:*:*:*",
              "matchCriteriaId": "A04EB4FB-0C9F-441E-B02A-6B22F195348F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "27ACBA2A-87A7-4836-A474-AFD7D22F820D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "C73E0B2E-BABF-4998-A1D7-4E803F9D78AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "59306ADF-FAA6-4970-ADFB-C5D9A5AEF1AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "959107AC-E9EC-467C-901B-A3164E3762E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F944F8F-0255-42BE-BD44-D21EC9F0FFC4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F39C535-5A41-47CE-A9CF-B360998D4BF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9CEAEFC-7B82-41F9-A09D-C86A3A60A4FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "40FAC31D-19C0-4BA0-A019-C7E7A0BA0B5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "6CAAFE0F-416F-4BCA-BA37-30EAEADA8AFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E1E8552-58F0-491E-B7D7-E89527872FC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BA16A6D-2747-4DAC-A30A-166F1FD906FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "289F9874-FC01-4809-9BDA-1AF583FB60B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "74EDFC67-E4EE-4D2C-BF9F-5881C987C662",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "826869BE-4874-4BBA-9392-14851560BA10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF52D477-3045-45D1-9FD3-12F396266463",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "88E310BF-F1F6-4124-A875-81967B9B531E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B330F8F-F0DA-472C-A932-AD1D232C7DB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BF59DAA-268C-4FCF-A0AA-7967128AEBC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.46:*:*:*:*:*:*:*",
              "matchCriteriaId": "140ED95D-173C-4ADB-A2E6-97F0D595D1AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.53:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC9B00E1-3E50-4356-B6D9-F84BCD552402",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.55:*:*:*:*:*:*:*",
              "matchCriteriaId": "552319A9-01F7-47BA-83B3-B2DD648AA07E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.56:*:*:*:*:*:*:*",
              "matchCriteriaId": "4914603C-4B1B-48F1-826C-DB803BD21F87",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AE21762-3085-4AFC-B1DE-A4562CDAC509",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "852C3478-7529-4002-8540-ABA4D556DEFC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "23B8A815-5D58-4952-936E-D47B83637BEB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEE52F59-AABA-4069-A909-64AD5DFD2B18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "20D7966E-B02B-48C8-BF96-723DD6C25314",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA618249-E76F-4104-9326-C9F2DC8DE3D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C925E1F-6BD9-4CD1-8AC4-4263A9094786",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5EE76D9-6D18-4823-B6B0-E1394A4D140C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F635946-586D-4DE2-927B-300CE569C596",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "459C11B9-ABA1-472A-8CDA-9C7B4E48E943",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.27:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA060112-E2D8-4EC5-8400-D8D189A119B5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B25468E3-03F9-4C2A-B82A-F87F4FCD57E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EC6F412-4A30-4E9A-B8DF-C4BF80E5C4B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA47E8EA-29F2-40F3-826E-E7295FFAD8C1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D726F07-06F1-4B0A-B010-E607E0C2A280",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FAD2427-82A3-4E64-ADB5-FA4F40B568F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "08D5A647-AC21-40AC-8B3C-EE5D3EDA038A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BAE999A-5244-46CF-8C12-D68E789BDEE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6468D3D-C5A7-4FAE-B4B9-AD862CD11055",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6E4808D-592E-46A6-A83A-A46227D817B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AB45136-ACCD-4230-8975-0EBB30D5B375",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2C39AC1-1B96-4253-9FC8-4CC26D6261F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE9102C8-F211-4E50-967F-FD51C7FC904F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4933642-89E5-4909-AD3C-862CD3B77790",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9A6C776-79B3-47ED-B013-100B8F08E1C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "E504F28A-44CE-4B3E-9330-6A98728E3AEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEA0DD43-D206-4C1C-8B17-DA47F96B3BAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "1983172D-4F52-479F-BF14-A84B92D36864",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "4122D982-A57A-4249-A8DC-CE9FC6C98803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "96464380-F665-4266-B0AD-693E078C9F82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C230B8A-570D-4F58-83E1-AFA50B813EA4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD3F39CB-C4C2-4B13-94F0-9E44322314BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "59A71873-0EB2-418F-AE33-8474A1010FA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2DF0B07-8C2A-4341-8AFF-DE7E5E5B3A43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E6BD0EE-649E-4ED6-A09C-8364335DEF52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AE11554-FE3C-4C8B-8986-5D88E4967342",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1C11983-22A8-4859-A240-571A7815FF54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "24CD0B0A-2B91-45DD-9522-8D1D3850CC9B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7026F0E-72A7-4CDF-BADC-E34FE6FADC51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "63B85369-FBAE-456C-BC99-5418B043688A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "86434346-D5F0-49BA-803E-244C3266E361",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2FA7B3C-002D-4755-B323-CA24B770A5B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1CB7EBC-F3D5-4855-A8D8-BA5AB21FD719",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2A5530C-DF29-421B-9712-3454C1769446",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "41170977-FEEA-4B51-BF98-8493096CD691",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "B05791F9-0B31-4C4C-A9BA-9268CAA45FB2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D975CBA-7F01-4A4C-991B-9571410C4F07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6D7AF29-4E08-4BFD-AFE0-994309E66F08",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2EFA476-5021-4A00-859E-1643009D6156",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6E3A5DC-A237-46E4-A4E5-F135482F984A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "B166867E-E51B-46E3-A6E2-B10E67364058",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCD69468-8067-4A5D-B2B0-EC510D889AA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "20AE4051-FA3B-4F0B-BD3D-083A14269FF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "46A42D07-FF3E-41B4-BA39-3A5BDA4E0E61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3985EA37-2B77-45F2-ABA5-5CCC7B35CA2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "67FB5ABE-3C40-4C58-B91F-0621C2180FAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "53909FD6-EC74-4D2F-99DA-26E70400B53F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "55FE024D-0D43-40AD-9645-8C54ECF17824",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC411A8D-CD39-46F5-B8FC-6753E618FAEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "D46E2E00-BA86-4002-B67B-2C1A6C1AAAE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "91AD8BA2-EB8D-4D8B-B707-AF5C2A831998",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "85F22403-B4EE-4303-9C94-915D3E0AC944",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "828E3DE1-B62E-4FEC-AAD3-EB0E452C9CBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "596EC5DD-D7F4-44C8-B4B5-E2DC142FC486",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C356E0E6-5B87-40CF-996E-6FFEDFD82A31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBCA75A6-0A3E-4393-8884-9F3CE190641E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F3C12D3-7662-46C5-9E88-D1BE6CF605E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "046B53A0-6BC1-461A-9C28-C534CE12C4BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA889E1-4E8F-4ECE-88AC-7A240D5CBF0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D1C767F-3E06-43B7-A0CC-D51D97A053EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "43A950B0-A7CA-4CE7-A393-A18C8C41B08E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7E221CB-BD0F-4AEE-8646-998B75647714",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "225382DE-2919-48F4-9CC0-DE685EAAFDF4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBA2DFE7-F478-46EC-9832-4B2C738FC879",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "39FE5927-2421-4CBE-97EA-6AED892DA1C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8BF2227-3C50-4FD1-98DB-21196E75D1DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D619BF54-1BA9-45D0-A876-92D7010088A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "469EA365-DED5-4436-AAC2-5553529DE700",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D94F400-5A35-41F5-B37F-E9DA6F87ED8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5364CB94-BEA3-4E9A-A2F9-EE96A2D7F8AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FD5D12-CF1A-4990-99B3-1840EFBA5611",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCD2D11D-FF08-44E4-BF67-D8DD1E701FCD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F788D156-1F1F-4A08-848B-257BC4CCE000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "795ED164-7800-4D50-8E37-665BE30190D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B0664B8-1670-4F47-A01E-089D05A9618A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6826018-5620-4924-BE92-6A245378F610",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A49A07CF-12BA-481C-B5FF-754520080A8A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "F203C7D1-AA92-4367-B7A5-EBAE6B76EE6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0064C97F-1140-43AC-8229-C8CCC367DC4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBC0C3DC-4761-488A-90A9-6EA45EE61526",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "62EE065B-F8B6-4125-8486-B2EE0566B27A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5245DEF8-64BE-47C9-AA3C-DF3F7F92A89F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3E08AAC-9C5E-4D18-817C-C466D1D6C4DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "724A3B6F-DDAB-4A2F-8430-9E1F352D755F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in a legacy capability that allowed for the preloading of VPN clients and plug-ins and that has been available in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary code with root-level privileges. Administrator-level privileges are required to exploit this vulnerability.\r\n\r This vulnerability is due to improper validation of a file when it is read from system flash memory. An attacker could exploit this vulnerability by copying a crafted file to the disk0: file system of an affected device. A successful exploit could allow the attacker to execute arbitrary code on the affected device after the next reload of the device, which could alter system behavior. Because the injected code could persist across device reboots, Cisco has raised the Security Impact Rating (SIR) of this advisory from Medium to High."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en una capacidad heredada que permit\u00eda la precarga de clientes VPN y complementos y que ha estado disponible en el software Cisco Adaptive Security Appliance (ASA) y el software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir que un atacante local autenticado ejecute c\u00f3digo arbitrario con privilegios de nivel ra\u00edz. Se requieren privilegios de nivel de administrador para aprovechar esta vulnerabilidad. Esta vulnerabilidad se debe a una validaci\u00f3n incorrecta de un archivo cuando se lee desde la memoria flash del sistema. Un atacante podr\u00eda aprovechar esta vulnerabilidad copiando un archivo manipulado en el sistema de archivos disk0: de un dispositivo afectado. Un exploit exitoso podr\u00eda permitir al atacante ejecutar c\u00f3digo arbitrario en el dispositivo afectado despu\u00e9s de la siguiente recarga del dispositivo, lo que podr\u00eda alterar el comportamiento del sistema. Debido a que el c\u00f3digo inyectado podr\u00eda persistir durante los reinicios del dispositivo, Cisco ha elevado la Clasificaci\u00f3n de Impacto de Seguridad (SIR) de este aviso de Medio a Alto."
    }
  ],
  "id": "CVE-2024-20359",
  "lastModified": "2025-07-30T19:25:34.327",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "NONE",
          "baseScore": 6.0,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.2,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "NONE",
          "baseScore": 6.0,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.2,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-04-24T19:15:46.943",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-persist-rce-FLsNXF4h"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-persist-rce-FLsNXF4h"
    },
    {
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://blog.talosintelligence.com/arcanedoor-new-espionage-focused-campaign-found-targeting-perimeter-network-devices/"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-94"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-94"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2024-10-23 18:15

Modified

2025-08-15 16:40

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Summary

A vulnerability in the Remote Access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition on an affected device. This vulnerability is due to improper validation of client key data after the TLS session is established. An attacker could exploit this vulnerability by sending a crafted key value to an affected system over the secure TLS session. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

References

▼	URL	Tags
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-vpn-cZf8gT	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance_software	9.8.4.12
cisco	adaptive_security_appliance_software	9.8.4.15
cisco	adaptive_security_appliance_software	9.8.4.17
cisco	adaptive_security_appliance_software	9.8.4.20
cisco	adaptive_security_appliance_software	9.8.4.22
cisco	adaptive_security_appliance_software	9.8.4.25
cisco	adaptive_security_appliance_software	9.8.4.26
cisco	adaptive_security_appliance_software	9.8.4.29
cisco	adaptive_security_appliance_software	9.8.4.32
cisco	adaptive_security_appliance_software	9.8.4.33
cisco	adaptive_security_appliance_software	9.8.4.34
cisco	adaptive_security_appliance_software	9.8.4.35
cisco	adaptive_security_appliance_software	9.8.4.39
cisco	adaptive_security_appliance_software	9.8.4.40
cisco	adaptive_security_appliance_software	9.8.4.41
cisco	adaptive_security_appliance_software	9.8.4.43
cisco	adaptive_security_appliance_software	9.8.4.44
cisco	adaptive_security_appliance_software	9.8.4.45
cisco	adaptive_security_appliance_software	9.8.4.46
cisco	adaptive_security_appliance_software	9.8.4.48
cisco	adaptive_security_appliance_software	9.12.3
cisco	adaptive_security_appliance_software	9.12.3.2
cisco	adaptive_security_appliance_software	9.12.3.7
cisco	adaptive_security_appliance_software	9.12.3.9
cisco	adaptive_security_appliance_software	9.12.3.12
cisco	adaptive_security_appliance_software	9.12.4
cisco	adaptive_security_appliance_software	9.12.4.2
cisco	adaptive_security_appliance_software	9.12.4.4
cisco	adaptive_security_appliance_software	9.12.4.7
cisco	adaptive_security_appliance_software	9.12.4.8
cisco	adaptive_security_appliance_software	9.12.4.10
cisco	adaptive_security_appliance_software	9.12.4.13
cisco	adaptive_security_appliance_software	9.12.4.18
cisco	adaptive_security_appliance_software	9.12.4.24
cisco	adaptive_security_appliance_software	9.12.4.26
cisco	adaptive_security_appliance_software	9.12.4.29
cisco	adaptive_security_appliance_software	9.12.4.30
cisco	adaptive_security_appliance_software	9.12.4.35
cisco	adaptive_security_appliance_software	9.12.4.37
cisco	adaptive_security_appliance_software	9.12.4.38
cisco	adaptive_security_appliance_software	9.12.4.39
cisco	adaptive_security_appliance_software	9.12.4.40
cisco	adaptive_security_appliance_software	9.12.4.41
cisco	adaptive_security_appliance_software	9.12.4.47
cisco	adaptive_security_appliance_software	9.12.4.48
cisco	adaptive_security_appliance_software	9.12.4.50
cisco	adaptive_security_appliance_software	9.12.4.52
cisco	adaptive_security_appliance_software	9.12.4.54
cisco	adaptive_security_appliance_software	9.12.4.55
cisco	adaptive_security_appliance_software	9.12.4.56
cisco	adaptive_security_appliance_software	9.12.4.58
cisco	adaptive_security_appliance_software	9.12.4.62
cisco	adaptive_security_appliance_software	9.12.4.65
cisco	adaptive_security_appliance_software	9.12.4.67
cisco	adaptive_security_appliance_software	9.14.1
cisco	adaptive_security_appliance_software	9.14.1.6
cisco	adaptive_security_appliance_software	9.14.1.10
cisco	adaptive_security_appliance_software	9.14.1.15
cisco	adaptive_security_appliance_software	9.14.1.19
cisco	adaptive_security_appliance_software	9.14.1.30
cisco	adaptive_security_appliance_software	9.14.2
cisco	adaptive_security_appliance_software	9.14.2.4
cisco	adaptive_security_appliance_software	9.14.2.8
cisco	adaptive_security_appliance_software	9.14.2.13
cisco	adaptive_security_appliance_software	9.14.2.15
cisco	adaptive_security_appliance_software	9.14.3
cisco	adaptive_security_appliance_software	9.14.3.1
cisco	adaptive_security_appliance_software	9.14.3.9
cisco	adaptive_security_appliance_software	9.14.3.11
cisco	adaptive_security_appliance_software	9.14.3.13
cisco	adaptive_security_appliance_software	9.14.3.15
cisco	adaptive_security_appliance_software	9.14.3.18
cisco	adaptive_security_appliance_software	9.14.4
cisco	adaptive_security_appliance_software	9.14.4.6
cisco	adaptive_security_appliance_software	9.14.4.7
cisco	adaptive_security_appliance_software	9.14.4.12
cisco	adaptive_security_appliance_software	9.14.4.13
cisco	adaptive_security_appliance_software	9.14.4.14
cisco	adaptive_security_appliance_software	9.14.4.15
cisco	adaptive_security_appliance_software	9.14.4.17
cisco	adaptive_security_appliance_software	9.14.4.22
cisco	adaptive_security_appliance_software	9.14.4.23
cisco	adaptive_security_appliance_software	9.14.4.24
cisco	adaptive_security_appliance_software	9.15.1
cisco	adaptive_security_appliance_software	9.15.1.1
cisco	adaptive_security_appliance_software	9.15.1.7
cisco	adaptive_security_appliance_software	9.15.1.10
cisco	adaptive_security_appliance_software	9.15.1.15
cisco	adaptive_security_appliance_software	9.15.1.16
cisco	adaptive_security_appliance_software	9.15.1.17
cisco	adaptive_security_appliance_software	9.15.1.21
cisco	adaptive_security_appliance_software	9.16.1
cisco	adaptive_security_appliance_software	9.16.1.28
cisco	adaptive_security_appliance_software	9.16.2
cisco	adaptive_security_appliance_software	9.16.2.3
cisco	adaptive_security_appliance_software	9.16.2.7
cisco	adaptive_security_appliance_software	9.16.2.11
cisco	adaptive_security_appliance_software	9.16.2.13
cisco	adaptive_security_appliance_software	9.16.2.14
cisco	adaptive_security_appliance_software	9.16.3
cisco	adaptive_security_appliance_software	9.16.3.3
cisco	adaptive_security_appliance_software	9.16.3.14
cisco	adaptive_security_appliance_software	9.16.3.15
cisco	adaptive_security_appliance_software	9.16.3.19
cisco	adaptive_security_appliance_software	9.16.3.23
cisco	adaptive_security_appliance_software	9.16.4
cisco	adaptive_security_appliance_software	9.16.4.9
cisco	adaptive_security_appliance_software	9.16.4.14
cisco	adaptive_security_appliance_software	9.16.4.18
cisco	adaptive_security_appliance_software	9.16.4.19
cisco	adaptive_security_appliance_software	9.16.4.27
cisco	adaptive_security_appliance_software	9.16.4.38
cisco	adaptive_security_appliance_software	9.16.4.39
cisco	adaptive_security_appliance_software	9.16.4.42
cisco	adaptive_security_appliance_software	9.16.4.48
cisco	adaptive_security_appliance_software	9.16.4.55
cisco	adaptive_security_appliance_software	9.16.4.57
cisco	adaptive_security_appliance_software	9.16.4.61
cisco	adaptive_security_appliance_software	9.16.4.62
cisco	adaptive_security_appliance_software	9.17.1
cisco	adaptive_security_appliance_software	9.17.1.7
cisco	adaptive_security_appliance_software	9.17.1.9
cisco	adaptive_security_appliance_software	9.17.1.10
cisco	adaptive_security_appliance_software	9.17.1.11
cisco	adaptive_security_appliance_software	9.17.1.13
cisco	adaptive_security_appliance_software	9.17.1.15
cisco	adaptive_security_appliance_software	9.17.1.20
cisco	adaptive_security_appliance_software	9.17.1.30
cisco	adaptive_security_appliance_software	9.17.1.33
cisco	adaptive_security_appliance_software	9.17.1.39
cisco	firepower_threat_defense	6.2.3.16
cisco	firepower_threat_defense	6.2.3.17
cisco	firepower_threat_defense	6.2.3.18
cisco	firepower_threat_defense	6.4.0.8
cisco	firepower_threat_defense	6.4.0.9
cisco	firepower_threat_defense	6.4.0.10
cisco	firepower_threat_defense	6.4.0.11
cisco	firepower_threat_defense	6.4.0.12
cisco	firepower_threat_defense	6.4.0.13
cisco	firepower_threat_defense	6.4.0.14
cisco	firepower_threat_defense	6.4.0.15
cisco	firepower_threat_defense	6.4.0.16
cisco	firepower_threat_defense	6.4.0.17
cisco	firepower_threat_defense	6.4.0.18
cisco	firepower_threat_defense	6.6.0
cisco	firepower_threat_defense	6.6.0.1
cisco	firepower_threat_defense	6.6.1
cisco	firepower_threat_defense	6.6.3
cisco	firepower_threat_defense	6.6.4
cisco	firepower_threat_defense	6.6.5
cisco	firepower_threat_defense	6.6.5.1
cisco	firepower_threat_defense	6.6.5.2
cisco	firepower_threat_defense	6.6.7
cisco	firepower_threat_defense	6.6.7.1
cisco	firepower_threat_defense	6.6.7.2
cisco	firepower_threat_defense	6.7.0
cisco	firepower_threat_defense	6.7.0.1
cisco	firepower_threat_defense	6.7.0.2
cisco	firepower_threat_defense	6.7.0.3
cisco	firepower_threat_defense	7.0.0
cisco	firepower_threat_defense	7.0.0.1
cisco	firepower_threat_defense	7.0.1
cisco	firepower_threat_defense	7.0.1.1
cisco	firepower_threat_defense	7.0.2
cisco	firepower_threat_defense	7.0.2.1
cisco	firepower_threat_defense	7.0.3
cisco	firepower_threat_defense	7.0.4
cisco	firepower_threat_defense	7.0.5
cisco	firepower_threat_defense	7.0.6
cisco	firepower_threat_defense	7.0.6.1
cisco	firepower_threat_defense	7.0.6.2
cisco	firepower_threat_defense	7.1.0
cisco	firepower_threat_defense	7.1.0.1
cisco	firepower_threat_defense	7.1.0.2
cisco	firepower_threat_defense	7.1.0.3

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "E540771E-BA0B-42D1-8251-B576B0F142C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEC2A833-BECF-4000-A592-6113A84C2D20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "077F1416-924A-4D25-9CEE-3BD66A96A019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BDC8D92-D6E0-40EE-B190-D2B32C7DEB75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "23CD5619-E534-4F40-998D-39DC19FA0451",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5D0EB11-14B1-44B3-8D46-B9DD872F772C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FA399CF-12DB-42E0-A66F-14508B52A453",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B5A7608-E737-420E-9B5E-836600DAC701",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.32:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7EB6801-336D-4F41-ADE7-1C58C63C3F6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "8413DA41-02A5-4269-8C88-9DD5076AF91B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.34:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA00285F-6914-4749-8A47-FC4EDAFFF3C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "4AA4D367-32B9-4F54-8352-A959F61A1FDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "2259FF9E-0C8B-440F-B1AC-51BDE3F60E68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C522B55-904D-4C08-B73E-1457D877C0AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "4483056A-FBF3-4E00-81EB-1E97334EF240",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.43:*:*:*:*:*:*:*",
              "matchCriteriaId": "48677330-06AB-4C7F-B2AD-F7E465A9632A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.44:*:*:*:*:*:*:*",
              "matchCriteriaId": "7AEA80D2-5DB8-4334-9A88-7DDE395832C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.45:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB1C38A5-1028-4AD3-8CC7-A00091091E76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.46:*:*:*:*:*:*:*",
              "matchCriteriaId": "848147B2-C49A-43F6-9069-FC8885BDFDA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.48:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6FEF0DA-741E-4361-8143-068EB47D6520",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "882394EA-70C8-4D86-9AEF-5D273D8E518C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "855AD3CC-F404-48C5-80D2-7F2765D16D72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "26B6BF72-9124-4213-B3C0-BD31B46E8C91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE8FBE89-8FDA-4B9B-BA1A-90FFD482A585",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "149C3872-8DA9-48DD-ADD0-2E84C1A76A40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2D33E8C-294A-4C43-8DB6-9DA9F61F0B3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E23ACB0-DF8B-4672-A819-4DCD3104CE4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4723B88-62BA-40E6-AA89-BAC02D6A036F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C698819-3C8E-4A16-8F52-42FF1E54C076",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D3CE74E-59E7-448A-8417-18F97C05C798",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "0986C171-0E75-4F6F-A9BD-276830104E5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "66A2777A-7831-4324-AEB2-5D93B5F6C04B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "37045680-9189-4B7F-A4F7-4E682FE20A09",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6C9F37B-CF3C-4861-A969-C7CF4946274A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A1DAF21-3FED-4691-9D4C-8FD8CEA7FB3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB938E58-4963-4A31-8836-88E958592B30",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E317897-EE97-44F3-96BB-E54228D72A7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EF7FAB2-158D-4C48-9246-E7AD3BF1D801",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.37:*:*:*:*:*:*:*",
              "matchCriteriaId": "056D43AE-ECDB-40D2-A196-18DDCD02629E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.38:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3E555F3-3580-4D71-8D8D-92FE72763D62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "93013503-8B9A-4160-AF7E-277958FA6E9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3B009FD-0F2B-4511-8EDF-C3E670623F89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "52579D8D-E855-42B3-B406-32DD1C39F721",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.47:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7E44FC6-12A2-4F76-A095-28F3804B619F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.48:*:*:*:*:*:*:*",
              "matchCriteriaId": "42917E5E-E362-4B40-B2B2-3C77BA35641C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.50:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF317FA3-EBF3-49BB-A9E6-0D4295FA3F60",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.52:*:*:*:*:*:*:*",
              "matchCriteriaId": "F98B1683-914F-43D3-AE1C-311D3A90BE8C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.54:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8D24656-CAB1-4A98-A440-482927FEDD16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.55:*:*:*:*:*:*:*",
              "matchCriteriaId": "E504557C-DA5D-4D0F-A813-4CE7D5109F15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.56:*:*:*:*:*:*:*",
              "matchCriteriaId": "04D2A067-C717-4921-BBF5-3EFBE02736EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.58:*:*:*:*:*:*:*",
              "matchCriteriaId": "36DDEC5B-4BEA-499C-9F34-BB3D39B7A963",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.62:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4E44C37-0F6F-440B-BA26-FB6D0B179E44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.65:*:*:*:*:*:*:*",
              "matchCriteriaId": "6AEE0050-34DC-49CB-B859-8ED500FD79A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.67:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A47E5C5-E058-4B4C-A258-6DF7CE0EA92B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "52D83C3A-ED0B-42D5-A08A-97D27E189875",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "A649E319-D408-4AA2-8293-C9E37AF14BA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4187EFE-4D7E-4493-A6E0-24C98256CF79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "6730194F-5069-40AB-AE66-871D3992560C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E257F98-D1A0-4D28-9504-1749CC090D49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FF1A5FC-73BE-4218-86D9-2E81FA64EABD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E492943-6EC0-4E34-9DBC-DD1C2CF1CDCC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "589E46F3-8038-4B87-8C40-55C6268B82F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F3B73F6-139E-42DC-B895-DDD17B5A1138",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A2590E7-FE04-4B29-B36B-AABAA5F3B9AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E4FD5E3-7E82-4294-8B05-D2045D857029",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E998A4A-5346-4CFA-A617-FD1106C6B7A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "91265549-A16E-4A00-A031-4F1EB8D6881C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA3C316B-5485-4CDD-A1A1-6C0A9CB4719F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECE6D033-7B8B-4F61-B653-0C0EF13466EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "14441650-DAD5-4959-83DF-4D6F3D6A05FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B21ABC9-A64B-43E4-8951-1E6C0F427DBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "A48EC041-322F-422D-B95B-0FC07BDA2B6B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE0D50C0-DADB-4747-8649-8A5257111FE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEE2699F-353F-44CB-A778-981783DDC31F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D8E50BD-1FBD-483B-9C27-70E95C732E55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "F46E5E4F-787C-4C05-B1E7-C39BB9125D16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6A29312-38E7-456B-94DD-4D7329691114",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "27F7BB31-C733-4C32-BF0F-33B5AF020156",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC313568-33A6-435B-98FF-8A7091D9C451",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F85710A-28CE-4913-8523-356461908FBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6069950-016B-419A-B754-D58956CB6D14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A2F3FEC-624F-47C5-B056-836861BB038A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C4B1136-66B6-42BA-BC17-86E7DCE1CF29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA0B9B73-A9E6-4924-9EAE-B57E534938FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "012812C4-EFF8-465F-A771-134BEB617CC9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "E06141A9-8C37-445A-B58A-45739AFE7D4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "7EDC09E5-51D3-4672-B910-B34A9CBD6128",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "71ED7A71-81CB-444C-A4ED-EA4A58D5E73C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "CAD13331-0EB8-4C8D-85CC-D96CA9F829AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "7137F22B-F993-4620-9378-9412DAEA9EF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "923A40E8-6456-4288-B9AB-DBF5F9C4246A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "13F57A86-6284-4269-823E-B30C57185D14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.1.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6560447-039C-40FA-A24D-C8994AC2743B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "378ED826-F5FE-40BA-9FC0-9C185A13518B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "130B6FD9-764D-4EF8-91AA-37E52AE9B3E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "225861CE-FFF8-4AFA-A07B-CB8D5BC9C361",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD08C4E8-3ADB-4048-9B3C-4F0385201523",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4875811-F209-49ED-B310-8377B2F87FF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "99C52C7B-B626-4A3C-A2EC-28A20E7FA95F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "08CCBF5E-257A-4A1F-8930-3643A9588838",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "782BC9ED-1395-472B-9F34-DED812AA5BFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "153449C0-B93F-49A2-8A6A-BE84305E8D2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "853A002C-839A-4372-8485-750A86E9F6E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "C62BB5D6-CE75-4C83-82DC-4148EF8CB1F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "D32F1365-EAF8-4570-B2FF-45E47E8586F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFD07F9B-6BB3-4423-8DBE-4E89A6478E65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "34FE4F28-B704-4325-AE8A-C790163FEE71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "E832BC0C-8439-4779-9064-C2D93F231031",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA99DF94-D031-4375-9A16-306606FE28F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC149D03-5609-46E6-A1B3-F4D91F282B49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.27:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5D7FC6F-1370-4272-97E5-226C2ED1D335",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.38:*:*:*:*:*:*:*",
              "matchCriteriaId": "164D5774-D51B-47C6-AD32-ED6B84E78BBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "24A810C8-1BB5-4589-84AB-C357C1937201",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.42:*:*:*:*:*:*:*",
              "matchCriteriaId": "F22D8D65-2E88-4557-BF85-1E3ABD4CCAE8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.48:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF62C9AF-70F5-4A12-9B0A-F32551FB2C40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.55:*:*:*:*:*:*:*",
              "matchCriteriaId": "A04EB4FB-0C9F-441E-B02A-6B22F195348F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.57:*:*:*:*:*:*:*",
              "matchCriteriaId": "ACDD7BD6-1C1D-49FE-8478-D0F37EB59BC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.61:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB7D8466-0050-495A-9442-8C5FF3912F5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.62:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FB96258-8343-4E98-B3DD-C92E94A9F9F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "27ACBA2A-87A7-4836-A474-AFD7D22F820D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "C73E0B2E-BABF-4998-A1D7-4E803F9D78AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "59306ADF-FAA6-4970-ADFB-C5D9A5AEF1AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "959107AC-E9EC-467C-901B-A3164E3762E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F944F8F-0255-42BE-BD44-D21EC9F0FFC4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F39C535-5A41-47CE-A9CF-B360998D4BF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9CEAEFC-7B82-41F9-A09D-C86A3A60A4FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "40FAC31D-19C0-4BA0-A019-C7E7A0BA0B5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "6CAAFE0F-416F-4BCA-BA37-30EAEADA8AFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E1E8552-58F0-491E-B7D7-E89527872FC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "9347D71D-1F50-4F85-9F6D-E11D79BD26E3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C230B8A-570D-4F58-83E1-AFA50B813EA4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD3F39CB-C4C2-4B13-94F0-9E44322314BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "59A71873-0EB2-418F-AE33-8474A1010FA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2FA7B3C-002D-4755-B323-CA24B770A5B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1CB7EBC-F3D5-4855-A8D8-BA5AB21FD719",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2A5530C-DF29-421B-9712-3454C1769446",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "41170977-FEEA-4B51-BF98-8493096CD691",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "B05791F9-0B31-4C4C-A9BA-9268CAA45FB2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D975CBA-7F01-4A4C-991B-9571410C4F07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6D7AF29-4E08-4BFD-AFE0-994309E66F08",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2EFA476-5021-4A00-859E-1643009D6156",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6E3A5DC-A237-46E4-A4E5-F135482F984A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "B166867E-E51B-46E3-A6E2-B10E67364058",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "1CE51492-8C9B-459E-9F80-64F426009905",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCD69468-8067-4A5D-B2B0-EC510D889AA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "20AE4051-FA3B-4F0B-BD3D-083A14269FF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "46A42D07-FF3E-41B4-BA39-3A5BDA4E0E61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3985EA37-2B77-45F2-ABA5-5CCC7B35CA2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "67FB5ABE-3C40-4C58-B91F-0621C2180FAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "53909FD6-EC74-4D2F-99DA-26E70400B53F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "55FE024D-0D43-40AD-9645-8C54ECF17824",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC411A8D-CD39-46F5-B8FC-6753E618FAEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "D46E2E00-BA86-4002-B67B-2C1A6C1AAAE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "91AD8BA2-EB8D-4D8B-B707-AF5C2A831998",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FA95508-0A28-4D4A-81A7-5CDD1F5DA46C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "85F22403-B4EE-4303-9C94-915D3E0AC944",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "828E3DE1-B62E-4FEC-AAD3-EB0E452C9CBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "596EC5DD-D7F4-44C8-B4B5-E2DC142FC486",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C356E0E6-5B87-40CF-996E-6FFEDFD82A31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBCA75A6-0A3E-4393-8884-9F3CE190641E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F3C12D3-7662-46C5-9E88-D1BE6CF605E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "046B53A0-6BC1-461A-9C28-C534CE12C4BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA889E1-4E8F-4ECE-88AC-7A240D5CBF0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D1C767F-3E06-43B7-A0CC-D51D97A053EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "43A950B0-A7CA-4CE7-A393-A18C8C41B08E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7E221CB-BD0F-4AEE-8646-998B75647714",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "225382DE-2919-48F4-9CC0-DE685EAAFDF4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBA2DFE7-F478-46EC-9832-4B2C738FC879",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "39FE5927-2421-4CBE-97EA-6AED892DA1C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8BF2227-3C50-4FD1-98DB-21196E75D1DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5460064F-FF50-4F54-A8DF-180C76AF9B8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D619BF54-1BA9-45D0-A876-92D7010088A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "469EA365-DED5-4436-AAC2-5553529DE700",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D94F400-5A35-41F5-B37F-E9DA6F87ED8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5364CB94-BEA3-4E9A-A2F9-EE96A2D7F8AB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the Remote Access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition on an affected device.\r\n\r This vulnerability is due to improper validation of client key data after the TLS session is established. An attacker could exploit this vulnerability by sending a crafted key value to an affected system over the secure TLS session. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la funci\u00f3n de VPN de acceso remoto del software Cisco Adaptive Security Appliance (ASA) y del software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir que un atacante remoto no autenticado haga que el dispositivo se recargue inesperadamente, lo que da como resultado una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n incorrecta de los datos de la clave del cliente despu\u00e9s de que se establece la sesi\u00f3n TLS. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando un valor de clave creado a un sistema afectado a trav\u00e9s de la sesi\u00f3n TLS segura. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante haga que el dispositivo se recargue, lo que da como resultado una condici\u00f3n de denegaci\u00f3n de servicio."
    }
  ],
  "id": "CVE-2024-20495",
  "lastModified": "2025-08-15T16:40:50.227",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-10-23T18:15:13.007",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-vpn-cZf8gT"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-10-21 19:15

Modified

2024-11-21 05:31

Severity ?

6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Summary

Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the web services interface of an affected device. The vulnerabilities are due to insufficient validation of user-supplied input by the web services interface of an affected device. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive, browser-based information. Note: These vulnerabilities affect only specific AnyConnect and WebVPN configurations. For more information, see the Vulnerable Products section.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-xss-multiple-FCB3vPZe	Patch, Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-xss-multiple-FCB3vPZe	Patch, Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9F6C9AD-0838-4CE7-BF34-3BDAA4909704",
              "versionEndExcluding": "6.3.0.6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "739E387B-4E43-4BD7-8799-F62791963508",
              "versionEndExcluding": "6.4.0.10",
              "versionStartIncluding": "6.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "38DCBF6C-AA34-4A5B-B2B1-57684DD5BB42",
              "versionEndExcluding": "6.5.0.5",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F0C6D76-9652-4EE6-9CA2-96BFBB469539",
              "versionEndExcluding": "6.6.1",
              "versionStartIncluding": "6.6.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0C941D8-9723-4DC9-96BE-FED50E2275EB",
              "versionEndExcluding": "9.8.4.29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "86B181C5-34C2-4BD5-B012-841B978A26C4",
              "versionEndExcluding": "9.9.2.80",
              "versionStartIncluding": "9.9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0854546-E8AC-41FC-9419-E3E31534D4FE",
              "versionEndExcluding": "9.10.1.44",
              "versionStartIncluding": "9.10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9B6C101-3EEF-430F-9191-7DDB3DDF40E8",
              "versionEndExcluding": "9.12.4.4",
              "versionStartIncluding": "9.12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F21E8FD7-6BBB-4D7B-B21A-D5D57630800A",
              "versionEndExcluding": "9.13.1.13",
              "versionStartIncluding": "9.13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5E49F5A-F8E9-4D0D-A58F-9F5BB5F0C9EE",
              "versionEndExcluding": "9.14.1.30",
              "versionStartIncluding": "9.14",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the web services interface of an affected device. The vulnerabilities are due to insufficient validation of user-supplied input by the web services interface of an affected device. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive, browser-based information. Note: These vulnerabilities affect only specific AnyConnect and WebVPN configurations. For more information, see the Vulnerable Products section."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades en la interfaz de servicios web de Cisco Adaptive Security Appliance (ASA) Software y Cisco Firepower Threat Defense (FTD) Software, podr\u00edan permitir a un atacante remoto no autenticado conducir ataques de tipo cross-site scripting (XSS) contra un usuario de la interfaz de servicios web de un dispositivo afectado.\u0026#xa0;Las vulnerabilidades son debido a una comprobaci\u00f3n insuficiente de la entrada suministrada por el usuario mediante la interfaz de servicios web de un dispositivo afectado.\u0026#xa0;Un atacante podr\u00eda explotar estas vulnerabilidades al persuadir a un usuario de la interfaz para que haga clic en un enlace dise\u00f1ado.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir a un atacante ejecutar un c\u00f3digo script arbitrario en el contexto de la interfaz o permitir a un atacante acceder a informaci\u00f3n confidencial basada en el navegador.\u0026#xa0;Nota: Estas vulnerabilidades afectan solo a configuraciones espec\u00edficas de AnyConnect y WebVPN.\u0026#xa0;Para m\u00e1s informaci\u00f3n, consulte la secci\u00f3n Vulnerable Products"
    }
  ],
  "id": "CVE-2020-3581",
  "lastModified": "2024-11-21T05:31:21.237",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 2.6,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 4.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.1,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 2.7,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.1,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 2.7,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-10-21T19:15:18.700",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-xss-multiple-FCB3vPZe"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-xss-multiple-FCB3vPZe"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2023-11-01 18:15

Modified

2024-11-21 07:40

Severity ?

5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Summary

Multiple Cisco products are affected by a vulnerability in Snort access control policies that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. This vulnerability is due to a logic error that occurs when the access control policies are being populated. An attacker could exploit this vulnerability by establishing a connection to an affected device. A successful exploit could allow the attacker to bypass configured access control rules on the affected system.

References

▼	URL	Tags
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort3acp-bypass-3bdR2BEh	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort3acp-bypass-3bdR2BEh	Vendor Advisory

Impacted products

Vendor	Product	Version
snort	snort	*
cisco	firepower_threat_defense	*
cisco	ios_xe	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:snort:snort:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F696F350-A488-452D-8644-89A10F66B118",
              "versionEndExcluding": "3.1.57.0",
              "versionStartIncluding": "3.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9BB9DB5-5C7E-4546-9C2C-FD292EC18407",
              "versionEndIncluding": "7.3.1.1",
              "versionStartIncluding": "7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9CB7906F-3AF4-4A2A-B614-92DD4B236335",
              "versionEndExcluding": "17.12.2",
              "versionStartIncluding": "17.12",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple Cisco products are affected by a vulnerability in Snort access control policies that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. \r\n\r This vulnerability is due to a logic error that occurs when the access control policies are being populated. An attacker could exploit this vulnerability by establishing a connection to an affected device. A successful exploit could allow the attacker to bypass configured access control rules on the affected system."
    },
    {
      "lang": "es",
      "value": "Varios productos de Cisco se ven afectados por una vulnerabilidad en las pol\u00edticas de control de acceso de Snort que podr\u00eda permitir que un atacante remoto no autenticado eluda las pol\u00edticas configuradas en un sistema afectado. Esta vulnerabilidad se debe a un error l\u00f3gico que ocurre cuando se completan las pol\u00edticas de control de acceso. Un atacante podr\u00eda aprovechar esta vulnerabilidad estableciendo una conexi\u00f3n con un dispositivo afectado. Un exploit exitoso podr\u00eda permitir al atacante omitir las reglas de control de acceso configuradas en el sistema afectado."
    }
  ],
  "id": "CVE-2023-20246",
  "lastModified": "2024-11-21T07:40:59.063",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-11-01T18:15:09.583",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort3acp-bypass-3bdR2BEh"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort3acp-bypass-3bdR2BEh"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-290"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2018-10-05 14:29

Modified

2024-11-21 03:38

Severity ?

8.2 (High) - CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Summary

A vulnerability in the Sourcefire tunnel control channel protocol in Cisco Firepower System Software running on Cisco Firepower Threat Defense (FTD) sensors could allow an authenticated, local attacker to execute specific CLI commands with root privileges on the Cisco Firepower Management Center (FMC), or through Cisco FMC on other Firepower sensors and devices that are controlled by the same Cisco FMC. To send the commands, the attacker must have root privileges for at least one affected sensor or the Cisco FMC. The vulnerability exists because the affected software performs insufficient checks for certain CLI commands, if the commands are executed via a Sourcefire tunnel connection. An attacker could exploit this vulnerability by authenticating with root privileges to a Firepower sensor or Cisco FMC, and then sending specific CLI commands to the Cisco FMC or through the Cisco FMC to another Firepower sensor via the Sourcefire tunnel connection. A successful exploit could allow the attacker to modify device configurations or delete files on the device that is running Cisco FMC Software or on any Firepower device that is managed by Cisco FMC.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-fp-cmd-injection	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-fp-cmd-injection	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	5.4.0
cisco	firepower_threat_defense	6.0.0
cisco	firepower_threat_defense	6.0.1
cisco	firepower_threat_defense	6.1.0
cisco	firepower_threat_defense	6.2.0
cisco	firepower_threat_defense	6.2.1
cisco	firepower_threat_defense	6.2.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:5.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D850EEF9-1967-4CE5-A30C-50180849BCAD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1AC6A67-82EF-4D31-AFCB-499A0C6EC0F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "995667FD-35F1-49E5-96DB-2FDFF5E0B523",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "61FB47CF-2A6A-4121-BFF7-5862E163B8E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1DC52A8B-7DF4-47B2-9F49-627F59656E5E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD48BE40-C647-429A-81B6-59E125BBE415",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "42496A5B-1644-4088-BBCF-2ED810A5694B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the Sourcefire tunnel control channel protocol in Cisco Firepower System Software running on Cisco Firepower Threat Defense (FTD) sensors could allow an authenticated, local attacker to execute specific CLI commands with root privileges on the Cisco Firepower Management Center (FMC), or through Cisco FMC on other Firepower sensors and devices that are controlled by the same Cisco FMC. To send the commands, the attacker must have root privileges for at least one affected sensor or the Cisco FMC. The vulnerability exists because the affected software performs insufficient checks for certain CLI commands, if the commands are executed via a Sourcefire tunnel connection. An attacker could exploit this vulnerability by authenticating with root privileges to a Firepower sensor or Cisco FMC, and then sending specific CLI commands to the Cisco FMC or through the Cisco FMC to another Firepower sensor via the Sourcefire tunnel connection. A successful exploit could allow the attacker to modify device configurations or delete files on the device that is running Cisco FMC Software or on any Firepower device that is managed by Cisco FMC."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el protocolo de canal de control de t\u00fanel de Sourcefire en Cisco Firepower System Software que se ejecuta en los sensores Firepower Threat Defense (FTD) de Cisco podr\u00eda permitir que un atacante local autenticado ejecute comandos CLI espec\u00edficos con privilegios root en Cisco Firepower Management Center (FMC), o a trav\u00e9s de Cisco FMC en otros sensores y dispositivos Firepower que est\u00e9n controlados por el mismo FMC. Para enviar los comandos, el atacante debe tener privilegios root para al menos un sensor afectado o el FMC de Cisco. La vulnerabilidad existe porque el software afectado realiza comprobaciones insuficientes para determinados comandos CLI, si los comandos se ejecutan a trav\u00e9s de una conexi\u00f3n de t\u00fanel de Sourcefire. Un atacante podr\u00eda explotar esta vulnerabilidad autentic\u00e1ndose con privilegios root en un sensor Firepower o en un FMC de Cisco y, a continuaci\u00f3n, enviando comandos CLI espec\u00edficos al FMC de Cisco o, a trav\u00e9s del FMC de Cisco, a otro sensor Firepower a trav\u00e9s de la conexi\u00f3n del t\u00fanel Sourcefire. Su explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante modificar las configuraciones del dispositivo o eliminar archivos en el dispositivo que est\u00e1 ejecutando Cisco FMC Software o en cualquier dispositivo Firepower que est\u00e9 gestionado por Cisco FMC."
    }
  ],
  "id": "CVE-2018-0453",
  "lastModified": "2024-11-21T03:38:15.773",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 8.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 1.5,
        "impactScore": 6.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-10-05T14:29:03.340",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-fp-cmd-injection"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-fp-cmd-injection"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2021-10-27 19:15

Modified

2024-11-21 06:11

Severity ?

4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Summary

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an attacker to execute a cross-site scripting (XSS) attack or an open redirect attack. For more information about these vulnerabilities, see the Details section of this advisory.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-openredir-TVPMWJyg	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-openredir-TVPMWJyg	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_management_center_virtual_appliance	6.1.0
cisco	firepower_management_center_virtual_appliance	6.2.0
cisco	firepower_management_center_virtual_appliance	6.2.3
cisco	firepower_management_center_virtual_appliance	6.3.0
cisco	firepower_management_center_virtual_appliance	6.4.0
cisco	firepower_management_center_virtual_appliance	6.5.0
cisco	firepower_management_center_virtual_appliance	6.6.0
cisco	firepower_management_center_virtual_appliance	6.6.1
cisco	firepower_management_center_virtual_appliance	6.7.0
cisco	firepower_management_center_virtual_appliance	7.0.0
cisco	firepower_management_center_virtual_appliance	7.1.0
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	sourcefire_defense_center	6.1.0
cisco	sourcefire_defense_center	6.2.0
cisco	sourcefire_defense_center	6.2.3
cisco	sourcefire_defense_center	6.3.0
cisco	sourcefire_defense_center	6.4.0
cisco	sourcefire_defense_center	6.5.0
cisco	sourcefire_defense_center	6.6.0
cisco	sourcefire_defense_center	6.6.1
cisco	sourcefire_defense_center	6.7.0
cisco	sourcefire_defense_center	7.0.0
cisco	sourcefire_defense_center	7.1.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A08538C5-6957-42B4-894B-1AF04FC904A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "01DFAA87-6DB1-419B-A2F4-F1FB3A7B8A18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F75D9CB4-406B-4FBF-BC7A-35C2CCEFD8B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C16F3BD-2ACD-44A0-9033-13CB59A50FE4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C0FC62F-65AD-4855-953A-DA5BBFC1B2E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "28629BA3-B1ED-409B-9FB1-E2159D95D975",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "49436378-0578-48F6-AE54-7C8D88574864",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B11AE299-AE40-42EB-9C0B-3865C932E766",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA792E5D-7270-4C23-A8D6-22EB00CB21A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CB38685-4255-4565-98AA-234B9DEEADE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CF689E1-22FF-467F-B5A7-59833D77971E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5429F29E-BEE8-4989-B5F3-A9BABBF64D31",
              "versionEndExcluding": "6.4.0.13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "18589C74-19D2-44F0-AF26-68910E26655D",
              "versionEndExcluding": "6.6.5",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "98DEDDAB-B8C5-4753-A208-94638E694FC1",
              "versionEndExcluding": "6.7.0.3",
              "versionStartIncluding": "6.7.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "38E2B495-A0B6-4049-8C90-96CF62BC1BFC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "20741BF4-6F44-42DE-B05E-EDB4176CAD6B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E4A3574-53DC-4328-A229-87795AE4F7AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B273B25-634A-48FF-B290-4A332F84E0B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2EBC6544-6ADF-4F95-A969-A8D953D11B3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "04DF03B7-9C70-4BEE-8AE4-6AA134322C0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4F47E43-116B-4176-9E79-0BA7CBA16869",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B02800C-6420-4758-89CF-66F47B4FCA19",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F41081E-06CF-4BA2-9072-E18D9032BEBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "52ED507A-5075-4444-A2D1-F5657453AD3F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5E9A6F5-8BC2-4FA5-9920-E980EFC5BCEE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an attacker to execute a cross-site scripting (XSS) attack or an open redirect attack. For more information about these vulnerabilities, see the Details section of this advisory."
    },
    {
      "lang": "es",
      "value": "Varias vulnerabilidades en la interfaz de administraci\u00f3n basada en la web del software Cisco Firepower Management Center (FMC) podr\u00edan permitir a un atacante ejecutar un ataque de tipo cross-site scripting (XSS) o un ataque de redireccionamiento abierto. Para conseguir m\u00e1s informaci\u00f3n sobre estas vulnerabilidades, consulte la secci\u00f3n Detalles de este aviso"
    }
  ],
  "id": "CVE-2021-34764",
  "lastModified": "2024-11-21T06:11:08.880",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 4.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "HIGH",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.7,
        "impactScore": 2.7,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.1,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 2.7,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-10-27T19:15:08.177",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-openredir-TVPMWJyg"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-openredir-TVPMWJyg"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-601"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        },
        {
          "lang": "en",
          "value": "CWE-601"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2021-10-27 19:15

Modified

2024-11-21 06:11

Severity ?

6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

Multiple vulnerabilities in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details section of this advisory.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-cmdinject-FmzsLN8	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-cmdinject-FmzsLN8	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_management_center_virtual_appliance	6.1.0
cisco	firepower_management_center_virtual_appliance	6.2.0
cisco	firepower_management_center_virtual_appliance	6.2.3
cisco	firepower_management_center_virtual_appliance	6.3.0
cisco	firepower_management_center_virtual_appliance	6.4.0
cisco	firepower_management_center_virtual_appliance	6.4.0.11
cisco	firepower_management_center_virtual_appliance	6.5.0
cisco	firepower_management_center_virtual_appliance	6.6.0
cisco	firepower_management_center_virtual_appliance	6.6.1
cisco	firepower_management_center_virtual_appliance	6.7.0
cisco	firepower_management_center_virtual_appliance	7.0.0
cisco	firepower_management_center_virtual_appliance	7.1.0
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	sourcefire_defense_center	6.1.0
cisco	sourcefire_defense_center	6.2.0
cisco	sourcefire_defense_center	6.2.3
cisco	sourcefire_defense_center	6.3.0
cisco	sourcefire_defense_center	6.4.0
cisco	sourcefire_defense_center	6.4.0.11
cisco	sourcefire_defense_center	6.5.0
cisco	sourcefire_defense_center	6.6.0
cisco	sourcefire_defense_center	6.6.1
cisco	sourcefire_defense_center	6.7.0
cisco	sourcefire_defense_center	7.0.0
cisco	sourcefire_defense_center	7.1.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A08538C5-6957-42B4-894B-1AF04FC904A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "01DFAA87-6DB1-419B-A2F4-F1FB3A7B8A18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F75D9CB4-406B-4FBF-BC7A-35C2CCEFD8B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C16F3BD-2ACD-44A0-9033-13CB59A50FE4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C0FC62F-65AD-4855-953A-DA5BBFC1B2E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.4.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E738F08-C30D-46E4-A92C-D406D72E1292",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "28629BA3-B1ED-409B-9FB1-E2159D95D975",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "49436378-0578-48F6-AE54-7C8D88574864",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B11AE299-AE40-42EB-9C0B-3865C932E766",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA792E5D-7270-4C23-A8D6-22EB00CB21A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CB38685-4255-4565-98AA-234B9DEEADE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CF689E1-22FF-467F-B5A7-59833D77971E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "17F461B5-E600-4C81-BA3C-1DBC90D4D438",
              "versionEndExcluding": "6.4.0.13",
              "versionStartIncluding": "6.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "37A74256-AF9A-473B-9DC7-A57618BA9F00",
              "versionEndExcluding": "6.6.5",
              "versionStartIncluding": "6.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "98DEDDAB-B8C5-4753-A208-94638E694FC1",
              "versionEndExcluding": "6.7.0.3",
              "versionStartIncluding": "6.7.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B2F537A-A488-45B6-AD4B-48B7064AE84C",
              "versionEndExcluding": "7.0.1",
              "versionStartIncluding": "7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "38E2B495-A0B6-4049-8C90-96CF62BC1BFC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "20741BF4-6F44-42DE-B05E-EDB4176CAD6B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E4A3574-53DC-4328-A229-87795AE4F7AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B273B25-634A-48FF-B290-4A332F84E0B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2EBC6544-6ADF-4F95-A969-A8D953D11B3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.4.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "37FBD21A-0D57-466F-B6F6-1D124A6D75D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "04DF03B7-9C70-4BEE-8AE4-6AA134322C0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4F47E43-116B-4176-9E79-0BA7CBA16869",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B02800C-6420-4758-89CF-66F47B4FCA19",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F41081E-06CF-4BA2-9072-E18D9032BEBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "52ED507A-5075-4444-A2D1-F5657453AD3F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5E9A6F5-8BC2-4FA5-9920-E980EFC5BCEE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple vulnerabilities in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details section of this advisory."
    },
    {
      "lang": "es",
      "value": "Varias vulnerabilidades en la CLI del software Cisco Firepower Threat Defense (FTD) podr\u00edan permitir a un atacante local autenticado ejecutar comandos arbitrarios con privilegios de root. Para conseguir m\u00e1s informaci\u00f3n sobre estas vulnerabilidades, consulte la secci\u00f3n Detalles de este aviso"
    }
  ],
  "id": "CVE-2021-34756",
  "lastModified": "2024-11-21T06:11:07.717",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.9,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-10-27T19:15:07.940",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-cmdinject-FmzsLN8"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-cmdinject-FmzsLN8"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2019-05-03 17:29

Modified

2024-11-21 04:37

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N

Summary

A vulnerability in the implementation of Security Assertion Markup Language (SAML) 2.0 Single Sign-On (SSO) for Clientless SSL VPN (WebVPN) and AnyConnect Remote Access VPN in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to successfully establish a VPN session to an affected device. The vulnerability is due to improper credential management when using NT LAN Manager (NTLM) or basic authentication. An attacker could exploit this vulnerability by opening a VPN session to an affected device after another VPN user has successfully authenticated to the affected device via SAML SSO. A successful exploit could allow the attacker to connect to secured networks behind the affected device.

References

URL	Tags
psirt@cisco.com	http://www.securityfocus.com/bid/108185	Third Party Advisory, VDB Entry
psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asaftd-saml-vpn	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/108185	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asaftd-saml-vpn	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_virtual_appliance	-
cisco	asa-5506-x	-
cisco	asa-5506h-x	-
cisco	asa-5506w-x	-
cisco	asa-5508-x	-
cisco	asa-5516-x	-
cisco	asa-5525-x	-
cisco	asa-5545-x	-
cisco	asa-5555-x	-
cisco	firepower_2110	-
cisco	firepower_2120	-
cisco	firepower_2130	-
cisco	firepower_2140	-
cisco	firepower_4100	-
cisco	firepower_9300	-
cisco	isa_3000	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8F292C5-67ED-4F18-B6C4-5873BB771C3D",
              "versionEndExcluding": "6.2.3.12",
              "versionStartIncluding": "6.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A16803C-579C-4992-B37E-7CEC17307659",
              "versionEndExcluding": "6.3.0.3",
              "versionStartIncluding": "6.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C812C8D5-3159-434C-8B9F-8CB0A8767923",
              "versionEndExcluding": "9.8.4",
              "versionStartIncluding": "9.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABCD2AF8-97D4-45C6-B80E-D5FA9B719BD5",
              "versionEndExcluding": "9.9.2.50",
              "versionStartIncluding": "9.9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4C6B343-2D4D-4C7E-A59E-629773DD2E60",
              "versionEndExcluding": "9.10.1.17",
              "versionStartIncluding": "9.10",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:adaptive_security_virtual_appliance:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E785C602-BE11-4FFC-A2A7-EC520E220C0F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa-5506-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4916B846-AEAD-4C06-9705-048627F27236",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa-5506h-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "931B9C8E-6AD7-4E05-8E48-27D3931DC8BB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa-5506w-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D78BA13B-49B2-4ECF-A69D-5C14EAB6B118",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa-5508-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5806FA7C-356B-45BB-ABB0-54B87167AF77",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa-5516-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "93289CFF-6A07-46F2-A2E0-5C43C67E0DCD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa-5525-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "45A11CA4-D93C-4D32-81C7-E3CF71EC4BBB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa-5545-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EF47542-3C2E-4BDB-823F-9A901312C634",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa-5555-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A567EFB6-9A19-4BC0-8EE2-6E2219D09961",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "52D96810-5F79-4A83-B8CA-D015790FCF72",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FE2945-4975-4003-AE48-7E134E167A7F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2130:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCE7122A-5AA7-4ECD-B024-E27C9D0CFB7B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2140:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "976901BF-C52C-4F81-956A-711AF8A60140",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E9552E6-0B9B-4B32-BE79-90D4E3887A7B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "07DAFDDA-718B-4B69-A524-B0CEB80FE960",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:isa_3000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9510E97A-FD78-43C6-85BC-223001ACA264",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the implementation of Security Assertion Markup Language (SAML) 2.0 Single Sign-On (SSO) for Clientless SSL VPN (WebVPN) and AnyConnect Remote Access VPN in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to successfully establish a VPN session to an affected device. The vulnerability is due to improper credential management when using NT LAN Manager (NTLM) or basic authentication. An attacker could exploit this vulnerability by opening a VPN session to an affected device after another VPN user has successfully authenticated to the affected device via SAML SSO. A successful exploit could allow the attacker to connect to secured networks behind the affected device."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la implementaci\u00f3n del Security Assertion Markup Language (SAML) versi\u00f3n 2.0 Single Sign-On (SSO) para VPN SSL sin clientes (WebVPN) y AnyConnect Remote Access VPN en Cisco Adaptive Security Appliance (ASA) Programa y Cisco Firepower Threat Defense (FTD) El programa podr\u00eda permitir a un atacante remoto no autenticado establecer con \u00e9xito una sesi\u00f3n VPN en un dispositivo afectado. La vulnerabilidad se debe a una gesti\u00f3n inadecuada de las credenciales cuando se utiliza NT LAN Manager (NTLM) o autenticaci\u00f3n b\u00e1sica. Un atacante podr\u00eda explotar esta vulnerabilidad abriendo una sesi\u00f3n VPN a un dispositivo afectado despu\u00e9s de que otro usuario VPN se haya autenticado con \u00e9xito en el dispositivo afectado a trav\u00e9s de SAML SSO. Un exploit con \u00e9xito podr\u00eda permitir al atacante conectarse a redes seguras detr\u00e1s del dispositivo afectado."
    }
  ],
  "id": "CVE-2019-1714",
  "lastModified": "2024-11-21T04:37:09.697",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-05-03T17:29:00.533",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/108185"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asaftd-saml-vpn"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/108185"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asaftd-saml-vpn"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-255"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2018-11-01 12:29

Modified

2024-11-21 03:50

Severity ?

8.6 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
8.6 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Summary

A vulnerability in the Session Initiation Protocol (SIP) inspection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload or trigger high CPU, resulting in a denial of service (DoS) condition. The vulnerability is due to improper handling of SIP traffic. An attacker could exploit this vulnerability by sending SIP requests designed to specifically trigger this issue at a high rate across an affected device. Software updates that address this vulnerability are not yet available.

References

URL	Tags
psirt@cisco.com	http://www.securityfocus.com/bid/105768	Third Party Advisory, VDB Entry
psirt@cisco.com	http://www.securitytracker.com/id/1042129	Third Party Advisory, VDB Entry
psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181031-asaftd-sip-dos	Mitigation, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/105768	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1042129	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181031-asaftd-sip-dos	Mitigation, Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "47A19040-3FF8-443F-BB21-B35D0F95CE7A",
              "versionEndExcluding": "9.4.4.27",
              "versionStartIncluding": "9.4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA687824-C2FA-4896-84CF-E552EF5612B6",
              "versionEndExcluding": "9.6.4.18",
              "versionStartIncluding": "9.6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4925543E-BFCB-4A87-8372-775B06692490",
              "versionEndExcluding": "9.8.3.16",
              "versionStartIncluding": "9.8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AE07315-2357-4C1D-8762-45F156FCBC10",
              "versionEndExcluding": "9.9.2.32",
              "versionStartIncluding": "9.9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "06DC9E7B-B0E3-4317-9B60-86A0AA446C8C",
              "versionEndExcluding": "9.10.1.2",
              "versionStartIncluding": "9.10",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD7C4894-142B-4CE7-960F-FC0B0E5B7E28",
              "versionEndExcluding": "6.1.0.7",
              "versionStartIncluding": "6.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A87D3FB3-D9DB-426C-A273-FEA832F1555D",
              "versionEndExcluding": "6.2.0.6",
              "versionStartIncluding": "6.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7EC8FADD-F394-46A4-9DBB-0E401DC1F2DB",
              "versionEndExcluding": "6.2.2.4",
              "versionStartIncluding": "6.2.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B9EB1B7-F821-41A0-9282-8F9D698DF0AE",
              "versionEndExcluding": "6.2.3.7",
              "versionStartIncluding": "6.2.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the Session Initiation Protocol (SIP) inspection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload or trigger high CPU, resulting in a denial of service (DoS) condition. The vulnerability is due to improper handling of SIP traffic. An attacker could exploit this vulnerability by sending SIP requests designed to specifically trigger this issue at a high rate across an affected device. Software updates that address this vulnerability are not yet available."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el motor de inspecci\u00f3n SIP (Session Initiation Protocol) de Cisco Adaptive Security Appliance (ASA) Software y Cisco Firepower Threat Defense (FTD) Software podr\u00eda permitir que un atacante remoto no autenticado provoque que un dispositivo afectado se recargue o el alto uso de recursos de la CPU, lo que resulta en una denegaci\u00f3n de servicio (DoS). Esta vulnerabilidad se debe a un manejo incorrecto del tr\u00e1fico SIP. Un atacante podr\u00eda explotar esta vulnerabilidad enviando peticiones SIP destinadas a desencadenar espec\u00edficamente este problema en gran proporci\u00f3n en un dispositivo afectado. A\u00fan no existen actualizaciones de software que aborden esta vulnerabilidad."
    }
  ],
  "id": "CVE-2018-15454",
  "lastModified": "2024-11-21T03:50:50.363",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-11-01T12:29:00.190",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/105768"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1042129"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181031-asaftd-sip-dos"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/105768"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1042129"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181031-asaftd-sip-dos"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2018-01-29 20:29

Modified

2024-11-21 03:37

Severity ?

10.0 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Summary

A vulnerability in the Secure Sockets Layer (SSL) VPN functionality of the Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code. The vulnerability is due to an attempt to double free a region of memory when the webvpn feature is enabled on the Cisco ASA device. An attacker could exploit this vulnerability by sending multiple, crafted XML packets to a webvpn-configured interface on the affected system. An exploit could allow the attacker to execute arbitrary code and obtain full control of the system, or cause a reload of the affected device. This vulnerability affects Cisco ASA Software that is running on the following Cisco products: 3000 Series Industrial Security Appliance (ISA), ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, ASA 1000V Cloud Firewall, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4110 Security Appliance, Firepower 9300 ASA Security Module, Firepower Threat Defense Software (FTD). Cisco Bug IDs: CSCvg35618.

References

URL	Tags
psirt@cisco.com	http://www.securityfocus.com/bid/102845	Third Party Advisory, VDB Entry
psirt@cisco.com	http://www.securitytracker.com/id/1040292	Third Party Advisory, VDB Entry
psirt@cisco.com	https://icanthackit.wordpress.com/2018/01/30/thoughts-on-the-handling-cve-2018-0101-cisco-bug-cscvg35618/	Third Party Advisory
psirt@cisco.com	https://pastebin.com/YrBcG2Ln	Exploit, Third Party Advisory
psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180129-asa1	Vendor Advisory
psirt@cisco.com	https://www.exploit-db.com/exploits/43986/	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/102845	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1040292	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://icanthackit.wordpress.com/2018/01/30/thoughts-on-the-handling-cve-2018-0101-cisco-bug-cscvg35618/	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://pastebin.com/YrBcG2Ln	Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180129-asa1	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.exploit-db.com/exploits/43986/	Exploit, Third Party Advisory, VDB Entry

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	firepower_threat_defense	6.0.0
cisco	firepower_threat_defense	6.0.1
cisco	firepower_threat_defense	6.1.0
cisco	firepower_threat_defense	6.2.0
cisco	firepower_threat_defense	6.2.1
cisco	firepower_threat_defense	6.2.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC8943F2-EAC8-41B8-97BC-31CE791ABB23",
              "versionEndExcluding": "9.1.7.23",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "14D5C777-6061-448C-9809-54A60E40F743",
              "versionEndExcluding": "9.2.4.27",
              "versionStartIncluding": "9.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "933B0F4E-8502-4819-A0CE-7B9E1F8768D1",
              "versionEndExcluding": "9.4.4.16",
              "versionStartIncluding": "9.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3EB341D4-DFAF-4E53-AE1D-93DCED327B23",
              "versionEndExcluding": "9.6.4.3",
              "versionStartIncluding": "9.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FE1A40F-1899-4BD8-B955-4C78EB2D6E9C",
              "versionEndExcluding": "9.7.1.21",
              "versionStartIncluding": "9.7.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EA0A1AD-2CBD-48E6-9685-4521B6F3C379",
              "versionEndExcluding": "9.8.2.20",
              "versionStartIncluding": "9.8.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A904674-DE78-420E-82D5-29194621FBA5",
              "versionEndExcluding": "9.9.1.2",
              "versionStartIncluding": "9.9.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1AC6A67-82EF-4D31-AFCB-499A0C6EC0F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "995667FD-35F1-49E5-96DB-2FDFF5E0B523",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "61FB47CF-2A6A-4121-BFF7-5862E163B8E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1DC52A8B-7DF4-47B2-9F49-627F59656E5E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD48BE40-C647-429A-81B6-59E125BBE415",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "42496A5B-1644-4088-BBCF-2ED810A5694B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the Secure Sockets Layer (SSL) VPN functionality of the Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code. The vulnerability is due to an attempt to double free a region of memory when the webvpn feature is enabled on the Cisco ASA device. An attacker could exploit this vulnerability by sending multiple, crafted XML packets to a webvpn-configured interface on the affected system. An exploit could allow the attacker to execute arbitrary code and obtain full control of the system, or cause a reload of the affected device. This vulnerability affects Cisco ASA Software that is running on the following Cisco products: 3000 Series Industrial Security Appliance (ISA), ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, ASA 1000V Cloud Firewall, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4110 Security Appliance, Firepower 9300 ASA Security Module, Firepower Threat Defense Software (FTD). Cisco Bug IDs: CSCvg35618."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la funcionalidad VPN Secure Sockets Layer (SSL) de Cisco Adaptive Security Appliance (ASA) podr\u00eda permitir que un atacante remoto no autenticado provoque la recarga del sistema afectado o que ejecute c\u00f3digo de forma remota. La vulnerabilidad se debe a un intento de doble liberaci\u00f3n (double free) de una regi\u00f3n de memoria cuando la caracter\u00edstica webvpn est\u00e1 habilitada en el dispositivo Cisco ASA. Un atacante podr\u00eda explotar esta vulnerabilidad enviando m\u00faltiples peticiones XML manipuladas a la interfaz configurada por webvpn en el sistema afectado. Un exploit podr\u00eda permitir que el atacante ejecute c\u00f3digo arbitrario y obtenga control total del sistema, o que provoque una recarga del dispositivo afectado. Esta vulnerabilidad afecta a las versiones de Cisco ASA Software que se ejecutan en los siguientes productos de Cisco: 3000 Series Industrial Security Appliance (ISA), ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, ASA 1000V Cloud Firewall, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4110 Security Appliance, Firepower 9300 ASA Security Module y Firepower Threat Defense Software (FTD). Cisco Bug IDs: CSCvg35618."
    }
  ],
  "id": "CVE-2018-0101",
  "lastModified": "2024-11-21T03:37:31.353",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 10.0,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-01-29T20:29:00.280",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/102845"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1040292"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://icanthackit.wordpress.com/2018/01/30/thoughts-on-the-handling-cve-2018-0101-cisco-bug-cscvg35618/"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://pastebin.com/YrBcG2Ln"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180129-asa1"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/43986/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/102845"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1040292"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://icanthackit.wordpress.com/2018/01/30/thoughts-on-the-handling-cve-2018-0101-cisco-bug-cscvg35618/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://pastebin.com/YrBcG2Ln"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180129-asa1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/43986/"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-415"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-415"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-02-26 17:15

Modified

2024-11-21 05:30

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

A vulnerability in the CLI of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system (OS). The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by including crafted arguments to specific commands. A successful exploit could allow the attacker to execute arbitrary commands on the underlying OS with the privileges of the currently logged-in user for all affected platforms excluding Cisco UCS 6400 Series Fabric Interconnects. On Cisco UCS 6400 Series Fabric Interconnects, the injected commands are executed with root privileges.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-ucs-cmdinj	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-ucs-cmdinj	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	firepower_1010	-
cisco	firepower_1120	-
cisco	firepower_1140	-
cisco	firepower_1150	-
cisco	firepower_2110	-
cisco	firepower_2120	-
cisco	firepower_2130	-
cisco	firepower_2140	-
cisco	firepower_extensible_operating_system	*
cisco	firepower_4110	-
cisco	firepower_4115	-
cisco	firepower_4120	-
cisco	firepower_4125	-
cisco	firepower_4140	-
cisco	firepower_4145	-
cisco	firepower_4150	-
cisco	firepower_9300	-
cisco	ucs_manager	*
cisco	ucs_manager	*
cisco	ucs_6248up	-
cisco	ucs_6296up	-
cisco	ucs_6324	-
cisco	ucs_6332	-
cisco	ucs_6332-16up	-
cisco	ucs_64108	-
cisco	ucs_6454	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "669EB726-B1E5-47BF-98D4-73ABDB676115",
              "versionEndExcluding": "6.2.3.13",
              "versionStartIncluding": "6.2.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBAB5FF7-1E8C-4145-A081-5916B9EB9731",
              "versionEndExcluding": "6.4.0.8",
              "versionStartIncluding": "6.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "931501EE-560C-49AD-805D-3008159E0A94",
              "versionEndExcluding": "6.5.0.2",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A222901B-A007-419D-9A0A-D5420EC57083",
              "versionEndExcluding": "9.9.2.66",
              "versionStartIncluding": "9.8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AACB9A82-A1DF-4012-A5E1-D9C692721273",
              "versionEndExcluding": "9.12.3.6",
              "versionStartIncluding": "9.10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F67B6AE-8757-428F-8894-A11A6553E7A2",
              "versionEndExcluding": "9.13.1.5",
              "versionStartIncluding": "9.13",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FFE3880-4B85-4E23-9836-70875D5109F7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "727A02E8-40A1-4DFE-A3A2-91D628D3044F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1140:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "19F6546E-28F4-40DC-97D6-E0E023FE939B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB3B0EC3-4654-4D90-9D41-7EC2AD1DDF99",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "52D96810-5F79-4A83-B8CA-D015790FCF72",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FE2945-4975-4003-AE48-7E134E167A7F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2130:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCE7122A-5AA7-4ECD-B024-E27C9D0CFB7B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2140:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "976901BF-C52C-4F81-956A-711AF8A60140",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "082378DA-87C5-4779-8DE1-32B16879C20A",
              "versionEndExcluding": "2.4.1.234",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A694AD51-9008-4AE6-8240-98B17AB527EE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "38AE6DC0-2B03-4D36-9856-42530312CC46",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71DCEF22-ED20-4330-8502-EC2DD4C9838F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3DB2822B-B752-4CD9-A178-934957E306B4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "81F4868A-6D62-479C-9C19-F9AABDBB6B24",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "65378F3A-777C-4AE2-87FB-1E7402F9EA1B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "07DAFDDA-718B-4B69-A524-B0CEB80FE960",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:ucs_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE704FC9-DFEF-48DD-A0D5-919FAF856C6F",
              "versionEndExcluding": "3.2\\(3n\\)",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ucs_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C79BC0D-B86C-452B-B6CA-F93E938B707F",
              "versionEndExcluding": "4.0\\(4g\\)",
              "versionStartIncluding": "4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "49112D3F-DFAD-4E71-992B-9E0640FA388C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B82093C6-B36D-4E4E-AD7F-8C107646B8D9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E406DDCE-6753-43E9-B6F0-7A038DE84E41",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ucs_6332-16up:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "054D8EB2-97A3-4725-9DFF-27A4D231D90A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ucs_64108:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC04D48B-8B2F-45E1-A445-A87E92E790B8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ucs_6454:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FD096B7-6F8E-4E48-9EC4-9A10AA7D9AA0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the CLI of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system (OS). The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by including crafted arguments to specific commands. A successful exploit could allow the attacker to execute arbitrary commands on the underlying OS with the privileges of the currently logged-in user for all affected platforms excluding Cisco UCS 6400 Series Fabric Interconnects. On Cisco UCS 6400 Series Fabric Interconnects, the injected commands are executed with root privileges."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la CLI de Cisco FXOS Software y Cisco UCS Manager Software, podr\u00eda permitir a un atacante local autenticado ejecutar comandos arbitrarios en el sistema operativo (SO) subyacente. La vulnerabilidad es debido a una comprobaci\u00f3n de entrada insuficiente. Un atacante podr\u00eda explotar esta vulnerabilidad al incluir argumentos dise\u00f1ados en comandos espec\u00edficos. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante ejecutar comandos arbitrarios en el sistema operativo subyacente con los privilegios del usuario actualmente conectado para todas las plataformas afectadas, excluyendo Cisco UCS 6400 Series Fabric Interconnects. En Cisco UCS 6400 Series Fabric Interconnects, los comandos inyectados son ejecutados con privilegios root."
    }
  ],
  "id": "CVE-2020-3167",
  "lastModified": "2024-11-21T05:30:28.020",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-02-26T17:15:12.843",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-ucs-cmdinj"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-ucs-cmdinj"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2025-05-07 18:15

Modified

2025-08-01 16:12

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Summary

A vulnerability in the Internet Key Exchange version 2 (IKEv2) protocol processing of Cisco Adaptive Security Appliance (ASA) Software, Cisco Firepower Threat Defense (FTD) Software, Cisco IOS Software, and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation when processing IKEv2 messages. An attacker could exploit this vulnerability by sending crafted IKEv2 traffic to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition on the affected device.

References

▼	URL	Tags
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-multiprod-ikev2-dos-gPctUqv2	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance_software	9.8.1
cisco	adaptive_security_appliance_software	9.8.1.5
cisco	adaptive_security_appliance_software	9.8.1.7
cisco	adaptive_security_appliance_software	9.8.2
cisco	adaptive_security_appliance_software	9.8.2.8
cisco	adaptive_security_appliance_software	9.8.2.14
cisco	adaptive_security_appliance_software	9.8.2.15
cisco	adaptive_security_appliance_software	9.8.2.17
cisco	adaptive_security_appliance_software	9.8.2.20
cisco	adaptive_security_appliance_software	9.8.2.24
cisco	adaptive_security_appliance_software	9.8.2.26
cisco	adaptive_security_appliance_software	9.8.2.28
cisco	adaptive_security_appliance_software	9.8.2.33
cisco	adaptive_security_appliance_software	9.8.2.35
cisco	adaptive_security_appliance_software	9.8.2.38
cisco	adaptive_security_appliance_software	9.8.2.45
cisco	adaptive_security_appliance_software	9.8.3
cisco	adaptive_security_appliance_software	9.8.3.8
cisco	adaptive_security_appliance_software	9.8.3.11
cisco	adaptive_security_appliance_software	9.8.3.14
cisco	adaptive_security_appliance_software	9.8.3.16
cisco	adaptive_security_appliance_software	9.8.3.18
cisco	adaptive_security_appliance_software	9.8.3.21
cisco	adaptive_security_appliance_software	9.8.3.26
cisco	adaptive_security_appliance_software	9.8.3.29
cisco	adaptive_security_appliance_software	9.8.4
cisco	adaptive_security_appliance_software	9.8.4.3
cisco	adaptive_security_appliance_software	9.8.4.7
cisco	adaptive_security_appliance_software	9.8.4.8
cisco	adaptive_security_appliance_software	9.8.4.10
cisco	adaptive_security_appliance_software	9.8.4.12
cisco	adaptive_security_appliance_software	9.8.4.15
cisco	adaptive_security_appliance_software	9.8.4.17
cisco	adaptive_security_appliance_software	9.8.4.20
cisco	adaptive_security_appliance_software	9.8.4.22
cisco	adaptive_security_appliance_software	9.8.4.25
cisco	adaptive_security_appliance_software	9.8.4.26
cisco	adaptive_security_appliance_software	9.8.4.29
cisco	adaptive_security_appliance_software	9.8.4.32
cisco	adaptive_security_appliance_software	9.8.4.33
cisco	adaptive_security_appliance_software	9.8.4.34
cisco	adaptive_security_appliance_software	9.8.4.35
cisco	adaptive_security_appliance_software	9.8.4.39
cisco	adaptive_security_appliance_software	9.8.4.40
cisco	adaptive_security_appliance_software	9.8.4.41
cisco	adaptive_security_appliance_software	9.8.4.43
cisco	adaptive_security_appliance_software	9.8.4.44
cisco	adaptive_security_appliance_software	9.8.4.45
cisco	adaptive_security_appliance_software	9.8.4.46
cisco	adaptive_security_appliance_software	9.8.4.48
cisco	adaptive_security_appliance_software	9.12.1
cisco	adaptive_security_appliance_software	9.12.1.2
cisco	adaptive_security_appliance_software	9.12.1.3
cisco	adaptive_security_appliance_software	9.12.2
cisco	adaptive_security_appliance_software	9.12.2.1
cisco	adaptive_security_appliance_software	9.12.2.4
cisco	adaptive_security_appliance_software	9.12.2.5
cisco	adaptive_security_appliance_software	9.12.2.9
cisco	adaptive_security_appliance_software	9.12.3
cisco	adaptive_security_appliance_software	9.12.3.2
cisco	adaptive_security_appliance_software	9.12.3.7
cisco	adaptive_security_appliance_software	9.12.3.9
cisco	adaptive_security_appliance_software	9.12.3.12
cisco	adaptive_security_appliance_software	9.12.4
cisco	adaptive_security_appliance_software	9.12.4.2
cisco	adaptive_security_appliance_software	9.12.4.4
cisco	adaptive_security_appliance_software	9.12.4.7
cisco	adaptive_security_appliance_software	9.12.4.8
cisco	adaptive_security_appliance_software	9.12.4.10
cisco	adaptive_security_appliance_software	9.12.4.13
cisco	adaptive_security_appliance_software	9.12.4.18
cisco	adaptive_security_appliance_software	9.12.4.24
cisco	adaptive_security_appliance_software	9.12.4.26
cisco	adaptive_security_appliance_software	9.12.4.29
cisco	adaptive_security_appliance_software	9.12.4.30
cisco	adaptive_security_appliance_software	9.12.4.35
cisco	adaptive_security_appliance_software	9.12.4.37
cisco	adaptive_security_appliance_software	9.12.4.38
cisco	adaptive_security_appliance_software	9.12.4.39
cisco	adaptive_security_appliance_software	9.12.4.40
cisco	adaptive_security_appliance_software	9.12.4.41
cisco	adaptive_security_appliance_software	9.12.4.47
cisco	adaptive_security_appliance_software	9.12.4.48
cisco	adaptive_security_appliance_software	9.12.4.50
cisco	adaptive_security_appliance_software	9.12.4.52
cisco	adaptive_security_appliance_software	9.12.4.54
cisco	adaptive_security_appliance_software	9.12.4.55
cisco	adaptive_security_appliance_software	9.12.4.56
cisco	adaptive_security_appliance_software	9.12.4.58
cisco	adaptive_security_appliance_software	9.12.4.62
cisco	adaptive_security_appliance_software	9.12.4.65
cisco	adaptive_security_appliance_software	9.12.4.67
cisco	adaptive_security_appliance_software	9.14.1
cisco	adaptive_security_appliance_software	9.14.1.6
cisco	adaptive_security_appliance_software	9.14.1.10
cisco	adaptive_security_appliance_software	9.14.1.15
cisco	adaptive_security_appliance_software	9.14.1.19
cisco	adaptive_security_appliance_software	9.14.1.30
cisco	adaptive_security_appliance_software	9.14.2
cisco	adaptive_security_appliance_software	9.14.2.4
cisco	adaptive_security_appliance_software	9.14.2.8
cisco	adaptive_security_appliance_software	9.14.2.13
cisco	adaptive_security_appliance_software	9.14.2.15
cisco	adaptive_security_appliance_software	9.14.3
cisco	adaptive_security_appliance_software	9.14.3.1
cisco	adaptive_security_appliance_software	9.14.3.9
cisco	adaptive_security_appliance_software	9.14.3.11
cisco	adaptive_security_appliance_software	9.14.3.13
cisco	adaptive_security_appliance_software	9.14.3.15
cisco	adaptive_security_appliance_software	9.14.3.18
cisco	adaptive_security_appliance_software	9.14.4
cisco	adaptive_security_appliance_software	9.14.4.6
cisco	adaptive_security_appliance_software	9.14.4.7
cisco	adaptive_security_appliance_software	9.14.4.12
cisco	adaptive_security_appliance_software	9.14.4.13
cisco	adaptive_security_appliance_software	9.14.4.14
cisco	adaptive_security_appliance_software	9.14.4.15
cisco	adaptive_security_appliance_software	9.14.4.17
cisco	adaptive_security_appliance_software	9.14.4.22
cisco	adaptive_security_appliance_software	9.14.4.23
cisco	adaptive_security_appliance_software	9.14.4.24
cisco	adaptive_security_appliance_software	9.15.1.1
cisco	adaptive_security_appliance_software	9.16.1
cisco	adaptive_security_appliance_software	9.16.1.28
cisco	adaptive_security_appliance_software	9.16.2
cisco	adaptive_security_appliance_software	9.16.2.3
cisco	adaptive_security_appliance_software	9.16.2.7
cisco	adaptive_security_appliance_software	9.16.2.11
cisco	adaptive_security_appliance_software	9.16.2.13
cisco	adaptive_security_appliance_software	9.16.2.14
cisco	adaptive_security_appliance_software	9.16.3
cisco	adaptive_security_appliance_software	9.16.3.3
cisco	adaptive_security_appliance_software	9.16.3.14
cisco	adaptive_security_appliance_software	9.16.3.15
cisco	adaptive_security_appliance_software	9.16.3.19
cisco	adaptive_security_appliance_software	9.16.3.23
cisco	adaptive_security_appliance_software	9.16.4
cisco	adaptive_security_appliance_software	9.16.4.9
cisco	adaptive_security_appliance_software	9.16.4.14
cisco	adaptive_security_appliance_software	9.16.4.18
cisco	adaptive_security_appliance_software	9.16.4.19
cisco	adaptive_security_appliance_software	9.16.4.27
cisco	adaptive_security_appliance_software	9.16.4.38
cisco	adaptive_security_appliance_software	9.16.4.39
cisco	adaptive_security_appliance_software	9.16.4.42
cisco	adaptive_security_appliance_software	9.16.4.48
cisco	adaptive_security_appliance_software	9.16.4.55
cisco	adaptive_security_appliance_software	9.16.4.57
cisco	adaptive_security_appliance_software	9.16.4.61
cisco	adaptive_security_appliance_software	9.17.1
cisco	adaptive_security_appliance_software	9.17.1.7
cisco	adaptive_security_appliance_software	9.17.1.9
cisco	adaptive_security_appliance_software	9.17.1.10
cisco	adaptive_security_appliance_software	9.17.1.11
cisco	adaptive_security_appliance_software	9.17.1.13
cisco	adaptive_security_appliance_software	9.17.1.15
cisco	adaptive_security_appliance_software	9.17.1.20
cisco	adaptive_security_appliance_software	9.17.1.30
cisco	adaptive_security_appliance_software	9.17.1.33
cisco	adaptive_security_appliance_software	9.17.1.39
cisco	adaptive_security_appliance_software	9.18.1
cisco	adaptive_security_appliance_software	9.18.1.3
cisco	adaptive_security_appliance_software	9.18.2
cisco	adaptive_security_appliance_software	9.18.2.5
cisco	adaptive_security_appliance_software	9.18.2.7
cisco	adaptive_security_appliance_software	9.18.2.8
cisco	adaptive_security_appliance_software	9.18.3
cisco	adaptive_security_appliance_software	9.18.3.39
cisco	adaptive_security_appliance_software	9.18.3.46
cisco	adaptive_security_appliance_software	9.18.3.53
cisco	adaptive_security_appliance_software	9.18.3.55
cisco	adaptive_security_appliance_software	9.18.3.56
cisco	adaptive_security_appliance_software	9.18.4
cisco	adaptive_security_appliance_software	9.18.4.5
cisco	adaptive_security_appliance_software	9.18.4.8
cisco	adaptive_security_appliance_software	9.18.4.22
cisco	adaptive_security_appliance_software	9.18.4.24
cisco	adaptive_security_appliance_software	9.18.4.29
cisco	adaptive_security_appliance_software	9.19.1
cisco	adaptive_security_appliance_software	9.19.1.5
cisco	adaptive_security_appliance_software	9.19.1.9
cisco	adaptive_security_appliance_software	9.19.1.12
cisco	adaptive_security_appliance_software	9.19.1.18
cisco	adaptive_security_appliance_software	9.19.1.22
cisco	adaptive_security_appliance_software	9.19.1.24
cisco	adaptive_security_appliance_software	9.19.1.27
cisco	adaptive_security_appliance_software	9.19.1.28
cisco	adaptive_security_appliance_software	9.19.1.31
cisco	adaptive_security_appliance_software	9.20.1
cisco	adaptive_security_appliance_software	9.20.1.5
cisco	adaptive_security_appliance_software	9.20.2
cisco	adaptive_security_appliance_software	9.20.2.10
cisco	adaptive_security_appliance_software	9.20.2.21
cisco	firepower_threat_defense	6.2.3
cisco	firepower_threat_defense	6.2.3.1
cisco	firepower_threat_defense	6.2.3.2
cisco	firepower_threat_defense	6.2.3.3
cisco	firepower_threat_defense	6.2.3.4
cisco	firepower_threat_defense	6.2.3.5
cisco	firepower_threat_defense	6.2.3.6
cisco	firepower_threat_defense	6.2.3.7
cisco	firepower_threat_defense	6.2.3.8
cisco	firepower_threat_defense	6.2.3.9
cisco	firepower_threat_defense	6.2.3.10
cisco	firepower_threat_defense	6.2.3.11
cisco	firepower_threat_defense	6.2.3.12
cisco	firepower_threat_defense	6.2.3.13
cisco	firepower_threat_defense	6.2.3.14
cisco	firepower_threat_defense	6.2.3.15
cisco	firepower_threat_defense	6.2.3.16
cisco	firepower_threat_defense	6.2.3.17
cisco	firepower_threat_defense	6.2.3.18
cisco	firepower_threat_defense	6.4.0
cisco	firepower_threat_defense	6.4.0.1
cisco	firepower_threat_defense	6.4.0.2
cisco	firepower_threat_defense	6.4.0.3
cisco	firepower_threat_defense	6.4.0.4
cisco	firepower_threat_defense	6.4.0.5
cisco	firepower_threat_defense	6.4.0.6
cisco	firepower_threat_defense	6.4.0.7
cisco	firepower_threat_defense	6.4.0.8
cisco	firepower_threat_defense	6.4.0.9
cisco	firepower_threat_defense	6.4.0.10
cisco	firepower_threat_defense	6.4.0.11
cisco	firepower_threat_defense	6.4.0.12
cisco	firepower_threat_defense	6.4.0.13
cisco	firepower_threat_defense	6.4.0.14
cisco	firepower_threat_defense	6.4.0.15
cisco	firepower_threat_defense	6.4.0.16
cisco	firepower_threat_defense	6.4.0.17
cisco	firepower_threat_defense	6.4.0.18
cisco	firepower_threat_defense	6.6.0
cisco	firepower_threat_defense	6.6.0.1
cisco	firepower_threat_defense	6.6.1
cisco	firepower_threat_defense	6.6.3
cisco	firepower_threat_defense	6.6.4
cisco	firepower_threat_defense	6.6.5
cisco	firepower_threat_defense	6.6.5.1
cisco	firepower_threat_defense	6.6.5.2
cisco	firepower_threat_defense	6.6.7
cisco	firepower_threat_defense	6.6.7.1
cisco	firepower_threat_defense	6.6.7.2
cisco	firepower_threat_defense	7.0.0
cisco	firepower_threat_defense	7.0.0.1
cisco	firepower_threat_defense	7.0.1
cisco	firepower_threat_defense	7.0.1.1
cisco	firepower_threat_defense	7.0.2
cisco	firepower_threat_defense	7.0.2.1
cisco	firepower_threat_defense	7.0.3
cisco	firepower_threat_defense	7.0.4
cisco	firepower_threat_defense	7.0.5
cisco	firepower_threat_defense	7.0.6
cisco	firepower_threat_defense	7.0.6.1
cisco	firepower_threat_defense	7.0.6.2
cisco	firepower_threat_defense	7.1.0
cisco	firepower_threat_defense	7.1.0.1
cisco	firepower_threat_defense	7.1.0.2
cisco	firepower_threat_defense	7.1.0.3
cisco	firepower_threat_defense	7.2.0
cisco	firepower_threat_defense	7.2.0.1
cisco	firepower_threat_defense	7.2.1
cisco	firepower_threat_defense	7.2.2
cisco	firepower_threat_defense	7.2.3
cisco	firepower_threat_defense	7.2.4
cisco	firepower_threat_defense	7.2.4.1
cisco	firepower_threat_defense	7.2.5
cisco	firepower_threat_defense	7.2.5.1
cisco	firepower_threat_defense	7.2.5.2
cisco	firepower_threat_defense	7.2.6
cisco	firepower_threat_defense	7.2.7
cisco	firepower_threat_defense	7.2.8
cisco	firepower_threat_defense	7.2.8.1
cisco	firepower_threat_defense	7.3.0
cisco	firepower_threat_defense	7.3.1
cisco	firepower_threat_defense	7.3.1.1
cisco	firepower_threat_defense	7.3.1.2
cisco	firepower_threat_defense	7.4.0
cisco	firepower_threat_defense	7.4.1
cisco	firepower_threat_defense	7.4.1.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D482F818-0A8E-49D7-8E3E-0958019FA629",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E7BFB57-BC02-4930-A02F-83583E6A0FC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "026F1960-C879-4611-A60A-96311B63CCA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAF8B33E-0C95-467D-A865-0A234E69D0CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFF144F5-D933-4DE4-818C-001BD9E3958A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "00112ED3-FE7B-425B-9A28-1E5F2BC8BB01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDD491D5-FAAB-493F-91A6-D2F3B5F5970E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "1519F49D-588F-4B70-B38F-EF4F3E13FEAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "15354443-5EB7-4712-B2DE-61DB33830759",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "248D6B44-E134-4DEC-A947-636824E3FDFA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "0820A79C-F3EF-407F-9AC7-DCAB4CD39C89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D3E8805-85D2-4345-8076-039513209A31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "14BB907B-D75A-4F5E-B20D-5457A71A70EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "F118B803-4C55-436A-A136-0C1FEA49858F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.38:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A272121-408E-45F6-A2A1-0BA6EBC060A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.45:*:*:*:*:*:*:*",
              "matchCriteriaId": "61C3A433-0792-434E-AC90-A84B346499D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "980CEA3B-5A81-4E8C-BEA3-DD31BE7DA2CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3910211-D4DB-4CA7-BBEA-DD8246FF10ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "C260BF30-7A33-4C70-9509-404856C93666",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF894850-39EC-4B57-BBFF-F1AB4F8389A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1FAFCF9-0ABE-483E-9604-329762BB7870",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "83DB4278-3126-4765-97C4-6C0A8C78DA78",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "174E631B-6099-47DE-8790-BBF4B7FDB8CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FE3538B-F612-4105-BFDE-A4B594482DCF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "3143B0FF-C855-485E-A908-E48974B1643C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "26DD9992-6D98-4E03-9599-ECF38A186FBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "24DCEAE6-355B-40AE-A7C8-AF744FCA8A86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "2097E81E-B422-4B93-AF09-F300A0E8AF71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "454DEA31-A607-4054-82D3-24A4FEB7358F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "57F0B213-8187-4465-84F1-FB8D92B36020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "E540771E-BA0B-42D1-8251-B576B0F142C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEC2A833-BECF-4000-A592-6113A84C2D20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "077F1416-924A-4D25-9CEE-3BD66A96A019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BDC8D92-D6E0-40EE-B190-D2B32C7DEB75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "23CD5619-E534-4F40-998D-39DC19FA0451",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5D0EB11-14B1-44B3-8D46-B9DD872F772C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FA399CF-12DB-42E0-A66F-14508B52A453",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B5A7608-E737-420E-9B5E-836600DAC701",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.32:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7EB6801-336D-4F41-ADE7-1C58C63C3F6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "8413DA41-02A5-4269-8C88-9DD5076AF91B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.34:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA00285F-6914-4749-8A47-FC4EDAFFF3C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "4AA4D367-32B9-4F54-8352-A959F61A1FDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "2259FF9E-0C8B-440F-B1AC-51BDE3F60E68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C522B55-904D-4C08-B73E-1457D877C0AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "4483056A-FBF3-4E00-81EB-1E97334EF240",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.43:*:*:*:*:*:*:*",
              "matchCriteriaId": "48677330-06AB-4C7F-B2AD-F7E465A9632A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.44:*:*:*:*:*:*:*",
              "matchCriteriaId": "7AEA80D2-5DB8-4334-9A88-7DDE395832C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.45:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB1C38A5-1028-4AD3-8CC7-A00091091E76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.46:*:*:*:*:*:*:*",
              "matchCriteriaId": "848147B2-C49A-43F6-9069-FC8885BDFDA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.48:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6FEF0DA-741E-4361-8143-068EB47D6520",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F002FD55-F881-450E-BC1B-8073E188F47E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA940C4F-13BB-465F-BB8D-CBD0109BF012",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B0434F5-9A50-4B57-9C5B-E09415D098C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE727035-06CB-4E37-A9D2-96BD54502120",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FE52B81-2CF8-48E5-A7BA-A163A25A669B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8E8D7C9-5272-40E6-869B-B33959F9F0CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE8D5D71-5C85-4644-8A84-F073549ADB50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "0790DDC2-7BA0-42DC-A157-754C0CBBE178",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "882394EA-70C8-4D86-9AEF-5D273D8E518C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "855AD3CC-F404-48C5-80D2-7F2765D16D72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "26B6BF72-9124-4213-B3C0-BD31B46E8C91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE8FBE89-8FDA-4B9B-BA1A-90FFD482A585",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "149C3872-8DA9-48DD-ADD0-2E84C1A76A40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2D33E8C-294A-4C43-8DB6-9DA9F61F0B3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E23ACB0-DF8B-4672-A819-4DCD3104CE4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4723B88-62BA-40E6-AA89-BAC02D6A036F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C698819-3C8E-4A16-8F52-42FF1E54C076",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D3CE74E-59E7-448A-8417-18F97C05C798",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "0986C171-0E75-4F6F-A9BD-276830104E5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "66A2777A-7831-4324-AEB2-5D93B5F6C04B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "37045680-9189-4B7F-A4F7-4E682FE20A09",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6C9F37B-CF3C-4861-A969-C7CF4946274A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A1DAF21-3FED-4691-9D4C-8FD8CEA7FB3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB938E58-4963-4A31-8836-88E958592B30",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E317897-EE97-44F3-96BB-E54228D72A7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EF7FAB2-158D-4C48-9246-E7AD3BF1D801",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.37:*:*:*:*:*:*:*",
              "matchCriteriaId": "056D43AE-ECDB-40D2-A196-18DDCD02629E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.38:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3E555F3-3580-4D71-8D8D-92FE72763D62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "93013503-8B9A-4160-AF7E-277958FA6E9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3B009FD-0F2B-4511-8EDF-C3E670623F89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "52579D8D-E855-42B3-B406-32DD1C39F721",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.47:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7E44FC6-12A2-4F76-A095-28F3804B619F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.48:*:*:*:*:*:*:*",
              "matchCriteriaId": "42917E5E-E362-4B40-B2B2-3C77BA35641C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.50:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF317FA3-EBF3-49BB-A9E6-0D4295FA3F60",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.52:*:*:*:*:*:*:*",
              "matchCriteriaId": "F98B1683-914F-43D3-AE1C-311D3A90BE8C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.54:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8D24656-CAB1-4A98-A440-482927FEDD16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.55:*:*:*:*:*:*:*",
              "matchCriteriaId": "E504557C-DA5D-4D0F-A813-4CE7D5109F15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.56:*:*:*:*:*:*:*",
              "matchCriteriaId": "04D2A067-C717-4921-BBF5-3EFBE02736EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.58:*:*:*:*:*:*:*",
              "matchCriteriaId": "36DDEC5B-4BEA-499C-9F34-BB3D39B7A963",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.62:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4E44C37-0F6F-440B-BA26-FB6D0B179E44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.65:*:*:*:*:*:*:*",
              "matchCriteriaId": "6AEE0050-34DC-49CB-B859-8ED500FD79A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.67:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A47E5C5-E058-4B4C-A258-6DF7CE0EA92B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "52D83C3A-ED0B-42D5-A08A-97D27E189875",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "A649E319-D408-4AA2-8293-C9E37AF14BA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4187EFE-4D7E-4493-A6E0-24C98256CF79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "6730194F-5069-40AB-AE66-871D3992560C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E257F98-D1A0-4D28-9504-1749CC090D49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FF1A5FC-73BE-4218-86D9-2E81FA64EABD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E492943-6EC0-4E34-9DBC-DD1C2CF1CDCC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "589E46F3-8038-4B87-8C40-55C6268B82F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F3B73F6-139E-42DC-B895-DDD17B5A1138",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A2590E7-FE04-4B29-B36B-AABAA5F3B9AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E4FD5E3-7E82-4294-8B05-D2045D857029",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E998A4A-5346-4CFA-A617-FD1106C6B7A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "91265549-A16E-4A00-A031-4F1EB8D6881C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA3C316B-5485-4CDD-A1A1-6C0A9CB4719F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECE6D033-7B8B-4F61-B653-0C0EF13466EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "14441650-DAD5-4959-83DF-4D6F3D6A05FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B21ABC9-A64B-43E4-8951-1E6C0F427DBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "A48EC041-322F-422D-B95B-0FC07BDA2B6B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE0D50C0-DADB-4747-8649-8A5257111FE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEE2699F-353F-44CB-A778-981783DDC31F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D8E50BD-1FBD-483B-9C27-70E95C732E55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "F46E5E4F-787C-4C05-B1E7-C39BB9125D16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6A29312-38E7-456B-94DD-4D7329691114",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "27F7BB31-C733-4C32-BF0F-33B5AF020156",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC313568-33A6-435B-98FF-8A7091D9C451",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F85710A-28CE-4913-8523-356461908FBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6069950-016B-419A-B754-D58956CB6D14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A2F3FEC-624F-47C5-B056-836861BB038A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C4B1136-66B6-42BA-BC17-86E7DCE1CF29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "012812C4-EFF8-465F-A771-134BEB617CC9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "13F57A86-6284-4269-823E-B30C57185D14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.1.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6560447-039C-40FA-A24D-C8994AC2743B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "378ED826-F5FE-40BA-9FC0-9C185A13518B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "130B6FD9-764D-4EF8-91AA-37E52AE9B3E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "225861CE-FFF8-4AFA-A07B-CB8D5BC9C361",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD08C4E8-3ADB-4048-9B3C-4F0385201523",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4875811-F209-49ED-B310-8377B2F87FF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "99C52C7B-B626-4A3C-A2EC-28A20E7FA95F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "08CCBF5E-257A-4A1F-8930-3643A9588838",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "782BC9ED-1395-472B-9F34-DED812AA5BFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "153449C0-B93F-49A2-8A6A-BE84305E8D2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "853A002C-839A-4372-8485-750A86E9F6E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "C62BB5D6-CE75-4C83-82DC-4148EF8CB1F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "D32F1365-EAF8-4570-B2FF-45E47E8586F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFD07F9B-6BB3-4423-8DBE-4E89A6478E65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "34FE4F28-B704-4325-AE8A-C790163FEE71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "E832BC0C-8439-4779-9064-C2D93F231031",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA99DF94-D031-4375-9A16-306606FE28F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC149D03-5609-46E6-A1B3-F4D91F282B49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.27:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5D7FC6F-1370-4272-97E5-226C2ED1D335",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.38:*:*:*:*:*:*:*",
              "matchCriteriaId": "164D5774-D51B-47C6-AD32-ED6B84E78BBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "24A810C8-1BB5-4589-84AB-C357C1937201",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.42:*:*:*:*:*:*:*",
              "matchCriteriaId": "F22D8D65-2E88-4557-BF85-1E3ABD4CCAE8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.48:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF62C9AF-70F5-4A12-9B0A-F32551FB2C40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.55:*:*:*:*:*:*:*",
              "matchCriteriaId": "A04EB4FB-0C9F-441E-B02A-6B22F195348F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.57:*:*:*:*:*:*:*",
              "matchCriteriaId": "ACDD7BD6-1C1D-49FE-8478-D0F37EB59BC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.61:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB7D8466-0050-495A-9442-8C5FF3912F5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "27ACBA2A-87A7-4836-A474-AFD7D22F820D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "C73E0B2E-BABF-4998-A1D7-4E803F9D78AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "59306ADF-FAA6-4970-ADFB-C5D9A5AEF1AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "959107AC-E9EC-467C-901B-A3164E3762E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F944F8F-0255-42BE-BD44-D21EC9F0FFC4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F39C535-5A41-47CE-A9CF-B360998D4BF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9CEAEFC-7B82-41F9-A09D-C86A3A60A4FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "40FAC31D-19C0-4BA0-A019-C7E7A0BA0B5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "6CAAFE0F-416F-4BCA-BA37-30EAEADA8AFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E1E8552-58F0-491E-B7D7-E89527872FC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "9347D71D-1F50-4F85-9F6D-E11D79BD26E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BA16A6D-2747-4DAC-A30A-166F1FD906FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "289F9874-FC01-4809-9BDA-1AF583FB60B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "74EDFC67-E4EE-4D2C-BF9F-5881C987C662",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "826869BE-4874-4BBA-9392-14851560BA10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF52D477-3045-45D1-9FD3-12F396266463",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "88E310BF-F1F6-4124-A875-81967B9B531E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B330F8F-F0DA-472C-A932-AD1D232C7DB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BF59DAA-268C-4FCF-A0AA-7967128AEBC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.46:*:*:*:*:*:*:*",
              "matchCriteriaId": "140ED95D-173C-4ADB-A2E6-97F0D595D1AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.53:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC9B00E1-3E50-4356-B6D9-F84BCD552402",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.55:*:*:*:*:*:*:*",
              "matchCriteriaId": "552319A9-01F7-47BA-83B3-B2DD648AA07E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.56:*:*:*:*:*:*:*",
              "matchCriteriaId": "4914603C-4B1B-48F1-826C-DB803BD21F87",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AE21762-3085-4AFC-B1DE-A4562CDAC509",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "852C3478-7529-4002-8540-ABA4D556DEFC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "23B8A815-5D58-4952-936E-D47B83637BEB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.4.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C98D085-E321-4BAE-AF03-ABDEDC4D24BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.4.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "C05599C9-C0DB-47C1-B145-C410076C1049",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.4.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BC91A59-0BFA-4DE8-B414-7558D27FBC54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEE52F59-AABA-4069-A909-64AD5DFD2B18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "20D7966E-B02B-48C8-BF96-723DD6C25314",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA618249-E76F-4104-9326-C9F2DC8DE3D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C925E1F-6BD9-4CD1-8AC4-4263A9094786",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5EE76D9-6D18-4823-B6B0-E1394A4D140C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F635946-586D-4DE2-927B-300CE569C596",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "459C11B9-ABA1-472A-8CDA-9C7B4E48E943",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.27:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA060112-E2D8-4EC5-8400-D8D189A119B5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3888BB0-B529-486C-8563-392BD1C5DFD5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.31:*:*:*:*:*:*:*",
              "matchCriteriaId": "43FE3FA7-8281-4BD9-A08B-8C79D369480E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B25468E3-03F9-4C2A-B82A-F87F4FCD57E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EC6F412-4A30-4E9A-B8DF-C4BF80E5C4B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA47E8EA-29F2-40F3-826E-E7295FFAD8C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.2.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4D303F8-E6AA-4F1C-9988-055EECD0A902",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.2.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DCBBA66-6D00-4D8B-86FE-81EF431A7806",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D726F07-06F1-4B0A-B010-E607E0C2A280",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FAD2427-82A3-4E64-ADB5-FA4F40B568F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "08D5A647-AC21-40AC-8B3C-EE5D3EDA038A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BAE999A-5244-46CF-8C12-D68E789BDEE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6468D3D-C5A7-4FAE-B4B9-AD862CD11055",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6E4808D-592E-46A6-A83A-A46227D817B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AB45136-ACCD-4230-8975-0EBB30D5B375",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2C39AC1-1B96-4253-9FC8-4CC26D6261F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE9102C8-F211-4E50-967F-FD51C7FC904F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4933642-89E5-4909-AD3C-862CD3B77790",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9A6C776-79B3-47ED-B013-100B8F08E1C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "E504F28A-44CE-4B3E-9330-6A98728E3AEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEA0DD43-D206-4C1C-8B17-DA47F96B3BAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "1983172D-4F52-479F-BF14-A84B92D36864",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "4122D982-A57A-4249-A8DC-CE9FC6C98803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "96464380-F665-4266-B0AD-693E078C9F82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C230B8A-570D-4F58-83E1-AFA50B813EA4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD3F39CB-C4C2-4B13-94F0-9E44322314BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "59A71873-0EB2-418F-AE33-8474A1010FA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2DF0B07-8C2A-4341-8AFF-DE7E5E5B3A43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E6BD0EE-649E-4ED6-A09C-8364335DEF52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AE11554-FE3C-4C8B-8986-5D88E4967342",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1C11983-22A8-4859-A240-571A7815FF54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "24CD0B0A-2B91-45DD-9522-8D1D3850CC9B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7026F0E-72A7-4CDF-BADC-E34FE6FADC51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "63B85369-FBAE-456C-BC99-5418B043688A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "86434346-D5F0-49BA-803E-244C3266E361",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2FA7B3C-002D-4755-B323-CA24B770A5B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1CB7EBC-F3D5-4855-A8D8-BA5AB21FD719",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2A5530C-DF29-421B-9712-3454C1769446",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "41170977-FEEA-4B51-BF98-8493096CD691",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "B05791F9-0B31-4C4C-A9BA-9268CAA45FB2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D975CBA-7F01-4A4C-991B-9571410C4F07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6D7AF29-4E08-4BFD-AFE0-994309E66F08",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2EFA476-5021-4A00-859E-1643009D6156",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6E3A5DC-A237-46E4-A4E5-F135482F984A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "B166867E-E51B-46E3-A6E2-B10E67364058",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "1CE51492-8C9B-459E-9F80-64F426009905",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCD69468-8067-4A5D-B2B0-EC510D889AA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "20AE4051-FA3B-4F0B-BD3D-083A14269FF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "46A42D07-FF3E-41B4-BA39-3A5BDA4E0E61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3985EA37-2B77-45F2-ABA5-5CCC7B35CA2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "67FB5ABE-3C40-4C58-B91F-0621C2180FAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "53909FD6-EC74-4D2F-99DA-26E70400B53F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "55FE024D-0D43-40AD-9645-8C54ECF17824",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC411A8D-CD39-46F5-B8FC-6753E618FAEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "D46E2E00-BA86-4002-B67B-2C1A6C1AAAE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "91AD8BA2-EB8D-4D8B-B707-AF5C2A831998",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FA95508-0A28-4D4A-81A7-5CDD1F5DA46C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBCA75A6-0A3E-4393-8884-9F3CE190641E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F3C12D3-7662-46C5-9E88-D1BE6CF605E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "046B53A0-6BC1-461A-9C28-C534CE12C4BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA889E1-4E8F-4ECE-88AC-7A240D5CBF0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D1C767F-3E06-43B7-A0CC-D51D97A053EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "43A950B0-A7CA-4CE7-A393-A18C8C41B08E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7E221CB-BD0F-4AEE-8646-998B75647714",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "225382DE-2919-48F4-9CC0-DE685EAAFDF4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBA2DFE7-F478-46EC-9832-4B2C738FC879",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "39FE5927-2421-4CBE-97EA-6AED892DA1C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8BF2227-3C50-4FD1-98DB-21196E75D1DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5460064F-FF50-4F54-A8DF-180C76AF9B8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D619BF54-1BA9-45D0-A876-92D7010088A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "469EA365-DED5-4436-AAC2-5553529DE700",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D94F400-5A35-41F5-B37F-E9DA6F87ED8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5364CB94-BEA3-4E9A-A2F9-EE96A2D7F8AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FD5D12-CF1A-4990-99B3-1840EFBA5611",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCD2D11D-FF08-44E4-BF67-D8DD1E701FCD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F788D156-1F1F-4A08-848B-257BC4CCE000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "795ED164-7800-4D50-8E37-665BE30190D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B0664B8-1670-4F47-A01E-089D05A9618A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6826018-5620-4924-BE92-6A245378F610",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A49A07CF-12BA-481C-B5FF-754520080A8A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "F203C7D1-AA92-4367-B7A5-EBAE6B76EE6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0064C97F-1140-43AC-8229-C8CCC367DC4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9296D33-D59A-463D-9722-9D4C3F720E7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9F66CCA-0982-4107-BC5B-79D727479343",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "77B80698-1E76-4B13-AB83-A03FF8C785FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "7106C567-726C-4399-ABE0-4A26B9572D40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D5EEF62-DFD3-4E08-8959-2BCD4B1308CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBC0C3DC-4761-488A-90A9-6EA45EE61526",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "62EE065B-F8B6-4125-8486-B2EE0566B27A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5245DEF8-64BE-47C9-AA3C-DF3F7F92A89F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5A52991-802D-46FB-A508-5616BA1CEB78",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3E08AAC-9C5E-4D18-817C-C466D1D6C4DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "724A3B6F-DDAB-4A2F-8430-9E1F352D755F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.4.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDBF14DD-0654-47F3-A698-020397A1EAA3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the Internet Key Exchange version 2 (IKEv2) protocol processing of Cisco Adaptive Security Appliance (ASA) Software, Cisco Firepower Threat Defense (FTD) Software, Cisco IOS Software, and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\r\n\r\nThis vulnerability is due to insufficient input validation when processing IKEv2 messages. An attacker could exploit this vulnerability by sending crafted IKEv2 traffic to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition on the affected device."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el procesamiento del protocolo de Intercambio de Claves de Internet versi\u00f3n 2 (IKEv2) del software Cisco Adaptive Security Appliance (ASA), Cisco Firepower Threat Defense (FTD), Cisco IOS y Cisco IOS XE podr\u00eda permitir que un atacante remoto no autenticado provoque una denegaci\u00f3n de servicio (DoS) en un dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n de entrada insuficiente al procesar mensajes IKEv2. Un atacante podr\u00eda explotar esta vulnerabilidad enviando tr\u00e1fico IKEv2 manipulado a un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante provocar la recarga del dispositivo, lo que provocar\u00eda una denegaci\u00f3n de servicio (DoS) en el dispositivo afectado."
    }
  ],
  "id": "CVE-2025-20182",
  "lastModified": "2025-08-01T16:12:19.137",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Primary"
      }
    ]
  },
  "published": "2025-05-07T18:15:38.120",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-multiprod-ikev2-dos-gPctUqv2"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2023-11-01 18:15

Modified

2024-11-21 07:40

Severity ?

4.0 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:L
4.0 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:L

Summary

A vulnerability in the TLS 1.3 implementation of the Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the Snort 3 detection engine to unexpectedly restart. This vulnerability is due to a logic error in how memory allocations are handled during a TLS 1.3 session. Under specific, time-based constraints, an attacker could exploit this vulnerability by sending a crafted TLS 1.3 message sequence through an affected device. A successful exploit could allow the attacker to cause the Snort 3 detection engine to reload, resulting in a denial of service (DoS) condition. While the Snort detection engine reloads, packets going through the FTD device that are sent to the Snort detection engine will be dropped. The Snort detection engine will restart automatically. No manual intervention is required.

References

▼	URL	Tags
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort3-uAnUntcV	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort3-uAnUntcV	Vendor Advisory

Impacted products

	Vendor	Product	Version
	cisco	firepower_threat_defense	7.2.0
	cisco	firepower_threat_defense	7.2.0.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FD5D12-CF1A-4990-99B3-1840EFBA5611",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCD2D11D-FF08-44E4-BF67-D8DD1E701FCD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the TLS 1.3 implementation of the Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the Snort 3 detection engine to unexpectedly restart. This vulnerability is due to a logic error in how memory allocations are handled during a TLS 1.3 session. Under specific, time-based constraints, an attacker could exploit this vulnerability by sending a crafted TLS 1.3 message sequence through an affected device. A successful exploit could allow the attacker to cause the Snort 3 detection engine to reload, resulting in a denial of service (DoS) condition. While the Snort detection engine reloads, packets going through the FTD device that are sent to the Snort detection engine will be dropped. The Snort detection engine will restart automatically. No manual intervention is required."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la implementaci\u00f3n de TLS 1.3 del software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir que un atacante remoto no autenticado provoque que el motor de detecci\u00f3n Snort 3 se reinicie inesperadamente. Esta vulnerabilidad se debe a un error l\u00f3gico en c\u00f3mo se manejan las asignaciones de memoria durante una sesi\u00f3n TLS 1.3. Bajo limitaciones de tiempo espec\u00edficas, un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una secuencia de mensajes TLS 1.3 manipulada a trav\u00e9s de un dispositivo afectado. Un exploit exitoso podr\u00eda permitir al atacante hacer que el motor de detecci\u00f3n de Snort 3 se recargue, lo que resultar\u00eda en una condici\u00f3n de Denegaci\u00f3n de Servicio (DoS). Mientras el motor de detecci\u00f3n de Snort se recarga, los paquetes que pasan por el dispositivo FTD y se env\u00edan al motor de detecci\u00f3n de Snort se descartar\u00e1n. El motor de detecci\u00f3n de Snort se reiniciar\u00e1 autom\u00e1ticamente. No se requiere intervenci\u00f3n manual."
    }
  ],
  "id": "CVE-2023-20070",
  "lastModified": "2024-11-21T07:40:28.977",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 4.0,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 1.4,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 4.0,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-11-01T18:15:09.027",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort3-uAnUntcV"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort3-uAnUntcV"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-244"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2019-08-21 19:15

Modified

2024-11-21 04:23

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Summary

A vulnerability in the application policy configuration of the Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data. The vulnerability is due to insufficient application identification. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to gain unauthorized read access to sensitive data.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-frpwr-td-info	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-frpwr-td-info	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	amp_7150	-
cisco	amp_8150	-
cisco	firepower_7010	-
cisco	firepower_7020	-
cisco	firepower_7030	-
cisco	firepower_7050	-
cisco	firepower_7110	-
cisco	firepower_7115	-
cisco	firepower_7120	-
cisco	firepower_7125	-
cisco	firepower_8120	-
cisco	firepower_8130	-
cisco	firepower_8140	-
cisco	firepower_8250	-
cisco	firepower_8260	-
cisco	firepower_8270	-
cisco	firepower_8290	-
cisco	firepower_8350	-
cisco	firepower_8360	-
cisco	firepower_8370	-
cisco	firepower_8390	-
cisco	firepower_management_center_1000	-
cisco	firepower_management_center_2000	-
cisco	firepower_management_center_2500	-
cisco	firepower_management_center_4000	-
cisco	firesight_management_center_1500	-
cisco	firesight_management_center_3500	-
cisco	firesight_management_center_750	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E08C16B-B65A-4CF7-9360-C3DAD7CFE225",
              "versionEndExcluding": "6.4.0.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:amp_7150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F299F4A-CA8C-46EA-A86F-CA52C182DAE6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:amp_8150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B6B5352-91B4-4568-A43D-48A534904AAE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_7010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BDD6E70-C62E-4A23-85DE-19DD6FDA096B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_7020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FB52500-E35C-4759-818F-07ADC19C7A81",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_7030:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3679DACC-E921-4450-B90C-0F1BE692837D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_7050:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD1CBD8A-26C1-4C12-9A59-F66FCBF92F61",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_7110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "714F9D04-E72D-4EDD-8EA3-7B072AA8DB5E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_7115:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "14B7938D-3192-4711-B1AC-5DFBBC05C427",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_7120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D780F90-F8A6-4380-912D-51EFBBF773E8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_7125:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6815185D-D852-4C82-8352-4C0B8C84044E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_8120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1222D6E3-729D-44E3-962E-BA6C953A0821",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_8130:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "12F8691E-CA7E-4FDC-B8F2-8AF226CB0E80",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_8140:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBC482DF-6EB7-4FD5-8825-7A970F6B806C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_8250:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE3FA88E-55A2-4855-93F7-D1E13BBAD0C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_8260:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5810A597-A4FD-4F21-87CB-D4F2E12A9B49",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_8270:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6DD2DA1C-AF33-4594-B12F-2ED95D71B950",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_8290:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "469DAE3D-2636-4760-B5A0-AE9D24D4894A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_8350:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E582E77-8F0E-495F-ADA6-B8EA9E8B46B5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_8360:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8A78557-4176-403C-817C-1B46759F6E14",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_8370:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "068F490D-CCD1-446E-A380-958988D43AD7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_8390:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5C5FBFF-804B-45FD-A145-CEB8382E6FA9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_management_center_1000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "44C4E004-BCBA-4C2A-BBC7-8C6F9E54CC15",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_management_center_2000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A389E5A4-0994-4F75-A264-18371D726ACA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_management_center_2500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E36B8162-AF24-4538-B81E-6FB95AC221C8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_management_center_4000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A9FD1A9-1BB3-4FFB-AB75-5BF8AF61FF1D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firesight_management_center_1500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "756594F4-D397-425F-ACA3-2E130729B736",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firesight_management_center_3500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B96B6255-BEE7-4AF7-BC82-74CDCBE2BEA1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firesight_management_center_750:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6DE96D31-BB8C-46F0-98F2-903F794C19D9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the application policy configuration of the Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data. The vulnerability is due to insufficient application identification. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to gain unauthorized read access to sensitive data."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la configuraci\u00f3n de la pol\u00edtica de aplicaci\u00f3n del software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir que un atacante remoto no autenticado obtenga acceso de lectura no autorizado a datos confidenciales. La vulnerabilidad se debe a la identificaci\u00f3n insuficiente de la aplicaci\u00f3n. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando tr\u00e1fico dise\u00f1ado a un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante obtener acceso de lectura no autorizado a datos confidenciales."
    }
  ],
  "id": "CVE-2019-12627",
  "lastModified": "2024-11-21T04:23:13.203",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-08-21T19:15:13.293",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-frpwr-td-info"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-frpwr-td-info"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-284"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-05-06 17:15

Modified

2024-11-21 05:30

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Summary

A vulnerability in the Secure Sockets Layer (SSL)/Transport Layer Security (TLS) handler of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to exhaust memory resources on the affected device, leading to a denial of service (DoS) condition. The vulnerability is due to improper resource management for inbound SSL/TLS connections. An attacker could exploit this vulnerability by establishing multiple SSL/TLS connections with specific conditions to the affected device. A successful exploit could allow the attacker to exhaust the memory on the affected device, causing the device to stop accepting new SSL/TLS connections and resulting in a DoS condition for services on the device that process SSL/TLS traffic. Manual intervention is required to recover an affected device.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ssl-vpn-dos-qY7BHpjN	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ssl-vpn-dos-qY7BHpjN	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	asa_5505_firmware	9.4\(4\)
cisco	asa_5505_firmware	9.8\(4.18\)
cisco	asa_5505_firmware	100.13\(0\)
cisco	asa_5505	-
cisco	asa_5510_firmware	9.4\(4\)
cisco	asa_5510_firmware	9.8\(4.18\)
cisco	asa_5510_firmware	100.13\(0\)
cisco	asa_5510	-
cisco	asa_5512-x_firmware	9.4\(4\)
cisco	asa_5512-x_firmware	9.8\(4.18\)
cisco	asa_5512-x_firmware	100.13\(0\)
cisco	asa_5512-x	-
cisco	asa_5515-x_firmware	9.4\(4\)
cisco	asa_5515-x_firmware	9.8\(4.18\)
cisco	asa_5515-x_firmware	100.13\(0\)
cisco	asa_5515-x	-
cisco	asa_5520_firmware	9.4\(4\)
cisco	asa_5520_firmware	9.8\(4.18\)
cisco	asa_5520_firmware	100.13\(0\)
cisco	asa_5520	-
cisco	asa_5525-x_firmware	9.4\(4\)
cisco	asa_5525-x_firmware	9.8\(4.18\)
cisco	asa_5525-x_firmware	100.13\(0\)
cisco	asa_5525-x	-
cisco	asa_5540_firmware	9.4\(4\)
cisco	asa_5540_firmware	9.8\(4.18\)
cisco	asa_5540_firmware	100.13\(0\)
cisco	asa_5540	-
cisco	asa_5545-x_firmware	9.4\(4\)
cisco	asa_5545-x_firmware	9.8\(4.18\)
cisco	asa_5545-x_firmware	100.13\(0\)
cisco	asa_5545-x	-
cisco	asa_5550_firmware	9.4\(4\)
cisco	asa_5550_firmware	9.8\(4.18\)
cisco	asa_5550_firmware	100.13\(0\)
cisco	asa_5550	-
cisco	asa_5555-x_firmware	9.4\(4\)
cisco	asa_5555-x_firmware	9.8\(4.18\)
cisco	asa_5555-x_firmware	100.13\(0\)
cisco	asa_5555-x	-
cisco	asa_5580_firmware	9.4\(4\)
cisco	asa_5580_firmware	9.8\(4.18\)
cisco	asa_5580_firmware	100.13\(0\)
cisco	asa_5580	-
cisco	asa_5585-x_firmware	9.4\(4\)
cisco	asa_5585-x_firmware	9.8\(4.18\)
cisco	asa_5585-x_firmware	100.13\(0\)
cisco	asa_5585-x	-
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4B2E5D3-ED34-4A7E-BD8F-8492B6737677",
              "versionEndExcluding": "6.2.3.16",
              "versionStartIncluding": "6.2.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D27DE97-510A-4761-8184-6940745B54E2",
              "versionEndExcluding": "6.3.0.6",
              "versionStartIncluding": "6.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "06741056-2BFD-4F88-917A-F581F813B69E",
              "versionEndExcluding": "6.4.0.9",
              "versionStartIncluding": "6.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3ED0E59C-146C-494F-AD46-F6FB43F9C575",
              "versionEndExcluding": "6.5.0.5",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5505_firmware:9.4\\(4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "5221CFEE-6FBF-44E4-8DB1-592BE809E4B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5505_firmware:9.8\\(4.18\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "8A093039-37B1-4EAE-9905-85916BEBF5B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5505_firmware:100.13\\(0\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "8C36ED08-6819-4BC4-9BDB-FD490CED1877",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E6A8BB7-2000-4CA2-9DD7-89573CE4C73A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5510_firmware:9.4\\(4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "1E9CBD3A-F426-4E13-BAAB-1AE1ED7400E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5510_firmware:9.8\\(4.18\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "DE2C0163-BBB7-45AD-8F4E-FA929FC15008",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5510_firmware:100.13\\(0\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "DC5BE91D-FF59-42CC-BF9B-8C019ACDA3E9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B091B9BA-D4CA-435B-8D66-602B45F0E0BD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5512-x_firmware:9.4\\(4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "33D660B9-A5B8-497D-8820-24ED84E93CE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5512-x_firmware:9.8\\(4.18\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "E7931908-4F0B-47E0-AA9F-0D6C58B58607",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5512-x_firmware:100.13\\(0\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "1F6AE2D7-5B7B-4883-93D1-4A3232761E16",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08F0F160-DAD2-48D4-B7B2-4818B2526F35",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5515-x_firmware:9.4\\(4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "09DB9B53-5F40-4262-8520-23827593FA75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5515-x_firmware:9.8\\(4.18\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "8990E7B1-E256-48DC-A91D-E7A369CA140B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5515-x_firmware:100.13\\(0\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "D1B82BE6-AD49-4EC9-A4CE-6F56EF123BF8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "977D597B-F6DE-4438-AB02-06BE64D71EBE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5520_firmware:9.4\\(4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "993BCB8D-6F0A-40FE-BB35-6721C4AF51B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5520_firmware:9.8\\(4.18\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "3CDF3D71-3674-483A-A860-CB908FEAF38B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5520_firmware:100.13\\(0\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "11BBB96D-3921-4DC4-9A05-0CCF2F9D48F0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5520:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B387F62-6341-434D-903F-9B72E7F84ECB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5525-x_firmware:9.4\\(4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "32970E7C-89EB-49AB-8397-D44D59047940",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5525-x_firmware:9.8\\(4.18\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "F8EC08D0-0A8F-4846-83B1-5059D8B270F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5525-x_firmware:100.13\\(0\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "64B3A25A-48EA-440B-BFA9-F90316C93396",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB71EB29-0115-4307-A9F7-262394FD9FB0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5540_firmware:9.4\\(4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "6CA91C35-A8BE-4766-B4B4-86B185F16467",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5540_firmware:9.8\\(4.18\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "CC09B403-0051-441A-A3D3-B790DD60F7F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5540_firmware:100.13\\(0\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "393228AB-D0BC-41AC-92E7-40F7E0399BDD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5540:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C5A524-E1D9-480F-B655-0680AA5BF720",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5545-x_firmware:9.4\\(4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "B63F6AD6-6084-427B-8530-C2FDABCAD1D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5545-x_firmware:9.8\\(4.18\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "5536B015-5F7E-4CB4-B11B-CDA0DB9879AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5545-x_firmware:100.13\\(0\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "C7175A1A-92AB-4005-B341-A3C99BD24701",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5545-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57179F60-E330-4FF0-9664-B1E4637FF210",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5550_firmware:9.4\\(4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "809A29EF-DDD9-47E4-AB84-F4CE412621B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5550_firmware:9.8\\(4.18\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "5C79FCA1-BC64-45C8-A30A-0D97A77BB26F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5550_firmware:100.13\\(0\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "55EDCE66-9336-437D-ABF1-C2B3429D10C4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5550:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6287D95-F564-44B7-A0F9-91396D7C2C4E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5555-x_firmware:9.4\\(4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "2C3D9650-E3FE-42BA-A94D-3D457477BAC0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5555-x_firmware:9.8\\(4.18\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "7D89517A-EBBA-49EB-BBDD-9A99D2AFD79B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5555-x_firmware:100.13\\(0\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "4511E447-F8F8-44C8-8751-375519AD01A1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5535C936-391B-4619-AA03-B35265FC15D7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5580_firmware:9.4\\(4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "FFE1487B-1A2E-452A-B994-F5AE6745DD5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5580_firmware:9.8\\(4.18\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "EF86FD93-6AFA-4226-A0BC-8BFE87F49026",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5580_firmware:100.13\\(0\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "F1E8402E-E457-4957-B19A-8CFAAF9083FC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1E828B8-5ECC-4A09-B2AD-DEDC558713DE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5585-x_firmware:9.4\\(4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "A372D7A8-CAF1-4500-8C32-0B7D511096B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5585-x_firmware:9.8\\(4.18\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "C1A654F5-CEC9-43E7-A38F-72F26073ABC8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5585-x_firmware:100.13\\(0\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "65AD1473-6DEF-46AA-B5F9-955ACB434DE9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16AE20C2-C77E-4E04-BF13-A48696E52426",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF907DBB-5201-49EC-92C5-3BD3752BDECC",
              "versionEndExcluding": "9.6.4.40",
              "versionStartIncluding": "9.6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEB1AF51-43DA-4399-8264-E0A2E629F799",
              "versionEndExcluding": "9.8.4.20",
              "versionStartIncluding": "9.8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEE81D32-51D0-41F7-B06B-0750DCB1F589",
              "versionEndExcluding": "9.9.2.66",
              "versionStartIncluding": "9.9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "49FFDB02-2944-4B31-BBC0-30E60BA9F9D1",
              "versionEndExcluding": "9.10.1.37",
              "versionStartIncluding": "9.10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BDBCE56-8434-43B5-A172-5A63536D9E9F",
              "versionEndExcluding": "9.12.3.2",
              "versionStartIncluding": "9.12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE14B138-4EED-43E1-A8F1-0D16F4A761C0",
              "versionEndExcluding": "9.13.1.7",
              "versionStartIncluding": "9.13",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the Secure Sockets Layer (SSL)/Transport Layer Security (TLS) handler of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to exhaust memory resources on the affected device, leading to a denial of service (DoS) condition. The vulnerability is due to improper resource management for inbound SSL/TLS connections. An attacker could exploit this vulnerability by establishing multiple SSL/TLS connections with specific conditions to the affected device. A successful exploit could allow the attacker to exhaust the memory on the affected device, causing the device to stop accepting new SSL/TLS connections and resulting in a DoS condition for services on the device that process SSL/TLS traffic. Manual intervention is required to recover an affected device."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el manejador de Secure Sockets Layer (SSL)/Transport Layer Security (TLS) del Cisco Adaptive Security Appliance (ASA) Software y el Cisco Firepower Threat Defense (FTD) Software, podr\u00eda permitir a un atacante remoto no autenticado agotar los recursos de la memoria sobre el dispositivo afectado, conllevando a una condici\u00f3n de denegaci\u00f3n de servicio (DoS). La vulnerabilidad es debido a una administraci\u00f3n de recursos inapropiada para las conexiones entrantes SSL/TLS. Un atacante podr\u00eda explotar esta vulnerabilidad al establecer m\u00faltiples conexiones SSL/TLS con condiciones espec\u00edficas para el dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante agotar la memoria en el dispositivo afectado, causando que el dispositivo deje de aceptar nuevas conexiones SSL/TLS y resultando en una condici\u00f3n DoS para los servicios en el dispositivo que procesa el tr\u00e1fico SSL/TLS. Es requerida una intervenci\u00f3n manual para recuperar un dispositivo afectado."
    }
  ],
  "id": "CVE-2020-3196",
  "lastModified": "2024-11-21T05:30:31.633",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-05-06T17:15:12.417",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ssl-vpn-dos-qY7BHpjN"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ssl-vpn-dos-qY7BHpjN"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2022-11-15 21:15

Modified

2024-11-21 06:43

Severity ?

6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
4.9 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

Summary

A vulnerability in the management web server of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker with high privileges to execute configuration commands on an affected system. This vulnerability exists because access to HTTPS endpoints is not properly restricted on an affected device. An attacker could exploit this vulnerability by sending specific messages to the affected HTTPS handler. A successful exploit could allow the attacker to perform configuration changes on the affected system, which should be configured and managed only through Cisco Firepower Management Center (FMC) Software.

References

▼	URL	Tags
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-mgmt-privesc-7GqR2th
	af854a3a-2127-422b-91ae-364da2661108	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-mgmt-privesc-7GqR2th

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	6.2.1
cisco	firepower_threat_defense	7.1.0.0
cisco	firepower_threat_defense	7.1.0.1
cisco	firepower_threat_defense	7.1.0.2
cisco	firepower_threat_defense	7.2.0
cisco	firepower_threat_defense	7.2.0.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "64116F5B-671C-46DB-A78D-AB14AAF946FD",
              "versionEndIncluding": "6.1.0.7",
              "versionStartIncluding": "6.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD237542-FED6-4013-AD9F-18891954FE05",
              "versionEndIncluding": "6.2.0.6",
              "versionStartIncluding": "6.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F74A25A-601D-470D-BA43-EA68ADD266C6",
              "versionEndIncluding": "6.2.2.5",
              "versionStartIncluding": "6.2.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D58D7217-F6F5-4B58-B59C-E5C8781C87A9",
              "versionEndIncluding": "6.2.3.18",
              "versionStartIncluding": "6.2.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDE0C110-518D-4E51-BCEB-F4E9FC448278",
              "versionEndIncluding": "6.3.0.5",
              "versionStartIncluding": "6.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "874E0E13-4A9E-4296-BEE6-F5B1077411A0",
              "versionEndIncluding": "6.4.0.15",
              "versionStartIncluding": "6.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "171E1C5D-68C5-4BBC-AE18-D1518A1B7277",
              "versionEndIncluding": "6.5.0.5",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6362D78F-F131-46E4-8F0E-C7F218500017",
              "versionEndIncluding": "6.6.5.2",
              "versionStartIncluding": "6.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1110632C-526F-4025-A7BE-0CF9F37E5F9E",
              "versionEndIncluding": "6.7.0.3",
              "versionStartIncluding": "6.7.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "89DFD86B-768D-4301-92DB-B73C14255123",
              "versionEndIncluding": "7.0.3",
              "versionStartIncluding": "7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD48BE40-C647-429A-81B6-59E125BBE415",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7533780-0DF9-41BE-8455-F60676785689",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "469EA365-DED5-4436-AAC2-5553529DE700",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D94F400-5A35-41F5-B37F-E9DA6F87ED8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FD5D12-CF1A-4990-99B3-1840EFBA5611",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCD2D11D-FF08-44E4-BF67-D8DD1E701FCD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the management web server of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker with high privileges to execute configuration commands on an affected system.\r\n\r This vulnerability exists because access to HTTPS endpoints is not properly restricted on an affected device. An attacker could exploit this vulnerability by sending specific messages to the affected HTTPS handler. A successful exploit could allow the attacker to perform configuration changes on the affected system, which should be configured and managed only through Cisco Firepower Management Center (FMC) Software."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el servidor web de administraci\u00f3n del software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir que un atacante remoto autenticado con altos privilegios ejecute comandos de configuraci\u00f3n en un sistema afectado. Esta vulnerabilidad existe porque el acceso a los endpoint HTTPS no est\u00e1 restringido adecuadamente en un dispositivo afectado. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando mensajes espec\u00edficos al controlador HTTPS afectado. Un exploit exitoso podr\u00eda permitir al atacante realizar cambios de configuraci\u00f3n en el sistema afectado, que deben configurarse y administrarse \u00fanicamente a trav\u00e9s del software Cisco Firepower Management Center (FMC)."
    }
  ],
  "id": "CVE-2022-20949",
  "lastModified": "2024-11-21T06:43:53.010",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 5.2,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.9,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-11-15T21:15:35.833",
  "references": [
    {
      "source": "psirt@cisco.com",
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-mgmt-privesc-7GqR2th"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-mgmt-privesc-7GqR2th"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2019-05-03 15:29

Modified

2024-11-21 04:37

Severity ?

6.5 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Summary

A vulnerability in the detection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent attacker to send data directly to the kernel of an affected device. The vulnerability exists because the software improperly filters Ethernet frames sent to an affected device. An attacker could exploit this vulnerability by sending crafted packets to the management interface of an affected device. A successful exploit could allow the attacker to bypass the Layer 2 (L2) filters and send data directly to the kernel of the affected device. A malicious frame successfully delivered would make the target device generate a specific syslog entry.

References

URL	Tags
psirt@cisco.com	http://www.securityfocus.com/bid/108173	Third Party Advisory, VDB Entry
psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftd-bypass	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/108173	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftd-bypass	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance_software	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	firepower_2110	-
cisco	firepower_2120	-
cisco	firepower_2130	-
cisco	firepower_2140	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3DFE81CB-3B01-4905-A5E0-C770C60B7CDC",
              "versionEndExcluding": "9.8.4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8F292C5-67ED-4F18-B6C4-5873BB771C3D",
              "versionEndExcluding": "6.2.3.12",
              "versionStartIncluding": "6.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A16803C-579C-4992-B37E-7CEC17307659",
              "versionEndExcluding": "6.3.0.3",
              "versionStartIncluding": "6.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABCD2AF8-97D4-45C6-B80E-D5FA9B719BD5",
              "versionEndExcluding": "9.9.2.50",
              "versionStartIncluding": "9.9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4C6B343-2D4D-4C7E-A59E-629773DD2E60",
              "versionEndExcluding": "9.10.1.17",
              "versionStartIncluding": "9.10",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "52D96810-5F79-4A83-B8CA-D015790FCF72",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FE2945-4975-4003-AE48-7E134E167A7F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2130:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCE7122A-5AA7-4ECD-B024-E27C9D0CFB7B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2140:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "976901BF-C52C-4F81-956A-711AF8A60140",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the detection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent attacker to send data directly to the kernel of an affected device. The vulnerability exists because the software improperly filters Ethernet frames sent to an affected device. An attacker could exploit this vulnerability by sending crafted packets to the management interface of an affected device. A successful exploit could allow the attacker to bypass the Layer 2 (L2) filters and send data directly to the kernel of the affected device. A malicious frame successfully delivered would make the target device generate a specific syslog entry."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el motor de detecci\u00f3n del software Adaptive Security Appliance (ASA) de Cisco  y el software Firepower Threat Defense (FTD) de Cisco, podr\u00eda permitir que un atacante adyacente no identificado env\u00ede datos directamente hacia el kernel de un dispositivo afectado. La vulnerabilidad se presenta porque el software filtra incorrectamente las tramas de Ethernet enviadas a un dispositivo afectado. Un atacante podr\u00eda aprovechar esta vulnerabilidad mediante el env\u00edo de paquetes creados a la interfaz de administraci\u00f3n de un dispositivo afectado. Una operaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante omitir los filtros de Capa 2 (L2) y enviar datos directamente hacia el kernel del dispositivo afectado. Una trama maliciosa entregada con \u00e9xito har\u00eda que el dispositivo de destino generara una entrada syslog espec\u00edfica."
    }
  ],
  "id": "CVE-2019-1695",
  "lastModified": "2024-11-21T04:37:07.167",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "ADJACENT_NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 6.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:A/AC:L/Au:N/C:N/I:C/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 6.5,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 1.4,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-05-03T15:29:01.103",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/108173"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftd-bypass"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/108173"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftd-bypass"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-284"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-05-06 17:15

Modified

2024-11-21 05:30

Severity ?

5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Summary

A vulnerability in the management access list configuration of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured management interface access list on an affected system. The vulnerability is due to the configuration of different management access lists, with ports allowed in one access list and denied in another. An attacker could exploit this vulnerability by sending crafted remote management traffic to the local IP address of an affected system. A successful exploit could allow the attacker to bypass the configured management access list policies, and traffic to the management interface would not be properly denied.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-accesslist-bypass-5dZs5qZp	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-accesslist-bypass-5dZs5qZp	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	asa_5505_firmware	9.12\(1.6\)
cisco	asa_5505_firmware	201.5\(23.16\)
cisco	asa_5505	-
cisco	asa_5510_firmware	9.12\(1.6\)
cisco	asa_5510_firmware	201.5\(23.16\)
cisco	asa_5510	-
cisco	asa_5512-x_firmware	9.12\(1.6\)
cisco	asa_5512-x_firmware	201.5\(23.16\)
cisco	asa_5512-x	-
cisco	asa_5515-x_firmware	9.12\(1.6\)
cisco	asa_5515-x_firmware	201.5\(23.16\)
cisco	asa_5515-x	-
cisco	asa_5520_firmware	9.12\(1.6\)
cisco	asa_5520_firmware	201.5\(23.16\)
cisco	asa_5520	-
cisco	asa_5525-x_firmware	9.12\(1.6\)
cisco	asa_5525-x_firmware	201.5\(23.16\)
cisco	asa_5525-x	-
cisco	asa_5540_firmware	9.12\(1.6\)
cisco	asa_5540_firmware	201.5\(23.16\)
cisco	asa_5540	-
cisco	asa_5545-x_firmware	9.12\(1.6\)
cisco	asa_5545-x_firmware	201.5\(23.16\)
cisco	asa_5545-x	-
cisco	asa_5550_firmware	9.12\(1.6\)
cisco	asa_5550_firmware	201.5\(23.16\)
cisco	asa_5550	-
cisco	asa_5555-x_firmware	9.12\(1.6\)
cisco	asa_5555-x_firmware	201.5\(23.16\)
cisco	asa_5555-x	-
cisco	asa_5580_firmware	9.12\(1.6\)
cisco	asa_5580_firmware	201.5\(23.16\)
cisco	asa_5580	-
cisco	asa_5585-x_firmware	9.12\(1.6\)
cisco	asa_5585-x_firmware	201.5\(23.16\)
cisco	asa_5585-x	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D27DE97-510A-4761-8184-6940745B54E2",
              "versionEndExcluding": "6.3.0.6",
              "versionStartIncluding": "6.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "532C5B46-89B4-4E40-A8BD-25833129995F",
              "versionEndExcluding": "6.4.0.7",
              "versionStartIncluding": "6.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "931501EE-560C-49AD-805D-3008159E0A94",
              "versionEndExcluding": "6.5.0.2",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5505_firmware:9.12\\(1.6\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "0955FB2F-5A43-498D-A3A0-57FAD9EC529F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5505_firmware:201.5\\(23.16\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "5F7EC7AF-087E-49D2-B9F3-B46F7B7898A7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E6A8BB7-2000-4CA2-9DD7-89573CE4C73A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5510_firmware:9.12\\(1.6\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "C6718EFA-D405-4386-9EC6-ECD89565822F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5510_firmware:201.5\\(23.16\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "1B3E851D-2555-4F14-9069-5CD4B4CE1C83",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B091B9BA-D4CA-435B-8D66-602B45F0E0BD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5512-x_firmware:9.12\\(1.6\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "3F2F5397-59DF-4726-911D-A71D50D9E7FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5512-x_firmware:201.5\\(23.16\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "1DB1C9D9-80DC-4D69-A0EB-BC1DE689A54E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08F0F160-DAD2-48D4-B7B2-4818B2526F35",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5515-x_firmware:9.12\\(1.6\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "883C412B-1F04-46FF-9EBC-DD255E4302D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5515-x_firmware:201.5\\(23.16\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "D489D871-D8B4-411A-B8B8-A3B39021587B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "977D597B-F6DE-4438-AB02-06BE64D71EBE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5520_firmware:9.12\\(1.6\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "10E0E709-E395-462B-95BC-8974A3E815F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5520_firmware:201.5\\(23.16\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "686A7C5A-96BB-4618-B1D6-A29BCF33139B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5520:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B387F62-6341-434D-903F-9B72E7F84ECB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5525-x_firmware:9.12\\(1.6\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "DFB70CBF-1DB9-4641-BFDC-9297AFBE7BE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5525-x_firmware:201.5\\(23.16\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "FD413534-D294-44C3-B576-461843BE943C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB71EB29-0115-4307-A9F7-262394FD9FB0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5540_firmware:9.12\\(1.6\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "0649437E-A1B5-4A0E-8112-4A730F07CC40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5540_firmware:201.5\\(23.16\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "3B6AC391-238C-4CEA-B134-F921B3E6D558",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5540:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C5A524-E1D9-480F-B655-0680AA5BF720",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5545-x_firmware:9.12\\(1.6\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "FCC88C08-817D-4188-B3BA-45947D0D2352",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5545-x_firmware:201.5\\(23.16\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "21EF6164-7625-461E-AADB-441F77F095A6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5545-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57179F60-E330-4FF0-9664-B1E4637FF210",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5550_firmware:9.12\\(1.6\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "2709CF0D-9E6D-4D44-B73E-80C613167F97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5550_firmware:201.5\\(23.16\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "54CC2571-B9CB-48BC-9656-EACE70A50FCC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5550:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6287D95-F564-44B7-A0F9-91396D7C2C4E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5555-x_firmware:9.12\\(1.6\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "DEA7F888-4E4D-4883-AD60-C46937A19DC4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5555-x_firmware:201.5\\(23.16\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "A4AB4464-7DC2-4FBF-A3A6-719C65582753",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5535C936-391B-4619-AA03-B35265FC15D7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5580_firmware:9.12\\(1.6\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "C253ECB2-6E9B-4504-B88C-51FCF9422582",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5580_firmware:201.5\\(23.16\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "EC4D3059-D22A-4659-9F9A-1399A3780D90",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1E828B8-5ECC-4A09-B2AD-DEDC558713DE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5585-x_firmware:9.12\\(1.6\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "AC16C92F-7788-42E0-80CB-2DC4864EF5F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5585-x_firmware:201.5\\(23.16\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "1BDC5ADC-6C6E-4AA0-AC0A-7CA1F5B395DF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16AE20C2-C77E-4E04-BF13-A48696E52426",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the management access list configuration of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured management interface access list on an affected system. The vulnerability is due to the configuration of different management access lists, with ports allowed in one access list and denied in another. An attacker could exploit this vulnerability by sending crafted remote management traffic to the local IP address of an affected system. A successful exploit could allow the attacker to bypass the configured management access list policies, and traffic to the management interface would not be properly denied."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la configuraci\u00f3n de listas de acceso de administraci\u00f3n del Cisco Firepower Threat Defense (FTD) Software, podr\u00eda permitir a un atacante remoto no autenticado omitir una lista de acceso de la interfaz de administraci\u00f3n configurada sobre un sistema afectado. La vulnerabilidad es debido a la configuraci\u00f3n de diferentes listas de acceso de administraci\u00f3n, con puertos permitidos en una lista de acceso y denegados en otra. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de tr\u00e1fico de administraci\u00f3n remota dise\u00f1ado hacia la direcci\u00f3n IP local de un sistema afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir a un atacante omitir las pol\u00edticas configuradas de la lista de acceso de administraci\u00f3n, y el tr\u00e1fico a la interfaz de administraci\u00f3n no ser\u00eda denegado apropiadamente."
    }
  ],
  "id": "CVE-2020-3186",
  "lastModified": "2024-11-21T05:30:30.277",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-05-06T17:15:12.010",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-accesslist-bypass-5dZs5qZp"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-accesslist-bypass-5dZs5qZp"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-284"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2024-10-23 18:15

Modified

2025-06-06 18:51

Severity ?

6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Summary

A vulnerability in the VPN web client services feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a browser that is accessing an affected device. This vulnerability is due to improper validation of user-supplied input to application endpoints. An attacker could exploit this vulnerability by persuading a user to follow a link designed to submit malicious input to the affected application. A successful exploit could allow the attacker to execute arbitrary HTML or script code in the browser in the context of the web services page.

References

▼	URL	Tags
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-xss-yjj7ZjVq	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance_software	9.8.1
cisco	adaptive_security_appliance_software	9.8.1.5
cisco	adaptive_security_appliance_software	9.8.1.7
cisco	adaptive_security_appliance_software	9.8.2
cisco	adaptive_security_appliance_software	9.8.2.8
cisco	adaptive_security_appliance_software	9.8.2.14
cisco	adaptive_security_appliance_software	9.8.2.15
cisco	adaptive_security_appliance_software	9.8.2.17
cisco	adaptive_security_appliance_software	9.8.2.20
cisco	adaptive_security_appliance_software	9.8.2.24
cisco	adaptive_security_appliance_software	9.8.2.26
cisco	adaptive_security_appliance_software	9.8.2.28
cisco	adaptive_security_appliance_software	9.8.2.33
cisco	adaptive_security_appliance_software	9.8.2.35
cisco	adaptive_security_appliance_software	9.8.2.38
cisco	adaptive_security_appliance_software	9.8.2.45
cisco	adaptive_security_appliance_software	9.8.3
cisco	adaptive_security_appliance_software	9.8.3.8
cisco	adaptive_security_appliance_software	9.8.3.11
cisco	adaptive_security_appliance_software	9.8.3.14
cisco	adaptive_security_appliance_software	9.8.3.16
cisco	adaptive_security_appliance_software	9.8.3.18
cisco	adaptive_security_appliance_software	9.8.3.21
cisco	adaptive_security_appliance_software	9.8.3.26
cisco	adaptive_security_appliance_software	9.8.3.29
cisco	adaptive_security_appliance_software	9.8.4
cisco	adaptive_security_appliance_software	9.8.4.3
cisco	adaptive_security_appliance_software	9.8.4.7
cisco	adaptive_security_appliance_software	9.8.4.8
cisco	adaptive_security_appliance_software	9.8.4.10
cisco	adaptive_security_appliance_software	9.8.4.12
cisco	adaptive_security_appliance_software	9.8.4.15
cisco	adaptive_security_appliance_software	9.8.4.17
cisco	adaptive_security_appliance_software	9.8.4.20
cisco	adaptive_security_appliance_software	9.8.4.22
cisco	adaptive_security_appliance_software	9.8.4.25
cisco	adaptive_security_appliance_software	9.8.4.26
cisco	adaptive_security_appliance_software	9.8.4.29
cisco	adaptive_security_appliance_software	9.8.4.32
cisco	adaptive_security_appliance_software	9.8.4.33
cisco	adaptive_security_appliance_software	9.8.4.34
cisco	adaptive_security_appliance_software	9.8.4.35
cisco	adaptive_security_appliance_software	9.8.4.39
cisco	adaptive_security_appliance_software	9.8.4.40
cisco	adaptive_security_appliance_software	9.8.4.41
cisco	adaptive_security_appliance_software	9.8.4.43
cisco	adaptive_security_appliance_software	9.8.4.44
cisco	adaptive_security_appliance_software	9.8.4.45
cisco	adaptive_security_appliance_software	9.8.4.46
cisco	adaptive_security_appliance_software	9.8.4.48
cisco	adaptive_security_appliance_software	9.12.1
cisco	adaptive_security_appliance_software	9.12.1.2
cisco	adaptive_security_appliance_software	9.12.1.3
cisco	adaptive_security_appliance_software	9.12.2
cisco	adaptive_security_appliance_software	9.12.2.1
cisco	adaptive_security_appliance_software	9.12.2.4
cisco	adaptive_security_appliance_software	9.12.2.5
cisco	adaptive_security_appliance_software	9.12.2.9
cisco	adaptive_security_appliance_software	9.12.3
cisco	adaptive_security_appliance_software	9.12.3.2
cisco	adaptive_security_appliance_software	9.12.3.7
cisco	adaptive_security_appliance_software	9.12.3.9
cisco	adaptive_security_appliance_software	9.12.3.12
cisco	adaptive_security_appliance_software	9.12.4
cisco	adaptive_security_appliance_software	9.12.4.2
cisco	adaptive_security_appliance_software	9.12.4.4
cisco	adaptive_security_appliance_software	9.12.4.7
cisco	adaptive_security_appliance_software	9.12.4.8
cisco	adaptive_security_appliance_software	9.12.4.10
cisco	adaptive_security_appliance_software	9.12.4.13
cisco	adaptive_security_appliance_software	9.12.4.18
cisco	adaptive_security_appliance_software	9.12.4.24
cisco	adaptive_security_appliance_software	9.12.4.26
cisco	adaptive_security_appliance_software	9.12.4.29
cisco	adaptive_security_appliance_software	9.12.4.30
cisco	adaptive_security_appliance_software	9.12.4.35
cisco	adaptive_security_appliance_software	9.12.4.37
cisco	adaptive_security_appliance_software	9.12.4.38
cisco	adaptive_security_appliance_software	9.12.4.39
cisco	adaptive_security_appliance_software	9.12.4.40
cisco	adaptive_security_appliance_software	9.12.4.41
cisco	adaptive_security_appliance_software	9.12.4.47
cisco	adaptive_security_appliance_software	9.12.4.48
cisco	adaptive_security_appliance_software	9.12.4.50
cisco	adaptive_security_appliance_software	9.12.4.52
cisco	adaptive_security_appliance_software	9.12.4.54
cisco	adaptive_security_appliance_software	9.12.4.55
cisco	adaptive_security_appliance_software	9.12.4.56
cisco	adaptive_security_appliance_software	9.12.4.58
cisco	adaptive_security_appliance_software	9.12.4.62
cisco	adaptive_security_appliance_software	9.12.4.65
cisco	adaptive_security_appliance_software	9.12.4.67
cisco	adaptive_security_appliance_software	9.14.1
cisco	adaptive_security_appliance_software	9.14.1.6
cisco	adaptive_security_appliance_software	9.14.1.10
cisco	adaptive_security_appliance_software	9.14.1.15
cisco	adaptive_security_appliance_software	9.14.1.19
cisco	adaptive_security_appliance_software	9.14.1.30
cisco	adaptive_security_appliance_software	9.14.2
cisco	adaptive_security_appliance_software	9.14.2.4
cisco	adaptive_security_appliance_software	9.14.2.8
cisco	adaptive_security_appliance_software	9.14.2.13
cisco	adaptive_security_appliance_software	9.14.2.15
cisco	adaptive_security_appliance_software	9.14.3
cisco	adaptive_security_appliance_software	9.14.3.1
cisco	adaptive_security_appliance_software	9.14.3.9
cisco	adaptive_security_appliance_software	9.14.3.11
cisco	adaptive_security_appliance_software	9.14.3.13
cisco	adaptive_security_appliance_software	9.14.3.15
cisco	adaptive_security_appliance_software	9.14.3.18
cisco	adaptive_security_appliance_software	9.14.4
cisco	adaptive_security_appliance_software	9.14.4.6
cisco	adaptive_security_appliance_software	9.14.4.7
cisco	adaptive_security_appliance_software	9.14.4.12
cisco	adaptive_security_appliance_software	9.14.4.13
cisco	adaptive_security_appliance_software	9.14.4.14
cisco	adaptive_security_appliance_software	9.14.4.15
cisco	adaptive_security_appliance_software	9.14.4.17
cisco	adaptive_security_appliance_software	9.14.4.22
cisco	adaptive_security_appliance_software	9.14.4.23
cisco	adaptive_security_appliance_software	9.14.4.24
cisco	adaptive_security_appliance_software	9.15.1
cisco	adaptive_security_appliance_software	9.15.1.1
cisco	adaptive_security_appliance_software	9.15.1.7
cisco	adaptive_security_appliance_software	9.15.1.10
cisco	adaptive_security_appliance_software	9.15.1.15
cisco	adaptive_security_appliance_software	9.15.1.16
cisco	adaptive_security_appliance_software	9.15.1.17
cisco	adaptive_security_appliance_software	9.15.1.21
cisco	adaptive_security_appliance_software	9.16.1
cisco	adaptive_security_appliance_software	9.16.1.28
cisco	adaptive_security_appliance_software	9.16.2
cisco	adaptive_security_appliance_software	9.16.2.3
cisco	adaptive_security_appliance_software	9.16.2.7
cisco	adaptive_security_appliance_software	9.16.2.11
cisco	adaptive_security_appliance_software	9.16.2.13
cisco	adaptive_security_appliance_software	9.16.2.14
cisco	adaptive_security_appliance_software	9.16.3
cisco	adaptive_security_appliance_software	9.16.3.3
cisco	adaptive_security_appliance_software	9.16.3.14
cisco	adaptive_security_appliance_software	9.16.3.15
cisco	adaptive_security_appliance_software	9.16.3.19
cisco	adaptive_security_appliance_software	9.16.3.23
cisco	adaptive_security_appliance_software	9.16.4
cisco	adaptive_security_appliance_software	9.16.4.9
cisco	adaptive_security_appliance_software	9.16.4.14
cisco	adaptive_security_appliance_software	9.16.4.18
cisco	adaptive_security_appliance_software	9.16.4.19
cisco	adaptive_security_appliance_software	9.16.4.27
cisco	adaptive_security_appliance_software	9.16.4.38
cisco	adaptive_security_appliance_software	9.16.4.39
cisco	adaptive_security_appliance_software	9.16.4.42
cisco	adaptive_security_appliance_software	9.16.4.48
cisco	adaptive_security_appliance_software	9.16.4.55
cisco	adaptive_security_appliance_software	9.16.4.57
cisco	adaptive_security_appliance_software	9.16.4.61
cisco	adaptive_security_appliance_software	9.17.1
cisco	adaptive_security_appliance_software	9.17.1.7
cisco	adaptive_security_appliance_software	9.17.1.9
cisco	adaptive_security_appliance_software	9.17.1.10
cisco	adaptive_security_appliance_software	9.17.1.11
cisco	adaptive_security_appliance_software	9.17.1.13
cisco	adaptive_security_appliance_software	9.17.1.15
cisco	adaptive_security_appliance_software	9.17.1.20
cisco	adaptive_security_appliance_software	9.17.1.30
cisco	adaptive_security_appliance_software	9.17.1.33
cisco	adaptive_security_appliance_software	9.17.1.39
cisco	adaptive_security_appliance_software	9.18.1
cisco	adaptive_security_appliance_software	9.18.1.3
cisco	adaptive_security_appliance_software	9.18.2
cisco	adaptive_security_appliance_software	9.18.2.5
cisco	adaptive_security_appliance_software	9.18.2.7
cisco	adaptive_security_appliance_software	9.18.2.8
cisco	adaptive_security_appliance_software	9.18.3
cisco	adaptive_security_appliance_software	9.18.3.39
cisco	adaptive_security_appliance_software	9.18.3.46
cisco	adaptive_security_appliance_software	9.18.3.53
cisco	adaptive_security_appliance_software	9.18.3.55
cisco	adaptive_security_appliance_software	9.18.3.56
cisco	adaptive_security_appliance_software	9.18.4
cisco	adaptive_security_appliance_software	9.18.4.5
cisco	adaptive_security_appliance_software	9.18.4.8
cisco	adaptive_security_appliance_software	9.18.4.22
cisco	adaptive_security_appliance_software	9.18.4.24
cisco	adaptive_security_appliance_software	9.18.4.29
cisco	adaptive_security_appliance_software	9.19.1
cisco	adaptive_security_appliance_software	9.19.1.5
cisco	adaptive_security_appliance_software	9.19.1.9
cisco	adaptive_security_appliance_software	9.19.1.12
cisco	adaptive_security_appliance_software	9.19.1.18
cisco	adaptive_security_appliance_software	9.19.1.22
cisco	adaptive_security_appliance_software	9.19.1.24
cisco	adaptive_security_appliance_software	9.19.1.27
cisco	adaptive_security_appliance_software	9.19.1.28
cisco	adaptive_security_appliance_software	9.19.1.31
cisco	adaptive_security_appliance_software	9.20.1
cisco	adaptive_security_appliance_software	9.20.1.5
cisco	adaptive_security_appliance_software	9.20.2
cisco	adaptive_security_appliance_software	9.20.2.10
cisco	adaptive_security_appliance_software	9.20.2.21
cisco	adaptive_security_appliance_software	9.20.2.22
cisco	firepower_threat_defense	6.2.3.1
cisco	firepower_threat_defense	6.2.3.2
cisco	firepower_threat_defense	6.2.3.3
cisco	firepower_threat_defense	6.2.3.4
cisco	firepower_threat_defense	6.2.3.5
cisco	firepower_threat_defense	6.2.3.6
cisco	firepower_threat_defense	6.2.3.7
cisco	firepower_threat_defense	6.2.3.8
cisco	firepower_threat_defense	6.2.3.9
cisco	firepower_threat_defense	6.2.3.10
cisco	firepower_threat_defense	6.2.3.11
cisco	firepower_threat_defense	6.2.3.12
cisco	firepower_threat_defense	6.2.3.13
cisco	firepower_threat_defense	6.2.3.14
cisco	firepower_threat_defense	6.2.3.15
cisco	firepower_threat_defense	6.2.3.16
cisco	firepower_threat_defense	6.2.3.17
cisco	firepower_threat_defense	6.2.3.18
cisco	firepower_threat_defense	6.4.0
cisco	firepower_threat_defense	6.4.0.1
cisco	firepower_threat_defense	6.4.0.2
cisco	firepower_threat_defense	6.4.0.3
cisco	firepower_threat_defense	6.4.0.4
cisco	firepower_threat_defense	6.4.0.5
cisco	firepower_threat_defense	6.4.0.6
cisco	firepower_threat_defense	6.4.0.7
cisco	firepower_threat_defense	6.4.0.8
cisco	firepower_threat_defense	6.4.0.9
cisco	firepower_threat_defense	6.4.0.10
cisco	firepower_threat_defense	6.4.0.11
cisco	firepower_threat_defense	6.4.0.12
cisco	firepower_threat_defense	6.4.0.13
cisco	firepower_threat_defense	6.4.0.14
cisco	firepower_threat_defense	6.4.0.15
cisco	firepower_threat_defense	6.4.0.16
cisco	firepower_threat_defense	6.4.0.17
cisco	firepower_threat_defense	6.4.0.18
cisco	firepower_threat_defense	6.6.0
cisco	firepower_threat_defense	6.6.0.1
cisco	firepower_threat_defense	6.6.1
cisco	firepower_threat_defense	6.6.3
cisco	firepower_threat_defense	6.6.4
cisco	firepower_threat_defense	6.6.5
cisco	firepower_threat_defense	6.6.5.1
cisco	firepower_threat_defense	6.6.5.2
cisco	firepower_threat_defense	6.6.7
cisco	firepower_threat_defense	6.6.7.1
cisco	firepower_threat_defense	6.6.7.2
cisco	firepower_threat_defense	6.7.0
cisco	firepower_threat_defense	6.7.0.1
cisco	firepower_threat_defense	6.7.0.2
cisco	firepower_threat_defense	6.7.0.3
cisco	firepower_threat_defense	7.0.0
cisco	firepower_threat_defense	7.0.0.1
cisco	firepower_threat_defense	7.0.1
cisco	firepower_threat_defense	7.0.1.1
cisco	firepower_threat_defense	7.0.2
cisco	firepower_threat_defense	7.0.2.1
cisco	firepower_threat_defense	7.0.3
cisco	firepower_threat_defense	7.0.4
cisco	firepower_threat_defense	7.0.5
cisco	firepower_threat_defense	7.0.6
cisco	firepower_threat_defense	7.0.6.1
cisco	firepower_threat_defense	7.0.6.2
cisco	firepower_threat_defense	7.1.0
cisco	firepower_threat_defense	7.1.0.1
cisco	firepower_threat_defense	7.1.0.2
cisco	firepower_threat_defense	7.1.0.3
cisco	firepower_threat_defense	7.2.0
cisco	firepower_threat_defense	7.2.0.1
cisco	firepower_threat_defense	7.2.1
cisco	firepower_threat_defense	7.2.2
cisco	firepower_threat_defense	7.2.3
cisco	firepower_threat_defense	7.2.4
cisco	firepower_threat_defense	7.2.4.1
cisco	firepower_threat_defense	7.2.5
cisco	firepower_threat_defense	7.2.5.1
cisco	firepower_threat_defense	7.2.5.2
cisco	firepower_threat_defense	7.2.6
cisco	firepower_threat_defense	7.2.7
cisco	firepower_threat_defense	7.2.8
cisco	firepower_threat_defense	7.2.8.1
cisco	firepower_threat_defense	7.3.0
cisco	firepower_threat_defense	7.3.1
cisco	firepower_threat_defense	7.3.1.1
cisco	firepower_threat_defense	7.3.1.2
cisco	firepower_threat_defense	7.4.0
cisco	firepower_threat_defense	7.4.1
cisco	firepower_threat_defense	7.4.1.1
cisco	firepower_threat_defense	7.4.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D482F818-0A8E-49D7-8E3E-0958019FA629",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E7BFB57-BC02-4930-A02F-83583E6A0FC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "026F1960-C879-4611-A60A-96311B63CCA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAF8B33E-0C95-467D-A865-0A234E69D0CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFF144F5-D933-4DE4-818C-001BD9E3958A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "00112ED3-FE7B-425B-9A28-1E5F2BC8BB01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDD491D5-FAAB-493F-91A6-D2F3B5F5970E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "1519F49D-588F-4B70-B38F-EF4F3E13FEAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "15354443-5EB7-4712-B2DE-61DB33830759",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "248D6B44-E134-4DEC-A947-636824E3FDFA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "0820A79C-F3EF-407F-9AC7-DCAB4CD39C89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D3E8805-85D2-4345-8076-039513209A31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "14BB907B-D75A-4F5E-B20D-5457A71A70EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "F118B803-4C55-436A-A136-0C1FEA49858F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.38:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A272121-408E-45F6-A2A1-0BA6EBC060A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.45:*:*:*:*:*:*:*",
              "matchCriteriaId": "61C3A433-0792-434E-AC90-A84B346499D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "980CEA3B-5A81-4E8C-BEA3-DD31BE7DA2CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3910211-D4DB-4CA7-BBEA-DD8246FF10ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "C260BF30-7A33-4C70-9509-404856C93666",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF894850-39EC-4B57-BBFF-F1AB4F8389A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1FAFCF9-0ABE-483E-9604-329762BB7870",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "83DB4278-3126-4765-97C4-6C0A8C78DA78",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "174E631B-6099-47DE-8790-BBF4B7FDB8CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FE3538B-F612-4105-BFDE-A4B594482DCF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "3143B0FF-C855-485E-A908-E48974B1643C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "26DD9992-6D98-4E03-9599-ECF38A186FBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "24DCEAE6-355B-40AE-A7C8-AF744FCA8A86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "2097E81E-B422-4B93-AF09-F300A0E8AF71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "454DEA31-A607-4054-82D3-24A4FEB7358F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "57F0B213-8187-4465-84F1-FB8D92B36020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "E540771E-BA0B-42D1-8251-B576B0F142C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEC2A833-BECF-4000-A592-6113A84C2D20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "077F1416-924A-4D25-9CEE-3BD66A96A019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BDC8D92-D6E0-40EE-B190-D2B32C7DEB75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "23CD5619-E534-4F40-998D-39DC19FA0451",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5D0EB11-14B1-44B3-8D46-B9DD872F772C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FA399CF-12DB-42E0-A66F-14508B52A453",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B5A7608-E737-420E-9B5E-836600DAC701",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.32:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7EB6801-336D-4F41-ADE7-1C58C63C3F6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "8413DA41-02A5-4269-8C88-9DD5076AF91B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.34:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA00285F-6914-4749-8A47-FC4EDAFFF3C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "4AA4D367-32B9-4F54-8352-A959F61A1FDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "2259FF9E-0C8B-440F-B1AC-51BDE3F60E68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C522B55-904D-4C08-B73E-1457D877C0AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "4483056A-FBF3-4E00-81EB-1E97334EF240",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.43:*:*:*:*:*:*:*",
              "matchCriteriaId": "48677330-06AB-4C7F-B2AD-F7E465A9632A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.44:*:*:*:*:*:*:*",
              "matchCriteriaId": "7AEA80D2-5DB8-4334-9A88-7DDE395832C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.45:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB1C38A5-1028-4AD3-8CC7-A00091091E76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.46:*:*:*:*:*:*:*",
              "matchCriteriaId": "848147B2-C49A-43F6-9069-FC8885BDFDA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.48:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6FEF0DA-741E-4361-8143-068EB47D6520",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F002FD55-F881-450E-BC1B-8073E188F47E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA940C4F-13BB-465F-BB8D-CBD0109BF012",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B0434F5-9A50-4B57-9C5B-E09415D098C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE727035-06CB-4E37-A9D2-96BD54502120",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FE52B81-2CF8-48E5-A7BA-A163A25A669B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8E8D7C9-5272-40E6-869B-B33959F9F0CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE8D5D71-5C85-4644-8A84-F073549ADB50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "0790DDC2-7BA0-42DC-A157-754C0CBBE178",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "882394EA-70C8-4D86-9AEF-5D273D8E518C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "855AD3CC-F404-48C5-80D2-7F2765D16D72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "26B6BF72-9124-4213-B3C0-BD31B46E8C91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE8FBE89-8FDA-4B9B-BA1A-90FFD482A585",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "149C3872-8DA9-48DD-ADD0-2E84C1A76A40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2D33E8C-294A-4C43-8DB6-9DA9F61F0B3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E23ACB0-DF8B-4672-A819-4DCD3104CE4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4723B88-62BA-40E6-AA89-BAC02D6A036F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C698819-3C8E-4A16-8F52-42FF1E54C076",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D3CE74E-59E7-448A-8417-18F97C05C798",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "0986C171-0E75-4F6F-A9BD-276830104E5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "66A2777A-7831-4324-AEB2-5D93B5F6C04B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "37045680-9189-4B7F-A4F7-4E682FE20A09",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6C9F37B-CF3C-4861-A969-C7CF4946274A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A1DAF21-3FED-4691-9D4C-8FD8CEA7FB3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB938E58-4963-4A31-8836-88E958592B30",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E317897-EE97-44F3-96BB-E54228D72A7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EF7FAB2-158D-4C48-9246-E7AD3BF1D801",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.37:*:*:*:*:*:*:*",
              "matchCriteriaId": "056D43AE-ECDB-40D2-A196-18DDCD02629E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.38:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3E555F3-3580-4D71-8D8D-92FE72763D62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "93013503-8B9A-4160-AF7E-277958FA6E9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3B009FD-0F2B-4511-8EDF-C3E670623F89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "52579D8D-E855-42B3-B406-32DD1C39F721",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.47:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7E44FC6-12A2-4F76-A095-28F3804B619F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.48:*:*:*:*:*:*:*",
              "matchCriteriaId": "42917E5E-E362-4B40-B2B2-3C77BA35641C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.50:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF317FA3-EBF3-49BB-A9E6-0D4295FA3F60",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.52:*:*:*:*:*:*:*",
              "matchCriteriaId": "F98B1683-914F-43D3-AE1C-311D3A90BE8C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.54:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8D24656-CAB1-4A98-A440-482927FEDD16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.55:*:*:*:*:*:*:*",
              "matchCriteriaId": "E504557C-DA5D-4D0F-A813-4CE7D5109F15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.56:*:*:*:*:*:*:*",
              "matchCriteriaId": "04D2A067-C717-4921-BBF5-3EFBE02736EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.58:*:*:*:*:*:*:*",
              "matchCriteriaId": "36DDEC5B-4BEA-499C-9F34-BB3D39B7A963",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.62:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4E44C37-0F6F-440B-BA26-FB6D0B179E44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.65:*:*:*:*:*:*:*",
              "matchCriteriaId": "6AEE0050-34DC-49CB-B859-8ED500FD79A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.67:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A47E5C5-E058-4B4C-A258-6DF7CE0EA92B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "52D83C3A-ED0B-42D5-A08A-97D27E189875",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "A649E319-D408-4AA2-8293-C9E37AF14BA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4187EFE-4D7E-4493-A6E0-24C98256CF79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "6730194F-5069-40AB-AE66-871D3992560C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E257F98-D1A0-4D28-9504-1749CC090D49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FF1A5FC-73BE-4218-86D9-2E81FA64EABD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E492943-6EC0-4E34-9DBC-DD1C2CF1CDCC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "589E46F3-8038-4B87-8C40-55C6268B82F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F3B73F6-139E-42DC-B895-DDD17B5A1138",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A2590E7-FE04-4B29-B36B-AABAA5F3B9AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E4FD5E3-7E82-4294-8B05-D2045D857029",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E998A4A-5346-4CFA-A617-FD1106C6B7A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "91265549-A16E-4A00-A031-4F1EB8D6881C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA3C316B-5485-4CDD-A1A1-6C0A9CB4719F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECE6D033-7B8B-4F61-B653-0C0EF13466EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "14441650-DAD5-4959-83DF-4D6F3D6A05FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B21ABC9-A64B-43E4-8951-1E6C0F427DBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "A48EC041-322F-422D-B95B-0FC07BDA2B6B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE0D50C0-DADB-4747-8649-8A5257111FE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEE2699F-353F-44CB-A778-981783DDC31F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D8E50BD-1FBD-483B-9C27-70E95C732E55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "F46E5E4F-787C-4C05-B1E7-C39BB9125D16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6A29312-38E7-456B-94DD-4D7329691114",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "27F7BB31-C733-4C32-BF0F-33B5AF020156",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC313568-33A6-435B-98FF-8A7091D9C451",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F85710A-28CE-4913-8523-356461908FBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6069950-016B-419A-B754-D58956CB6D14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A2F3FEC-624F-47C5-B056-836861BB038A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C4B1136-66B6-42BA-BC17-86E7DCE1CF29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA0B9B73-A9E6-4924-9EAE-B57E534938FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "012812C4-EFF8-465F-A771-134BEB617CC9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "E06141A9-8C37-445A-B58A-45739AFE7D4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "7EDC09E5-51D3-4672-B910-B34A9CBD6128",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "71ED7A71-81CB-444C-A4ED-EA4A58D5E73C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "CAD13331-0EB8-4C8D-85CC-D96CA9F829AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "7137F22B-F993-4620-9378-9412DAEA9EF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "923A40E8-6456-4288-B9AB-DBF5F9C4246A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "13F57A86-6284-4269-823E-B30C57185D14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.1.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6560447-039C-40FA-A24D-C8994AC2743B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "378ED826-F5FE-40BA-9FC0-9C185A13518B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "130B6FD9-764D-4EF8-91AA-37E52AE9B3E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "225861CE-FFF8-4AFA-A07B-CB8D5BC9C361",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD08C4E8-3ADB-4048-9B3C-4F0385201523",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4875811-F209-49ED-B310-8377B2F87FF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "99C52C7B-B626-4A3C-A2EC-28A20E7FA95F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "08CCBF5E-257A-4A1F-8930-3643A9588838",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "782BC9ED-1395-472B-9F34-DED812AA5BFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "153449C0-B93F-49A2-8A6A-BE84305E8D2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "853A002C-839A-4372-8485-750A86E9F6E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "C62BB5D6-CE75-4C83-82DC-4148EF8CB1F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "D32F1365-EAF8-4570-B2FF-45E47E8586F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFD07F9B-6BB3-4423-8DBE-4E89A6478E65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "34FE4F28-B704-4325-AE8A-C790163FEE71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "E832BC0C-8439-4779-9064-C2D93F231031",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA99DF94-D031-4375-9A16-306606FE28F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC149D03-5609-46E6-A1B3-F4D91F282B49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.27:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5D7FC6F-1370-4272-97E5-226C2ED1D335",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.38:*:*:*:*:*:*:*",
              "matchCriteriaId": "164D5774-D51B-47C6-AD32-ED6B84E78BBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "24A810C8-1BB5-4589-84AB-C357C1937201",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.42:*:*:*:*:*:*:*",
              "matchCriteriaId": "F22D8D65-2E88-4557-BF85-1E3ABD4CCAE8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.48:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF62C9AF-70F5-4A12-9B0A-F32551FB2C40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.55:*:*:*:*:*:*:*",
              "matchCriteriaId": "A04EB4FB-0C9F-441E-B02A-6B22F195348F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.57:*:*:*:*:*:*:*",
              "matchCriteriaId": "ACDD7BD6-1C1D-49FE-8478-D0F37EB59BC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.61:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB7D8466-0050-495A-9442-8C5FF3912F5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "27ACBA2A-87A7-4836-A474-AFD7D22F820D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "C73E0B2E-BABF-4998-A1D7-4E803F9D78AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "59306ADF-FAA6-4970-ADFB-C5D9A5AEF1AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "959107AC-E9EC-467C-901B-A3164E3762E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F944F8F-0255-42BE-BD44-D21EC9F0FFC4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F39C535-5A41-47CE-A9CF-B360998D4BF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9CEAEFC-7B82-41F9-A09D-C86A3A60A4FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "40FAC31D-19C0-4BA0-A019-C7E7A0BA0B5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "6CAAFE0F-416F-4BCA-BA37-30EAEADA8AFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E1E8552-58F0-491E-B7D7-E89527872FC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "9347D71D-1F50-4F85-9F6D-E11D79BD26E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BA16A6D-2747-4DAC-A30A-166F1FD906FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "289F9874-FC01-4809-9BDA-1AF583FB60B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "74EDFC67-E4EE-4D2C-BF9F-5881C987C662",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "826869BE-4874-4BBA-9392-14851560BA10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF52D477-3045-45D1-9FD3-12F396266463",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "88E310BF-F1F6-4124-A875-81967B9B531E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B330F8F-F0DA-472C-A932-AD1D232C7DB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BF59DAA-268C-4FCF-A0AA-7967128AEBC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.46:*:*:*:*:*:*:*",
              "matchCriteriaId": "140ED95D-173C-4ADB-A2E6-97F0D595D1AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.53:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC9B00E1-3E50-4356-B6D9-F84BCD552402",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.55:*:*:*:*:*:*:*",
              "matchCriteriaId": "552319A9-01F7-47BA-83B3-B2DD648AA07E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.56:*:*:*:*:*:*:*",
              "matchCriteriaId": "4914603C-4B1B-48F1-826C-DB803BD21F87",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AE21762-3085-4AFC-B1DE-A4562CDAC509",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "852C3478-7529-4002-8540-ABA4D556DEFC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "23B8A815-5D58-4952-936E-D47B83637BEB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.4.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C98D085-E321-4BAE-AF03-ABDEDC4D24BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.4.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "C05599C9-C0DB-47C1-B145-C410076C1049",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.4.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BC91A59-0BFA-4DE8-B414-7558D27FBC54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEE52F59-AABA-4069-A909-64AD5DFD2B18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "20D7966E-B02B-48C8-BF96-723DD6C25314",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA618249-E76F-4104-9326-C9F2DC8DE3D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C925E1F-6BD9-4CD1-8AC4-4263A9094786",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5EE76D9-6D18-4823-B6B0-E1394A4D140C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F635946-586D-4DE2-927B-300CE569C596",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "459C11B9-ABA1-472A-8CDA-9C7B4E48E943",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.27:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA060112-E2D8-4EC5-8400-D8D189A119B5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3888BB0-B529-486C-8563-392BD1C5DFD5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.31:*:*:*:*:*:*:*",
              "matchCriteriaId": "43FE3FA7-8281-4BD9-A08B-8C79D369480E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B25468E3-03F9-4C2A-B82A-F87F4FCD57E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EC6F412-4A30-4E9A-B8DF-C4BF80E5C4B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA47E8EA-29F2-40F3-826E-E7295FFAD8C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.2.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4D303F8-E6AA-4F1C-9988-055EECD0A902",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.2.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DCBBA66-6D00-4D8B-86FE-81EF431A7806",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.2.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB768AFD-64C1-4AD4-8194-2A1D428BAC67",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FAD2427-82A3-4E64-ADB5-FA4F40B568F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "08D5A647-AC21-40AC-8B3C-EE5D3EDA038A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BAE999A-5244-46CF-8C12-D68E789BDEE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6468D3D-C5A7-4FAE-B4B9-AD862CD11055",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6E4808D-592E-46A6-A83A-A46227D817B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AB45136-ACCD-4230-8975-0EBB30D5B375",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2C39AC1-1B96-4253-9FC8-4CC26D6261F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE9102C8-F211-4E50-967F-FD51C7FC904F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4933642-89E5-4909-AD3C-862CD3B77790",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9A6C776-79B3-47ED-B013-100B8F08E1C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "E504F28A-44CE-4B3E-9330-6A98728E3AEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEA0DD43-D206-4C1C-8B17-DA47F96B3BAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "1983172D-4F52-479F-BF14-A84B92D36864",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "4122D982-A57A-4249-A8DC-CE9FC6C98803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "96464380-F665-4266-B0AD-693E078C9F82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C230B8A-570D-4F58-83E1-AFA50B813EA4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD3F39CB-C4C2-4B13-94F0-9E44322314BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "59A71873-0EB2-418F-AE33-8474A1010FA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2DF0B07-8C2A-4341-8AFF-DE7E5E5B3A43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E6BD0EE-649E-4ED6-A09C-8364335DEF52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AE11554-FE3C-4C8B-8986-5D88E4967342",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1C11983-22A8-4859-A240-571A7815FF54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "24CD0B0A-2B91-45DD-9522-8D1D3850CC9B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7026F0E-72A7-4CDF-BADC-E34FE6FADC51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "63B85369-FBAE-456C-BC99-5418B043688A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "86434346-D5F0-49BA-803E-244C3266E361",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2FA7B3C-002D-4755-B323-CA24B770A5B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1CB7EBC-F3D5-4855-A8D8-BA5AB21FD719",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2A5530C-DF29-421B-9712-3454C1769446",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "41170977-FEEA-4B51-BF98-8493096CD691",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "B05791F9-0B31-4C4C-A9BA-9268CAA45FB2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D975CBA-7F01-4A4C-991B-9571410C4F07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6D7AF29-4E08-4BFD-AFE0-994309E66F08",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2EFA476-5021-4A00-859E-1643009D6156",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6E3A5DC-A237-46E4-A4E5-F135482F984A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "B166867E-E51B-46E3-A6E2-B10E67364058",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "1CE51492-8C9B-459E-9F80-64F426009905",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCD69468-8067-4A5D-B2B0-EC510D889AA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "20AE4051-FA3B-4F0B-BD3D-083A14269FF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "46A42D07-FF3E-41B4-BA39-3A5BDA4E0E61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3985EA37-2B77-45F2-ABA5-5CCC7B35CA2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "67FB5ABE-3C40-4C58-B91F-0621C2180FAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "53909FD6-EC74-4D2F-99DA-26E70400B53F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "55FE024D-0D43-40AD-9645-8C54ECF17824",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC411A8D-CD39-46F5-B8FC-6753E618FAEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "D46E2E00-BA86-4002-B67B-2C1A6C1AAAE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "91AD8BA2-EB8D-4D8B-B707-AF5C2A831998",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FA95508-0A28-4D4A-81A7-5CDD1F5DA46C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "85F22403-B4EE-4303-9C94-915D3E0AC944",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "828E3DE1-B62E-4FEC-AAD3-EB0E452C9CBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "596EC5DD-D7F4-44C8-B4B5-E2DC142FC486",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C356E0E6-5B87-40CF-996E-6FFEDFD82A31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBCA75A6-0A3E-4393-8884-9F3CE190641E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F3C12D3-7662-46C5-9E88-D1BE6CF605E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "046B53A0-6BC1-461A-9C28-C534CE12C4BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA889E1-4E8F-4ECE-88AC-7A240D5CBF0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D1C767F-3E06-43B7-A0CC-D51D97A053EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "43A950B0-A7CA-4CE7-A393-A18C8C41B08E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7E221CB-BD0F-4AEE-8646-998B75647714",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "225382DE-2919-48F4-9CC0-DE685EAAFDF4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBA2DFE7-F478-46EC-9832-4B2C738FC879",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "39FE5927-2421-4CBE-97EA-6AED892DA1C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8BF2227-3C50-4FD1-98DB-21196E75D1DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5460064F-FF50-4F54-A8DF-180C76AF9B8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D619BF54-1BA9-45D0-A876-92D7010088A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "469EA365-DED5-4436-AAC2-5553529DE700",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D94F400-5A35-41F5-B37F-E9DA6F87ED8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5364CB94-BEA3-4E9A-A2F9-EE96A2D7F8AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FD5D12-CF1A-4990-99B3-1840EFBA5611",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCD2D11D-FF08-44E4-BF67-D8DD1E701FCD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F788D156-1F1F-4A08-848B-257BC4CCE000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "795ED164-7800-4D50-8E37-665BE30190D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B0664B8-1670-4F47-A01E-089D05A9618A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6826018-5620-4924-BE92-6A245378F610",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A49A07CF-12BA-481C-B5FF-754520080A8A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "F203C7D1-AA92-4367-B7A5-EBAE6B76EE6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0064C97F-1140-43AC-8229-C8CCC367DC4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9296D33-D59A-463D-9722-9D4C3F720E7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9F66CCA-0982-4107-BC5B-79D727479343",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "77B80698-1E76-4B13-AB83-A03FF8C785FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "7106C567-726C-4399-ABE0-4A26B9572D40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D5EEF62-DFD3-4E08-8959-2BCD4B1308CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBC0C3DC-4761-488A-90A9-6EA45EE61526",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "62EE065B-F8B6-4125-8486-B2EE0566B27A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5245DEF8-64BE-47C9-AA3C-DF3F7F92A89F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5A52991-802D-46FB-A508-5616BA1CEB78",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3E08AAC-9C5E-4D18-817C-C466D1D6C4DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "724A3B6F-DDAB-4A2F-8430-9E1F352D755F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.4.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDBF14DD-0654-47F3-A698-020397A1EAA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "8920FFA0-1F84-44FE-A776-4FFA654D8419",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the VPN web client services feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a browser that is accessing an affected device. This vulnerability is due to improper validation of user-supplied input to application endpoints. An attacker could exploit this vulnerability by persuading a user to follow a link designed to submit malicious input to the affected application. A successful exploit could allow the attacker to execute arbitrary HTML or script code in the browser in the context of the web services page."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la funci\u00f3n de servicios de cliente web VPN del software Cisco Adaptive Security Appliance (ASA) y del software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir que un atacante remoto no autenticado realice un ataque de cross-site scripting (XSS) contra un navegador que est\u00e9 accediendo a un dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n incorrecta de la entrada proporcionada por el usuario a los endpoints de la aplicaci\u00f3n. Un atacante podr\u00eda aprovechar esta vulnerabilidad persuadiendo a un usuario para que siga un enlace dise\u00f1ado para enviar una entrada maliciosa a la aplicaci\u00f3n afectada. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar c\u00f3digo HTML o script arbitrario en el navegador en el contexto de la p\u00e1gina de servicios web."
    }
  ],
  "id": "CVE-2024-20382",
  "lastModified": "2025-06-06T18:51:11.123",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.1,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 2.7,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.1,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 2.7,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-10-23T18:15:06.780",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-xss-yjj7ZjVq"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-80"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-10-21 19:15

Modified

2024-11-21 05:31

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Summary

A vulnerability in the SSL/TLS inspection of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series firewalls could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper input validation for certain fields of specific SSL/TLS messages. An attacker could exploit this vulnerability by sending a malformed SSL/TLS message through an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. No manual intervention is needed to recover the device after it has reloaded.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-ssl-dcrpt-dos-RYEkX4yy	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-ssl-dcrpt-dos-RYEkX4yy	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	6.3.0
cisco	firepower_threat_defense	6.4.0
cisco	firepower_threat_defense	6.5.0
cisco	firepower_2110	-
cisco	firepower_2120	-
cisco	firepower_2130	-
cisco	firepower_2140	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3ED58B0E-FCC7-48E3-A5C0-6CC54A38BAE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2DF0B07-8C2A-4341-8AFF-DE7E5E5B3A43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "41E168ED-D664-4749-805E-77644407EAFE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "52D96810-5F79-4A83-B8CA-D015790FCF72",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FE2945-4975-4003-AE48-7E134E167A7F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2130:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCE7122A-5AA7-4ECD-B024-E27C9D0CFB7B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2140:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "976901BF-C52C-4F81-956A-711AF8A60140",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the SSL/TLS inspection of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series firewalls could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper input validation for certain fields of specific SSL/TLS messages. An attacker could exploit this vulnerability by sending a malformed SSL/TLS message through an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. No manual intervention is needed to recover the device after it has reloaded."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la inspecci\u00f3n SSL/TLS de Cisco Firepower Threat Defense (FTD) Software para los firewalls Cisco Firepower Serie 2100 podr\u00eda permitir a un atacante remoto no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado.\u0026#xa0;La vulnerabilidad es debido a una comprobaci\u00f3n de entrada inapropiada para determinados campos de mensajes SSL/TLS espec\u00edficos.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de un mensaje SSL/TLS malformado por medio de un dispositivo afectado.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir a un atacante causar que el dispositivo afectado se recargue, resultando en una condici\u00f3n de DoS.\u0026#xa0;No es requerida una intervenci\u00f3n manual para recuperar el dispositivo despu\u00e9s de que se haya recargado"
    }
  ],
  "id": "CVE-2020-3562",
  "lastModified": "2024-11-21T05:31:19.267",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-10-21T19:15:17.887",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-ssl-dcrpt-dos-RYEkX4yy"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-ssl-dcrpt-dos-RYEkX4yy"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2024-11-15 16:15

Modified

2025-06-24 14:47

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

A vulnerability in the Modbus preprocessor of the Snort detection engine could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to an integer overflow while processing Modbus traffic. An attacker could exploit this vulnerability by sending crafted Modbus traffic through an affected device. A successful exploit could allow the attacker to cause the Snort process to hang, causing traffic inspection to stop.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

References

▼	URL	Tags
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sna-xss-NXOxDhRQ	Not Applicable
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-dos-9D3hJLuj	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	cyber_vision	3.0.0
cisco	cyber_vision	3.0.1
cisco	cyber_vision	3.0.2
cisco	cyber_vision	3.0.3
cisco	cyber_vision	3.0.4
cisco	cyber_vision	3.0.5
cisco	cyber_vision	3.0.6
cisco	cyber_vision	3.1.0
cisco	cyber_vision	3.1.1
cisco	cyber_vision	3.1.2
cisco	cyber_vision	3.2.0
cisco	cyber_vision	3.2.1
cisco	cyber_vision	3.2.2
cisco	cyber_vision	3.2.3
cisco	cyber_vision	3.2.4
cisco	cyber_vision	4.0.0
cisco	cyber_vision	4.0.1
cisco	firepower_threat_defense	6.2.3
cisco	firepower_threat_defense	6.2.3.1
cisco	firepower_threat_defense	6.2.3.2
cisco	firepower_threat_defense	6.2.3.3
cisco	firepower_threat_defense	6.2.3.4
cisco	firepower_threat_defense	6.2.3.5
cisco	firepower_threat_defense	6.2.3.6
cisco	firepower_threat_defense	6.2.3.7
cisco	firepower_threat_defense	6.2.3.8
cisco	firepower_threat_defense	6.2.3.9
cisco	firepower_threat_defense	6.2.3.10
cisco	firepower_threat_defense	6.2.3.11
cisco	firepower_threat_defense	6.2.3.12
cisco	firepower_threat_defense	6.2.3.13
cisco	firepower_threat_defense	6.2.3.14
cisco	firepower_threat_defense	6.2.3.15
cisco	firepower_threat_defense	6.2.3.16
cisco	firepower_threat_defense	6.2.3.17
cisco	firepower_threat_defense	6.2.3.18
cisco	firepower_threat_defense	6.4.0
cisco	firepower_threat_defense	6.4.0.1
cisco	firepower_threat_defense	6.4.0.2
cisco	firepower_threat_defense	6.4.0.3
cisco	firepower_threat_defense	6.4.0.4
cisco	firepower_threat_defense	6.4.0.5
cisco	firepower_threat_defense	6.4.0.6
cisco	firepower_threat_defense	6.4.0.7
cisco	firepower_threat_defense	6.4.0.8
cisco	firepower_threat_defense	6.4.0.9
cisco	firepower_threat_defense	6.4.0.10
cisco	firepower_threat_defense	6.4.0.11
cisco	firepower_threat_defense	6.4.0.12
cisco	firepower_threat_defense	6.6.0
cisco	firepower_threat_defense	6.6.0.1
cisco	firepower_threat_defense	6.6.1
cisco	firepower_threat_defense	6.6.3
cisco	firepower_threat_defense	6.6.4
cisco	firepower_threat_defense	6.6.5
cisco	firepower_threat_defense	6.7.0
cisco	firepower_threat_defense	6.7.0.1
cisco	firepower_threat_defense	6.7.0.2
cisco	firepower_threat_defense	6.7.0.3
cisco	firepower_threat_defense	7.0.0
cisco	firepower_threat_defense	7.0.0.1
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	3.17.0s
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	3.17.1s
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	16.6.1
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	16.6.5
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	16.6.6
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	16.6.7a
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	16.6.9
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	16.6.10
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	16.12.1a
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	16.12.2
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	16.12.3
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	16.12.4
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	16.12.5
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	16.12.6
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	17.1.1
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	17.2.1r
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	17.3.1a
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	17.3.2
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	17.3.3
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	17.3.4
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	17.3.4a
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	17.4.1a
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	17.4.1b
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	17.4.2
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	17.5.1
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	17.5.1a
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	17.6.1a
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	17.7.1a
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	denali-16.3.3
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	denali-16.3.4
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	denali-16.3.5
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	denali-16.3.7
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	denali-16.3.9
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	everest-16.6.2
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	everest-16.6.3
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	everest-16.6.4
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	fuji-16.9.2
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	fuji-16.9.3
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	fuji-16.9.4
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	fuji-16.9.5
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	fuji-16.9.6
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	fuji-16.9.7
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	fuji-16.9.8

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3297323C-B263-45EA-90CE-2B8415C9E498",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "797AD8A4-083B-4A9E-A49D-65EE828E1637",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EB16212-A9DC-4C8C-B220-9619C65436EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C64043F-1F0D-47F7-AEEE-309B239891DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "7605B088-A708-40D3-806B-D7E460AE53DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1F7F871-C211-4DC6-8020-1075405BAE17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "30E42800-B7C9-4006-8B7A-5A9A5F5EB234",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE33F541-232E-4432-AB41-EC0500A85E6D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D5B5FDC-79B2-447E-816F-1F630508A889",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B806EAC6-E1B2-40FB-9B2F-6AFB4A16AF89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7BAC55C-C114-4E64-BC9E-9000B8C016CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "925E6B9B-F7F1-4ED8-8431-282A1061B527",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A10EDC3E-0EF6-47DD-834D-51C5BBCC13EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB5F799E-6696-4391-9B58-06715FA4086A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE31D26B-CD47-4853-B1C3-2E50B0882AFF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:4.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2758714C-4E9A-4442-9AD1-82D8E43995C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:4.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F63C0E4-99A9-4D4F-BCF9-EF5F5455C04C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D726F07-06F1-4B0A-B010-E607E0C2A280",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FAD2427-82A3-4E64-ADB5-FA4F40B568F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "08D5A647-AC21-40AC-8B3C-EE5D3EDA038A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BAE999A-5244-46CF-8C12-D68E789BDEE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6468D3D-C5A7-4FAE-B4B9-AD862CD11055",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6E4808D-592E-46A6-A83A-A46227D817B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AB45136-ACCD-4230-8975-0EBB30D5B375",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2C39AC1-1B96-4253-9FC8-4CC26D6261F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE9102C8-F211-4E50-967F-FD51C7FC904F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4933642-89E5-4909-AD3C-862CD3B77790",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9A6C776-79B3-47ED-B013-100B8F08E1C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "E504F28A-44CE-4B3E-9330-6A98728E3AEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEA0DD43-D206-4C1C-8B17-DA47F96B3BAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "1983172D-4F52-479F-BF14-A84B92D36864",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "4122D982-A57A-4249-A8DC-CE9FC6C98803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "96464380-F665-4266-B0AD-693E078C9F82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C230B8A-570D-4F58-83E1-AFA50B813EA4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD3F39CB-C4C2-4B13-94F0-9E44322314BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "59A71873-0EB2-418F-AE33-8474A1010FA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2DF0B07-8C2A-4341-8AFF-DE7E5E5B3A43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E6BD0EE-649E-4ED6-A09C-8364335DEF52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AE11554-FE3C-4C8B-8986-5D88E4967342",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1C11983-22A8-4859-A240-571A7815FF54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "24CD0B0A-2B91-45DD-9522-8D1D3850CC9B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7026F0E-72A7-4CDF-BADC-E34FE6FADC51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "63B85369-FBAE-456C-BC99-5418B043688A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "86434346-D5F0-49BA-803E-244C3266E361",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2FA7B3C-002D-4755-B323-CA24B770A5B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1CB7EBC-F3D5-4855-A8D8-BA5AB21FD719",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2A5530C-DF29-421B-9712-3454C1769446",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "41170977-FEEA-4B51-BF98-8493096CD691",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "B05791F9-0B31-4C4C-A9BA-9268CAA45FB2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCD69468-8067-4A5D-B2B0-EC510D889AA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "20AE4051-FA3B-4F0B-BD3D-083A14269FF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "46A42D07-FF3E-41B4-BA39-3A5BDA4E0E61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3985EA37-2B77-45F2-ABA5-5CCC7B35CA2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "67FB5ABE-3C40-4C58-B91F-0621C2180FAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "53909FD6-EC74-4D2F-99DA-26E70400B53F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "85F22403-B4EE-4303-9C94-915D3E0AC944",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "828E3DE1-B62E-4FEC-AAD3-EB0E452C9CBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "596EC5DD-D7F4-44C8-B4B5-E2DC142FC486",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C356E0E6-5B87-40CF-996E-6FFEDFD82A31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBCA75A6-0A3E-4393-8884-9F3CE190641E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F3C12D3-7662-46C5-9E88-D1BE6CF605E0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:3.17.0s:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE3E6C71-2A80-45CE-8113-38AE35749E6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:3.17.1s:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D6BEE46-D928-4214-A2C9-88AC63DFE2FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:16.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "12C50D98-0CAE-4E61-BFFC-8E91A97BED35",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:16.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "162956CE-1B24-41C6-A7C5-BCA214587CD0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:16.6.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "146D7432-4357-409A-8E6D-C9D04CF43ADC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:16.6.7a:*:*:*:*:*:*:*",
              "matchCriteriaId": "540DBCF6-3733-4E0C-94C9-58B98D13E35D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:16.6.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "68BB8A38-693D-4768-A917-81FF9E898AEF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:16.6.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "90BCC057-5064-4FE5-B2C8-2EB14A59D763",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:16.12.1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D7C20FF-6587-4E62-9318-03B4C61AC70C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:16.12.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA0536C6-5F9E-48A7-A004-F0F5FE9C83E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:16.12.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "11FF3577-FC7E-4CAE-8B06-CAFAB97D7D7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:16.12.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F8DC147-FB97-4364-9520-6E69C282424F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:16.12.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "88D51165-6AF2-4E61-83DC-D04EC90ED435",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:16.12.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC483F1B-D09E-486A-99FF-D7C0872C5CA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AFA2C618-C2DA-4194-869D-1F0198A361B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.2.1r:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FEB2A57-CF8F-4E87-939A-5B3EF7E5E0A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.3.1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "7BA9E488-2A54-4226-B413-89D141362350",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "359EDE5C-4017-487A-B3D3-F22A42165E89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D024AF06-DCB5-44B4-A985-07EDC093DBB0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "373F1DDC-E1A7-496F-A86D-3724266D3143",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.3.4a:*:*:*:*:*:*:*",
              "matchCriteriaId": "A28594C9-139A-4EE4-81D9-C7E96A1DD886",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.4.1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "018F06B0-1486-4822-B2EA-4449652919EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.4.1b:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADEC96FA-5B14-43AD-B83A-AA630941DD5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D3B1688-5301-4799-9AAC-DC7ED4497AAE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B5FDEDF-B870-4204-BADC-92805F431BAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.5.1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0A61788-FA7B-4506-90DF-17ED5053C3A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.6.1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "245ED9C3-4B16-4CC1-BC78-B4AED938C0B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.7.1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "D39700C2-E83C-4ECE-9640-CEFBDD18DC4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:denali-16.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CC7F6B1-FD0C-4D68-9DA2-B34096899C0C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:denali-16.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "39C52FF5-F2A8-41DD-A584-FD16CE143329",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:denali-16.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "A629FCAF-0F3C-43C9-8BDB-68D9EE675A43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:denali-16.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E8F55F7-9FF4-4A97-925C-F828701BA18E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:denali-16.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "ACE7D048-0D0B-4E48-8E57-192B02F5CD1D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:everest-16.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E7B2DC4-3971-4D60-B9F9-282332E6CBEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:everest-16.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B88058B-F68D-4901-8BB0-30E8BE9A98B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:everest-16.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "7271541D-6563-4DE7-9085-E6CB66583C2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:fuji-16.9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C956E85E-B778-43E3-ABBE-4C373FF474A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:fuji-16.9.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A31CEA23-B824-4D43-9FED-16071985C822",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:fuji-16.9.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "E59FDC96-71AC-4FC7-BA0A-1EAC301362D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:fuji-16.9.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "DADBCC11-AF7D-41EA-B88F-F4B72F90B258",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:fuji-16.9.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "32867BBF-E973-4B9E-895A-4E75C5F7F35F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:fuji-16.9.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B13ACF4-20B5-4DC8-BDDA-144AFA1DFD55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:fuji-16.9.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D94B404-B1F4-42D4-ACF6-4F84F2B34F80",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the Modbus preprocessor of the Snort detection engine could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\r\nThis vulnerability is due to an integer overflow while processing Modbus traffic. An attacker could exploit this vulnerability by sending crafted Modbus traffic through an affected device. A successful exploit could allow the attacker to cause the Snort process to hang, causing traffic inspection to stop.Cisco\u0026nbsp;has released software updates that address this vulnerability. There are no workarounds that address this vulnerability."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el preprocesador Modbus del motor de detecci\u00f3n Snort podr\u00eda permitir que un atacante remoto no autenticado provoque una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado. Esta vulnerabilidad se debe a un desbordamiento de enteros durante el procesamiento del tr\u00e1fico Modbus. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando tr\u00e1fico Modbus manipulado a trav\u00e9s de un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante provoque que el proceso Snort se bloquee, lo que provocar\u00eda que se detenga la inspecci\u00f3n del tr\u00e1fico. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad."
    }
  ],
  "id": "CVE-2022-20685",
  "lastModified": "2025-06-24T14:47:25.657",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-11-15T16:15:21.910",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Not Applicable"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sna-xss-NXOxDhRQ"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-dos-9D3hJLuj"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-190"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-190"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2019-10-02 19:15

Modified

2024-11-21 04:23

Severity ?

7.4 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Summary

A vulnerability in the Open Shortest Path First (OSPF) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability exists because the affected software improperly parses certain options in OSPF link-state advertisement (LSA) type 11 packets. An attacker could exploit this vulnerability by sending a crafted LSA type 11 OSPF packet to an affected device. A successful exploit could allow the attacker to cause a reload of the affected device, resulting in a DoS condition for client traffic that is traversing the device.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-ospf-lsa-dos	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-ospf-lsa-dos	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	asa_5505	-
cisco	asa_5510	-
cisco	asa_5512-x	-
cisco	asa_5515-x	-
cisco	asa_5520	-
cisco	asa_5525-x	-
cisco	asa_5550	-
cisco	asa_5555-x	-
cisco	asa_5580	-
cisco	asa_5585-x	-
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FE0076B-25F9-4A04-93F2-1B283C27882B",
              "versionEndExcluding": "9.6.4.34",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A00CDFC0-36EC-47D4-95C4-BCD33DA49109",
              "versionEndExcluding": "9.8.4.8",
              "versionStartIncluding": "9.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3175E6C8-3E7C-4D95-9B4C-EE9BE1E66296",
              "versionEndExcluding": "9.9.2.59",
              "versionStartIncluding": "9.9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D22E9AC-8A5B-4616-86C5-396929CB31F4",
              "versionEndExcluding": "9.10.1.27",
              "versionStartIncluding": "9.10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5706D2C-2710-4E83-892E-00B943E61783",
              "versionEndExcluding": "9.12.2.1",
              "versionStartIncluding": "9.12",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E6A8BB7-2000-4CA2-9DD7-89573CE4C73A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B091B9BA-D4CA-435B-8D66-602B45F0E0BD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08F0F160-DAD2-48D4-B7B2-4818B2526F35",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "977D597B-F6DE-4438-AB02-06BE64D71EBE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5520:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B387F62-6341-434D-903F-9B72E7F84ECB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB71EB29-0115-4307-A9F7-262394FD9FB0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5550:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6287D95-F564-44B7-A0F9-91396D7C2C4E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5535C936-391B-4619-AA03-B35265FC15D7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1E828B8-5ECC-4A09-B2AD-DEDC558713DE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16AE20C2-C77E-4E04-BF13-A48696E52426",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "983CF121-19D2-4FD2-B62A-E9766552CE82",
              "versionEndExcluding": "6.3.0.4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "17D8647E-1FA8-486E-B150-1EEFE52C31BB",
              "versionEndExcluding": "6.4.0.4",
              "versionStartIncluding": "6.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the Open Shortest Path First (OSPF) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability exists because the affected software improperly parses certain options in OSPF link-state advertisement (LSA) type 11 packets. An attacker could exploit this vulnerability by sending a crafted LSA type 11 OSPF packet to an affected device. A successful exploit could allow the attacker to cause a reload of the affected device, resulting in a DoS condition for client traffic that is traversing the device."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la implementaci\u00f3n de Open Shortest Path First (OSPF) del Software Cisco Adaptive Security Appliance (ASA) y el Software Cisco Firepower Threat Defense (FTD), podr\u00eda permitir a un atacante adyacente no autenticado causar una recarga de un dispositivo afectado, resultando en una condici\u00f3n de denegaci\u00f3n de servicio (DoS). La vulnerabilidad se presenta porque el software afectado analiza inapropiadamente ciertas opciones en los paquetes de tipo 11 de link-state advertisement (LSA) de OSPF. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de un paquete OSPF LSA tipo 11 dise\u00f1ado hacia un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar una recarga del dispositivo afectado, resultando en una condici\u00f3n DoS para el tr\u00e1fico del cliente que est\u00e1 atravesando el dispositivo."
    }
  ],
  "id": "CVE-2019-12676",
  "lastModified": "2024-11-21T04:23:20.210",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "ADJACENT_NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 3.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 6.5,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.4,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.4,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 4.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-10-02T19:15:12.263",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-ospf-lsa-dos"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-ospf-lsa-dos"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-05-06 17:15

Modified

2024-11-21 05:30

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

Multiple vulnerabilities in the Media Gateway Control Protocol (MGCP) inspection feature of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerabilities are due to inefficient memory management. An attacker could exploit these vulnerabilities by sending crafted MGCP packets through an affected device. An exploit could allow the attacker to cause memory exhaustion resulting in a restart of an affected device, causing a DoS condition for traffic traversing the device.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-mgcp-SUqB8VKH	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-mgcp-SUqB8VKH	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	asa_5505_firmware	9.10\(1.3\)
cisco	asa_5505	-
cisco	asa_5510_firmware	9.10\(1.3\)
cisco	asa_5510	-
cisco	asa_5512-x_firmware	9.10\(1.3\)
cisco	asa_5512-x	-
cisco	asa_5515-x_firmware	9.10\(1.3\)
cisco	asa_5515-x	-
cisco	asa_5520_firmware	9.10\(1.3\)
cisco	asa_5520	-
cisco	asa_5525-x_firmware	9.10\(1.3\)
cisco	asa_5525-x	-
cisco	asa_5540_firmware	9.10\(1.3\)
cisco	asa_5540	-
cisco	asa_5545-x_firmware	9.10\(1.3\)
cisco	asa_5545-x	-
cisco	asa_5550_firmware	9.10\(1.3\)
cisco	asa_5550	-
cisco	asa_5555-x_firmware	9.10\(1.3\)
cisco	asa_5555-x	-
cisco	asa_5580_firmware	9.10\(1.3\)
cisco	asa_5580	-
cisco	asa_5585-x_firmware	9.10\(1.3\)
cisco	asa_5585-x	-
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4B2E5D3-ED34-4A7E-BD8F-8492B6737677",
              "versionEndExcluding": "6.2.3.16",
              "versionStartIncluding": "6.2.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D27DE97-510A-4761-8184-6940745B54E2",
              "versionEndExcluding": "6.3.0.6",
              "versionStartIncluding": "6.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "17D8647E-1FA8-486E-B150-1EEFE52C31BB",
              "versionEndExcluding": "6.4.0.4",
              "versionStartIncluding": "6.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5505_firmware:9.10\\(1.3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "DEC2BDDE-4CBD-43C8-BFD9-DD2BE6A20E91",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E6A8BB7-2000-4CA2-9DD7-89573CE4C73A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5510_firmware:9.10\\(1.3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "FC8EC7CF-6207-4A2E-89CE-13A0B2E4BC36",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B091B9BA-D4CA-435B-8D66-602B45F0E0BD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5512-x_firmware:9.10\\(1.3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "1B2408C9-AAE7-48D2-ACEC-1BEE95AC95F9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08F0F160-DAD2-48D4-B7B2-4818B2526F35",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5515-x_firmware:9.10\\(1.3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "EAB0DFDC-3111-44BE-ADCC-4F3B984AADB2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "977D597B-F6DE-4438-AB02-06BE64D71EBE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5520_firmware:9.10\\(1.3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "B94CB6D9-39AA-4EA6-AC1E-2A2B26828AC7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5520:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B387F62-6341-434D-903F-9B72E7F84ECB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5525-x_firmware:9.10\\(1.3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "BEF25129-A5FE-4B05-BE69-F3D35F7A9F7C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB71EB29-0115-4307-A9F7-262394FD9FB0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5540_firmware:9.10\\(1.3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "C4AD2A96-FF85-4BFD-8B3E-AD2D5D51A6CA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5540:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C5A524-E1D9-480F-B655-0680AA5BF720",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5545-x_firmware:9.10\\(1.3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "DF9159BA-CBE1-43F4-864C-3CF0B8AE8260",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5545-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57179F60-E330-4FF0-9664-B1E4637FF210",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5550_firmware:9.10\\(1.3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "9FB38210-78F2-4414-A4A5-E885F3C9057B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5550:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6287D95-F564-44B7-A0F9-91396D7C2C4E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5555-x_firmware:9.10\\(1.3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "E7F69272-B20B-4467-AA04-3C47AF2C1F58",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5535C936-391B-4619-AA03-B35265FC15D7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5580_firmware:9.10\\(1.3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "63EB7842-7311-4868-906C-13173E6F0149",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1E828B8-5ECC-4A09-B2AD-DEDC558713DE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5585-x_firmware:9.10\\(1.3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "37C822CE-5DCB-4E71-8876-CCC5DC664DAD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16AE20C2-C77E-4E04-BF13-A48696E52426",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B58B9BA1-2C14-4C8D-96C9-F806F082C7CB",
              "versionEndExcluding": "9.6.4.34",
              "versionStartIncluding": "9.6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8B9FB97-C559-49DF-8E14-5753E5FA02BA",
              "versionEndExcluding": "9.8.4.7",
              "versionStartIncluding": "9.8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEE81D32-51D0-41F7-B06B-0750DCB1F589",
              "versionEndExcluding": "9.9.2.66",
              "versionStartIncluding": "9.9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D22E9AC-8A5B-4616-86C5-396929CB31F4",
              "versionEndExcluding": "9.10.1.27",
              "versionStartIncluding": "9.10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5706D2C-2710-4E83-892E-00B943E61783",
              "versionEndExcluding": "9.12.2.1",
              "versionStartIncluding": "9.12",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple vulnerabilities in the Media Gateway Control Protocol (MGCP) inspection feature of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerabilities are due to inefficient memory management. An attacker could exploit these vulnerabilities by sending crafted MGCP packets through an affected device. An exploit could allow the attacker to cause memory exhaustion resulting in a restart of an affected device, causing a DoS condition for traffic traversing the device."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades en la funcionalidad de inspecci\u00f3n de Media Gateway Control Protocol (MGCP) del Cisco Adaptive Security Appliance (ASA) Software y el Firepower Threat Defense (FTD) Software, podr\u00edan permitir a un atacante remoto no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) sobre un dispositivo afectado. Las vulnerabilidades son debido a una administraci\u00f3n ineficiente de la memoria. Un atacante podr\u00eda explotar estas vulnerabilidades mediante el env\u00edo de paquetes MGCP dise\u00f1ados a trav\u00e9s de un dispositivo afectado. Una explotaci\u00f3n podr\u00eda permitir a un atacante causar el agotamiento de la memoria, resultando en un reinicio de un dispositivo afectado, causando una condici\u00f3n DoS para el tr\u00e1fico que atraviesa el dispositivo."
    }
  ],
  "id": "CVE-2020-3254",
  "lastModified": "2024-11-21T05:30:39.887",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-05-06T17:15:12.603",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-mgcp-SUqB8VKH"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-mgcp-SUqB8VKH"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2021-04-29 18:15

Modified

2024-11-21 05:44

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Summary

A vulnerability in the software-based SSL/TLS message handler of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of SSL/TLS messages when the device performs software-based SSL decryption. An attacker could exploit this vulnerability by sending a crafted SSL/TLS message through an affected device. SSL/TLS messages sent to an affected device do not trigger this vulnerability. A successful exploit could allow the attacker to cause a process to crash. This crash would then trigger a reload of the device. No manual intervention is needed to recover the device after the reload.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-ssl-decrypt-dos-DdyLuK6c	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-ssl-decrypt-dos-DdyLuK6c	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense_virtual	-
cisco	asa_5512-x	-
cisco	asa_5515-x	-
cisco	asa_5525-x	-
cisco	asa_5545-x	-
cisco	asa_5555-x	-
cisco	firepower_1010	-
cisco	firepower_1120	-
cisco	firepower_1140	-
cisco	firepower_1150	-
cisco	firepower_2110	-
cisco	firepower_2120	-
cisco	firepower_2130	-
cisco	firepower_2140	-
cisco	isa_3000	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B60D48C-19D8-4015-8D25-D3C0165C6080",
              "versionEndExcluding": "6.4.0",
              "versionStartIncluding": "6.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5432C87-A9AF-4CC8-8573-443562963519",
              "versionEndExcluding": "6.6.0",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense_virtual:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A38E373E-438F-44F6-AABF-2C57142507EE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08F0F160-DAD2-48D4-B7B2-4818B2526F35",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "977D597B-F6DE-4438-AB02-06BE64D71EBE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB71EB29-0115-4307-A9F7-262394FD9FB0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5545-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57179F60-E330-4FF0-9664-B1E4637FF210",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5535C936-391B-4619-AA03-B35265FC15D7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FFE3880-4B85-4E23-9836-70875D5109F7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "727A02E8-40A1-4DFE-A3A2-91D628D3044F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1140:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "19F6546E-28F4-40DC-97D6-E0E023FE939B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB3B0EC3-4654-4D90-9D41-7EC2AD1DDF99",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "52D96810-5F79-4A83-B8CA-D015790FCF72",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FE2945-4975-4003-AE48-7E134E167A7F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2130:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCE7122A-5AA7-4ECD-B024-E27C9D0CFB7B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2140:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "976901BF-C52C-4F81-956A-711AF8A60140",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:isa_3000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9510E97A-FD78-43C6-85BC-223001ACA264",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the software-based SSL/TLS message handler of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of SSL/TLS messages when the device performs software-based SSL decryption. An attacker could exploit this vulnerability by sending a crafted SSL/TLS message through an affected device. SSL/TLS messages sent to an affected device do not trigger this vulnerability. A successful exploit could allow the attacker to cause a process to crash. This crash would then trigger a reload of the device. No manual intervention is needed to recover the device after the reload."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el controlador de mensajes SSL/TLS basado en software del software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir a un atacante remoto no autenticado activar una recarga de un dispositivo afectado, resultando en una condici\u00f3n de denegaci\u00f3n de servicio (DoS).\u0026#xa0;La vulnerabilidad es debido a una comprobaci\u00f3n insuficiente de los mensajes SSL/TLS cuando el dispositivo lleva a cabo el descifrado SSL basado en software.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de un mensaje SSL/TLS dise\u00f1ado por medio de un dispositivo afectado.\u0026#xa0;Los mensajes SSL/TLS enviados a un dispositivo afectado no desencadenan esta vulnerabilidad.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar el bloqueo de un proceso.\u0026#xa0;Este bloqueo podr\u00eda entonces desencadenar una recarga del dispositivo.\u0026#xa0;No es necesaria una intervenci\u00f3n manual para recuperar el dispositivo despu\u00e9s de la recarga"
    }
  ],
  "id": "CVE-2021-1402",
  "lastModified": "2024-11-21T05:44:16.410",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-04-29T18:15:08.923",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-ssl-decrypt-dos-DdyLuK6c"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-ssl-decrypt-dos-DdyLuK6c"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2019-05-03 16:29

Modified

2024-11-21 04:37

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Summary

A vulnerability in the internal packet-processing functionality of Cisco Firepower Threat Defense (FTD) Software for the Cisco Firepower 2100 Series could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service (DoS) condition. The vulnerability is due to a logic error, which may prevent ingress buffers from being replenished under specific traffic conditions. An attacker could exploit this vulnerability by sending a series of crafted packets to an affected device. A successful exploit could allow the attacker to consume all input buffers, which are shared between all interfaces, leading to a queue wedge condition in all active interfaces. This situation would cause an affected device to stop processing any incoming traffic and result in a DoS condition until the device is reloaded manually.

References

URL	Tags
psirt@cisco.com	http://www.securityfocus.com/bid/108170	Third Party Advisory, VDB Entry
psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-frpwr-dos	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/108170	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-frpwr-dos	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	firepower_2110	-
cisco	firepower_2120	-
cisco	firepower_2130	-
cisco	firepower_2140	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8F292C5-67ED-4F18-B6C4-5873BB771C3D",
              "versionEndExcluding": "6.2.3.12",
              "versionStartIncluding": "6.2.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "52D96810-5F79-4A83-B8CA-D015790FCF72",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FE2945-4975-4003-AE48-7E134E167A7F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2130:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCE7122A-5AA7-4ECD-B024-E27C9D0CFB7B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2140:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "976901BF-C52C-4F81-956A-711AF8A60140",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the internal packet-processing functionality of Cisco Firepower Threat Defense (FTD) Software for the Cisco Firepower 2100 Series could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service (DoS) condition. The vulnerability is due to a logic error, which may prevent ingress buffers from being replenished under specific traffic conditions. An attacker could exploit this vulnerability by sending a series of crafted packets to an affected device. A successful exploit could allow the attacker to consume all input buffers, which are shared between all interfaces, leading to a queue wedge condition in all active interfaces. This situation would cause an affected device to stop processing any incoming traffic and result in a DoS condition until the device is reloaded manually."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la funcionalidad interna de procesamiento de paquetes (packet-processing) del software Firepower Threat Defense (FTD) de Cisco para Firepower 2100 Series de Cisco, podr\u00eda permitir que un atacante remoto no identificado cause que un dispositivo afectado detenga el procesamiento del tr\u00e1fico, resultando una  condici\u00f3n de Denegaci\u00f3n de Servicio (DoS). La vulnerabilidad es debido a un error l\u00f3gico, que puede evitar que los buffers de ingreso se repongan bajo condiciones de tr\u00e1fico espec\u00edficas. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una serie de paquetes creados a un dispositivo afectado. Una operaci\u00f3n \u00e9xito  podr\u00eda permitir al atacante consumir todos los buffers de entrada, que se comparten entre todas las interfaces, lo que deriva a una condici\u00f3n de cola de segmentos en todas las interfaces activas. Esta situaci\u00f3n causar\u00eda que un dispositivo afectado detenga el procesamiento del tr\u00e1fico entrante y conlleva a una condici\u00f3n DoS hasta que el dispositivo vuelva a cargarse manualmente."
    }
  ],
  "id": "CVE-2019-1703",
  "lastModified": "2024-11-21T04:37:08.240",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-05-03T16:29:00.430",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/108170"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-frpwr-dos"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/108170"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-frpwr-dos"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-770"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2019-11-05 20:15

Modified

2024-11-26 16:09

Severity ?

5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

Summary

A vulnerability in the stream reassembly component of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow an unauthenticated, remote attacker to bypass filtering protections. The vulnerability is due to improper reassembly of traffic streams. An attacker could exploit this vulnerability by sending crafted streams through an affected device. An exploit could allow the attacker to bypass filtering and deliver malicious requests to protected systems that would otherwise be blocked.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190816-ftd-srb	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190816-ftd-srb	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_services_software_for_asa	*
cisco	firepower_threat_defense	*
cisco	secure_firewall_management_center	*
cisco	secure_firewall_management_center	*
cisco	secure_firewall_management_center	*
cisco	secure_firewall_management_center	2.9.15
cisco	secure_firewall_management_center	2.9.16

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_services_software_for_asa:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A70505F-E716-439B-BE8C-B4CC3DF080E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E102D5C4-D296-4F09-B4FA-62CD8E2E5CB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BD5CFAE-5696-419C-B24E-7CF9E7EC7B92",
              "versionEndIncluding": "2.9.12.15",
              "versionStartIncluding": "2.9.12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "27A4DC81-DD37-46A6-8751-D0B4671E23BA",
              "versionEndIncluding": "2.9.13.6",
              "versionStartIncluding": "2.9.13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C37F0EAC-42D5-4D10-A5C8-6D975B7BF176",
              "versionEndIncluding": "2.9.14.5",
              "versionStartIncluding": "2.9.14.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:2.9.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "42493B4F-0CF2-45F0-B72D-36F0597CC274",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:2.9.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "06F2E7D8-BB95-480D-AE3E-F9B97C3A5379",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the stream reassembly component of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow an unauthenticated, remote attacker to bypass filtering protections. The vulnerability is due to improper reassembly of traffic streams. An attacker could exploit this vulnerability by sending crafted streams through an affected device. An exploit could allow the attacker to bypass filtering and deliver malicious requests to protected systems that would otherwise be blocked."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el componente de reensamblado continuo del software Cisco Firepower Threat Defense, el software Cisco FirePOWER Services para ASA y el software Cisco Firepower Management Center, podr\u00eda permitir a un atacante remoto no autenticado omitir las protecciones de filtrado. La vulnerabilidad es debido al reensamblaje inapropiado de los flujos de tr\u00e1fico. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de secuencias creadas por medio de un dispositivo afectado. Una explotaci\u00f3n podr\u00eda permitir al atacante omitir el filtrado y entregar peticiones maliciosas hacia los sistemas protegidos que de otra manera se bloquear\u00edan."
    }
  ],
  "id": "CVE-2019-1978",
  "lastModified": "2024-11-26T16:09:02.407",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-11-05T20:15:11.500",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190816-ftd-srb"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190816-ftd-srb"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2018-10-05 14:29

Modified

2024-11-21 03:50

Severity ?

4.0 (Medium) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N

Summary

A vulnerability in the per-user-override feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass an access control list (ACL) that is configured for an interface of an affected device. The vulnerability is due to errors that could occur when the affected software constructs and applies per-user-override rules. An attacker could exploit this vulnerability by connecting to a network through an affected device that has a vulnerable configuration. A successful exploit could allow the attacker to access resources that are behind the affected device and would typically be protected by the interface ACL.

References

URL	Tags
psirt@cisco.com	http://www.securityfocus.com/bid/105517	Third Party Advisory, VDB Entry
psirt@cisco.com	http://www.securitytracker.com/id/1041788	Third Party Advisory, VDB Entry
psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-asa-acl-bypass	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/105517	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1041788	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-asa-acl-bypass	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance_software	9.6\(4.3\)
cisco	adaptive_security_appliance_software	9.4\(2\)
cisco	adaptive_security_appliance_software	9.4\(4\)
cisco	firepower_threat_defense	6.2.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance_software:9.6\\(4.3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "D25D28E4-A559-4C7D-97A9-22C70876886C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "B21EAFFC-755C-440A-AA9C-BDE4D74C3108",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4\\(4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "34B82BEF-0046-4095-9D8F-7D67518659E9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1DC52A8B-7DF4-47B2-9F49-627F59656E5E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the per-user-override feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass an access control list (ACL) that is configured for an interface of an affected device. The vulnerability is due to errors that could occur when the affected software constructs and applies per-user-override rules. An attacker could exploit this vulnerability by connecting to a network through an affected device that has a vulnerable configuration. A successful exploit could allow the attacker to access resources that are behind the affected device and would typically be protected by the interface ACL."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la caracter\u00edstica per-user-override de Cisco Adaptive Security Appliance (ASA) Software y Cisco Firepower Threat Defense (FTD) Software podr\u00eda permitir que un atacante remoto no autenticado omita una lista de control de acceso (ACL) que est\u00e1 configurada para una interfaz de un dispositivo afectado. La vulnerabilidad se debe a errores que podr\u00edan ocurrir cuando el software afectado construye y aplica reglas per-user-override. Un atacante podr\u00eda explotar esta vulnerabilidad conect\u00e1ndose a una red mediante un dispositivo afectado con una configuraci\u00f3n vulnerable. Su explotaci\u00f3n con \u00e9xito podr\u00eda permitir que el atacante acceda a recursos tras el dispositivo afectado y que normalmente estar\u00edan protegidos por el ACL de la interfaz."
    }
  ],
  "id": "CVE-2018-15398",
  "lastModified": "2024-11-21T03:50:42.197",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.0,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-10-05T14:29:08.230",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/105517"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1041788"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-asa-acl-bypass"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/105517"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1041788"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-asa-acl-bypass"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-284"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2018-04-19 20:29

Modified

2024-11-21 03:37

Severity ?

5.3 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Summary

A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass configured file action policies if an Intelligent Application Bypass (IAB) with a drop percentage threshold is also configured. The vulnerability is due to incorrect counting of the percentage of dropped traffic. An attacker could exploit this vulnerability by sending network traffic to a targeted device. An exploit could allow the attacker to bypass configured file action policies, and traffic that should be dropped could be allowed into the network. Cisco Bug IDs: CSCvf86435.

References

URL	Tags
psirt@cisco.com	http://www.securityfocus.com/bid/103940	Third Party Advisory, VDB Entry
psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-fss2	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/103940	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-fss2	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	6.1.0.5
cisco	firepower_threat_defense	6.2.0.2
cisco	firepower_threat_defense	6.2.1
cisco	firepower_threat_defense	6.2.2
cisco	amp_7150	-
cisco	amp_8150	-
cisco	firepower_appliance_7010	-
cisco	firepower_appliance_7020	-
cisco	firepower_appliance_7030	-
cisco	firepower_appliance_7050	-
cisco	firepower_appliance_7110	-
cisco	firepower_appliance_7115	-
cisco	firepower_appliance_7120	-
cisco	firepower_appliance_7125	-
cisco	firepower_appliance_8120	-
cisco	firepower_appliance_8130	-
cisco	firepower_appliance_8140	-
cisco	firepower_appliance_8250	-
cisco	firepower_appliance_8260	-
cisco	firepower_appliance_8270	-
cisco	firepower_appliance_8290	-
cisco	firepower_appliance_8350	-
cisco	firepower_appliance_8360	-
cisco	firepower_appliance_8370	-
cisco	firepower_appliance_8390	-
cisco	firepower_management_center_1000	-
cisco	firepower_management_center_2000	-
cisco	firepower_management_center_2500	-
cisco	firepower_management_center_4000	-
cisco	firepower_management_center_4500	-
cisco	firesight_management_center_1500	-
cisco	firesight_management_center_3500	-
cisco	firesight_management_center_750	-
cisco	ngips_virtual_appliance	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C6F9B4F-2837-4034-B45C-C131303FF06B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "01C9D2DC-17CE-499D-ACF3-BBA75E7AEEE5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD48BE40-C647-429A-81B6-59E125BBE415",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "42496A5B-1644-4088-BBCF-2ED810A5694B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:amp_7150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F299F4A-CA8C-46EA-A86F-CA52C182DAE6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:amp_8150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B6B5352-91B4-4568-A43D-48A534904AAE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_appliance_7010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBED4712-39D6-4DFD-B8A5-AF20027DD97E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_appliance_7020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF7D9A02-6ED1-4118-9950-8D5537B1DDCA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_appliance_7030:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "497E5799-968E-438E-ADE9-205E947A33A9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_appliance_7050:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "52AA3762-FFDD-4376-8D79-B393CBFAE23A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_appliance_7110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CFB0F77-2A56-439D-87AC-18ED59413F4F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_appliance_7115:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D30DB8A4-83D5-4DA4-8F78-0A7109406E61",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_appliance_7120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "483066C8-ED60-456D-B2BE-110524DDE1AA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_appliance_7125:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FBD966A-B931-475A-924C-C1557B6CE7DB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_appliance_8120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "52DD84FD-BC19-4E94-BBDC-176A38CA95B8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_appliance_8130:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA4BA4BB-C7AA-4D60-BCCF-733988E954D7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_appliance_8140:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B47B208A-6219-4037-8D9E-1B49C0E70BA7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_appliance_8250:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "149B56F8-C51B-4215-A649-9408FD27413D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_appliance_8260:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB97E4A5-2373-49F3-8A8B-005BAC9BEC32",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_appliance_8270:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "31B22719-10C9-4FF4-A330-68F0F870FD4E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_appliance_8290:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F78A7356-59B9-4A8D-BBDB-6A70DDA5A183",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_appliance_8350:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7FC1382-F102-4946-A5E5-467D40953637",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_appliance_8360:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F58D55B-E671-44E4-841F-72F95D20C4A7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_appliance_8370:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A1A5F5A-51F7-4F5D-8901-FA0200602F77",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_appliance_8390:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2AE0775-6C5E-4360-977C-57D9DDD4C9B7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_management_center_1000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "44C4E004-BCBA-4C2A-BBC7-8C6F9E54CC15",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_management_center_2000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A389E5A4-0994-4F75-A264-18371D726ACA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_management_center_2500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E36B8162-AF24-4538-B81E-6FB95AC221C8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_management_center_4000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A9FD1A9-1BB3-4FFB-AB75-5BF8AF61FF1D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_management_center_4500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "05426855-230D-45AA-BD24-DEBBB924C43E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firesight_management_center_1500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "756594F4-D397-425F-ACA3-2E130729B736",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firesight_management_center_3500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B96B6255-BEE7-4AF7-BC82-74CDCBE2BEA1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firesight_management_center_750:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6DE96D31-BB8C-46F0-98F2-903F794C19D9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ngips_virtual_appliance:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "34B16156-73F5-4172-ABB1-8BA2F950ABE9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass configured file action policies if an Intelligent Application Bypass (IAB) with a drop percentage threshold is also configured. The vulnerability is due to incorrect counting of the percentage of dropped traffic. An attacker could exploit this vulnerability by sending network traffic to a targeted device. An exploit could allow the attacker to bypass configured file action policies, and traffic that should be dropped could be allowed into the network. Cisco Bug IDs: CSCvf86435."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el motor de detecci\u00f3n de Cisco Firepower System Software podr\u00eda permitir que un atacante remoto sin autenticar omita pol\u00edticas de acci\u00f3n de archivos configuradas si un IAB (Intelligent Application Bypass) con un l\u00edmite de porcentaje de anulaci\u00f3n est\u00e1 tambi\u00e9n configurado Esta vulnerabilidad se debe al conteo incorrecto del porcentaje de tr\u00e1fico anulado. Un atacante podr\u00eda explotar esta vulnerabilidad enviando tr\u00e1fico de red a un dispositivo afectado. Su explotaci\u00f3n podr\u00eda permitir que el atacante omita pol\u00edticas de acci\u00f3n de archivos configuradas; el tr\u00e1fico que deber\u00eda omitirse podr\u00eda pasar a la red. Cisco Bug IDs: CSCvf86435."
    }
  ],
  "id": "CVE-2018-0254",
  "lastModified": "2024-11-21T03:37:49.460",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": true,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-04-19T20:29:01.127",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/103940"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-fss2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/103940"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-fss2"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-693"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-693"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2022-05-03 04:15

Modified

2024-11-21 06:43

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Summary

A vulnerability in the remote access SSL VPN features of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper validation of errors that are logged as a result of client connections that are made using remote access VPN. An attacker could exploit this vulnerability by sending crafted requests to an affected system. A successful exploit could allow the attacker to cause the affected device to restart, resulting in a DoS condition.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-dos-tL4uA4AA	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-dos-tL4uA4AA	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	7.1.0
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "35AD28D3-1C08-44EF-9148-371C9E7912E5",
              "versionEndExcluding": "6.4.0.15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD7675E1-AE0A-4C69-915D-144597F1250E",
              "versionEndExcluding": "6.6.5.2",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "22E1337C-A0EE-467D-A06E-FBE1541DDFD2",
              "versionEndExcluding": "7.0.2",
              "versionStartIncluding": "6.7.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D619BF54-1BA9-45D0-A876-92D7010088A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E46D8CB-3167-496B-AF1F-3F8070FB933A",
              "versionEndExcluding": "9.8.4.44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C36D9C6E-B6A1-4754-8403-4478D4EFB626",
              "versionEndExcluding": "9.12.4.38",
              "versionStartIncluding": "9.9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "62E28238-CA8D-470B-9200-65E4C656A308",
              "versionEndExcluding": "9.14.4",
              "versionStartIncluding": "9.13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "487B6DDC-FDB5-41EB-91BA-17B4D4E25556",
              "versionEndExcluding": "9.15.1.21",
              "versionStartIncluding": "9.15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "99DD72E2-E389-453E-8A99-1B633C4E2AE3",
              "versionEndExcluding": "9.16.2.14",
              "versionStartIncluding": "9.16.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "573E61F7-8311-4095-BD75-8F3D3E2499E5",
              "versionEndExcluding": "9.17.1.7",
              "versionStartIncluding": "9.17.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the remote access SSL VPN features of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper validation of errors that are logged as a result of client connections that are made using remote access VPN. An attacker could exploit this vulnerability by sending crafted requests to an affected system. A successful exploit could allow the attacker to cause the affected device to restart, resulting in a DoS condition."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en las funciones VPN SSL de acceso remoto del software Cisco Adaptive Security Appliance (ASA) y del software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir a un atacante remoto no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado. Esta vulnerabilidad es debido a que no son comprobados apropiadamente los errores que son registrados como resultado de las conexiones de los clientes que son realizadas mediante una VPN de acceso remoto. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de peticiones dise\u00f1adas a un sistema afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar que el dispositivo afectado sea reiniciado, resultando en una condici\u00f3n de DoS"
    }
  ],
  "id": "CVE-2022-20715",
  "lastModified": "2024-11-21T06:43:23.783",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-05-03T04:15:09.000",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-dos-tL4uA4AA"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-dos-tL4uA4AA"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2018-04-19 20:29

Modified

2024-11-21 03:37

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Summary

A vulnerability in the Secure Sockets Layer (SSL) Virtual Private Network (VPN) Client Certificate Authentication feature for Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to establish an SSL VPN connection and bypass certain SSL certificate verification steps. The vulnerability is due to incorrect verification of the SSL Client Certificate. An attacker could exploit this vulnerability by connecting to the ASA VPN without a proper private key and certificate pair. A successful exploit could allow the attacker to establish an SSL VPN connection to the ASA when the connection should have been rejected. This vulnerability affects Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) Software that is running on the following Cisco products: 3000 Series Industrial Security Appliances (ISA), ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliances (ASAv), Firepower 4110 Security Appliances, Firepower 9300 ASA Security Modules. Cisco Bug IDs: CSCvg40155.

References

URL	Tags
psirt@cisco.com	http://www.securityfocus.com/bid/104018	Third Party Advisory, VDB Entry
psirt@cisco.com	http://www.securitytracker.com/id/1040723	Third Party Advisory, VDB Entry
psirt@cisco.com	https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01	Third Party Advisory, US Government Resource
psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa1	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/104018	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1040723	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01	Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa1	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	9.4.3.1
cisco	adaptive_security_appliance_software	9.4.3.2
cisco	adaptive_security_appliance_software	9.5.2.7
cisco	adaptive_security_appliance_software	9.5.2.8
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F25A0870-9EF6-4985-9279-08CCC996069F",
              "versionEndIncluding": "9.4.4.13",
              "versionStartIncluding": "9.4.4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEF9144C-11FC-4796-AA53-B6F1AFFCAAC6",
              "versionEndIncluding": "9.5.3.9",
              "versionStartIncluding": "9.5.3.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D80533D-282F-4BCC-84B9-28500317AE1E",
              "versionEndIncluding": "9.6.2.21",
              "versionStartIncluding": "9.6.2.9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BD99D09-A1A8-42B3-972C-A29326863C9E",
              "versionEndIncluding": "9.6.3.17",
              "versionStartIncluding": "9.6.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "85F34547-E9EF-4B21-9F09-8C130B8D3D34",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B192805E-7930-4882-A25C-6FB3FF2311B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.5.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "33D86F7D-1535-4145-AB68-B9B734F02E5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.5.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB4FC659-97A4-48D3-81F6-91D81841A4C9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA83CE47-7E33-4BE1-B94B-5015F40812AE",
              "versionEndIncluding": "6.0.1.4",
              "versionStartIncluding": "6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "87DB2199-461F-48A8-B431-F66E67F0CF1D",
              "versionEndIncluding": "6.1.0.5",
              "versionStartIncluding": "6.1.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the Secure Sockets Layer (SSL) Virtual Private Network (VPN) Client Certificate Authentication feature for Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to establish an SSL VPN connection and bypass certain SSL certificate verification steps. The vulnerability is due to incorrect verification of the SSL Client Certificate. An attacker could exploit this vulnerability by connecting to the ASA VPN without a proper private key and certificate pair. A successful exploit could allow the attacker to establish an SSL VPN connection to the ASA when the connection should have been rejected. This vulnerability affects Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) Software that is running on the following Cisco products: 3000 Series Industrial Security Appliances (ISA), ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliances (ASAv), Firepower 4110 Security Appliances, Firepower 9300 ASA Security Modules. Cisco Bug IDs: CSCvg40155."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la caracter\u00edstica SSL (Secure Sockets Layer) VPN (Virtual Private Network) Client Certificate Authentication para Cisco Adaptive Security Appliance (ASA) podr\u00eda permitir que un atacante remoto no autenticado establezca una conexi\u00f3n SSL VPN y omita ciertos pasos de verificaci\u00f3n de certificados SSL. Esta vulnerabilidad se debe a la verificaci\u00f3n incorrecta del certificado de cliente SSL. Un atacante podr\u00eda explotar esta vulnerabilidad conect\u00e1ndose a la VPN ASA sin una clave privada y un par de certificados adecuado. Si se explota esta vulnerabilidad con \u00e9xito, el atacante podr\u00eda establecer una conexi\u00f3n SSL VPN al ASA cuando la conexi\u00f3n deber\u00eda haber sido rechazada. Esta vulnerabilidad afecta a las versiones de Cisco Adaptive Security Appliance (ASA) y Firepower Threat Defense (FTD) Software que se ejecutan en los siguientes productos de Cisco: 3000 Series Industrial Security Appliances (ISA), ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliances (ASAv), Firepower 4110 Security Appliances y Firepower 9300 ASA Security Modules. Cisco Bug IDs: CSCvg40155."
    }
  ],
  "id": "CVE-2018-0227",
  "lastModified": "2024-11-21T03:37:46.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-04-19T20:29:00.300",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/104018"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1040723"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/104018"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1040723"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa1"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-295"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-295"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2022-05-03 04:15

Modified

2024-11-21 06:43

Severity ?

7.4 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
7.4 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

Summary

A vulnerability in an IPsec VPN library of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to read or modify data within an IPsec IKEv2 VPN tunnel. This vulnerability is due to an improper implementation of Galois/Counter Mode (GCM) ciphers. An attacker in a man-in-the-middle position could exploit this vulnerability by intercepting a sufficient number of encrypted messages across an affected IPsec IKEv2 VPN tunnel and then using cryptanalytic techniques to break the encryption. A successful exploit could allow the attacker to decrypt, read, modify, and re-encrypt data that is transmitted across an affected IPsec IKEv2 VPN tunnel.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ipsec-mitm-CKnLr4	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ipsec-mitm-CKnLr4	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	7.1.0
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "35AD28D3-1C08-44EF-9148-371C9E7912E5",
              "versionEndExcluding": "6.4.0.15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD7675E1-AE0A-4C69-915D-144597F1250E",
              "versionEndExcluding": "6.6.5.2",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "536C9927-B64A-4959-BE92-9F2665AEA811",
              "versionEndExcluding": "7.0.2",
              "versionStartIncluding": "7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D619BF54-1BA9-45D0-A876-92D7010088A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "66C2579F-1E8B-4FB1-AA40-B164F4F2BBED",
              "versionEndExcluding": "9.12.4.38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFE84A5D-FFD6-4A82-BDFA-367D29625300",
              "versionEndExcluding": "9.14.4",
              "versionStartIncluding": "9.13.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B120E68-DA48-4B87-A549-6BA7009C056D",
              "versionEndExcluding": "9.15.1.21",
              "versionStartIncluding": "9.15.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "99DD72E2-E389-453E-8A99-1B633C4E2AE3",
              "versionEndExcluding": "9.16.2.14",
              "versionStartIncluding": "9.16.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "573E61F7-8311-4095-BD75-8F3D3E2499E5",
              "versionEndExcluding": "9.17.1.7",
              "versionStartIncluding": "9.17.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in an IPsec VPN library of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to read or modify data within an IPsec IKEv2 VPN tunnel. This vulnerability is due to an improper implementation of Galois/Counter Mode (GCM) ciphers. An attacker in a man-in-the-middle position could exploit this vulnerability by intercepting a sufficient number of encrypted messages across an affected IPsec IKEv2 VPN tunnel and then using cryptanalytic techniques to break the encryption. A successful exploit could allow the attacker to decrypt, read, modify, and re-encrypt data that is transmitted across an affected IPsec IKEv2 VPN tunnel."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en una biblioteca de VPN IPsec del software Cisco Adaptive Security Appliance (ASA) y del software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir a un atacante remoto no autenticado leer o modificar datos dentro de un t\u00fanel VPN IPsec IKEv2. Esta vulnerabilidad es debido a una implementaci\u00f3n inapropiada de los cifrados del modo Galois/Contrafigura (GCM). Un atacante en una posici\u00f3n de hombre en el medio podr\u00eda explotar esta vulnerabilidad al interceptar un n\u00famero suficiente de mensajes encriptados a trav\u00e9s de un t\u00fanel VPN IPsec IKEv2 afectado y, a continuaci\u00f3n, usando t\u00e9cnicas de criptoan\u00e1lisis para romper el cifrado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante descifrar, leer, modificar y volver a cifrar los datos que son transmiten a trav\u00e9s de un t\u00fanel VPN IPsec IKEv2 afectado"
    }
  ],
  "id": "CVE-2022-20742",
  "lastModified": "2024-11-21T06:43:27.517",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 4.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.4,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 5.2,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.4,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 5.2,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-05-03T04:15:09.317",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ipsec-mitm-CKnLr4"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ipsec-mitm-CKnLr4"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-325"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2023-11-01 18:15

Modified

2024-11-21 07:41

Severity ?

6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Summary

A vulnerability in the implementation of Security Assertion Markup Language (SAML) 2.0 single sign-on (SSO) for remote access VPN in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to intercept the SAML assertion of a user who is authenticating to a remote access VPN session. This vulnerability is due to insufficient validation of the login URL. An attacker could exploit this vulnerability by persuading a user to access a site that is under the control of the attacker, allowing the attacker to modify the login URL. A successful exploit could allow the attacker to intercept a successful SAML assertion and use that assertion to establish a remote access VPN session toward the affected device with the identity and permissions of the hijacked user, resulting in access to the protected network.

References

▼	URL	Tags
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-saml-hijack-ttuQfyz	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-saml-hijack-ttuQfyz	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	firepower_threat_defense	7.2.4

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F33C25A4-E475-4F23-978A-5BCE83C38AB2",
              "versionEndIncluding": "9.18.3.46",
              "versionStartIncluding": "9.18.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D246D5B2-7764-4631-88F0-1B8A60B77DF8",
              "versionEndIncluding": "9.19.1.12",
              "versionStartIncluding": "9.19.1.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6826018-5620-4924-BE92-6A245378F610",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the implementation of Security Assertion Markup Language (SAML) 2.0 single sign-on (SSO) for remote access VPN in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to intercept the SAML assertion of a user who is authenticating to a remote access VPN session. This vulnerability is due to insufficient validation of the login URL. An attacker could exploit this vulnerability by persuading a user to access a site that is under the control of the attacker, allowing the attacker to modify the login URL. A successful exploit could allow the attacker to intercept a successful SAML assertion and use that assertion to establish a remote access VPN session toward the affected device with the identity and permissions of the hijacked user, resulting in access to the protected network."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la implementaci\u00f3n de Security Assertion Markup Language (SAML) 2.0 de Single Sign-oOn (SSO) para VPN de acceso remoto en el software Cisco Adaptive Security Appliance (ASA) y el software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir que un atacante remoto no autenticado intercepte la aserci\u00f3n SAML de un usuario que se est\u00e1 autenticando en una sesi\u00f3n VPN de acceso remoto. Esta vulnerabilidad se debe a una validaci\u00f3n insuficiente de la URL de inicio de sesi\u00f3n. Un atacante podr\u00eda aprovechar esta vulnerabilidad persuadiendo a un usuario para que acceda a un sitio que est\u00e1 bajo el control del atacante, permiti\u00e9ndole modificar la URL de inicio de sesi\u00f3n. Un exploit exitoso podr\u00eda permitir al atacante interceptar una aserci\u00f3n SAML exitosa y usar esa aserci\u00f3n para establecer una sesi\u00f3n VPN de acceso remoto hacia el dispositivo afectado con la identidad y los permisos del usuario secuestrado, lo que resultar\u00eda en acceso a la red protegida."
    }
  ],
  "id": "CVE-2023-20264",
  "lastModified": "2024-11-21T07:41:01.730",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.1,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 2.7,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.1,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 2.7,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-11-01T18:15:09.757",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-saml-hijack-ttuQfyz"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-saml-hijack-ttuQfyz"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-601"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-10-21 19:15

Modified

2024-11-21 05:31

Severity ?

7.4 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Summary

A vulnerability in the ingress packet processing path of Cisco Firepower Threat Defense (FTD) Software for interfaces that are configured either as Inline Pair or in Passive mode could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. The vulnerability is due to insufficient validation when Ethernet frames are processed. An attacker could exploit this vulnerability by sending malicious Ethernet frames through an affected device. A successful exploit could allow the attacker do either of the following: Fill the /ngfw partition on the device: A full /ngfw partition could result in administrators being unable to log in to the device (including logging in through the console port) or the device being unable to boot up correctly. Note: Manual intervention is required to recover from this situation. Customers are advised to contact the Cisco Technical Assistance Center (TAC) to help recover a device in this condition. Cause a process crash: The process crash would cause the device to reload. No manual intervention is necessary to recover the device after the reload.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-inline-dos-nXqUyEqM	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-inline-dos-nXqUyEqM	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB4FADF7-A3CD-44B4-85DF-75F28369B459",
              "versionEndExcluding": "6.3.0.6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "53C69C8B-5A19-4613-8861-683CF21806B7",
              "versionEndExcluding": "6.4.0.10",
              "versionStartIncluding": "6.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3ED0E59C-146C-494F-AD46-F6FB43F9C575",
              "versionEndExcluding": "6.5.0.5",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "754010DE-2C33-4BA1-9567-90C46309B664",
              "versionEndExcluding": "6.6.1",
              "versionStartIncluding": "6.6.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the ingress packet processing path of Cisco Firepower Threat Defense (FTD) Software for interfaces that are configured either as Inline Pair or in Passive mode could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. The vulnerability is due to insufficient validation when Ethernet frames are processed. An attacker could exploit this vulnerability by sending malicious Ethernet frames through an affected device. A successful exploit could allow the attacker do either of the following: Fill the /ngfw partition on the device: A full /ngfw partition could result in administrators being unable to log in to the device (including logging in through the console port) or the device being unable to boot up correctly. Note: Manual intervention is required to recover from this situation. Customers are advised to contact the Cisco Technical Assistance Center (TAC) to help recover a device in this condition. Cause a process crash: The process crash would cause the device to reload. No manual intervention is necessary to recover the device after the reload."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la ruta de procesamiento de paquetes de entrada de Cisco Firepower Threat Defense (FTD) Software para interfaces que est\u00e1n configuradas como Inline Pair o en modo Passive podr\u00eda permitir a un atacante adyacente no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS).\u0026#xa0;La vulnerabilidad es debido a una comprobaci\u00f3n insuficiente cuando son procesadas las tramas Ethernet.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de tramas Ethernet maliciosas por medio de un dispositivo afectado.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir a un atacante causar una de las siguientes acciones: Llenar la partici\u00f3n /ngfw en el dispositivo: una partici\u00f3n /ngfw completa podr\u00eda resultar en que los administradores no puedan iniciar sesi\u00f3n en el dispositivo (incluido el inicio de sesi\u00f3n por medio del puerto de la consola) o el dispositivo no puede arrancar correctamente.\u0026#xa0;Nota: Se requiere una intervenci\u00f3n manual para recuperarse de esta situaci\u00f3n.\u0026#xa0;Se recomienda a los clientes que se comuniquen con el Cisco Technical Assistance Center (TAC) para ayudar a recuperar un dispositivo en esta condici\u00f3n.\u0026#xa0;Causar un bloqueo del proceso: el bloqueo del proceso har\u00eda que el dispositivo se recargara.\u0026#xa0;No es necesaria ninguna intervenci\u00f3n manual para recuperar el dispositivo despu\u00e9s de la recarga"
    }
  ],
  "id": "CVE-2020-3577",
  "lastModified": "2024-11-21T05:31:20.723",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "ADJACENT_NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 6.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 6.5,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.4,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.4,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 4.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-10-21T19:15:18.420",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-inline-dos-nXqUyEqM"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-inline-dos-nXqUyEqM"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2023-11-01 18:15

Modified

2024-11-21 07:40

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Summary

A vulnerability in ICMPv6 inspection when configured with the Snort 2 detection engine for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the CPU of an affected device to spike to 100 percent, which could stop all traffic processing and result in a denial of service (DoS) condition. FTD management traffic is not affected by this vulnerability. This vulnerability is due to improper error checking when parsing fields within the ICMPv6 header. An attacker could exploit this vulnerability by sending a crafted ICMPv6 packet through an affected device. A successful exploit could allow the attacker to cause the device to exhaust CPU resources and stop processing traffic, resulting in a DoS condition. Note: To recover from the DoS condition, the Snort 2 Detection Engine or the Cisco FTD device may need to be restarted.

References

▼	URL	Tags
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-icmpv6-dos-4eMkLuN	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-icmpv6-dos-4eMkLuN	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D58D7217-F6F5-4B58-B59C-E5C8781C87A9",
              "versionEndIncluding": "6.2.3.18",
              "versionStartIncluding": "6.2.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5156C270-7E41-4D2E-B051-F35563EA4402",
              "versionEndIncluding": "6.4.0.17",
              "versionStartIncluding": "6.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCDEBE63-3174-4BBC-82DE-E8E25C818E30",
              "versionEndIncluding": "6.6.7.1",
              "versionStartIncluding": "6.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1110632C-526F-4025-A7BE-0CF9F37E5F9E",
              "versionEndIncluding": "6.7.0.3",
              "versionStartIncluding": "6.7.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F51D1A7-A702-4071-85D8-7C77CEB23955",
              "versionEndIncluding": "7.0.5",
              "versionStartIncluding": "7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5F30710-F91A-4A7B-AB06-EE49525E6F04",
              "versionEndIncluding": "7.1.0.3",
              "versionStartIncluding": "7.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "90854884-399A-465B-ACB7-E493B8D39041",
              "versionEndIncluding": "7.2.3",
              "versionStartIncluding": "7.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4350E85-F009-4F8A-952E-BDA774CE809E",
              "versionEndIncluding": "7.3.1.1",
              "versionStartIncluding": "7.3.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in ICMPv6 inspection when configured with the Snort 2 detection engine for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the CPU of an affected device to spike to 100 percent, which could stop all traffic processing and result in a denial of service (DoS) condition. FTD management traffic is not affected by this vulnerability. This vulnerability is due to improper error checking when parsing fields within the ICMPv6 header. An attacker could exploit this vulnerability by sending a crafted ICMPv6 packet through an affected device. A successful exploit could allow the attacker to cause the device to exhaust CPU resources and stop processing traffic, resulting in a DoS condition. Note: To recover from the DoS condition, the Snort 2 Detection Engine or the Cisco FTD device may need to be restarted."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la inspecci\u00f3n ICMPv6 cuando se configura con el motor de detecci\u00f3n Snort 2 para el software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir que un atacante remoto no autenticado haga que la CPU de un dispositivo afectado aumente al 100 por ciento, lo que podr\u00eda detener todo el procesamiento del tr\u00e1fico y resultar en una condici\u00f3n de Denegaci\u00f3n de Servicio (DoS). El tr\u00e1fico de gesti\u00f3n de FTD no se ve afectado por esta vulnerabilidad. Esta vulnerabilidad se debe a una comprobaci\u00f3n incorrecta de errores al analizar campos dentro del encabezado ICMPv6. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando un paquete ICMPv6 manipulado a trav\u00e9s de un dispositivo afectado. Un exploit exitoso podr\u00eda permitir al atacante hacer que el dispositivo agote los recursos de la CPU y deje de procesar el tr\u00e1fico, lo que resultar\u00eda en una condici\u00f3n DoS. Nota: Para recuperarse de la condici\u00f3n DoS, es posible que sea necesario reiniciar el motor de detecci\u00f3n Snort 2 o el dispositivo Cisco FTD."
    }
  ],
  "id": "CVE-2023-20083",
  "lastModified": "2024-11-21T07:40:31.057",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-11-01T18:15:09.143",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-icmpv6-dos-4eMkLuN"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-icmpv6-dos-4eMkLuN"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-835"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2023-03-23 17:15

Modified

2024-11-21 07:40

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Summary

A vulnerability in the deterministic random bit generator (DRBG), also known as pseudorandom number generator (PRNG), in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software for Cisco ASA 5506-X, ASA 5508-X, and ASA 5516-X Firewalls could allow an unauthenticated, remote attacker to cause a cryptographic collision, enabling the attacker to discover the private key of an affected device. This vulnerability is due to insufficient entropy in the DRBG for the affected hardware platforms when generating cryptographic keys. An attacker could exploit this vulnerability by generating a large number of cryptographic keys on an affected device and looking for collisions with target devices. A successful exploit could allow the attacker to impersonate an affected target device or to decrypt traffic secured by an affected key that is sent to or from an affected target device.

References

▼	URL	Tags
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa5500x-entropy-6v9bHVYP	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa5500x-entropy-6v9bHVYP	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance	*
cisco	firepower_threat_defense	*
cisco	asa_5506-x	-
cisco	asa_5506h-x	-
cisco	asa_5506w-x	-
cisco	asa_5508-x	-
cisco	asa_5516-x	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8EFD11F3-D5A7-4733-AEDE-74D1E0B341F9",
              "versionEndExcluding": "9.12.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA44C8ED-0EDD-41A0-992A-0200CF1B33CE",
              "versionEndExcluding": "6.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5506-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "763B801D-CA1E-4C56-8B06-3373EA307C7E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5506h-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "30AC6907-3091-409F-967D-64A82A0C5A8C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5506w-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D11AF728-8EB0-45EB-A7DD-F2D52B3BB7B8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5508-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "92AE506A-E710-465B-B795-470FDE0E0ECA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5516-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E07AF10-FFB2-4AC7-BBE7-199C3EFED81F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the deterministic random bit generator (DRBG), also known as pseudorandom number generator (PRNG), in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software for Cisco ASA 5506-X, ASA 5508-X, and ASA 5516-X Firewalls could allow an unauthenticated, remote attacker to cause a cryptographic collision, enabling the attacker to discover the private key of an affected device. This vulnerability is due to insufficient entropy in the DRBG for the affected hardware platforms when generating cryptographic keys. An attacker could exploit this vulnerability by generating a large number of cryptographic keys on an affected device and looking for collisions with target devices. A successful exploit could allow the attacker to impersonate an affected target device or to decrypt traffic secured by an affected key that is sent to or from an affected target device."
    }
  ],
  "id": "CVE-2023-20107",
  "lastModified": "2024-11-21T07:40:33.907",
  "metrics": {
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-03-23T17:15:15.197",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa5500x-entropy-6v9bHVYP"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa5500x-entropy-6v9bHVYP"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-332"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-331"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2024-10-23 18:15

Modified

2025-07-15 17:45

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Summary

A vulnerability in the SSL VPN feature for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to a logic error in memory management when the device is handling SSL VPN connections. An attacker could exploit this vulnerability by sending crafted SSL/TLS packets to the SSL VPN server of the affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

References

▼	URL	Tags
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-webvpn-dos-hOnB9pH4	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance_software	9.8.1
cisco	adaptive_security_appliance_software	9.8.1.5
cisco	adaptive_security_appliance_software	9.8.1.7
cisco	adaptive_security_appliance_software	9.8.2
cisco	adaptive_security_appliance_software	9.8.2.8
cisco	adaptive_security_appliance_software	9.8.2.14
cisco	adaptive_security_appliance_software	9.8.2.15
cisco	adaptive_security_appliance_software	9.8.2.17
cisco	adaptive_security_appliance_software	9.8.2.20
cisco	adaptive_security_appliance_software	9.8.2.24
cisco	adaptive_security_appliance_software	9.8.2.26
cisco	adaptive_security_appliance_software	9.8.2.28
cisco	adaptive_security_appliance_software	9.8.2.33
cisco	adaptive_security_appliance_software	9.8.2.35
cisco	adaptive_security_appliance_software	9.8.2.38
cisco	adaptive_security_appliance_software	9.8.2.45
cisco	adaptive_security_appliance_software	9.8.3
cisco	adaptive_security_appliance_software	9.8.3.8
cisco	adaptive_security_appliance_software	9.8.3.11
cisco	adaptive_security_appliance_software	9.8.3.14
cisco	adaptive_security_appliance_software	9.8.3.16
cisco	adaptive_security_appliance_software	9.8.3.18
cisco	adaptive_security_appliance_software	9.8.3.21
cisco	adaptive_security_appliance_software	9.8.3.26
cisco	adaptive_security_appliance_software	9.8.3.29
cisco	adaptive_security_appliance_software	9.8.4
cisco	adaptive_security_appliance_software	9.8.4.3
cisco	adaptive_security_appliance_software	9.8.4.7
cisco	adaptive_security_appliance_software	9.8.4.8
cisco	adaptive_security_appliance_software	9.8.4.10
cisco	adaptive_security_appliance_software	9.8.4.12
cisco	adaptive_security_appliance_software	9.8.4.15
cisco	adaptive_security_appliance_software	9.8.4.17
cisco	adaptive_security_appliance_software	9.8.4.20
cisco	adaptive_security_appliance_software	9.8.4.22
cisco	adaptive_security_appliance_software	9.8.4.25
cisco	adaptive_security_appliance_software	9.8.4.26
cisco	adaptive_security_appliance_software	9.8.4.29
cisco	adaptive_security_appliance_software	9.8.4.32
cisco	adaptive_security_appliance_software	9.8.4.33
cisco	adaptive_security_appliance_software	9.8.4.34
cisco	adaptive_security_appliance_software	9.8.4.35
cisco	adaptive_security_appliance_software	9.8.4.39
cisco	adaptive_security_appliance_software	9.8.4.40
cisco	adaptive_security_appliance_software	9.8.4.41
cisco	adaptive_security_appliance_software	9.8.4.43
cisco	adaptive_security_appliance_software	9.8.4.44
cisco	adaptive_security_appliance_software	9.8.4.45
cisco	adaptive_security_appliance_software	9.8.4.46
cisco	adaptive_security_appliance_software	9.8.4.48
cisco	adaptive_security_appliance_software	9.12.1
cisco	adaptive_security_appliance_software	9.12.1.2
cisco	adaptive_security_appliance_software	9.12.1.3
cisco	adaptive_security_appliance_software	9.12.2
cisco	adaptive_security_appliance_software	9.12.2.1
cisco	adaptive_security_appliance_software	9.12.2.4
cisco	adaptive_security_appliance_software	9.12.2.5
cisco	adaptive_security_appliance_software	9.12.2.9
cisco	adaptive_security_appliance_software	9.12.3
cisco	adaptive_security_appliance_software	9.12.3.2
cisco	adaptive_security_appliance_software	9.12.3.7
cisco	adaptive_security_appliance_software	9.12.3.9
cisco	adaptive_security_appliance_software	9.12.3.12
cisco	adaptive_security_appliance_software	9.12.4
cisco	adaptive_security_appliance_software	9.12.4.2
cisco	adaptive_security_appliance_software	9.12.4.4
cisco	adaptive_security_appliance_software	9.12.4.7
cisco	adaptive_security_appliance_software	9.12.4.8
cisco	adaptive_security_appliance_software	9.12.4.10
cisco	adaptive_security_appliance_software	9.12.4.13
cisco	adaptive_security_appliance_software	9.12.4.18
cisco	adaptive_security_appliance_software	9.12.4.24
cisco	adaptive_security_appliance_software	9.12.4.26
cisco	adaptive_security_appliance_software	9.12.4.29
cisco	adaptive_security_appliance_software	9.12.4.30
cisco	adaptive_security_appliance_software	9.12.4.35
cisco	adaptive_security_appliance_software	9.12.4.37
cisco	adaptive_security_appliance_software	9.12.4.38
cisco	adaptive_security_appliance_software	9.12.4.39
cisco	adaptive_security_appliance_software	9.12.4.40
cisco	adaptive_security_appliance_software	9.12.4.41
cisco	adaptive_security_appliance_software	9.12.4.47
cisco	adaptive_security_appliance_software	9.12.4.48
cisco	adaptive_security_appliance_software	9.12.4.50
cisco	adaptive_security_appliance_software	9.12.4.52
cisco	adaptive_security_appliance_software	9.12.4.54
cisco	adaptive_security_appliance_software	9.12.4.55
cisco	adaptive_security_appliance_software	9.12.4.56
cisco	adaptive_security_appliance_software	9.12.4.58
cisco	adaptive_security_appliance_software	9.12.4.62
cisco	adaptive_security_appliance_software	9.12.4.65
cisco	adaptive_security_appliance_software	9.12.4.67
cisco	adaptive_security_appliance_software	9.14.1
cisco	adaptive_security_appliance_software	9.14.1.6
cisco	adaptive_security_appliance_software	9.14.1.10
cisco	adaptive_security_appliance_software	9.14.1.15
cisco	adaptive_security_appliance_software	9.14.1.19
cisco	adaptive_security_appliance_software	9.14.1.30
cisco	adaptive_security_appliance_software	9.14.2
cisco	adaptive_security_appliance_software	9.14.2.4
cisco	adaptive_security_appliance_software	9.14.2.8
cisco	adaptive_security_appliance_software	9.14.2.13
cisco	adaptive_security_appliance_software	9.14.2.15
cisco	adaptive_security_appliance_software	9.14.3
cisco	adaptive_security_appliance_software	9.14.3.1
cisco	adaptive_security_appliance_software	9.14.3.9
cisco	adaptive_security_appliance_software	9.14.3.11
cisco	adaptive_security_appliance_software	9.14.3.13
cisco	adaptive_security_appliance_software	9.14.3.15
cisco	adaptive_security_appliance_software	9.14.3.18
cisco	adaptive_security_appliance_software	9.14.4
cisco	adaptive_security_appliance_software	9.14.4.6
cisco	adaptive_security_appliance_software	9.14.4.7
cisco	adaptive_security_appliance_software	9.14.4.12
cisco	adaptive_security_appliance_software	9.14.4.13
cisco	adaptive_security_appliance_software	9.14.4.14
cisco	adaptive_security_appliance_software	9.14.4.15
cisco	adaptive_security_appliance_software	9.14.4.17
cisco	adaptive_security_appliance_software	9.14.4.22
cisco	adaptive_security_appliance_software	9.14.4.23
cisco	adaptive_security_appliance_software	9.14.4.24
cisco	adaptive_security_appliance_software	9.15.1
cisco	adaptive_security_appliance_software	9.15.1.1
cisco	adaptive_security_appliance_software	9.15.1.7
cisco	adaptive_security_appliance_software	9.15.1.10
cisco	adaptive_security_appliance_software	9.15.1.15
cisco	adaptive_security_appliance_software	9.15.1.16
cisco	adaptive_security_appliance_software	9.15.1.17
cisco	adaptive_security_appliance_software	9.15.1.21
cisco	adaptive_security_appliance_software	9.16.1
cisco	adaptive_security_appliance_software	9.16.1.28
cisco	adaptive_security_appliance_software	9.16.2
cisco	adaptive_security_appliance_software	9.16.2.3
cisco	adaptive_security_appliance_software	9.16.2.7
cisco	adaptive_security_appliance_software	9.16.2.11
cisco	adaptive_security_appliance_software	9.16.2.13
cisco	adaptive_security_appliance_software	9.16.2.14
cisco	adaptive_security_appliance_software	9.16.3
cisco	adaptive_security_appliance_software	9.16.3.3
cisco	adaptive_security_appliance_software	9.16.3.14
cisco	adaptive_security_appliance_software	9.16.3.15
cisco	adaptive_security_appliance_software	9.16.3.19
cisco	adaptive_security_appliance_software	9.16.3.23
cisco	adaptive_security_appliance_software	9.16.4
cisco	adaptive_security_appliance_software	9.16.4.9
cisco	adaptive_security_appliance_software	9.16.4.14
cisco	adaptive_security_appliance_software	9.16.4.18
cisco	adaptive_security_appliance_software	9.16.4.19
cisco	adaptive_security_appliance_software	9.16.4.27
cisco	adaptive_security_appliance_software	9.16.4.38
cisco	adaptive_security_appliance_software	9.16.4.39
cisco	adaptive_security_appliance_software	9.16.4.42
cisco	adaptive_security_appliance_software	9.16.4.48
cisco	adaptive_security_appliance_software	9.16.4.55
cisco	adaptive_security_appliance_software	9.16.4.57
cisco	adaptive_security_appliance_software	9.16.4.61
cisco	adaptive_security_appliance_software	9.17.1
cisco	adaptive_security_appliance_software	9.17.1.7
cisco	adaptive_security_appliance_software	9.17.1.9
cisco	adaptive_security_appliance_software	9.17.1.10
cisco	adaptive_security_appliance_software	9.17.1.11
cisco	adaptive_security_appliance_software	9.17.1.13
cisco	adaptive_security_appliance_software	9.17.1.15
cisco	adaptive_security_appliance_software	9.17.1.20
cisco	adaptive_security_appliance_software	9.17.1.30
cisco	adaptive_security_appliance_software	9.17.1.33
cisco	adaptive_security_appliance_software	9.17.1.39
cisco	adaptive_security_appliance_software	9.18.1
cisco	adaptive_security_appliance_software	9.18.1.3
cisco	adaptive_security_appliance_software	9.18.2
cisco	adaptive_security_appliance_software	9.18.2.5
cisco	adaptive_security_appliance_software	9.18.2.7
cisco	adaptive_security_appliance_software	9.18.2.8
cisco	adaptive_security_appliance_software	9.18.3
cisco	adaptive_security_appliance_software	9.18.3.39
cisco	adaptive_security_appliance_software	9.18.3.46
cisco	adaptive_security_appliance_software	9.18.3.53
cisco	adaptive_security_appliance_software	9.18.3.55
cisco	adaptive_security_appliance_software	9.18.3.56
cisco	adaptive_security_appliance_software	9.18.4
cisco	adaptive_security_appliance_software	9.18.4.5
cisco	adaptive_security_appliance_software	9.18.4.8
cisco	adaptive_security_appliance_software	9.18.4.22
cisco	adaptive_security_appliance_software	9.18.4.24
cisco	adaptive_security_appliance_software	9.18.4.29
cisco	adaptive_security_appliance_software	9.19.1
cisco	adaptive_security_appliance_software	9.19.1.5
cisco	adaptive_security_appliance_software	9.19.1.9
cisco	adaptive_security_appliance_software	9.19.1.12
cisco	adaptive_security_appliance_software	9.19.1.18
cisco	adaptive_security_appliance_software	9.19.1.22
cisco	adaptive_security_appliance_software	9.19.1.24
cisco	adaptive_security_appliance_software	9.19.1.27
cisco	adaptive_security_appliance_software	9.19.1.28
cisco	adaptive_security_appliance_software	9.19.1.31
cisco	firepower_threat_defense	6.2.3
cisco	firepower_threat_defense	6.2.3.1
cisco	firepower_threat_defense	6.2.3.2
cisco	firepower_threat_defense	6.2.3.3
cisco	firepower_threat_defense	6.2.3.4
cisco	firepower_threat_defense	6.2.3.5
cisco	firepower_threat_defense	6.2.3.6
cisco	firepower_threat_defense	6.2.3.7
cisco	firepower_threat_defense	6.2.3.8
cisco	firepower_threat_defense	6.2.3.9
cisco	firepower_threat_defense	6.2.3.10
cisco	firepower_threat_defense	6.2.3.11
cisco	firepower_threat_defense	6.2.3.12
cisco	firepower_threat_defense	6.2.3.13
cisco	firepower_threat_defense	6.2.3.14
cisco	firepower_threat_defense	6.2.3.15
cisco	firepower_threat_defense	6.2.3.16
cisco	firepower_threat_defense	6.2.3.17
cisco	firepower_threat_defense	6.2.3.18
cisco	firepower_threat_defense	6.4.0
cisco	firepower_threat_defense	6.4.0.1
cisco	firepower_threat_defense	6.4.0.2
cisco	firepower_threat_defense	6.4.0.3
cisco	firepower_threat_defense	6.4.0.4
cisco	firepower_threat_defense	6.4.0.5
cisco	firepower_threat_defense	6.4.0.6
cisco	firepower_threat_defense	6.4.0.7
cisco	firepower_threat_defense	6.4.0.8
cisco	firepower_threat_defense	6.4.0.9
cisco	firepower_threat_defense	6.4.0.10
cisco	firepower_threat_defense	6.4.0.11
cisco	firepower_threat_defense	6.4.0.12
cisco	firepower_threat_defense	6.4.0.13
cisco	firepower_threat_defense	6.4.0.14
cisco	firepower_threat_defense	6.4.0.15
cisco	firepower_threat_defense	6.4.0.16
cisco	firepower_threat_defense	6.4.0.17
cisco	firepower_threat_defense	6.4.0.18
cisco	firepower_threat_defense	6.6.0
cisco	firepower_threat_defense	6.6.0.1
cisco	firepower_threat_defense	6.6.1
cisco	firepower_threat_defense	6.6.3
cisco	firepower_threat_defense	6.6.4
cisco	firepower_threat_defense	6.6.5
cisco	firepower_threat_defense	6.6.5.1
cisco	firepower_threat_defense	6.6.5.2
cisco	firepower_threat_defense	6.6.7
cisco	firepower_threat_defense	6.6.7.1
cisco	firepower_threat_defense	6.6.7.2
cisco	firepower_threat_defense	6.7.0
cisco	firepower_threat_defense	6.7.0.1
cisco	firepower_threat_defense	6.7.0.2
cisco	firepower_threat_defense	6.7.0.3
cisco	firepower_threat_defense	7.0.0
cisco	firepower_threat_defense	7.0.0.1
cisco	firepower_threat_defense	7.0.1
cisco	firepower_threat_defense	7.0.1.1
cisco	firepower_threat_defense	7.0.2
cisco	firepower_threat_defense	7.0.2.1
cisco	firepower_threat_defense	7.0.3
cisco	firepower_threat_defense	7.0.4
cisco	firepower_threat_defense	7.0.5
cisco	firepower_threat_defense	7.0.6
cisco	firepower_threat_defense	7.0.6.1
cisco	firepower_threat_defense	7.0.6.2
cisco	firepower_threat_defense	7.1.0
cisco	firepower_threat_defense	7.1.0.1
cisco	firepower_threat_defense	7.1.0.2
cisco	firepower_threat_defense	7.1.0.3
cisco	firepower_threat_defense	7.2.0
cisco	firepower_threat_defense	7.2.0.1
cisco	firepower_threat_defense	7.2.1
cisco	firepower_threat_defense	7.2.2
cisco	firepower_threat_defense	7.2.3
cisco	firepower_threat_defense	7.2.4
cisco	firepower_threat_defense	7.2.4.1
cisco	firepower_threat_defense	7.2.5
cisco	firepower_threat_defense	7.2.5.1
cisco	firepower_threat_defense	7.2.5.2
cisco	firepower_threat_defense	7.2.6
cisco	firepower_threat_defense	7.2.7
cisco	firepower_threat_defense	7.2.8
cisco	firepower_threat_defense	7.2.8.1
cisco	firepower_threat_defense	7.3.0
cisco	firepower_threat_defense	7.3.1
cisco	firepower_threat_defense	7.3.1.1
cisco	firepower_threat_defense	7.3.1.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D482F818-0A8E-49D7-8E3E-0958019FA629",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E7BFB57-BC02-4930-A02F-83583E6A0FC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "026F1960-C879-4611-A60A-96311B63CCA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAF8B33E-0C95-467D-A865-0A234E69D0CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFF144F5-D933-4DE4-818C-001BD9E3958A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "00112ED3-FE7B-425B-9A28-1E5F2BC8BB01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDD491D5-FAAB-493F-91A6-D2F3B5F5970E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "1519F49D-588F-4B70-B38F-EF4F3E13FEAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "15354443-5EB7-4712-B2DE-61DB33830759",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "248D6B44-E134-4DEC-A947-636824E3FDFA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "0820A79C-F3EF-407F-9AC7-DCAB4CD39C89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D3E8805-85D2-4345-8076-039513209A31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "14BB907B-D75A-4F5E-B20D-5457A71A70EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "F118B803-4C55-436A-A136-0C1FEA49858F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.38:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A272121-408E-45F6-A2A1-0BA6EBC060A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.45:*:*:*:*:*:*:*",
              "matchCriteriaId": "61C3A433-0792-434E-AC90-A84B346499D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "980CEA3B-5A81-4E8C-BEA3-DD31BE7DA2CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3910211-D4DB-4CA7-BBEA-DD8246FF10ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "C260BF30-7A33-4C70-9509-404856C93666",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF894850-39EC-4B57-BBFF-F1AB4F8389A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1FAFCF9-0ABE-483E-9604-329762BB7870",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "83DB4278-3126-4765-97C4-6C0A8C78DA78",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "174E631B-6099-47DE-8790-BBF4B7FDB8CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FE3538B-F612-4105-BFDE-A4B594482DCF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "3143B0FF-C855-485E-A908-E48974B1643C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "26DD9992-6D98-4E03-9599-ECF38A186FBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "24DCEAE6-355B-40AE-A7C8-AF744FCA8A86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "2097E81E-B422-4B93-AF09-F300A0E8AF71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "454DEA31-A607-4054-82D3-24A4FEB7358F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "57F0B213-8187-4465-84F1-FB8D92B36020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "E540771E-BA0B-42D1-8251-B576B0F142C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEC2A833-BECF-4000-A592-6113A84C2D20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "077F1416-924A-4D25-9CEE-3BD66A96A019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BDC8D92-D6E0-40EE-B190-D2B32C7DEB75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "23CD5619-E534-4F40-998D-39DC19FA0451",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5D0EB11-14B1-44B3-8D46-B9DD872F772C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FA399CF-12DB-42E0-A66F-14508B52A453",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B5A7608-E737-420E-9B5E-836600DAC701",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.32:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7EB6801-336D-4F41-ADE7-1C58C63C3F6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "8413DA41-02A5-4269-8C88-9DD5076AF91B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.34:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA00285F-6914-4749-8A47-FC4EDAFFF3C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "4AA4D367-32B9-4F54-8352-A959F61A1FDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "2259FF9E-0C8B-440F-B1AC-51BDE3F60E68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C522B55-904D-4C08-B73E-1457D877C0AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "4483056A-FBF3-4E00-81EB-1E97334EF240",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.43:*:*:*:*:*:*:*",
              "matchCriteriaId": "48677330-06AB-4C7F-B2AD-F7E465A9632A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.44:*:*:*:*:*:*:*",
              "matchCriteriaId": "7AEA80D2-5DB8-4334-9A88-7DDE395832C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.45:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB1C38A5-1028-4AD3-8CC7-A00091091E76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.46:*:*:*:*:*:*:*",
              "matchCriteriaId": "848147B2-C49A-43F6-9069-FC8885BDFDA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.48:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6FEF0DA-741E-4361-8143-068EB47D6520",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F002FD55-F881-450E-BC1B-8073E188F47E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA940C4F-13BB-465F-BB8D-CBD0109BF012",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B0434F5-9A50-4B57-9C5B-E09415D098C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE727035-06CB-4E37-A9D2-96BD54502120",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FE52B81-2CF8-48E5-A7BA-A163A25A669B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8E8D7C9-5272-40E6-869B-B33959F9F0CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE8D5D71-5C85-4644-8A84-F073549ADB50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "0790DDC2-7BA0-42DC-A157-754C0CBBE178",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "882394EA-70C8-4D86-9AEF-5D273D8E518C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "855AD3CC-F404-48C5-80D2-7F2765D16D72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "26B6BF72-9124-4213-B3C0-BD31B46E8C91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE8FBE89-8FDA-4B9B-BA1A-90FFD482A585",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "149C3872-8DA9-48DD-ADD0-2E84C1A76A40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2D33E8C-294A-4C43-8DB6-9DA9F61F0B3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E23ACB0-DF8B-4672-A819-4DCD3104CE4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4723B88-62BA-40E6-AA89-BAC02D6A036F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C698819-3C8E-4A16-8F52-42FF1E54C076",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D3CE74E-59E7-448A-8417-18F97C05C798",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "0986C171-0E75-4F6F-A9BD-276830104E5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "66A2777A-7831-4324-AEB2-5D93B5F6C04B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "37045680-9189-4B7F-A4F7-4E682FE20A09",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6C9F37B-CF3C-4861-A969-C7CF4946274A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A1DAF21-3FED-4691-9D4C-8FD8CEA7FB3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB938E58-4963-4A31-8836-88E958592B30",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E317897-EE97-44F3-96BB-E54228D72A7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EF7FAB2-158D-4C48-9246-E7AD3BF1D801",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.37:*:*:*:*:*:*:*",
              "matchCriteriaId": "056D43AE-ECDB-40D2-A196-18DDCD02629E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.38:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3E555F3-3580-4D71-8D8D-92FE72763D62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "93013503-8B9A-4160-AF7E-277958FA6E9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3B009FD-0F2B-4511-8EDF-C3E670623F89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "52579D8D-E855-42B3-B406-32DD1C39F721",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.47:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7E44FC6-12A2-4F76-A095-28F3804B619F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.48:*:*:*:*:*:*:*",
              "matchCriteriaId": "42917E5E-E362-4B40-B2B2-3C77BA35641C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.50:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF317FA3-EBF3-49BB-A9E6-0D4295FA3F60",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.52:*:*:*:*:*:*:*",
              "matchCriteriaId": "F98B1683-914F-43D3-AE1C-311D3A90BE8C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.54:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8D24656-CAB1-4A98-A440-482927FEDD16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.55:*:*:*:*:*:*:*",
              "matchCriteriaId": "E504557C-DA5D-4D0F-A813-4CE7D5109F15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.56:*:*:*:*:*:*:*",
              "matchCriteriaId": "04D2A067-C717-4921-BBF5-3EFBE02736EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.58:*:*:*:*:*:*:*",
              "matchCriteriaId": "36DDEC5B-4BEA-499C-9F34-BB3D39B7A963",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.62:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4E44C37-0F6F-440B-BA26-FB6D0B179E44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.65:*:*:*:*:*:*:*",
              "matchCriteriaId": "6AEE0050-34DC-49CB-B859-8ED500FD79A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.67:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A47E5C5-E058-4B4C-A258-6DF7CE0EA92B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "52D83C3A-ED0B-42D5-A08A-97D27E189875",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "A649E319-D408-4AA2-8293-C9E37AF14BA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4187EFE-4D7E-4493-A6E0-24C98256CF79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "6730194F-5069-40AB-AE66-871D3992560C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E257F98-D1A0-4D28-9504-1749CC090D49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FF1A5FC-73BE-4218-86D9-2E81FA64EABD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E492943-6EC0-4E34-9DBC-DD1C2CF1CDCC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "589E46F3-8038-4B87-8C40-55C6268B82F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F3B73F6-139E-42DC-B895-DDD17B5A1138",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A2590E7-FE04-4B29-B36B-AABAA5F3B9AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E4FD5E3-7E82-4294-8B05-D2045D857029",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E998A4A-5346-4CFA-A617-FD1106C6B7A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "91265549-A16E-4A00-A031-4F1EB8D6881C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA3C316B-5485-4CDD-A1A1-6C0A9CB4719F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECE6D033-7B8B-4F61-B653-0C0EF13466EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "14441650-DAD5-4959-83DF-4D6F3D6A05FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B21ABC9-A64B-43E4-8951-1E6C0F427DBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "A48EC041-322F-422D-B95B-0FC07BDA2B6B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE0D50C0-DADB-4747-8649-8A5257111FE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEE2699F-353F-44CB-A778-981783DDC31F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D8E50BD-1FBD-483B-9C27-70E95C732E55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "F46E5E4F-787C-4C05-B1E7-C39BB9125D16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6A29312-38E7-456B-94DD-4D7329691114",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "27F7BB31-C733-4C32-BF0F-33B5AF020156",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC313568-33A6-435B-98FF-8A7091D9C451",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F85710A-28CE-4913-8523-356461908FBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6069950-016B-419A-B754-D58956CB6D14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A2F3FEC-624F-47C5-B056-836861BB038A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C4B1136-66B6-42BA-BC17-86E7DCE1CF29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA0B9B73-A9E6-4924-9EAE-B57E534938FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "012812C4-EFF8-465F-A771-134BEB617CC9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "E06141A9-8C37-445A-B58A-45739AFE7D4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "7EDC09E5-51D3-4672-B910-B34A9CBD6128",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "71ED7A71-81CB-444C-A4ED-EA4A58D5E73C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "CAD13331-0EB8-4C8D-85CC-D96CA9F829AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "7137F22B-F993-4620-9378-9412DAEA9EF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "923A40E8-6456-4288-B9AB-DBF5F9C4246A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "13F57A86-6284-4269-823E-B30C57185D14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.1.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6560447-039C-40FA-A24D-C8994AC2743B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "378ED826-F5FE-40BA-9FC0-9C185A13518B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "130B6FD9-764D-4EF8-91AA-37E52AE9B3E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "225861CE-FFF8-4AFA-A07B-CB8D5BC9C361",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD08C4E8-3ADB-4048-9B3C-4F0385201523",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4875811-F209-49ED-B310-8377B2F87FF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "99C52C7B-B626-4A3C-A2EC-28A20E7FA95F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "08CCBF5E-257A-4A1F-8930-3643A9588838",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "782BC9ED-1395-472B-9F34-DED812AA5BFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "153449C0-B93F-49A2-8A6A-BE84305E8D2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "853A002C-839A-4372-8485-750A86E9F6E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "C62BB5D6-CE75-4C83-82DC-4148EF8CB1F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "D32F1365-EAF8-4570-B2FF-45E47E8586F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFD07F9B-6BB3-4423-8DBE-4E89A6478E65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "34FE4F28-B704-4325-AE8A-C790163FEE71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "E832BC0C-8439-4779-9064-C2D93F231031",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA99DF94-D031-4375-9A16-306606FE28F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC149D03-5609-46E6-A1B3-F4D91F282B49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.27:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5D7FC6F-1370-4272-97E5-226C2ED1D335",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.38:*:*:*:*:*:*:*",
              "matchCriteriaId": "164D5774-D51B-47C6-AD32-ED6B84E78BBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "24A810C8-1BB5-4589-84AB-C357C1937201",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.42:*:*:*:*:*:*:*",
              "matchCriteriaId": "F22D8D65-2E88-4557-BF85-1E3ABD4CCAE8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.48:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF62C9AF-70F5-4A12-9B0A-F32551FB2C40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.55:*:*:*:*:*:*:*",
              "matchCriteriaId": "A04EB4FB-0C9F-441E-B02A-6B22F195348F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.57:*:*:*:*:*:*:*",
              "matchCriteriaId": "ACDD7BD6-1C1D-49FE-8478-D0F37EB59BC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.61:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB7D8466-0050-495A-9442-8C5FF3912F5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "27ACBA2A-87A7-4836-A474-AFD7D22F820D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "C73E0B2E-BABF-4998-A1D7-4E803F9D78AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "59306ADF-FAA6-4970-ADFB-C5D9A5AEF1AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "959107AC-E9EC-467C-901B-A3164E3762E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F944F8F-0255-42BE-BD44-D21EC9F0FFC4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F39C535-5A41-47CE-A9CF-B360998D4BF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9CEAEFC-7B82-41F9-A09D-C86A3A60A4FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "40FAC31D-19C0-4BA0-A019-C7E7A0BA0B5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "6CAAFE0F-416F-4BCA-BA37-30EAEADA8AFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E1E8552-58F0-491E-B7D7-E89527872FC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "9347D71D-1F50-4F85-9F6D-E11D79BD26E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BA16A6D-2747-4DAC-A30A-166F1FD906FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "289F9874-FC01-4809-9BDA-1AF583FB60B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "74EDFC67-E4EE-4D2C-BF9F-5881C987C662",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "826869BE-4874-4BBA-9392-14851560BA10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF52D477-3045-45D1-9FD3-12F396266463",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "88E310BF-F1F6-4124-A875-81967B9B531E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B330F8F-F0DA-472C-A932-AD1D232C7DB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BF59DAA-268C-4FCF-A0AA-7967128AEBC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.46:*:*:*:*:*:*:*",
              "matchCriteriaId": "140ED95D-173C-4ADB-A2E6-97F0D595D1AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.53:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC9B00E1-3E50-4356-B6D9-F84BCD552402",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.55:*:*:*:*:*:*:*",
              "matchCriteriaId": "552319A9-01F7-47BA-83B3-B2DD648AA07E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.56:*:*:*:*:*:*:*",
              "matchCriteriaId": "4914603C-4B1B-48F1-826C-DB803BD21F87",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AE21762-3085-4AFC-B1DE-A4562CDAC509",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "852C3478-7529-4002-8540-ABA4D556DEFC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "23B8A815-5D58-4952-936E-D47B83637BEB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.4.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C98D085-E321-4BAE-AF03-ABDEDC4D24BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.4.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "C05599C9-C0DB-47C1-B145-C410076C1049",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.4.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BC91A59-0BFA-4DE8-B414-7558D27FBC54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEE52F59-AABA-4069-A909-64AD5DFD2B18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "20D7966E-B02B-48C8-BF96-723DD6C25314",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA618249-E76F-4104-9326-C9F2DC8DE3D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C925E1F-6BD9-4CD1-8AC4-4263A9094786",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5EE76D9-6D18-4823-B6B0-E1394A4D140C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F635946-586D-4DE2-927B-300CE569C596",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "459C11B9-ABA1-472A-8CDA-9C7B4E48E943",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.27:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA060112-E2D8-4EC5-8400-D8D189A119B5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3888BB0-B529-486C-8563-392BD1C5DFD5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.31:*:*:*:*:*:*:*",
              "matchCriteriaId": "43FE3FA7-8281-4BD9-A08B-8C79D369480E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D726F07-06F1-4B0A-B010-E607E0C2A280",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FAD2427-82A3-4E64-ADB5-FA4F40B568F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "08D5A647-AC21-40AC-8B3C-EE5D3EDA038A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BAE999A-5244-46CF-8C12-D68E789BDEE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6468D3D-C5A7-4FAE-B4B9-AD862CD11055",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6E4808D-592E-46A6-A83A-A46227D817B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AB45136-ACCD-4230-8975-0EBB30D5B375",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2C39AC1-1B96-4253-9FC8-4CC26D6261F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE9102C8-F211-4E50-967F-FD51C7FC904F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4933642-89E5-4909-AD3C-862CD3B77790",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9A6C776-79B3-47ED-B013-100B8F08E1C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "E504F28A-44CE-4B3E-9330-6A98728E3AEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEA0DD43-D206-4C1C-8B17-DA47F96B3BAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "1983172D-4F52-479F-BF14-A84B92D36864",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "4122D982-A57A-4249-A8DC-CE9FC6C98803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "96464380-F665-4266-B0AD-693E078C9F82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C230B8A-570D-4F58-83E1-AFA50B813EA4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD3F39CB-C4C2-4B13-94F0-9E44322314BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "59A71873-0EB2-418F-AE33-8474A1010FA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2DF0B07-8C2A-4341-8AFF-DE7E5E5B3A43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E6BD0EE-649E-4ED6-A09C-8364335DEF52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AE11554-FE3C-4C8B-8986-5D88E4967342",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1C11983-22A8-4859-A240-571A7815FF54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "24CD0B0A-2B91-45DD-9522-8D1D3850CC9B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7026F0E-72A7-4CDF-BADC-E34FE6FADC51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "63B85369-FBAE-456C-BC99-5418B043688A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "86434346-D5F0-49BA-803E-244C3266E361",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2FA7B3C-002D-4755-B323-CA24B770A5B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1CB7EBC-F3D5-4855-A8D8-BA5AB21FD719",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2A5530C-DF29-421B-9712-3454C1769446",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "41170977-FEEA-4B51-BF98-8493096CD691",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "B05791F9-0B31-4C4C-A9BA-9268CAA45FB2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D975CBA-7F01-4A4C-991B-9571410C4F07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6D7AF29-4E08-4BFD-AFE0-994309E66F08",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2EFA476-5021-4A00-859E-1643009D6156",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6E3A5DC-A237-46E4-A4E5-F135482F984A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "B166867E-E51B-46E3-A6E2-B10E67364058",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "1CE51492-8C9B-459E-9F80-64F426009905",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCD69468-8067-4A5D-B2B0-EC510D889AA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "20AE4051-FA3B-4F0B-BD3D-083A14269FF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "46A42D07-FF3E-41B4-BA39-3A5BDA4E0E61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3985EA37-2B77-45F2-ABA5-5CCC7B35CA2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "67FB5ABE-3C40-4C58-B91F-0621C2180FAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "53909FD6-EC74-4D2F-99DA-26E70400B53F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "55FE024D-0D43-40AD-9645-8C54ECF17824",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC411A8D-CD39-46F5-B8FC-6753E618FAEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "D46E2E00-BA86-4002-B67B-2C1A6C1AAAE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "91AD8BA2-EB8D-4D8B-B707-AF5C2A831998",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FA95508-0A28-4D4A-81A7-5CDD1F5DA46C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "85F22403-B4EE-4303-9C94-915D3E0AC944",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "828E3DE1-B62E-4FEC-AAD3-EB0E452C9CBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "596EC5DD-D7F4-44C8-B4B5-E2DC142FC486",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C356E0E6-5B87-40CF-996E-6FFEDFD82A31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBCA75A6-0A3E-4393-8884-9F3CE190641E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F3C12D3-7662-46C5-9E88-D1BE6CF605E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "046B53A0-6BC1-461A-9C28-C534CE12C4BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA889E1-4E8F-4ECE-88AC-7A240D5CBF0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D1C767F-3E06-43B7-A0CC-D51D97A053EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "43A950B0-A7CA-4CE7-A393-A18C8C41B08E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7E221CB-BD0F-4AEE-8646-998B75647714",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "225382DE-2919-48F4-9CC0-DE685EAAFDF4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBA2DFE7-F478-46EC-9832-4B2C738FC879",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "39FE5927-2421-4CBE-97EA-6AED892DA1C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8BF2227-3C50-4FD1-98DB-21196E75D1DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5460064F-FF50-4F54-A8DF-180C76AF9B8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D619BF54-1BA9-45D0-A876-92D7010088A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "469EA365-DED5-4436-AAC2-5553529DE700",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D94F400-5A35-41F5-B37F-E9DA6F87ED8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5364CB94-BEA3-4E9A-A2F9-EE96A2D7F8AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FD5D12-CF1A-4990-99B3-1840EFBA5611",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCD2D11D-FF08-44E4-BF67-D8DD1E701FCD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F788D156-1F1F-4A08-848B-257BC4CCE000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "795ED164-7800-4D50-8E37-665BE30190D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B0664B8-1670-4F47-A01E-089D05A9618A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6826018-5620-4924-BE92-6A245378F610",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A49A07CF-12BA-481C-B5FF-754520080A8A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "F203C7D1-AA92-4367-B7A5-EBAE6B76EE6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0064C97F-1140-43AC-8229-C8CCC367DC4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9296D33-D59A-463D-9722-9D4C3F720E7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9F66CCA-0982-4107-BC5B-79D727479343",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "77B80698-1E76-4B13-AB83-A03FF8C785FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "7106C567-726C-4399-ABE0-4A26B9572D40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D5EEF62-DFD3-4E08-8959-2BCD4B1308CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBC0C3DC-4761-488A-90A9-6EA45EE61526",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "62EE065B-F8B6-4125-8486-B2EE0566B27A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5245DEF8-64BE-47C9-AA3C-DF3F7F92A89F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5A52991-802D-46FB-A508-5616BA1CEB78",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the SSL VPN feature for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition.\r\n\r This vulnerability is due to a logic error in memory management when the device is handling SSL VPN connections. An attacker could exploit this vulnerability by sending crafted SSL/TLS packets to the SSL VPN server of the affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la funci\u00f3n SSL VPN del software Cisco Adaptive Security Appliance (ASA) y del software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir que un atacante remoto no autenticado haga que un dispositivo afectado se recargue inesperadamente, lo que da como resultado una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Esta vulnerabilidad se debe a un error l\u00f3gico en la administraci\u00f3n de la memoria cuando el dispositivo est\u00e1 manejando conexiones SSL VPN. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando paquetes SSL/TLS manipulados al servidor SSL VPN del dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante haga que el dispositivo se recargue, lo que da como resultado una condici\u00f3n de denegaci\u00f3n de servicio."
    }
  ],
  "id": "CVE-2024-20402",
  "lastModified": "2025-07-15T17:45:34.247",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-10-23T18:15:07.930",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-webvpn-dos-hOnB9pH4"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-788"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2021-01-13 22:15

Modified

2024-11-26 16:09

Severity ?

5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Summary

Multiple Cisco products are affected by a vulnerability in the Snort application detection engine that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. The vulnerability is due to a flaw in the detection algorithm. An attacker could exploit this vulnerability by sending crafted packets that would flow through an affected system. A successful exploit could allow the attacker to bypass the configured policies and deliver a malicious payload to the protected network.

References

URL	Tags
psirt@cisco.com	https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html
psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-app-bypass-cSBYCATq	Vendor Advisory
psirt@cisco.com	https://www.debian.org/security/2023/dsa-5354
af854a3a-2127-422b-91ae-364da2661108	https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html
af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-app-bypass-cSBYCATq	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.debian.org/security/2023/dsa-5354

Impacted products

Vendor	Product	Version
cisco	ios_xe	*
cisco	1100-4p_integrated_services_router	-
cisco	1100-8p_integrated_services_router	-
cisco	1101-4p_integrated_services_router	-
cisco	1109-2p_integrated_services_router	-
cisco	1109-4p_integrated_services_router	-
cisco	1111x-8p_integrated_services_router	-
cisco	4221_integrated_services_router	-
cisco	4321_integrated_services_router	-
cisco	4331_integrated_services_router	-
cisco	4351_integrated_services_router	-
cisco	4431_integrated_services_router	-
cisco	4451-x_integrated_services_router	-
cisco	4461_integrated_services_router	-
cisco	csr_1000v	-
cisco	isa_3000	-
cisco	firepower_threat_defense	*
cisco	secure_firewall_management_center	2.9.14.0
cisco	secure_firewall_management_center	2.9.14.14
cisco	secure_firewall_management_center	2.9.15
cisco	secure_firewall_management_center	2.9.16
cisco	secure_firewall_management_center	2.9.17
snort	snort	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "72B91784-38A9-4A2A-AA92-8AB558924BBD",
              "versionEndExcluding": "17.4.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:1100-4p_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2D2305B-B69E-4F74-A44E-07B3205CE9F7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1100-8p_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "26DD41B3-1D1D-44D3-BA8E-5A66AFEE77E6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1101-4p_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AAD4397-6DCF-493A-BD61-3A890F6F3AB2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1109-2p_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F2F0A8E-97F6-41AC-BE67-4B2D60F9D36B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1109-4p_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB9229F3-7BCE-46C4-9879-D57B5BAAE44E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1111x-8p_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5A606FE-E6F1-43F9-B1CD-D9DF35FC3573",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4221_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C8AED7C-DDA3-4C29-BB95-6518C02C551A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4321_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9421DBEF-AE42-4234-B49F-FCC34B804D7F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4331_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5419CB9F-241F-4431-914F-2659BE27BEA5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4351_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DE02DBE-EAD5-4F37-8AB7-DF46A605A0E2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4431_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5720462A-BE6B-4E84-A1A1-01E80BBA86AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4451-x_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "818CEFA6-208C-43C3-8E43-474A93ADCF21",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4461_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8B60888-6E2B-494E-AC65-83337661EE7D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:csr_1000v:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF8B0B49-2C99-410B-B011-5B821C5992FB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:isa_3000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9510E97A-FD78-43C6-85BC-223001ACA264",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4AFD5C16-FA94-4FDA-9378-F93661419098",
              "versionEndExcluding": "6.5.0.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:2.9.14.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2986D5BD-1936-41BD-A992-7672C019F27E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:2.9.14.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D320926-6890-4A7F-85E2-7F46C2791499",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:2.9.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "42493B4F-0CF2-45F0-B72D-36F0597CC274",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:2.9.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "06F2E7D8-BB95-480D-AE3E-F9B97C3A5379",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:2.9.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F41C382-C849-465C-AF77-0A787CA03BA7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:snort:snort:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0ADB3B5E-B17C-4D12-9ABE-1817CED279B2",
              "versionEndExcluding": "2.9.14",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple Cisco products are affected by a vulnerability in the Snort application detection engine that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. The vulnerability is due to a flaw in the detection algorithm. An attacker could exploit this vulnerability by sending crafted packets that would flow through an affected system. A successful exploit could allow the attacker to bypass the configured policies and deliver a malicious payload to the protected network."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples productos de Cisco est\u00e1n afectados por una vulnerabilidad en el motor de detecci\u00f3n de aplicaciones de Snort que podr\u00eda permitir a un atacante remoto no autenticado omitir las pol\u00edticas configuradas en un sistema afectado.\u0026#xa0;La vulnerabilidad es debido a un fallo en el algoritmo de detecci\u00f3n.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de paquetes dise\u00f1ados que fluir\u00edan a trav\u00e9s de un sistema afectado.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante omitir las pol\u00edticas configuradas y entregar una carga \u00fatil maliciosa a la red protegida."
    }
  ],
  "id": "CVE-2021-1236",
  "lastModified": "2024-11-26T16:09:02.407",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.0,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 1.4,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-01-13T22:15:20.583",
  "references": [
    {
      "source": "psirt@cisco.com",
      "url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-app-bypass-cSBYCATq"
    },
    {
      "source": "psirt@cisco.com",
      "url": "https://www.debian.org/security/2023/dsa-5354"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-app-bypass-cSBYCATq"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.debian.org/security/2023/dsa-5354"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-670"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-670"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-10-21 19:15

Modified

2024-11-21 05:31

Severity ?

6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Summary

Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the web services interface of an affected device. The vulnerabilities are due to insufficient validation of user-supplied input by the web services interface of an affected device. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive, browser-based information. Note: These vulnerabilities affect only specific AnyConnect and WebVPN configurations. For more information, see the Vulnerable Products section.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-xss-multiple-FCB3vPZe	Patch, Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-xss-multiple-FCB3vPZe	Patch, Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9F6C9AD-0838-4CE7-BF34-3BDAA4909704",
              "versionEndExcluding": "6.3.0.6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "739E387B-4E43-4BD7-8799-F62791963508",
              "versionEndExcluding": "6.4.0.10",
              "versionStartIncluding": "6.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "38DCBF6C-AA34-4A5B-B2B1-57684DD5BB42",
              "versionEndExcluding": "6.5.0.5",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F0C6D76-9652-4EE6-9CA2-96BFBB469539",
              "versionEndExcluding": "6.6.1",
              "versionStartIncluding": "6.6.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA51698F-B010-448A-BB95-A5077B1869E8",
              "versionEndExcluding": "9.8.4.26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "86B181C5-34C2-4BD5-B012-841B978A26C4",
              "versionEndExcluding": "9.9.2.80",
              "versionStartIncluding": "9.9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0854546-E8AC-41FC-9419-E3E31534D4FE",
              "versionEndExcluding": "9.10.1.44",
              "versionStartIncluding": "9.10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9B6C101-3EEF-430F-9191-7DDB3DDF40E8",
              "versionEndExcluding": "9.12.4.4",
              "versionStartIncluding": "9.12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F21E8FD7-6BBB-4D7B-B21A-D5D57630800A",
              "versionEndExcluding": "9.13.1.13",
              "versionStartIncluding": "9.13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5E49F5A-F8E9-4D0D-A58F-9F5BB5F0C9EE",
              "versionEndExcluding": "9.14.1.30",
              "versionStartIncluding": "9.14",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the web services interface of an affected device. The vulnerabilities are due to insufficient validation of user-supplied input by the web services interface of an affected device. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive, browser-based information. Note: These vulnerabilities affect only specific AnyConnect and WebVPN configurations. For more information, see the Vulnerable Products section."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades en la interfaz de servicios web de Cisco Adaptive Security Appliance (ASA) Software y Cisco Firepower Threat Defense (FTD) Software, podr\u00edan permitir a un atacante remoto no autenticado conducir ataques de tipo cross-site scripting (XSS) contra un usuario de la interfaz de servicios web de un dispositivo afectado.\u0026#xa0;Las vulnerabilidades son debido a una comprobaci\u00f3n insuficiente de la entrada suministrada por el usuario mediante la interfaz de servicios web de un dispositivo afectado.\u0026#xa0;Un atacante podr\u00eda explotar estas vulnerabilidades al persuadir a un usuario de la interfaz para que haga clic en un enlace dise\u00f1ado.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir a un atacante ejecutar un c\u00f3digo script arbitrario en el contexto de la interfaz o permitir a un atacante acceder a informaci\u00f3n confidencial basada en el navegador.\u0026#xa0;Nota: Estas vulnerabilidades afectan solo a configuraciones espec\u00edficas de AnyConnect y WebVPN.\u0026#xa0;Para m\u00e1s informaci\u00f3n, consulte la secci\u00f3n Vulnerable Products"
    }
  ],
  "id": "CVE-2020-3582",
  "lastModified": "2024-11-21T05:31:21.367",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 2.6,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 4.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.1,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 2.7,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.1,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 2.7,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-10-21T19:15:18.793",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-xss-multiple-FCB3vPZe"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-xss-multiple-FCB3vPZe"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2022-11-15 21:15

Modified

2024-11-21 06:43

Severity ?

5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

Summary

Multiple vulnerabilities in the Server Message Block Version 2 (SMB2) processor of the Snort detection engine on multiple Cisco products could allow an unauthenticated, remote attacker to bypass the configured policies or cause a denial of service (DoS) condition on an affected device. These vulnerabilities are due to improper management of system resources when the Snort detection engine is processing SMB2 traffic. An attacker could exploit these vulnerabilities by sending a high rate of certain types of SMB2 packets through an affected device. A successful exploit could allow the attacker to trigger a reload of the Snort process, resulting in a DoS condition. Note: When the snort preserve-connection option is enabled for the Snort detection engine, a successful exploit could also allow the attacker to bypass the configured policies and deliver a malicious payload to the protected network. The snort preserve-connection setting is enabled by default. See the Details ["#details"] section of this advisory for more information. Note: Only products that have Snort 3 configured are affected. Products that are configured with Snort 2 are not affected.

References

▼	URL	Tags
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-smb-3nfhJtr
	af854a3a-2127-422b-91ae-364da2661108	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-smb-3nfhJtr

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	7.1.0
cisco	firepower_threat_defense	7.1.0.1
cisco	firepower_threat_defense	7.1.0.2
cisco	firepower_threat_defense	7.2.0
cisco	firepower_threat_defense	7.2.0.1
cisco	umbrella_insights_virtual_appliance	1.5.4
cisco	umbrella_insights_virtual_appliance	1.5.5
cisco	umbrella_insights_virtual_appliance	1.5.6
cisco	umbrella_insights_virtual_appliance	2.0.0
cisco	umbrella_insights_virtual_appliance	2.0.2
cisco	umbrella_insights_virtual_appliance	2.0.3
cisco	umbrella_insights_virtual_appliance	2.1.0
cisco	umbrella_insights_virtual_appliance	2.1.2
cisco	umbrella_insights_virtual_appliance	2.1.4
cisco	umbrella_insights_virtual_appliance	2.1.5
cisco	umbrella_insights_virtual_appliance	2.2
cisco	umbrella_insights_virtual_appliance	2.2.1
cisco	umbrella_insights_virtual_appliance	2.3
cisco	umbrella_insights_virtual_appliance	2.3.1
cisco	umbrella_insights_virtual_appliance	2.4
cisco	umbrella_insights_virtual_appliance	2.4.4
cisco	umbrella_insights_virtual_appliance	2.4.6
cisco	umbrella_insights_virtual_appliance	2.4.12
cisco	umbrella_insights_virtual_appliance	2.5
cisco	umbrella_insights_virtual_appliance	2.5.4
cisco	umbrella_insights_virtual_appliance	2.5.5
cisco	umbrella_insights_virtual_appliance	2.5.6
cisco	umbrella_insights_virtual_appliance	2.5.7
cisco	umbrella_insights_virtual_appliance	2.6.0
cisco	umbrella_insights_virtual_appliance	2.6.1
cisco	umbrella_insights_virtual_appliance	2.6.2
cisco	umbrella_insights_virtual_appliance	2.7
cisco	umbrella_insights_virtual_appliance	2.8
cisco	umbrella_insights_virtual_appliance	2.8.9
cisco	umbrella_insights_virtual_appliance	3.0
cisco	umbrella_insights_virtual_appliance	3.1
cisco	umbrella_insights_virtual_appliance	3.2
cisco	cyber_vision	3.0.0
cisco	cyber_vision	3.0.1
cisco	cyber_vision	3.0.2
cisco	cyber_vision	3.0.3
cisco	cyber_vision	3.0.5
cisco	cyber_vision	3.0.6
cisco	cyber_vision	3.1.0
cisco	cyber_vision	3.1.1
cisco	cyber_vision	3.1.2
cisco	cyber_vision	3.2.0
cisco	cyber_vision	3.2.1
cisco	cyber_vision	3.2.2
cisco	cyber_vision	3.2.3
cisco	cyber_vision	3.2.4
cisco	cyber_vision	4.0.0
cisco	cyber_vision	4.0.1
cisco	cyber_vision	4.0.2
cisco	cyber_vision	4.0.3
cisco	cyber_vision	4.1.0
cisco	cyber_vision	4.1.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D619BF54-1BA9-45D0-A876-92D7010088A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "469EA365-DED5-4436-AAC2-5553529DE700",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D94F400-5A35-41F5-B37F-E9DA6F87ED8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FD5D12-CF1A-4990-99B3-1840EFBA5611",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCD2D11D-FF08-44E4-BF67-D8DD1E701FCD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:umbrella_insights_virtual_appliance:1.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3BF90DB2-1A85-476B-81C5-A9D7133ACE2A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:umbrella_insights_virtual_appliance:1.5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7CE4D1A-F06D-4AA3-9F5D-CA11DCE112DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:umbrella_insights_virtual_appliance:1.5.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "04745969-29B7-43CC-B799-79847F8028AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:umbrella_insights_virtual_appliance:2.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "32270CEC-2E57-4C8D-8739-0BF677C47436",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:umbrella_insights_virtual_appliance:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E575114C-7982-4BEA-8B6E-61E4679A8455",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:umbrella_insights_virtual_appliance:2.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F49D05BF-F7FA-42CD-BE51-4B6A99668668",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:umbrella_insights_virtual_appliance:2.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFDE324B-BD3E-41FF-A759-E7ED9B332642",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:umbrella_insights_virtual_appliance:2.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A292AECE-11DF-42E6-AB55-EDBFD286A319",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:umbrella_insights_virtual_appliance:2.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9F25D8B-0C7D-443C-9AE4-5649DCB3BEC8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:umbrella_insights_virtual_appliance:2.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF21C65F-DDDD-4A8B-96C9-301FEC23EB55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:umbrella_insights_virtual_appliance:2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0C6E574-D361-49D6-8074-9502435E47DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:umbrella_insights_virtual_appliance:2.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4C6BE33-428F-4EBB-99F9-15A49558E736",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:umbrella_insights_virtual_appliance:2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "105C6FEC-D61D-468C-BDAE-0D35032A26D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:umbrella_insights_virtual_appliance:2.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B3EDB7D-CC89-4E33-B4E1-8F9BDB9F4EC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:umbrella_insights_virtual_appliance:2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "10A433EB-DDE6-4571-8088-77C45935FA00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:umbrella_insights_virtual_appliance:2.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C45B094-16C3-4B25-BC08-678B898F4A73",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:umbrella_insights_virtual_appliance:2.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "98550B63-A827-4F56-8E4B-992AFAFAB2EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:umbrella_insights_virtual_appliance:2.4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B14762C-9C78-416B-9880-914470AED73B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:umbrella_insights_virtual_appliance:2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6CC2B4A5-E58F-4B3C-9934-7965947457E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:umbrella_insights_virtual_appliance:2.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FD96956-B567-4888-BEBF-1EA95DE0D772",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:umbrella_insights_virtual_appliance:2.5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "A58E552D-604D-491B-8E05-BB1C821AC92C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:umbrella_insights_virtual_appliance:2.5.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE7BEE50-883A-46AE-B499-A54FCF7FD6AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:umbrella_insights_virtual_appliance:2.5.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "A11A9E0C-4DB2-46F3-B017-F286A3B50405",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:umbrella_insights_virtual_appliance:2.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8EBD6F19-BAC0-4732-8060-8C1C22F44049",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:umbrella_insights_virtual_appliance:2.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CA423FC-E0DD-4B64-9E74-3F13D138F204",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:umbrella_insights_virtual_appliance:2.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CAEC84A-BF83-46C8-A3D1-012CDABFCC1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:umbrella_insights_virtual_appliance:2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "41776998-EC81-46F0-B8E4-6D7BCA679656",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:umbrella_insights_virtual_appliance:2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "1499524B-2443-4B8D-BC14-02437F2E0817",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:umbrella_insights_virtual_appliance:2.8.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD5CDF83-C733-418C-86CA-C40EEC02DE24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:umbrella_insights_virtual_appliance:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "27FC94A5-4867-4957-A336-5163419A1085",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:umbrella_insights_virtual_appliance:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "220C6C11-39BD-4301-B519-1E4C1CAF78B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:umbrella_insights_virtual_appliance:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7BBCF72-1B3A-485A-8B95-8469AAF85B7E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3297323C-B263-45EA-90CE-2B8415C9E498",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "797AD8A4-083B-4A9E-A49D-65EE828E1637",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EB16212-A9DC-4C8C-B220-9619C65436EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C64043F-1F0D-47F7-AEEE-309B239891DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1F7F871-C211-4DC6-8020-1075405BAE17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "30E42800-B7C9-4006-8B7A-5A9A5F5EB234",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE33F541-232E-4432-AB41-EC0500A85E6D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D5B5FDC-79B2-447E-816F-1F630508A889",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B806EAC6-E1B2-40FB-9B2F-6AFB4A16AF89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7BAC55C-C114-4E64-BC9E-9000B8C016CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "925E6B9B-F7F1-4ED8-8431-282A1061B527",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A10EDC3E-0EF6-47DD-834D-51C5BBCC13EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB5F799E-6696-4391-9B58-06715FA4086A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE31D26B-CD47-4853-B1C3-2E50B0882AFF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:4.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2758714C-4E9A-4442-9AD1-82D8E43995C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:4.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F63C0E4-99A9-4D4F-BCF9-EF5F5455C04C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:4.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "13EA024C-97A4-4D33-BC3E-51DB77C51E76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:4.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A2224A9-96D6-4621-B3AD-D5E1C6884937",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:4.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2B27A1F-E66D-4ADE-83B2-6D2457F49CC4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:4.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "50511288-D7A4-4EAE-8238-1E899EF16A9B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple vulnerabilities in the Server Message Block Version 2 (SMB2) processor of the Snort detection engine on multiple Cisco products could allow an unauthenticated, remote attacker to bypass the configured policies or cause a denial of service (DoS) condition on an affected device.\r\n\r These vulnerabilities are due to improper management of system resources when the Snort detection engine is processing SMB2 traffic. An attacker could exploit these vulnerabilities by sending a high rate of certain types of SMB2 packets through an affected device. A successful exploit could allow the attacker to trigger a reload of the Snort process, resulting in a DoS condition.\r\n\r Note: When the snort preserve-connection option is enabled for the Snort detection engine, a successful exploit could also allow the attacker to bypass the configured policies and deliver a malicious payload to the protected network. The snort preserve-connection setting is enabled by default. See the Details [\"#details\"] section of this advisory for more information.\r\n\r Note: Only products that have Snort 3 configured are affected. Products that are configured with Snort 2 are not affected."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades en el procesador Server Message Block Versi\u00f3n 2 (SMB2) del motor de detecci\u00f3n Snort en m\u00faltiples productos Cisco podr\u00edan permitir que un atacante remoto no autenticado omita las pol\u00edticas configuradas o cause una condici\u00f3n de Denegaci\u00f3n de Servicio (DoS) en un dispositivo afectado. Estas vulnerabilidades se deben a una gesti\u00f3n inadecuada de los recursos del sistema cuando el motor de detecci\u00f3n de Snort procesa el tr\u00e1fico SMB2. Un atacante podr\u00eda aprovechar estas vulnerabilidades enviando unalto n\u00famero de ciertos tipos de paquetes SMB2 a trav\u00e9s de un dispositivo afectado. Un exploit exitoso podr\u00eda permitir al atacante activar una recarga del proceso Snort, lo que resultar\u00eda en una condici\u00f3n DoS. Nota: Cuando la opci\u00f3n Snort preserve-connection est\u00e1 habilitada para el motor de detecci\u00f3n de Snort, un exploit exitoso tambi\u00e9n podr\u00eda permitir al atacante omitir las pol\u00edticas configuradas y entregar un payload malicioso a la red protegida. La configuraci\u00f3n de preservaci\u00f3n de conexi\u00f3n de Snort est\u00e1 habilitada de forma predeterminada. Consulte la secci\u00f3n Detalles [\"#details\"] de este aviso para obtener m\u00e1s informaci\u00f3n. Nota: S\u00f3lo se ven afectados los productos que tienen Snort 3 configurado. Los productos configurados con Snort 2 no se ven afectados."
    }
  ],
  "id": "CVE-2022-20922",
  "lastModified": "2024-11-21T06:43:49.797",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 5.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 2.5,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-11-15T21:15:30.743",
  "references": [
    {
      "source": "psirt@cisco.com",
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-smb-3nfhJtr"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-smb-3nfhJtr"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-244"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2024-10-23 18:15

Modified

2024-11-05 14:47

Severity ?

5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

Summary

A vulnerability in the geolocation access control feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass an access control policy. This vulnerability is due to improper assignment of geolocation data. An attacker could exploit this vulnerability by sending traffic through an affected device. A successful exploit could allow the attacker to bypass a geolocation-based access control policy and successfully send traffic to a protected device.

References

▼	URL	Tags
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-geoip-bypass-MB4zRDu	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	7.0.0
cisco	firepower_threat_defense	7.0.0.1
cisco	firepower_threat_defense	7.0.1
cisco	firepower_threat_defense	7.0.1.1
cisco	firepower_threat_defense	7.0.2
cisco	firepower_threat_defense	7.0.2.1
cisco	firepower_threat_defense	7.0.3
cisco	firepower_threat_defense	7.0.4
cisco	firepower_threat_defense	7.0.5
cisco	firepower_threat_defense	7.0.6
cisco	firepower_threat_defense	7.0.6.1
cisco	firepower_threat_defense	7.1.0
cisco	firepower_threat_defense	7.1.0.1
cisco	firepower_threat_defense	7.1.0.2
cisco	firepower_threat_defense	7.1.0.3
cisco	firepower_threat_defense	7.2.0
cisco	firepower_threat_defense	7.2.0.1
cisco	firepower_threat_defense	7.2.1
cisco	firepower_threat_defense	7.2.2
cisco	firepower_threat_defense	7.2.3
cisco	firepower_threat_defense	7.2.4
cisco	firepower_threat_defense	7.2.4.1
cisco	firepower_threat_defense	7.2.5
cisco	firepower_threat_defense	7.2.5.1
cisco	firepower_threat_defense	7.2.5.2
cisco	firepower_threat_defense	7.3.0
cisco	firepower_threat_defense	7.3.1
cisco	firepower_threat_defense	7.3.1.1
cisco	firepower_threat_defense	7.3.1.2
cisco	firepower_threat_defense	7.4.0
cisco	firepower_threat_defense	7.4.1
cisco	firepower_threat_defense	7.4.1.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBCA75A6-0A3E-4393-8884-9F3CE190641E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F3C12D3-7662-46C5-9E88-D1BE6CF605E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "046B53A0-6BC1-461A-9C28-C534CE12C4BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA889E1-4E8F-4ECE-88AC-7A240D5CBF0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D1C767F-3E06-43B7-A0CC-D51D97A053EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "43A950B0-A7CA-4CE7-A393-A18C8C41B08E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7E221CB-BD0F-4AEE-8646-998B75647714",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "225382DE-2919-48F4-9CC0-DE685EAAFDF4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBA2DFE7-F478-46EC-9832-4B2C738FC879",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "39FE5927-2421-4CBE-97EA-6AED892DA1C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8BF2227-3C50-4FD1-98DB-21196E75D1DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D619BF54-1BA9-45D0-A876-92D7010088A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "469EA365-DED5-4436-AAC2-5553529DE700",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D94F400-5A35-41F5-B37F-E9DA6F87ED8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5364CB94-BEA3-4E9A-A2F9-EE96A2D7F8AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FD5D12-CF1A-4990-99B3-1840EFBA5611",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCD2D11D-FF08-44E4-BF67-D8DD1E701FCD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F788D156-1F1F-4A08-848B-257BC4CCE000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "795ED164-7800-4D50-8E37-665BE30190D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B0664B8-1670-4F47-A01E-089D05A9618A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6826018-5620-4924-BE92-6A245378F610",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A49A07CF-12BA-481C-B5FF-754520080A8A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "F203C7D1-AA92-4367-B7A5-EBAE6B76EE6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0064C97F-1140-43AC-8229-C8CCC367DC4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9296D33-D59A-463D-9722-9D4C3F720E7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBC0C3DC-4761-488A-90A9-6EA45EE61526",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "62EE065B-F8B6-4125-8486-B2EE0566B27A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5245DEF8-64BE-47C9-AA3C-DF3F7F92A89F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5A52991-802D-46FB-A508-5616BA1CEB78",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3E08AAC-9C5E-4D18-817C-C466D1D6C4DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "724A3B6F-DDAB-4A2F-8430-9E1F352D755F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.4.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDBF14DD-0654-47F3-A698-020397A1EAA3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the geolocation access control feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass an access control policy.\r\n\r This vulnerability is due to improper assignment of geolocation data. An attacker could exploit this vulnerability by sending traffic through an affected device. A successful exploit could allow the attacker to bypass a geolocation-based access control policy and successfully send traffic to a protected device."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la funci\u00f3n de control de acceso por geolocalizaci\u00f3n del software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir que un atacante remoto no autenticado eluda una pol\u00edtica de control de acceso. Esta vulnerabilidad se debe a una asignaci\u00f3n incorrecta de datos de geolocalizaci\u00f3n. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando tr\u00e1fico a trav\u00e9s de un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante eludir una pol\u00edtica de control de acceso basada en geolocalizaci\u00f3n y enviar tr\u00e1fico con \u00e9xito a un dispositivo protegido."
    }
  ],
  "id": "CVE-2024-20431",
  "lastModified": "2024-11-05T14:47:55.070",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-10-23T18:15:10.440",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-geoip-bypass-MB4zRDu"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-229"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2023-11-01 18:15

Modified

2024-11-26 16:09

Severity ?

8.2 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
8.2 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Summary

A vulnerability in the inter-device communication mechanisms between devices that are running Cisco Firepower Threat Defense (FTD) Software and devices that are running Cisco Firepower Management (FMC) Software could allow an authenticated, local attacker to execute arbitrary commands with root permissions on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by accessing the expert mode of an affected device and submitting specific commands to a connected system. A successful exploit could allow the attacker to execute arbitrary code in the context of an FMC device if the attacker has administrative privileges on an associated FTD device. Alternatively, a successful exploit could allow the attacker to execute arbitrary code in the context of an FTD device if the attacker has administrative privileges on an associated FMC device.

References

▼	URL	Tags
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-fmc-code-inj-wSHrgz8L	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-fmc-code-inj-wSHrgz8L	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	secure_firewall_management_center	*
cisco	secure_firewall_management_center	*
cisco	secure_firewall_management_center	*
cisco	secure_firewall_management_center	*
cisco	secure_firewall_management_center	*
cisco	secure_firewall_management_center	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D58D7217-F6F5-4B58-B59C-E5C8781C87A9",
              "versionEndIncluding": "6.2.3.18",
              "versionStartIncluding": "6.2.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5156C270-7E41-4D2E-B051-F35563EA4402",
              "versionEndIncluding": "6.4.0.17",
              "versionStartIncluding": "6.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCDEBE63-3174-4BBC-82DE-E8E25C818E30",
              "versionEndIncluding": "6.6.7.1",
              "versionStartIncluding": "6.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1110632C-526F-4025-A7BE-0CF9F37E5F9E",
              "versionEndIncluding": "6.7.0.3",
              "versionStartIncluding": "6.7.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F51D1A7-A702-4071-85D8-7C77CEB23955",
              "versionEndIncluding": "7.0.5",
              "versionStartIncluding": "7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5F30710-F91A-4A7B-AB06-EE49525E6F04",
              "versionEndIncluding": "7.1.0.3",
              "versionStartIncluding": "7.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "90854884-399A-465B-ACB7-E493B8D39041",
              "versionEndIncluding": "7.2.3",
              "versionStartIncluding": "7.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B2802CF-8A7F-4FC6-A406-F1F26C932F3C",
              "versionEndIncluding": "6.2.3.18",
              "versionStartIncluding": "6.2.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6A2C229-3396-4411-9D39-49F53F6532CF",
              "versionEndIncluding": "6.4.0.16",
              "versionStartIncluding": "6.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4500BF5-6E53-474F-A266-DFEA18880600",
              "versionEndIncluding": "6.6.7.1",
              "versionStartIncluding": "6.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1D1E01B-8280-4011-8264-9D002C524CA1",
              "versionEndIncluding": "7.0.5",
              "versionStartIncluding": "7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "75555C00-0F74-4A39-9F26-D38824D2323D",
              "versionEndIncluding": "7.1.0.3",
              "versionStartIncluding": "7.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFDB4F91-CD9E-409C-816E-B634C058FA7E",
              "versionEndIncluding": "7.3.1.1",
              "versionStartIncluding": "7.3.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the inter-device communication mechanisms between devices that are running Cisco Firepower Threat Defense (FTD) Software and devices that are running Cisco Firepower Management (FMC) Software could allow an authenticated, local attacker to execute arbitrary commands with root permissions on the underlying operating system of an affected device.\r\n\r\nThis vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by accessing the expert mode of an affected device and submitting specific commands to a connected system. A successful exploit could allow the attacker to execute arbitrary code in the context of an FMC device if the attacker has administrative privileges on an associated FTD device. Alternatively, a successful exploit could allow the attacker to execute arbitrary code in the context of an FTD device if the attacker has administrative privileges on an associated FMC device."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en los mecanismos de comunicaci\u00f3n entre dispositivos entre los dispositivos que ejecutan el software Cisco Firepower Threat Defense (FTD) y los dispositivos que ejecutan el software Cisco Firepower Management (FMC) podr\u00eda permitir que un atacante local autenticado ejecute comandos arbitrarios con permisos de root en el sistema operativo subyacente de un dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n insuficiente de la entrada proporcionada por el usuario. Un atacante podr\u00eda aprovechar esta vulnerabilidad accediendo al modo experto de un dispositivo afectado y enviando comandos espec\u00edficos a un sistema conectado. Un exploit exitoso podr\u00eda permitir al atacante ejecutar c\u00f3digo arbitrario en el contexto de un dispositivo FMC si el atacante tiene privilegios administrativos en un dispositivo FTD asociado. Alternativamente, un exploit exitoso podr\u00eda permitir al atacante ejecutar c\u00f3digo arbitrario en el contexto de un dispositivo FTD si el atacante tiene privilegios administrativos en un dispositivo FMC asociado."
    }
  ],
  "id": "CVE-2023-20063",
  "lastModified": "2024-11-26T16:09:02.407",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 8.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.5,
        "impactScore": 6.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 8.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.5,
        "impactScore": 6.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-11-01T18:15:08.967",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-fmc-code-inj-wSHrgz8L"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-fmc-code-inj-wSHrgz8L"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-94"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2022-11-15 21:15

Modified

2024-11-21 06:43

Severity ?

5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

Summary

Multiple vulnerabilities in the Server Message Block Version 2 (SMB2) processor of the Snort detection engine on multiple Cisco products could allow an unauthenticated, remote attacker to bypass the configured policies or cause a denial of service (DoS) condition on an affected device. These vulnerabilities are due to improper management of system resources when the Snort detection engine is processing SMB2 traffic. An attacker could exploit these vulnerabilities by sending a high rate of certain types of SMB2 packets through an affected device. A successful exploit could allow the attacker to trigger a reload of the Snort process, resulting in a DoS condition. Note: When the snort preserve-connection option is enabled for the Snort detection engine, a successful exploit could also allow the attacker to bypass the configured policies and deliver a malicious payload to the protected network. The snort preserve-connection setting is enabled by default. See the Details ["#details"] section of this advisory for more information. Note: Only products that have Snort 3 configured are affected. Products that are configured with Snort 2 are not affected.

References

▼	URL	Tags
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-smb-3nfhJtr
	af854a3a-2127-422b-91ae-364da2661108	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-smb-3nfhJtr

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	7.0.0
cisco	firepower_threat_defense	7.0.0.1
cisco	firepower_threat_defense	7.0.1
cisco	firepower_threat_defense	7.0.1.1
cisco	cyber_vision	3.0.0
cisco	cyber_vision	3.0.1
cisco	cyber_vision	3.0.2
cisco	cyber_vision	3.0.3
cisco	cyber_vision	3.0.5
cisco	cyber_vision	3.0.6
cisco	cyber_vision	3.1.0
cisco	cyber_vision	3.1.1
cisco	cyber_vision	3.1.2
cisco	cyber_vision	3.2.0
cisco	cyber_vision	3.2.1
cisco	cyber_vision	3.2.2
cisco	cyber_vision	3.2.3
cisco	cyber_vision	3.2.4
cisco	cyber_vision	4.0.0
cisco	cyber_vision	4.0.1
cisco	cyber_vision	4.0.2
cisco	cyber_vision	4.0.3
cisco	cyber_vision	4.1.0
cisco	cyber_vision	4.1.1
cisco	meraki_mx_security_appliance_firmware	*
cisco	meraki_mx_security_appliance_firmware	*
cisco	meraki_mx_security_appliance_firmware	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBCA75A6-0A3E-4393-8884-9F3CE190641E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F3C12D3-7662-46C5-9E88-D1BE6CF605E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "046B53A0-6BC1-461A-9C28-C534CE12C4BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA889E1-4E8F-4ECE-88AC-7A240D5CBF0A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3297323C-B263-45EA-90CE-2B8415C9E498",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "797AD8A4-083B-4A9E-A49D-65EE828E1637",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EB16212-A9DC-4C8C-B220-9619C65436EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C64043F-1F0D-47F7-AEEE-309B239891DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1F7F871-C211-4DC6-8020-1075405BAE17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "30E42800-B7C9-4006-8B7A-5A9A5F5EB234",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE33F541-232E-4432-AB41-EC0500A85E6D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D5B5FDC-79B2-447E-816F-1F630508A889",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B806EAC6-E1B2-40FB-9B2F-6AFB4A16AF89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7BAC55C-C114-4E64-BC9E-9000B8C016CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "925E6B9B-F7F1-4ED8-8431-282A1061B527",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A10EDC3E-0EF6-47DD-834D-51C5BBCC13EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB5F799E-6696-4391-9B58-06715FA4086A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE31D26B-CD47-4853-B1C3-2E50B0882AFF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:4.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2758714C-4E9A-4442-9AD1-82D8E43995C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:4.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F63C0E4-99A9-4D4F-BCF9-EF5F5455C04C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:4.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "13EA024C-97A4-4D33-BC3E-51DB77C51E76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:4.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A2224A9-96D6-4621-B3AD-D5E1C6884937",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:4.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2B27A1F-E66D-4ADE-83B2-6D2457F49CC4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:4.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "50511288-D7A4-4EAE-8238-1E899EF16A9B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx_security_appliance_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2177697-7563-44BB-BD3B-D6F622F83B0B",
              "versionEndExcluding": "16.6.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx_security_appliance_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "09700C66-036B-47E2-9E3B-85CD44DDEF4F",
              "versionEndExcluding": "17.11.1",
              "versionStartIncluding": "17.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx_security_appliance_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD09153A-3BA1-4A5C-A730-0E9754E49ECE",
              "versionEndExcluding": "18.1.3",
              "versionStartIncluding": "18.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple vulnerabilities in the Server Message Block Version 2 (SMB2) processor of the Snort detection engine on multiple Cisco products could allow an unauthenticated, remote attacker to bypass the configured policies or cause a denial of service (DoS) condition on an affected device.\r\n\r These vulnerabilities are due to improper management of system resources when the Snort detection engine is processing SMB2 traffic. An attacker could exploit these vulnerabilities by sending a high rate of certain types of SMB2 packets through an affected device. A successful exploit could allow the attacker to trigger a reload of the Snort process, resulting in a DoS condition.\r\n\r Note: When the snort preserve-connection option is enabled for the Snort detection engine, a successful exploit could also allow the attacker to bypass the configured policies and deliver a malicious payload to the protected network. The snort preserve-connection setting is enabled by default. See the Details [\"#details\"] section of this advisory for more information.\r\n\r Note: Only products that have Snort 3 configured are affected. Products that are configured with Snort 2 are not affected."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades en el procesador de Server Message Block Versi\u00f3n 2 (SMB2) del motor de detecci\u00f3n Snort en m\u00faltiples productos Cisco podr\u00edan permitir que un atacante remoto no autenticado omita las pol\u00edticas configuradas o cause una condici\u00f3n de Denegaci\u00f3n de Servicio (DoS) en un dispositivo afectado. Estas vulnerabilidades se deben a una gesti\u00f3n inadecuada de los recursos del sistema cuando el motor de detecci\u00f3n de Snort procesa el tr\u00e1fico SMB2. Un atacante podr\u00eda aprovechar estas vulnerabilidades enviando una alta tasa de ciertos tipos de paquetes SMB2 a trav\u00e9s de un dispositivo afectado. Un exploit exitoso podr\u00eda permitir al atacante activar una recarga del proceso Snort, lo que resultar\u00eda en una condici\u00f3n DoS. \nNota: Cuando la opci\u00f3n Snort preserve-connection est\u00e1 habilitada para el motor de detecci\u00f3n de Snort, un exploit exitoso tambi\u00e9n podr\u00eda permitir al atacante eludir las pol\u00edticas configuradas y entregar un payload malicioso a la red protegida. La configuraci\u00f3n de conexi\u00f3n de preservaci\u00f3n de Snort est\u00e1 habilitada de forma predeterminada. Consulte la secci\u00f3n Detalles [\"\"#details\"\"] de este aviso para obtener m\u00e1s informaci\u00f3n. \nNota: S\u00f3lo se ven afectados los productos que tienen Snort 3 configurado. Los productos configurados con Snort 2 no se ven afectados."
    }
  ],
  "id": "CVE-2022-20943",
  "lastModified": "2024-11-21T06:43:52.350",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 5.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 5.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-11-15T21:15:35.077",
  "references": [
    {
      "source": "psirt@cisco.com",
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-smb-3nfhJtr"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-smb-3nfhJtr"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-244"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2021-10-27 19:15

Modified

2024-11-21 06:23

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. This vulnerability is due to improper input validation when parsing HTTPS requests. An attacker could exploit this vulnerability by sending a malicious HTTPS request to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asafdt-webvpn-dos-KSqJAKPA	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asafdt-webvpn-dos-KSqJAKPA	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	asa_5512-x_firmware	009.012\(004.024\)
cisco	asa_5512-x_firmware	009.015\(001\)
cisco	asa_5512-x_firmware	009.015\(001.015\)
cisco	asa_5512-x_firmware	009.015\(001.016\)
cisco	asa_5512-x_firmware	009.016\(001\)
cisco	asa_5512-x	-
cisco	asa_5505_firmware	009.012\(004.024\)
cisco	asa_5505_firmware	009.015\(001\)
cisco	asa_5505_firmware	009.015\(001.015\)
cisco	asa_5505_firmware	009.015\(001.016\)
cisco	asa_5505_firmware	009.016\(001\)
cisco	asa_5505	-
cisco	asa_5515-x_firmware	009.012\(004.024\)
cisco	asa_5515-x_firmware	009.015\(001\)
cisco	asa_5515-x_firmware	009.015\(001.015\)
cisco	asa_5515-x_firmware	009.015\(001.016\)
cisco	asa_5515-x_firmware	009.016\(001\)
cisco	asa_5515-x	-
cisco	asa_5525-x_firmware	009.012\(004.024\)
cisco	asa_5525-x_firmware	009.015\(001\)
cisco	asa_5525-x_firmware	009.015\(001.015\)
cisco	asa_5525-x_firmware	009.015\(001.016\)
cisco	asa_5525-x_firmware	009.016\(001\)
cisco	asa_5525-x	-
cisco	asa_5545-x_firmware	009.012\(004.024\)
cisco	asa_5545-x_firmware	009.015\(001\)
cisco	asa_5545-x_firmware	009.015\(001.015\)
cisco	asa_5545-x_firmware	009.015\(001.016\)
cisco	asa_5545-x_firmware	009.016\(001\)
cisco	asa_5545-x	-
cisco	asa_5555-x_firmware	009.012\(004.024\)
cisco	asa_5555-x_firmware	009.015\(001\)
cisco	asa_5555-x_firmware	009.015\(001.015\)
cisco	asa_5555-x_firmware	009.015\(001.016\)
cisco	asa_5555-x_firmware	009.016\(001\)
cisco	asa_5555-x	-
cisco	asa_5580_firmware	009.012\(004.024\)
cisco	asa_5580_firmware	009.015\(001\)
cisco	asa_5580_firmware	009.015\(001.015\)
cisco	asa_5580_firmware	009.015\(001.016\)
cisco	asa_5580_firmware	009.016\(001\)
cisco	asa_5580	-
cisco	asa_5585-x_firmware	009.012\(004.024\)
cisco	asa_5585-x_firmware	009.015\(001\)
cisco	asa_5585-x_firmware	009.015\(001.015\)
cisco	asa_5585-x_firmware	009.015\(001.016\)
cisco	asa_5585-x_firmware	009.016\(001\)
cisco	asa_5585-x	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C7F329B-4EF5-411A-9AB6-02E6A4162D6D",
              "versionEndExcluding": "9.8.4.40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5429F29E-BEE8-4989-B5F3-A9BABBF64D31",
              "versionEndExcluding": "6.4.0.13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "18589C74-19D2-44F0-AF26-68910E26655D",
              "versionEndExcluding": "6.6.5",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "98DEDDAB-B8C5-4753-A208-94638E694FC1",
              "versionEndExcluding": "6.7.0.3",
              "versionStartIncluding": "6.7.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B2F537A-A488-45B6-AD4B-48B7064AE84C",
              "versionEndExcluding": "7.0.1",
              "versionStartIncluding": "7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "796D02D8-AD57-49E8-93F6-5CC0E4D2F883",
              "versionEndExcluding": "9.12.4.29",
              "versionStartIncluding": "9.9.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "333EFE8A-1514-4F7A-BBF4-876DC1B2E5A4",
              "versionEndExcluding": "9.14.3.9",
              "versionStartIncluding": "9.13.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6EC0723-CBC7-45A7-8B30-B680E8A771EF",
              "versionEndExcluding": "9.15.1.17",
              "versionStartIncluding": "9.15.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "310B86D1-730D-4D8A-AC95-31FBE4F7D1E6",
              "versionEndExcluding": "9.16.2.3",
              "versionStartIncluding": "9.16.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5512-x_firmware:009.012\\(004.024\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "FBD276B8-B4F8-47EF-80A4-96A917823A79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5512-x_firmware:009.015\\(001\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "A86C4E60-F811-4F2C-BF31-627849744776",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5512-x_firmware:009.015\\(001.015\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "C6734B62-712F-42AA-BAD4-DD7CCE84C99C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5512-x_firmware:009.015\\(001.016\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "5935F575-BAE5-452F-B603-3524988B2E83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5512-x_firmware:009.016\\(001\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "4D96435F-F035-486E-86AA-DB9A1A1878F4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08F0F160-DAD2-48D4-B7B2-4818B2526F35",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5505_firmware:009.012\\(004.024\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "5B973EE4-AD69-4FD0-B3CE-4F5460207B38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5505_firmware:009.015\\(001\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "E955DA5C-578D-4598-AE88-46177A551AB8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5505_firmware:009.015\\(001.015\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "85FB9502-1022-4F44-8502-5346FDAC91B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5505_firmware:009.015\\(001.016\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "0382346B-326E-4216-AAB0-34282B2A2B31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5505_firmware:009.016\\(001\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "B6AA6797-A9F7-4036-8241-F822B30C9DFB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E6A8BB7-2000-4CA2-9DD7-89573CE4C73A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5515-x_firmware:009.012\\(004.024\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "47B74595-6009-4770-AEB5-2BB89EACD6AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5515-x_firmware:009.015\\(001\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "DEC8ACEC-5E15-48A3-A642-CB40C49A40BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5515-x_firmware:009.015\\(001.015\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "CA4E22D3-042B-4181-BC1F-3553860CE6FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5515-x_firmware:009.015\\(001.016\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "57A88F76-F7F9-4A3E-8B2D-BABB4F1F9B5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5515-x_firmware:009.016\\(001\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "9E038B73-401A-455C-851A-116EDF48243A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "977D597B-F6DE-4438-AB02-06BE64D71EBE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5525-x_firmware:009.012\\(004.024\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "A12D2208-F952-4ECD-B80A-C0BAC57E5903",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5525-x_firmware:009.015\\(001\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "DC86BF23-AFC9-42BF-B4CA-9772840FAFED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5525-x_firmware:009.015\\(001.015\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "F83634D3-7025-4643-9987-8B72C3E03B77",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5525-x_firmware:009.015\\(001.016\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "3F527459-A585-40FB-9640-11D06E85DED3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5525-x_firmware:009.016\\(001\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "29B863B0-C802-4220-984C-3D31E3DB1867",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB71EB29-0115-4307-A9F7-262394FD9FB0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5545-x_firmware:009.012\\(004.024\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "3BA5A2D5-670D-49DD-A415-F146CECB4A5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5545-x_firmware:009.015\\(001\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "25132AA1-C4BE-4956-9608-7A018D30A1D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5545-x_firmware:009.015\\(001.015\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "4F4D5D5F-46C1-4FEC-85BF-0664C9421F06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5545-x_firmware:009.015\\(001.016\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "EDA8AAD5-85A0-414E-82B5-BEDD348AA161",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5545-x_firmware:009.016\\(001\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "5E412ECC-0C85-4F67-BF06-8DEC4D0AD9EC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5545-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57179F60-E330-4FF0-9664-B1E4637FF210",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5555-x_firmware:009.012\\(004.024\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "9C99B194-1BE7-478A-B745-2C69DDA62FBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5555-x_firmware:009.015\\(001\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "A7A82BE6-4214-4708-96D2-349C2635AC53",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5555-x_firmware:009.015\\(001.015\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "5CE35CD6-4B2A-453A-B58C-7B3BDBD2BD38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5555-x_firmware:009.015\\(001.016\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "318AFDDA-4C33-4A52-90A7-AA5F3CEFCE6D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5555-x_firmware:009.016\\(001\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "63BDBAD7-A0B1-4750-B29A-50941488858A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5535C936-391B-4619-AA03-B35265FC15D7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5580_firmware:009.012\\(004.024\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "34370479-D7E0-47FE-A6D4-05237EE7737B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5580_firmware:009.015\\(001\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "0FAC4185-41E4-45B9-8C32-A34D005BE0B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5580_firmware:009.015\\(001.015\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "D51ED6B6-C0B7-4C22-A9F2-9FD4B0880516",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5580_firmware:009.015\\(001.016\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "3922119D-6004-4ECE-B882-1411E5989203",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5580_firmware:009.016\\(001\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "966485AF-DBDC-4AB9-82BE-970BCCBA54F8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1E828B8-5ECC-4A09-B2AD-DEDC558713DE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5585-x_firmware:009.012\\(004.024\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "E82216B8-8BA5-490C-899A-5198152661C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5585-x_firmware:009.015\\(001\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "95C0E2C1-9103-4189-9E32-76A41A3B281B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5585-x_firmware:009.015\\(001.015\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "24178E23-C2ED-4410-8D72-89415ADEA3FE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5585-x_firmware:009.015\\(001.016\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "C2C976BA-40FE-449A-9EAC-8A55D54B9417",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5585-x_firmware:009.016\\(001\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "B524ED0E-13AF-4365-A509-A4D226A6A7CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16AE20C2-C77E-4E04-BF13-A48696E52426",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. This vulnerability is due to improper input validation when parsing HTTPS requests. An attacker could exploit this vulnerability by sending a malicious HTTPS request to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la interfaz de servicios web del software Cisco Adaptive Security Appliance (ASA) y el software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir a un atacante remoto no autenticado desencadenar una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Esta vulnerabilidad se debe a una validaci\u00f3n de entrada inadecuada al analizar las solicitudes HTTPS. Un atacante podr\u00eda explotar esta vulnerabilidad enviando una solicitud HTTPS maliciosa a un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante hacer que el dispositivo se recargue, resultando en una condici\u00f3n de DoS"
    }
  ],
  "id": "CVE-2021-40118",
  "lastModified": "2024-11-21T06:23:36.533",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-10-27T19:15:08.823",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asafdt-webvpn-dos-KSqJAKPA"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asafdt-webvpn-dos-KSqJAKPA"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-121"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2025-09-25 16:15

Modified

2025-09-29 14:00

Severity ?

9.0 (Critical) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

Summary

A vulnerability in the web services of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software, Cisco Secure Firewall Threat Defense (FTD) Software, Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, remote attacker (Cisco ASA and FTD Software) or authenticated, remote attacker (Cisco IOS, IOS XE, and IOS XR Software) with low user privileges to execute arbitrary code on an affected device. This vulnerability is due to improper validation of user-supplied input in HTTP requests. An attacker could exploit this vulnerability by sending crafted HTTP requests to a targeted web service on an affected device after obtaining additional information about the system, overcoming exploit mitigations, or both. A successful exploit could allow the attacker to execute arbitrary code as root, which may lead to the complete compromise of the affected device. For more information about this vulnerability, see the Details ["#details"] section of this advisory.

References

▼	URL	Tags
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http-code-exec-WmfP3h3O	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	7.6.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "775B3D5F-25D3-4B1C-9BA2-985263A6CE83",
              "versionEndExcluding": "9.12.4.72",
              "versionStartIncluding": "9.12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9AD381CE-3B2E-4633-AA43-7A82BA7D39CF",
              "versionEndExcluding": "9.14.4.28",
              "versionStartIncluding": "9.14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2686697-B6D5-4F75-9BAF-0B070C07EECB",
              "versionEndExcluding": "9.16.4.84",
              "versionStartIncluding": "9.16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B434E47-6F45-4E2A-9147-196B33B75F9F",
              "versionEndExcluding": "9.18.4.57",
              "versionStartIncluding": "9.17.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E1E5F3D-776C-48CE-B09F-F865ECCE1E86",
              "versionEndExcluding": "9.19.1.42",
              "versionStartIncluding": "9.19",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "37602BC1-1F58-4742-95AF-2E70EECA9986",
              "versionEndExcluding": "9.20.3.16",
              "versionStartIncluding": "9.20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "156946A8-18CE-49C7-969C-D2E1C201EEE9",
              "versionEndExcluding": "9.22.2",
              "versionStartIncluding": "9.22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A5616E7-4866-4229-97A6-C91DD029CA1F",
              "versionEndExcluding": "9.23.1.3",
              "versionStartIncluding": "9.23",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "09A83737-0EE2-4D5D-915B-3133F3A81FB5",
              "versionEndExcluding": "7.0.8",
              "versionStartIncluding": "7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD175CE1-B297-4445-AAFA-F2201429E6C5",
              "versionEndExcluding": "7.2.10",
              "versionStartIncluding": "7.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8A1EC36-8C42-4890-918A-0B38027B36F3",
              "versionEndExcluding": "7.4.2.3",
              "versionStartIncluding": "7.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F39B5499-B7CE-4FA5-B882-609859CF1598",
              "versionEndExcluding": "7.7.10",
              "versionStartIncluding": "7.7.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "76B73F03-93B6-48C3-BF97-FEAF26895A2D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the web services of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software, Cisco Secure Firewall Threat Defense (FTD) Software, Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, remote attacker (Cisco ASA and FTD Software) or authenticated, remote attacker (Cisco IOS, IOS XE, and IOS XR Software) with low user privileges to execute arbitrary code on an affected device. \r\n\r This vulnerability is due to improper validation of user-supplied input in HTTP requests. An attacker could exploit this vulnerability by sending crafted HTTP requests to a targeted web service on an affected device after obtaining additional information about the system, overcoming exploit mitigations, or both. A successful exploit could allow the attacker to execute arbitrary code as root, which may lead to the complete compromise of the affected device.\r\n\r For more information about this vulnerability, see the Details [\"#details\"] section of this advisory."
    }
  ],
  "id": "CVE-2025-20363",
  "lastModified": "2025-09-29T14:00:07.787",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.0,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 6.0,
        "source": "psirt@cisco.com",
        "type": "Primary"
      }
    ]
  },
  "published": "2025-09-25T16:15:32.497",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http-code-exec-WmfP3h3O"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-122"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2023-11-01 17:15

Modified

2024-11-21 07:40

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Summary

A vulnerability in the internal packet processing of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Firewalls could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of certain packets when they are sent to the inspection engine. An attacker could exploit this vulnerability by sending a series of crafted packets to an affected device. A successful exploit could allow the attacker to deplete all 9,472 byte blocks on the device, resulting in traffic loss across the device or an unexpected reload of the device. If the device does not reload on its own, a manual reload of the device would be required to recover from this state.

References

▼	URL	Tags
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-intrusion-dos-DfT7wyGC	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-intrusion-dos-DfT7wyGC	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	6.2.3
cisco	firepower_threat_defense	6.2.3.1
cisco	firepower_threat_defense	6.2.3.2
cisco	firepower_threat_defense	6.2.3.3
cisco	firepower_threat_defense	6.2.3.4
cisco	firepower_threat_defense	6.2.3.5
cisco	firepower_threat_defense	6.2.3.6
cisco	firepower_threat_defense	6.2.3.7
cisco	firepower_threat_defense	6.2.3.8
cisco	firepower_threat_defense	6.2.3.9
cisco	firepower_threat_defense	6.2.3.10
cisco	firepower_threat_defense	6.2.3.11
cisco	firepower_threat_defense	6.2.3.12
cisco	firepower_threat_defense	6.2.3.13
cisco	firepower_threat_defense	6.2.3.14
cisco	firepower_threat_defense	6.2.3.15
cisco	firepower_threat_defense	6.2.3.16
cisco	firepower_threat_defense	6.2.3.17
cisco	firepower_threat_defense	6.2.3.18
cisco	firepower_threat_defense	6.4.0
cisco	firepower_threat_defense	6.4.0.1
cisco	firepower_threat_defense	6.4.0.2
cisco	firepower_threat_defense	6.4.0.3
cisco	firepower_threat_defense	6.4.0.4
cisco	firepower_threat_defense	6.4.0.5
cisco	firepower_threat_defense	6.4.0.6
cisco	firepower_threat_defense	6.4.0.7
cisco	firepower_threat_defense	6.4.0.8
cisco	firepower_threat_defense	6.4.0.9
cisco	firepower_threat_defense	6.4.0.10
cisco	firepower_threat_defense	6.4.0.11
cisco	firepower_threat_defense	6.4.0.12
cisco	firepower_threat_defense	6.4.0.13
cisco	firepower_threat_defense	6.4.0.14
cisco	firepower_threat_defense	6.4.0.15
cisco	firepower_threat_defense	6.4.0.16
cisco	firepower_threat_defense	6.6.0
cisco	firepower_threat_defense	6.6.0.1
cisco	firepower_threat_defense	6.6.1
cisco	firepower_threat_defense	6.6.3
cisco	firepower_threat_defense	6.6.4
cisco	firepower_threat_defense	6.6.5
cisco	firepower_threat_defense	6.6.5.1
cisco	firepower_threat_defense	6.6.5.2
cisco	firepower_threat_defense	6.6.7
cisco	firepower_threat_defense	6.6.7.1
cisco	firepower_threat_defense	6.7.0
cisco	firepower_threat_defense	6.7.0.1
cisco	firepower_threat_defense	6.7.0.2
cisco	firepower_threat_defense	6.7.0.3
cisco	firepower_threat_defense	7.0.0
cisco	firepower_threat_defense	7.0.0.1
cisco	firepower_threat_defense	7.0.1
cisco	firepower_threat_defense	7.0.1.1
cisco	firepower_threat_defense	7.0.2
cisco	firepower_threat_defense	7.0.2.1
cisco	firepower_threat_defense	7.0.3
cisco	firepower_threat_defense	7.0.4
cisco	firepower_threat_defense	7.0.5
cisco	firepower_threat_defense	7.1.0
cisco	firepower_threat_defense	7.1.0.1
cisco	firepower_threat_defense	7.1.0.3
cisco	firepower_threat_defense	7.2.0
cisco	firepower_threat_defense	7.2.0.1
cisco	firepower_threat_defense	7.2.1
cisco	firepower_threat_defense	7.2.2
cisco	firepower_threat_defense	7.2.3
cisco	firepower_threat_defense	7.3.0
cisco	firepower_threat_defense	7.3.1
cisco	firepower_threat_defense	7.3.1.1
cisco	firepower_2110	-
cisco	firepower_2120	-
cisco	firepower_2130	-
cisco	firepower_2140	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D726F07-06F1-4B0A-B010-E607E0C2A280",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FAD2427-82A3-4E64-ADB5-FA4F40B568F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "08D5A647-AC21-40AC-8B3C-EE5D3EDA038A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BAE999A-5244-46CF-8C12-D68E789BDEE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6468D3D-C5A7-4FAE-B4B9-AD862CD11055",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6E4808D-592E-46A6-A83A-A46227D817B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AB45136-ACCD-4230-8975-0EBB30D5B375",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2C39AC1-1B96-4253-9FC8-4CC26D6261F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE9102C8-F211-4E50-967F-FD51C7FC904F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4933642-89E5-4909-AD3C-862CD3B77790",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9A6C776-79B3-47ED-B013-100B8F08E1C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "E504F28A-44CE-4B3E-9330-6A98728E3AEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEA0DD43-D206-4C1C-8B17-DA47F96B3BAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "1983172D-4F52-479F-BF14-A84B92D36864",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "4122D982-A57A-4249-A8DC-CE9FC6C98803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "96464380-F665-4266-B0AD-693E078C9F82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C230B8A-570D-4F58-83E1-AFA50B813EA4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD3F39CB-C4C2-4B13-94F0-9E44322314BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "59A71873-0EB2-418F-AE33-8474A1010FA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2DF0B07-8C2A-4341-8AFF-DE7E5E5B3A43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E6BD0EE-649E-4ED6-A09C-8364335DEF52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AE11554-FE3C-4C8B-8986-5D88E4967342",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1C11983-22A8-4859-A240-571A7815FF54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "24CD0B0A-2B91-45DD-9522-8D1D3850CC9B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7026F0E-72A7-4CDF-BADC-E34FE6FADC51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "63B85369-FBAE-456C-BC99-5418B043688A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "86434346-D5F0-49BA-803E-244C3266E361",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2FA7B3C-002D-4755-B323-CA24B770A5B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1CB7EBC-F3D5-4855-A8D8-BA5AB21FD719",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2A5530C-DF29-421B-9712-3454C1769446",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "41170977-FEEA-4B51-BF98-8493096CD691",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "B05791F9-0B31-4C4C-A9BA-9268CAA45FB2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D975CBA-7F01-4A4C-991B-9571410C4F07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6D7AF29-4E08-4BFD-AFE0-994309E66F08",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2EFA476-5021-4A00-859E-1643009D6156",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6E3A5DC-A237-46E4-A4E5-F135482F984A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCD69468-8067-4A5D-B2B0-EC510D889AA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "20AE4051-FA3B-4F0B-BD3D-083A14269FF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "46A42D07-FF3E-41B4-BA39-3A5BDA4E0E61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3985EA37-2B77-45F2-ABA5-5CCC7B35CA2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "67FB5ABE-3C40-4C58-B91F-0621C2180FAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "53909FD6-EC74-4D2F-99DA-26E70400B53F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "55FE024D-0D43-40AD-9645-8C54ECF17824",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC411A8D-CD39-46F5-B8FC-6753E618FAEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "D46E2E00-BA86-4002-B67B-2C1A6C1AAAE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "91AD8BA2-EB8D-4D8B-B707-AF5C2A831998",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "85F22403-B4EE-4303-9C94-915D3E0AC944",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "828E3DE1-B62E-4FEC-AAD3-EB0E452C9CBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "596EC5DD-D7F4-44C8-B4B5-E2DC142FC486",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C356E0E6-5B87-40CF-996E-6FFEDFD82A31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBCA75A6-0A3E-4393-8884-9F3CE190641E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F3C12D3-7662-46C5-9E88-D1BE6CF605E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "046B53A0-6BC1-461A-9C28-C534CE12C4BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA889E1-4E8F-4ECE-88AC-7A240D5CBF0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D1C767F-3E06-43B7-A0CC-D51D97A053EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "43A950B0-A7CA-4CE7-A393-A18C8C41B08E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7E221CB-BD0F-4AEE-8646-998B75647714",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "225382DE-2919-48F4-9CC0-DE685EAAFDF4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBA2DFE7-F478-46EC-9832-4B2C738FC879",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D619BF54-1BA9-45D0-A876-92D7010088A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "469EA365-DED5-4436-AAC2-5553529DE700",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5364CB94-BEA3-4E9A-A2F9-EE96A2D7F8AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FD5D12-CF1A-4990-99B3-1840EFBA5611",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCD2D11D-FF08-44E4-BF67-D8DD1E701FCD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F788D156-1F1F-4A08-848B-257BC4CCE000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "795ED164-7800-4D50-8E37-665BE30190D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B0664B8-1670-4F47-A01E-089D05A9618A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBC0C3DC-4761-488A-90A9-6EA45EE61526",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "62EE065B-F8B6-4125-8486-B2EE0566B27A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5245DEF8-64BE-47C9-AA3C-DF3F7F92A89F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "52D96810-5F79-4A83-B8CA-D015790FCF72",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FE2945-4975-4003-AE48-7E134E167A7F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2130:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCE7122A-5AA7-4ECD-B024-E27C9D0CFB7B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2140:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "976901BF-C52C-4F81-956A-711AF8A60140",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the internal packet processing of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Firewalls could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of certain packets when they are sent to the inspection engine. An attacker could exploit this vulnerability by sending a series of crafted packets to an affected device. A successful exploit could allow the attacker to deplete all 9,472 byte blocks on the device, resulting in traffic loss across the device or an unexpected reload of the device. If the device does not reload on its own, a manual reload of the device would be required to recover from this state."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el procesamiento interno de paquetes del software Cisco Firepower Threat Defense (FTD) para los firewalls Cisco Firepower serie 2100 podr\u00eda permitir que un atacante remoto no autenticado cause una condici\u00f3n de Denegaci\u00f3n de Servicio (DoS) en un dispositivo afectado. Esta vulnerabilidad se debe al manejo inadecuado de ciertos paquetes cuando se env\u00edan al motor de inspecci\u00f3n. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una serie de paquetes manipulados a un dispositivo afectado. Un exploit exitoso podr\u00eda permitir al atacante agotar los bloques de 9472 bytes del dispositivo, lo que provocar\u00eda una p\u00e9rdida de tr\u00e1fico en el dispositivo o una recarga inesperada del mismo. Si el dispositivo no se recarga por s\u00ed solo, ser\u00e1 necesaria una recarga manual del dispositivo para recuperarse de este estado."
    }
  ],
  "id": "CVE-2023-20244",
  "lastModified": "2024-11-21T07:40:58.750",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-11-01T17:15:11.577",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-intrusion-dos-DfT7wyGC"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-intrusion-dos-DfT7wyGC"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-771"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2021-04-29 18:15

Modified

2024-11-21 05:44

Severity ?

6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Summary

A vulnerability in the upgrade process of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to inject commands that could be executed with root privileges on the underlying operating system (OS). This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by uploading a crafted upgrade package file to an affected device. A successful exploit could allow the attacker to inject commands that could be executed with root privileges on the underlying OS.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-cmdinj-TKyQfDcU	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-cmdinj-TKyQfDcU	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	firepower_1010	-
cisco	firepower_1120	-
cisco	firepower_1140	-
cisco	firepower_1150	-
cisco	firepower_2110	-
cisco	firepower_2120	-
cisco	firepower_2130	-
cisco	firepower_2140	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "04202164-FCC4-413E-90B5-01FE08AC6EEC",
              "versionEndExcluding": "6.6.4",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FDDF492B-BC61-4814-B05F-3F6CD07080F7",
              "versionEndExcluding": "6.7.0.2",
              "versionStartIncluding": "6.7.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B74C14F-C95B-4AF5-A255-1CA824AA7FDE",
              "versionEndExcluding": "9.13.1.21",
              "versionStartIncluding": "9.13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "06071877-6E69-4440-9306-6410223218D7",
              "versionEndExcluding": "9.14.2.13",
              "versionStartIncluding": "9.14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "97985BC1-7D4F-465A-863B-9EAD980A4CF1",
              "versionEndExcluding": "9.15.1.10",
              "versionStartIncluding": "9.15",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FFE3880-4B85-4E23-9836-70875D5109F7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "727A02E8-40A1-4DFE-A3A2-91D628D3044F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1140:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "19F6546E-28F4-40DC-97D6-E0E023FE939B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB3B0EC3-4654-4D90-9D41-7EC2AD1DDF99",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "52D96810-5F79-4A83-B8CA-D015790FCF72",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FE2945-4975-4003-AE48-7E134E167A7F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2130:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCE7122A-5AA7-4ECD-B024-E27C9D0CFB7B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2140:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "976901BF-C52C-4F81-956A-711AF8A60140",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the upgrade process of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to inject commands that could be executed with root privileges on the underlying operating system (OS). This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by uploading a crafted upgrade package file to an affected device. A successful exploit could allow the attacker to inject commands that could be executed with root privileges on the underlying OS."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el proceso de actualizaci\u00f3n del software Cisco Adaptive Security Appliance (ASA) y el software Cisco Firepower Threat Defense (FTD), podr\u00eda permitir a un atacante autenticado local inyectar comandos que podr\u00edan ser ejecutados con privilegios root en el sistema operativo (SO) subyacente.\u0026#xa0;Esta vulnerabilidad es debido a una comprobaci\u00f3n insuficiente de entrada .\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad al cargar un archivo de paquete de actualizaci\u00f3n dise\u00f1ado a un dispositivo afectado.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante inyectar comandos que podr\u00edan ser ejecutados con privilegios root en el sistema operativo subyacente"
    }
  ],
  "id": "CVE-2021-1488",
  "lastModified": "2024-11-21T05:44:28.050",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.9,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-04-29T18:15:09.273",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-cmdinj-TKyQfDcU"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-cmdinj-TKyQfDcU"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-77"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2022-05-03 04:15

Modified

2024-11-21 06:43

Severity ?

4.0 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Summary

A vulnerability in the Security Intelligence feed feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the Security Intelligence DNS feed. This vulnerability is due to incorrect feed update processing. An attacker could exploit this vulnerability by sending traffic through an affected device that should be blocked by the affected device. A successful exploit could allow the attacker to bypass device controls and successfully send traffic to devices that are expected to be protected by the affected device.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-sidns-bypass-3PzA5pO	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-sidns-bypass-3PzA5pO	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "35AD28D3-1C08-44EF-9148-371C9E7912E5",
              "versionEndExcluding": "6.4.0.15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD7675E1-AE0A-4C69-915D-144597F1250E",
              "versionEndExcluding": "6.6.5.2",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "22E1337C-A0EE-467D-A06E-FBE1541DDFD2",
              "versionEndExcluding": "7.0.2",
              "versionStartIncluding": "6.7.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the Security Intelligence feed feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the Security Intelligence DNS feed. This vulnerability is due to incorrect feed update processing. An attacker could exploit this vulnerability by sending traffic through an affected device that should be blocked by the affected device. A successful exploit could allow the attacker to bypass device controls and successfully send traffic to devices that are expected to be protected by the affected device."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la funci\u00f3n de alimentaci\u00f3n de Inteligencia de Seguridad del software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir a un atacante remoto no autenticado omitir la alimentaci\u00f3n de DNS de Inteligencia de Seguridad. Esta vulnerabilidad es debido a un procesamiento incorrecto de la actualizaci\u00f3n de la alimentaci\u00f3n. Un atacante podr\u00eda explotar esta vulnerabilidad  mediante el env\u00edo de tr\u00e1fico a trav\u00e9s de un dispositivo afectado que deber\u00eda ser bloqueado por el dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante omitir los controles del dispositivo y enviar con \u00e9xito el tr\u00e1fico a los dispositivos que es esperado que est\u00e9n protegidos por el dispositivo afectado"
    }
  ],
  "id": "CVE-2022-20730",
  "lastModified": "2024-11-21T06:43:26.033",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.0,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 1.4,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-05-03T04:15:09.120",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-sidns-bypass-3PzA5pO"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-sidns-bypass-3PzA5pO"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-241"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-10-21 19:15

Modified

2024-11-21 05:31

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

A vulnerability in the SSL VPN negotiation process for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to inefficient direct memory access (DMA) memory management during the negotiation phase of an SSL VPN connection. An attacker could exploit this vulnerability by sending a steady stream of crafted Datagram TLS (DTLS) traffic to an affected device. A successful exploit could allow the attacker to exhaust DMA memory on the device and cause a DoS condition.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-sslvpndma-dos-HRrqB9Yx	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-sslvpndma-dos-HRrqB9Yx	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDD51404-99D0-45D6-8998-02861FF10108",
              "versionEndExcluding": "9.6.4.45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB4FADF7-A3CD-44B4-85DF-75F28369B459",
              "versionEndExcluding": "6.3.0.6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "53C69C8B-5A19-4613-8861-683CF21806B7",
              "versionEndExcluding": "6.4.0.10",
              "versionStartIncluding": "6.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3ED0E59C-146C-494F-AD46-F6FB43F9C575",
              "versionEndExcluding": "6.5.0.5",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "754010DE-2C33-4BA1-9567-90C46309B664",
              "versionEndExcluding": "6.6.1",
              "versionStartIncluding": "6.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "445C3154-55F2-4A7B-ABA1-724F3E877920",
              "versionEndExcluding": "9.8.4.29",
              "versionStartIncluding": "9.8.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E16D2CA3-B494-4348-BF0C-03969D1423D0",
              "versionEndExcluding": "9.9.2.80",
              "versionStartIncluding": "9.9.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFF8B79C-41E6-4367-8A37-C1A41DA8345E",
              "versionEndExcluding": "9.10.1.44",
              "versionStartIncluding": "9.10.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F71893A1-284B-453E-A9F4-579FAB514E9B",
              "versionEndExcluding": "9.12.4.4",
              "versionStartIncluding": "9.12.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4148D30-F285-4045-A017-82F5BF074233",
              "versionEndExcluding": "9.13.1.13",
              "versionStartIncluding": "9.13.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDD8BF1D-E300-461E-99C5-E191BE4173C2",
              "versionEndExcluding": "9.14.1.30",
              "versionStartIncluding": "9.14.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the SSL VPN negotiation process for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to inefficient direct memory access (DMA) memory management during the negotiation phase of an SSL VPN connection. An attacker could exploit this vulnerability by sending a steady stream of crafted Datagram TLS (DTLS) traffic to an affected device. A successful exploit could allow the attacker to exhaust DMA memory on the device and cause a DoS condition."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el proceso de negociaci\u00f3n de SSL VPN para Cisco Adaptive Security Appliance (ASA) Software y Cisco Firepower Threat Defense (FTD) Software, podr\u00eda permitir a un atacante remoto no autenticado causar una recarga de un dispositivo afectado, resultando en una condici\u00f3n de denegaci\u00f3n de servicio (DoS).\u0026#xa0;La vulnerabilidad es debido a una gesti\u00f3n de memoria direct memory access (DMA) ineficiente durante la fase de negociaci\u00f3n de una conexi\u00f3n VPN SSL.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de un flujo constante de tr\u00e1fico Datagram TLS (DTLS) dise\u00f1ado a un dispositivo afectado.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir a un atacante agotar la memoria DMA en el dispositivo y causar una condici\u00f3n de DoS"
    }
  ],
  "id": "CVE-2020-3529",
  "lastModified": "2024-11-21T05:31:15.557",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-10-21T19:15:16.967",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-sslvpndma-dos-HRrqB9Yx"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-sslvpndma-dos-HRrqB9Yx"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2017-05-22 01:29

Modified

2025-04-20 01:37

Severity ?

7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

A vulnerability in the logging configuration of Secure Sockets Layer (SSL) policies for Cisco FirePOWER System Software 5.3.0 through 6.2.2 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to high consumption of system resources. The vulnerability is due to the logging of certain TCP packets by the affected software. An attacker could exploit this vulnerability by sending a flood of crafted TCP packets to an affected device. A successful exploit could allow the attacker to cause a DoS condition. The success of an exploit is dependent on how an administrator has configured logging for SSL policies for a device. This vulnerability affects Cisco FirePOWER System Software that is configured to log connections by using SSL policy default actions. Cisco Bug IDs: CSCvd07072.

References

URL	Tags
psirt@cisco.com	http://www.securityfocus.com/bid/98523	Third Party Advisory, VDB Entry
psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-fpwr	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/98523	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-fpwr	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	5.3.0
cisco	firepower_threat_defense	5.4.0
cisco	firepower_threat_defense	6.0.0
cisco	firepower_threat_defense	6.0.1
cisco	firepower_threat_defense	6.0.1.3
cisco	firepower_threat_defense	6.1.0
cisco	firepower_threat_defense	6.1.0.2
cisco	firepower_threat_defense	6.2.0
cisco	firepower_threat_defense	6.2.1
cisco	firepower_threat_defense	6.2.2
cisco	firepower_threat_defense	6.2_base

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:5.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0DB13378-A7CB-4EBB-B3FD-57F7F37965ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:5.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D850EEF9-1967-4CE5-A30C-50180849BCAD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1AC6A67-82EF-4D31-AFCB-499A0C6EC0F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "995667FD-35F1-49E5-96DB-2FDFF5E0B523",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.0.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC18DB34-8F0D-466A-BDEF-362760804A00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "61FB47CF-2A6A-4121-BFF7-5862E163B8E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9873ABAC-9A3D-40E1-B7FF-F2AB74F82C22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1DC52A8B-7DF4-47B2-9F49-627F59656E5E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD48BE40-C647-429A-81B6-59E125BBE415",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "42496A5B-1644-4088-BBCF-2ED810A5694B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2_base:*:*:*:*:*:*:*",
              "matchCriteriaId": "95056402-3BC3-4B4C-9A85-BEF53014181D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the logging configuration of Secure Sockets Layer (SSL) policies for Cisco FirePOWER System Software 5.3.0 through 6.2.2 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to high consumption of system resources. The vulnerability is due to the logging of certain TCP packets by the affected software. An attacker could exploit this vulnerability by sending a flood of crafted TCP packets to an affected device. A successful exploit could allow the attacker to cause a DoS condition. The success of an exploit is dependent on how an administrator has configured logging for SSL policies for a device. This vulnerability affects Cisco FirePOWER System Software that is configured to log connections by using SSL policy default actions. Cisco Bug IDs: CSCvd07072."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la configuraci\u00f3n del registro de las pol\u00edticas de Secure Sockets Layer  (SSL) para FirePOWER System Software versiones 5.3.0 hasta 6.2.2 de Cisco, podr\u00eda permitir a un atacante no autenticado remoto causar una denegaci\u00f3n de servicio (DoS) debido al alto consumo de recursos del sistema . La vulnerabilidad es debido al registro de ciertos paquetes TCP por parte del programa afectado. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el envi\u00f3 de una avalancha de paquetes TCP dise\u00f1ados hacia un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar una condici\u00f3n DoS. El \u00e9xito de una explotaci\u00f3n depende de c\u00f3mo un administrador ha configurado el registro para las pol\u00edticas SSL para un dispositivo. Esta vulnerabilidad afecta a FirePOWER System Software de Cisco que est\u00e1 configurado para registrar conexiones mediante el uso de acciones por defecto de la pol\u00edtica SSL. IDs de Bug de Cisco: CSCvd07072."
    }
  ],
  "id": "CVE-2017-6632",
  "lastModified": "2025-04-20T01:37:25.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": true,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-05-22T01:29:00.243",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/98523"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-fpwr"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/98523"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-fpwr"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2021-04-29 18:15

Modified

2024-11-21 05:44

Severity ?

5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Summary

Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect handling of specific HTTP header parameters. An attacker could exploit this vulnerability by sending crafted HTTP packets through an affected device. A successful exploit could allow the attacker to bypass a configured file policy for HTTP packets and deliver a malicious payload.

References

URL	Tags
psirt@cisco.com	https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html
psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http-fp-bp-KfDdcQhc	Vendor Advisory
psirt@cisco.com	https://www.debian.org/security/2023/dsa-5354
af854a3a-2127-422b-91ae-364da2661108	https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html
af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http-fp-bp-KfDdcQhc	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.debian.org/security/2023/dsa-5354

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	ios_xe	*
snort	snort	*
cisco	ios_xe	*
cisco	ios_xe	*
cisco	1100-4g\/6g_integrated_services_router	-
cisco	1101_integrated_services_router	-
cisco	1109_integrated_services_router	-
cisco	1111x_integrated_services_router	-
cisco	111x_integrated_services_router	-
cisco	1120_integrated_services_router	-
cisco	1160_integrated_services_router	-
cisco	3000_integrated_services_router	-
cisco	4221_integrated_services_router	-
cisco	4331_integrated_services_router	-
cisco	4431_integrated_services_router	-
cisco	4461_integrated_services_router	-
cisco	c8200-1n-4t	-
cisco	c8200l-1n-4t	-
cisco	catalyst_8300-1n1s-4t2x	-
cisco	catalyst_8300-1n1s-6t	-
cisco	catalyst_8300-2n2s-4t2x	-
cisco	catalyst_8300-2n2s-6t	-
cisco	catalyst_8500l	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAE65CB5-08E5-41B6-9AC0-02451C90E833",
              "versionEndExcluding": "6.4.0.12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "04202164-FCC4-413E-90B5-01FE08AC6EEC",
              "versionEndExcluding": "6.6.4",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FDDF492B-BC61-4814-B05F-3F6CD07080F7",
              "versionEndExcluding": "6.7.0.2",
              "versionStartIncluding": "6.7.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:ios_xe:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3BCB821-CD8E-4D1D-968E-D52715B4CDDE",
              "versionEndExcluding": "16.12.5",
              "versionStartIncluding": "16.12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:snort:snort:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3ABE8CC6-FFE8-48D2-B94A-C8AED78AA2D2",
              "versionEndExcluding": "2.9.17.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3A8DECA-0833-4207-9EC7-DFC60A7EF1C3",
              "versionEndExcluding": "17.3.3",
              "versionStartIncluding": "17.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CFEDAF8-A6E8-4F01-B6D5-5099107BF77F",
              "versionEndExcluding": "17.4.1",
              "versionStartIncluding": "17.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:1100-4g\\/6g_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6F668B9-2C1D-4306-8286-35E67D0F67C7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1101_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EB8A757-7888-4AC2-BE44-B89DB83C6C77",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1109_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B80890A8-E3D3-462C-B125-9E9BC6525B02",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1111x_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0547E196-5991-4C33-823A-342542E9DFD3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:111x_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "802CBFC1-8A2F-4BF7-A1D3-00622C33BE16",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1120_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7AFE0FC1-EEBC-42F0-88B0-4AF5B76DDD97",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1160_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D916389F-54DB-44CB-91DD-7CE3C7059350",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:3000_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B8C4D97-A430-45FB-9EF5-B6E4DBA1BD31",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4221_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C8AED7C-DDA3-4C29-BB95-6518C02C551A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4331_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5419CB9F-241F-4431-914F-2659BE27BEA5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4431_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5720462A-BE6B-4E84-A1A1-01E80BBA86AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4461_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8B60888-6E2B-494E-AC65-83337661EE7D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:c8200-1n-4t:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCF17101-9EF9-47BB-B966-0FA9B71AEEFA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:c8200l-1n-4t:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2F0C218-B0FF-4BEC-B76F-1F4BAA6D0960",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8300-1n1s-4t2x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E7E8914-7B25-4097-8B22-6928C1F03D5A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8300-1n1s-6t:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B207857B-C483-47DF-9FC7-6A05B866BF60",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8300-2n2s-4t2x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD26746A-80D1-4C48-BF77-E9F7EEEF7EA7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8300-2n2s-6t:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDB16CCE-1E89-4707-86C1-97F2FB5B62B9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8500l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "04AB61E9-0148-495E-BD21-64D52DE60A6C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect handling of specific HTTP header parameters. An attacker could exploit this vulnerability by sending crafted HTTP packets through an affected device. A successful exploit could allow the attacker to bypass a configured file policy for HTTP packets and deliver a malicious payload."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples productos de Cisco est\u00e1n afectados por una vulnerabilidad en el motor de detecci\u00f3n Snort que podr\u00eda permitir a un atacante remoto no autenticado omitir una pol\u00edtica de archivos configurada para HTTP.\u0026#xa0;La vulnerabilidad es debido a un manejo incorrecto de par\u00e1metros espec\u00edficos del encabezado HTTP.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de paquetes HTTP dise\u00f1ados por medio de un dispositivo afectado.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante omitir una pol\u00edtica de archivos configurada para paquetes HTTP y entregar una carga \u00fatil maliciosa"
    }
  ],
  "id": "CVE-2021-1495",
  "lastModified": "2024-11-21T05:44:28.830",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-04-29T18:15:09.430",
  "references": [
    {
      "source": "psirt@cisco.com",
      "url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http-fp-bp-KfDdcQhc"
    },
    {
      "source": "psirt@cisco.com",
      "url": "https://www.debian.org/security/2023/dsa-5354"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http-fp-bp-KfDdcQhc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.debian.org/security/2023/dsa-5354"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-755"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2019-05-03 16:29

Modified

2024-11-21 04:37

Severity ?

4.8 (Medium) - CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
4.8 (Medium) - CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

Summary

Multiple vulnerabilities in the WebVPN service of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the WebVPN portal of an affected device. The vulnerabilities exist because the software insufficiently validates user-supplied input on an affected device. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive browser-based information. An attacker would need administrator privileges on the device to exploit these vulnerabilities.

References

URL	Tags
psirt@cisco.com	http://www.securityfocus.com/bid/108152	Third Party Advisory, VDB Entry
psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftd-xss	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/108152	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftd-xss	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	asa_5505	-
cisco	asa_5510	-
cisco	asa_5512-x	-
cisco	asa_5515-x	-
cisco	asa_5520	-
cisco	asa_5525-x	-
cisco	asa_5540	-
cisco	asa_5545-x	-
cisco	asa_5550	-
cisco	asa_5555-x	-
cisco	asa_5580	-
cisco	asa_5585-x	-
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "79F0345E-5661-4119-8620-8A1F42E97128",
              "versionEndExcluding": "9.4.4.34",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7789E32-76B1-4D16-A556-B6B5A8CDB5A0",
              "versionEndExcluding": "9.6.4.25",
              "versionStartIncluding": "9.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C812C8D5-3159-434C-8B9F-8CB0A8767923",
              "versionEndExcluding": "9.8.4",
              "versionStartIncluding": "9.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABCD2AF8-97D4-45C6-B80E-D5FA9B719BD5",
              "versionEndExcluding": "9.9.2.50",
              "versionStartIncluding": "9.9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4C6B343-2D4D-4C7E-A59E-629773DD2E60",
              "versionEndExcluding": "9.10.1.17",
              "versionStartIncluding": "9.10",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E6A8BB7-2000-4CA2-9DD7-89573CE4C73A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B091B9BA-D4CA-435B-8D66-602B45F0E0BD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08F0F160-DAD2-48D4-B7B2-4818B2526F35",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "977D597B-F6DE-4438-AB02-06BE64D71EBE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5520:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B387F62-6341-434D-903F-9B72E7F84ECB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB71EB29-0115-4307-A9F7-262394FD9FB0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5540:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C5A524-E1D9-480F-B655-0680AA5BF720",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5545-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57179F60-E330-4FF0-9664-B1E4637FF210",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5550:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6287D95-F564-44B7-A0F9-91396D7C2C4E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5535C936-391B-4619-AA03-B35265FC15D7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1E828B8-5ECC-4A09-B2AD-DEDC558713DE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16AE20C2-C77E-4E04-BF13-A48696E52426",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8F292C5-67ED-4F18-B6C4-5873BB771C3D",
              "versionEndExcluding": "6.2.3.12",
              "versionStartIncluding": "6.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A16803C-579C-4992-B37E-7CEC17307659",
              "versionEndExcluding": "6.3.0.3",
              "versionStartIncluding": "6.3.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple vulnerabilities in the WebVPN service of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the WebVPN portal of an affected device. The vulnerabilities exist because the software insufficiently validates user-supplied input on an affected device. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive browser-based information. An attacker would need administrator privileges on the device to exploit these vulnerabilities."
    },
    {
      "lang": "es",
      "value": "Las vulnerabilidades m\u00faltiples en el servicio WebVPN de Cisco Adaptive Security Appliance (ASA) Software y Cisco Firepower Threat Defense (FTD) Software podr\u00edan permitir a un atacante remoto autenticado realizar un ataque de XSS contra un usuario del portal WebVPN de un dispositivo afectado. Las vulnerabilidades existen porque el software no valida suficientemente la entrada suministrada por el usuario en un dispositivo afectado. Un atacante podr\u00eda explotar estas vulnerabilidades persuadiendo a un usuario de la interfaz para que haga clic en un enlace especialmente generado. Un exploit exitoso podr\u00eda permitir al atacante ejecutar c\u00f3digo de script arbitrario en el contexto de la interfaz afectada o acceder a informaci\u00f3n sensible basada en navegador. Un atacante necesitar\u00eda privilegios de administrador en el dispositivo para explotar estas vulnerabilidades."
    }
  ],
  "id": "CVE-2019-1701",
  "lastModified": "2024-11-21T04:37:07.973",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "NONE",
          "baseScore": 3.5,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 6.8,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "HIGH",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 1.7,
        "impactScore": 2.7,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "HIGH",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 1.7,
        "impactScore": 2.7,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-05-03T16:29:00.367",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/108152"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftd-xss"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/108152"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftd-xss"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-05-06 17:15

Modified

2024-11-21 05:30

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

A vulnerability in the Open Shortest Path First (OSPF) implementation in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a memory leak on an affected device. The vulnerability is due to incorrect processing of certain OSPF packets. An attacker could exploit this vulnerability by sending a series of crafted OSPF packets to be processed by an affected device. A successful exploit could allow the attacker to continuously consume memory on an affected device and eventually cause it to reload, resulting in a denial of service (DoS) condition.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-ospf-memleak-DHpsgfnv	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-ospf-memleak-DHpsgfnv	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	asa_5505_firmware	9.12\(2\)
cisco	asa_5505	-
cisco	asa_5510_firmware	9.12\(2\)
cisco	asa_5510	-
cisco	asa_5512-x_firmware	9.12\(2\)
cisco	asa_5512-x	-
cisco	asa_5515-x_firmware	9.12\(2\)
cisco	asa_5515-x	-
cisco	asa_5520_firmware	9.12\(2\)
cisco	asa_5520	-
cisco	asa_5525-x_firmware	9.12\(2\)
cisco	asa_5525-x	-
cisco	asa_5540_firmware	9.12\(2\)
cisco	asa_5540	-
cisco	asa_5545-x_firmware	9.12\(2\)
cisco	asa_5545-x	-
cisco	asa_5550_firmware	9.12\(2\)
cisco	asa_5550	-
cisco	asa_5555-x_firmware	9.12\(2\)
cisco	asa_5555-x	-
cisco	asa_5580_firmware	9.12\(2\)
cisco	asa_5580	-
cisco	asa_5585-x_firmware	9.12\(2\)
cisco	asa_5585-x	-
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "06741056-2BFD-4F88-917A-F581F813B69E",
              "versionEndExcluding": "6.4.0.9",
              "versionStartIncluding": "6.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3ED0E59C-146C-494F-AD46-F6FB43F9C575",
              "versionEndExcluding": "6.5.0.5",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5505_firmware:9.12\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "71B2EEE1-90B7-4A25-B0CE-2C5E8CD683F7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E6A8BB7-2000-4CA2-9DD7-89573CE4C73A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5510_firmware:9.12\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "CBF08A29-FFE3-4775-91D8-3A3939BBD727",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B091B9BA-D4CA-435B-8D66-602B45F0E0BD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5512-x_firmware:9.12\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "AF392F94-1719-45FB-B078-C3BAE733F4CC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08F0F160-DAD2-48D4-B7B2-4818B2526F35",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5515-x_firmware:9.12\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "70E7ED90-9DDD-4DD7-82E3-D35E0888D480",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "977D597B-F6DE-4438-AB02-06BE64D71EBE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5520_firmware:9.12\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "CF9CF223-CC1A-486F-B3B0-ED10D9582063",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5520:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B387F62-6341-434D-903F-9B72E7F84ECB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5525-x_firmware:9.12\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "A40451D3-FD98-4283-A5D4-0FA40F2D5BFF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB71EB29-0115-4307-A9F7-262394FD9FB0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5540_firmware:9.12\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "417567C1-EB05-4459-A488-974296C92F9A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5540:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C5A524-E1D9-480F-B655-0680AA5BF720",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5545-x_firmware:9.12\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "2D1D78C0-2CEB-4CFD-9640-A161A5D7DA29",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5545-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57179F60-E330-4FF0-9664-B1E4637FF210",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5550_firmware:9.12\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "FAE422AA-1CE9-4EE4-BE8E-5B373CC4401C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5550:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6287D95-F564-44B7-A0F9-91396D7C2C4E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5555-x_firmware:9.12\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "DA64FFFF-CBBD-4A91-806E-83B110C47CB9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5535C936-391B-4619-AA03-B35265FC15D7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5580_firmware:9.12\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "3B88CA16-FF2A-4E2B-AC41-7800BD8ABCAE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1E828B8-5ECC-4A09-B2AD-DEDC558713DE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5585-x_firmware:9.12\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "3A94397D-EEAD-4C1A-8831-291758AAF21E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16AE20C2-C77E-4E04-BF13-A48696E52426",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BDBCE56-8434-43B5-A172-5A63536D9E9F",
              "versionEndExcluding": "9.12.3.2",
              "versionStartIncluding": "9.12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE14B138-4EED-43E1-A8F1-0D16F4A761C0",
              "versionEndExcluding": "9.13.1.7",
              "versionStartIncluding": "9.13",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the Open Shortest Path First (OSPF) implementation in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a memory leak on an affected device. The vulnerability is due to incorrect processing of certain OSPF packets. An attacker could exploit this vulnerability by sending a series of crafted OSPF packets to be processed by an affected device. A successful exploit could allow the attacker to continuously consume memory on an affected device and eventually cause it to reload, resulting in a denial of service (DoS) condition."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la implementaci\u00f3n de Open Shortest Path First (OSPF) en el Cisco Adaptive Security Appliance (ASA) Software y el Cisco Firepower Threat Defense (FTD) Software, podr\u00eda permitir a un atacante remoto no autenticado causar una p\u00e9rdida de memoria sobre un dispositivo afectado. La vulnerabilidad es debido al procesamiento incorrecto de determinados paquetes OSPF. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de una serie de paquetes OSPF dise\u00f1ados para que sean procesados por un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir a un atacante consumir continuamente la memoria sobre un dispositivo afectado y eventualmente causar que se sobrecargue, resultando en una condici\u00f3n de denegaci\u00f3n de servicio (DoS)."
    }
  ],
  "id": "CVE-2020-3195",
  "lastModified": "2024-11-21T05:30:31.500",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-05-06T17:15:12.353",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-ospf-memleak-DHpsgfnv"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-ospf-memleak-DHpsgfnv"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-401"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2023-12-12 18:15

Modified

2024-11-21 07:41

Severity ?

4.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Summary

A vulnerability in the AnyConnect SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to send packets with another VPN user's source IP address. This vulnerability is due to improper validation of the packet's inner source IP address after decryption. An attacker could exploit this vulnerability by sending crafted packets through the tunnel. A successful exploit could allow the attacker to send a packet impersonating another VPN user's IP address. It is not possible for the attacker to receive return packets.

References

▼	URL	Tags
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ssl-vpn-Y88QOm77	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ssl-vpn-Y88QOm77	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance_software	9.8.1
cisco	adaptive_security_appliance_software	9.8.1.5
cisco	adaptive_security_appliance_software	9.8.1.7
cisco	adaptive_security_appliance_software	9.8.2
cisco	adaptive_security_appliance_software	9.8.2.8
cisco	adaptive_security_appliance_software	9.8.2.14
cisco	adaptive_security_appliance_software	9.8.2.15
cisco	adaptive_security_appliance_software	9.8.2.17
cisco	adaptive_security_appliance_software	9.8.2.20
cisco	adaptive_security_appliance_software	9.8.2.24
cisco	adaptive_security_appliance_software	9.8.2.26
cisco	adaptive_security_appliance_software	9.8.2.28
cisco	adaptive_security_appliance_software	9.8.2.33
cisco	adaptive_security_appliance_software	9.8.2.35
cisco	adaptive_security_appliance_software	9.8.2.38
cisco	adaptive_security_appliance_software	9.8.3
cisco	adaptive_security_appliance_software	9.8.3.8
cisco	adaptive_security_appliance_software	9.8.3.11
cisco	adaptive_security_appliance_software	9.8.3.14
cisco	adaptive_security_appliance_software	9.8.3.16
cisco	adaptive_security_appliance_software	9.8.3.18
cisco	adaptive_security_appliance_software	9.8.3.21
cisco	adaptive_security_appliance_software	9.8.3.26
cisco	adaptive_security_appliance_software	9.8.3.29
cisco	adaptive_security_appliance_software	9.8.4
cisco	adaptive_security_appliance_software	9.8.4.3
cisco	adaptive_security_appliance_software	9.8.4.7
cisco	adaptive_security_appliance_software	9.8.4.8
cisco	adaptive_security_appliance_software	9.8.4.10
cisco	adaptive_security_appliance_software	9.8.4.12
cisco	adaptive_security_appliance_software	9.8.4.15
cisco	adaptive_security_appliance_software	9.8.4.17
cisco	adaptive_security_appliance_software	9.8.4.20
cisco	adaptive_security_appliance_software	9.8.4.22
cisco	adaptive_security_appliance_software	9.8.4.25
cisco	adaptive_security_appliance_software	9.8.4.26
cisco	adaptive_security_appliance_software	9.8.4.29
cisco	adaptive_security_appliance_software	9.8.4.32
cisco	adaptive_security_appliance_software	9.8.4.33
cisco	adaptive_security_appliance_software	9.8.4.34
cisco	adaptive_security_appliance_software	9.8.4.35
cisco	adaptive_security_appliance_software	9.8.4.39
cisco	adaptive_security_appliance_software	9.8.4.40
cisco	adaptive_security_appliance_software	9.8.4.41
cisco	adaptive_security_appliance_software	9.8.4.43
cisco	adaptive_security_appliance_software	9.8.4.44
cisco	adaptive_security_appliance_software	9.8.4.45
cisco	adaptive_security_appliance_software	9.8.4.46
cisco	adaptive_security_appliance_software	9.8.4.48
cisco	adaptive_security_appliance_software	9.12.1
cisco	adaptive_security_appliance_software	9.12.1.2
cisco	adaptive_security_appliance_software	9.12.1.3
cisco	adaptive_security_appliance_software	9.12.2
cisco	adaptive_security_appliance_software	9.12.2.1
cisco	adaptive_security_appliance_software	9.12.2.4
cisco	adaptive_security_appliance_software	9.12.2.5
cisco	adaptive_security_appliance_software	9.12.2.9
cisco	adaptive_security_appliance_software	9.12.3
cisco	adaptive_security_appliance_software	9.12.3.2
cisco	adaptive_security_appliance_software	9.12.3.7
cisco	adaptive_security_appliance_software	9.12.3.9
cisco	adaptive_security_appliance_software	9.12.3.12
cisco	adaptive_security_appliance_software	9.12.4
cisco	adaptive_security_appliance_software	9.12.4.2
cisco	adaptive_security_appliance_software	9.12.4.4
cisco	adaptive_security_appliance_software	9.12.4.7
cisco	adaptive_security_appliance_software	9.12.4.8
cisco	adaptive_security_appliance_software	9.12.4.10
cisco	adaptive_security_appliance_software	9.12.4.13
cisco	adaptive_security_appliance_software	9.12.4.18
cisco	adaptive_security_appliance_software	9.12.4.24
cisco	adaptive_security_appliance_software	9.12.4.26
cisco	adaptive_security_appliance_software	9.12.4.29
cisco	adaptive_security_appliance_software	9.12.4.30
cisco	adaptive_security_appliance_software	9.12.4.35
cisco	adaptive_security_appliance_software	9.12.4.37
cisco	adaptive_security_appliance_software	9.12.4.38
cisco	adaptive_security_appliance_software	9.12.4.39
cisco	adaptive_security_appliance_software	9.12.4.40
cisco	adaptive_security_appliance_software	9.12.4.41
cisco	adaptive_security_appliance_software	9.12.4.47
cisco	adaptive_security_appliance_software	9.12.4.48
cisco	adaptive_security_appliance_software	9.12.4.50
cisco	adaptive_security_appliance_software	9.12.4.52
cisco	adaptive_security_appliance_software	9.12.4.54
cisco	adaptive_security_appliance_software	9.12.4.55
cisco	adaptive_security_appliance_software	9.12.4.56
cisco	adaptive_security_appliance_software	9.12.4.58
cisco	adaptive_security_appliance_software	9.14.1
cisco	adaptive_security_appliance_software	9.14.1.6
cisco	adaptive_security_appliance_software	9.14.1.10
cisco	adaptive_security_appliance_software	9.14.1.15
cisco	adaptive_security_appliance_software	9.14.1.19
cisco	adaptive_security_appliance_software	9.14.1.30
cisco	adaptive_security_appliance_software	9.14.2
cisco	adaptive_security_appliance_software	9.14.2.4
cisco	adaptive_security_appliance_software	9.14.2.8
cisco	adaptive_security_appliance_software	9.14.2.13
cisco	adaptive_security_appliance_software	9.14.2.15
cisco	adaptive_security_appliance_software	9.14.3
cisco	adaptive_security_appliance_software	9.14.3.1
cisco	adaptive_security_appliance_software	9.14.3.9
cisco	adaptive_security_appliance_software	9.14.3.11
cisco	adaptive_security_appliance_software	9.14.3.13
cisco	adaptive_security_appliance_software	9.14.3.15
cisco	adaptive_security_appliance_software	9.14.3.18
cisco	adaptive_security_appliance_software	9.14.4
cisco	adaptive_security_appliance_software	9.14.4.6
cisco	adaptive_security_appliance_software	9.14.4.7
cisco	adaptive_security_appliance_software	9.14.4.12
cisco	adaptive_security_appliance_software	9.14.4.13
cisco	adaptive_security_appliance_software	9.14.4.14
cisco	adaptive_security_appliance_software	9.14.4.15
cisco	adaptive_security_appliance_software	9.14.4.17
cisco	adaptive_security_appliance_software	9.14.4.22
cisco	adaptive_security_appliance_software	9.14.4.23
cisco	adaptive_security_appliance_software	9.15.1
cisco	adaptive_security_appliance_software	9.15.1.1
cisco	adaptive_security_appliance_software	9.15.1.7
cisco	adaptive_security_appliance_software	9.15.1.10
cisco	adaptive_security_appliance_software	9.15.1.15
cisco	adaptive_security_appliance_software	9.15.1.16
cisco	adaptive_security_appliance_software	9.15.1.17
cisco	adaptive_security_appliance_software	9.15.1.21
cisco	adaptive_security_appliance_software	9.16.1
cisco	adaptive_security_appliance_software	9.16.1.28
cisco	adaptive_security_appliance_software	9.16.2
cisco	adaptive_security_appliance_software	9.16.2.3
cisco	adaptive_security_appliance_software	9.16.2.7
cisco	adaptive_security_appliance_software	9.16.2.11
cisco	adaptive_security_appliance_software	9.16.2.13
cisco	adaptive_security_appliance_software	9.16.2.14
cisco	adaptive_security_appliance_software	9.16.3
cisco	adaptive_security_appliance_software	9.16.3.3
cisco	adaptive_security_appliance_software	9.16.3.14
cisco	adaptive_security_appliance_software	9.16.3.15
cisco	adaptive_security_appliance_software	9.16.3.19
cisco	adaptive_security_appliance_software	9.16.3.23
cisco	adaptive_security_appliance_software	9.16.4
cisco	adaptive_security_appliance_software	9.16.4.9
cisco	adaptive_security_appliance_software	9.16.4.14
cisco	adaptive_security_appliance_software	9.16.4.18
cisco	adaptive_security_appliance_software	9.16.4.19
cisco	adaptive_security_appliance_software	9.16.4.27
cisco	adaptive_security_appliance_software	9.17.1
cisco	adaptive_security_appliance_software	9.17.1.7
cisco	adaptive_security_appliance_software	9.17.1.9
cisco	adaptive_security_appliance_software	9.17.1.10
cisco	adaptive_security_appliance_software	9.17.1.11
cisco	adaptive_security_appliance_software	9.17.1.13
cisco	adaptive_security_appliance_software	9.17.1.15
cisco	adaptive_security_appliance_software	9.17.1.20
cisco	adaptive_security_appliance_software	9.17.1.30
cisco	adaptive_security_appliance_software	9.18.1
cisco	adaptive_security_appliance_software	9.18.1.3
cisco	adaptive_security_appliance_software	9.18.2
cisco	adaptive_security_appliance_software	9.18.2.5
cisco	adaptive_security_appliance_software	9.18.2.7
cisco	adaptive_security_appliance_software	9.18.2.8
cisco	adaptive_security_appliance_software	9.18.3
cisco	adaptive_security_appliance_software	9.18.3.39
cisco	adaptive_security_appliance_software	9.18.3.46
cisco	adaptive_security_appliance_software	9.19.1
cisco	adaptive_security_appliance_software	9.19.1.5
cisco	adaptive_security_appliance_software	9.19.1.9
cisco	adaptive_security_appliance_software	9.19.1.12
cisco	firepower_threat_defense	6.2.3
cisco	firepower_threat_defense	6.2.3.1
cisco	firepower_threat_defense	6.2.3.2
cisco	firepower_threat_defense	6.2.3.3
cisco	firepower_threat_defense	6.2.3.4
cisco	firepower_threat_defense	6.2.3.5
cisco	firepower_threat_defense	6.2.3.6
cisco	firepower_threat_defense	6.2.3.7
cisco	firepower_threat_defense	6.2.3.8
cisco	firepower_threat_defense	6.2.3.9
cisco	firepower_threat_defense	6.2.3.10
cisco	firepower_threat_defense	6.2.3.11
cisco	firepower_threat_defense	6.2.3.12
cisco	firepower_threat_defense	6.2.3.13
cisco	firepower_threat_defense	6.2.3.14
cisco	firepower_threat_defense	6.2.3.15
cisco	firepower_threat_defense	6.2.3.16
cisco	firepower_threat_defense	6.2.3.17
cisco	firepower_threat_defense	6.2.3.18
cisco	firepower_threat_defense	6.4.0
cisco	firepower_threat_defense	6.4.0.1
cisco	firepower_threat_defense	6.4.0.2
cisco	firepower_threat_defense	6.4.0.3
cisco	firepower_threat_defense	6.4.0.4
cisco	firepower_threat_defense	6.4.0.5
cisco	firepower_threat_defense	6.4.0.6
cisco	firepower_threat_defense	6.4.0.7
cisco	firepower_threat_defense	6.4.0.8
cisco	firepower_threat_defense	6.4.0.9
cisco	firepower_threat_defense	6.4.0.10
cisco	firepower_threat_defense	6.4.0.11
cisco	firepower_threat_defense	6.4.0.12
cisco	firepower_threat_defense	6.4.0.13
cisco	firepower_threat_defense	6.4.0.14
cisco	firepower_threat_defense	6.4.0.15
cisco	firepower_threat_defense	6.4.0.16
cisco	firepower_threat_defense	6.6.0
cisco	firepower_threat_defense	6.6.0.1
cisco	firepower_threat_defense	6.6.1
cisco	firepower_threat_defense	6.6.3
cisco	firepower_threat_defense	6.6.4
cisco	firepower_threat_defense	6.6.5
cisco	firepower_threat_defense	6.6.5.1
cisco	firepower_threat_defense	6.6.5.2
cisco	firepower_threat_defense	6.6.7
cisco	firepower_threat_defense	6.6.7.1
cisco	firepower_threat_defense	6.7.0
cisco	firepower_threat_defense	6.7.0.1
cisco	firepower_threat_defense	6.7.0.2
cisco	firepower_threat_defense	6.7.0.3
cisco	firepower_threat_defense	7.0.0
cisco	firepower_threat_defense	7.0.0.1
cisco	firepower_threat_defense	7.0.1
cisco	firepower_threat_defense	7.0.1.1
cisco	firepower_threat_defense	7.0.2
cisco	firepower_threat_defense	7.0.2.1
cisco	firepower_threat_defense	7.0.3
cisco	firepower_threat_defense	7.0.4
cisco	firepower_threat_defense	7.0.5
cisco	firepower_threat_defense	7.0.6
cisco	firepower_threat_defense	7.1.0
cisco	firepower_threat_defense	7.1.0.1
cisco	firepower_threat_defense	7.1.0.2
cisco	firepower_threat_defense	7.1.0.3
cisco	firepower_threat_defense	7.2.0
cisco	firepower_threat_defense	7.2.0.1
cisco	firepower_threat_defense	7.2.1
cisco	firepower_threat_defense	7.2.2
cisco	firepower_threat_defense	7.2.3
cisco	firepower_threat_defense	7.2.4
cisco	firepower_threat_defense	7.3.0
cisco	firepower_threat_defense	7.3.1
cisco	firepower_threat_defense	7.3.1.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D482F818-0A8E-49D7-8E3E-0958019FA629",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E7BFB57-BC02-4930-A02F-83583E6A0FC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "026F1960-C879-4611-A60A-96311B63CCA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAF8B33E-0C95-467D-A865-0A234E69D0CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFF144F5-D933-4DE4-818C-001BD9E3958A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "00112ED3-FE7B-425B-9A28-1E5F2BC8BB01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDD491D5-FAAB-493F-91A6-D2F3B5F5970E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "1519F49D-588F-4B70-B38F-EF4F3E13FEAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "15354443-5EB7-4712-B2DE-61DB33830759",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "248D6B44-E134-4DEC-A947-636824E3FDFA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "0820A79C-F3EF-407F-9AC7-DCAB4CD39C89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D3E8805-85D2-4345-8076-039513209A31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "14BB907B-D75A-4F5E-B20D-5457A71A70EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "F118B803-4C55-436A-A136-0C1FEA49858F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.38:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A272121-408E-45F6-A2A1-0BA6EBC060A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "980CEA3B-5A81-4E8C-BEA3-DD31BE7DA2CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3910211-D4DB-4CA7-BBEA-DD8246FF10ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "C260BF30-7A33-4C70-9509-404856C93666",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF894850-39EC-4B57-BBFF-F1AB4F8389A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1FAFCF9-0ABE-483E-9604-329762BB7870",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "83DB4278-3126-4765-97C4-6C0A8C78DA78",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "174E631B-6099-47DE-8790-BBF4B7FDB8CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FE3538B-F612-4105-BFDE-A4B594482DCF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "3143B0FF-C855-485E-A908-E48974B1643C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "26DD9992-6D98-4E03-9599-ECF38A186FBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "24DCEAE6-355B-40AE-A7C8-AF744FCA8A86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "2097E81E-B422-4B93-AF09-F300A0E8AF71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "454DEA31-A607-4054-82D3-24A4FEB7358F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "57F0B213-8187-4465-84F1-FB8D92B36020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "E540771E-BA0B-42D1-8251-B576B0F142C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEC2A833-BECF-4000-A592-6113A84C2D20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "077F1416-924A-4D25-9CEE-3BD66A96A019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BDC8D92-D6E0-40EE-B190-D2B32C7DEB75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "23CD5619-E534-4F40-998D-39DC19FA0451",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5D0EB11-14B1-44B3-8D46-B9DD872F772C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FA399CF-12DB-42E0-A66F-14508B52A453",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B5A7608-E737-420E-9B5E-836600DAC701",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.32:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7EB6801-336D-4F41-ADE7-1C58C63C3F6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "8413DA41-02A5-4269-8C88-9DD5076AF91B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.34:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA00285F-6914-4749-8A47-FC4EDAFFF3C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "4AA4D367-32B9-4F54-8352-A959F61A1FDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "2259FF9E-0C8B-440F-B1AC-51BDE3F60E68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C522B55-904D-4C08-B73E-1457D877C0AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "4483056A-FBF3-4E00-81EB-1E97334EF240",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.43:*:*:*:*:*:*:*",
              "matchCriteriaId": "48677330-06AB-4C7F-B2AD-F7E465A9632A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.44:*:*:*:*:*:*:*",
              "matchCriteriaId": "7AEA80D2-5DB8-4334-9A88-7DDE395832C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.45:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB1C38A5-1028-4AD3-8CC7-A00091091E76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.46:*:*:*:*:*:*:*",
              "matchCriteriaId": "848147B2-C49A-43F6-9069-FC8885BDFDA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.48:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6FEF0DA-741E-4361-8143-068EB47D6520",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F002FD55-F881-450E-BC1B-8073E188F47E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA940C4F-13BB-465F-BB8D-CBD0109BF012",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B0434F5-9A50-4B57-9C5B-E09415D098C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE727035-06CB-4E37-A9D2-96BD54502120",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FE52B81-2CF8-48E5-A7BA-A163A25A669B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8E8D7C9-5272-40E6-869B-B33959F9F0CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE8D5D71-5C85-4644-8A84-F073549ADB50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "0790DDC2-7BA0-42DC-A157-754C0CBBE178",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "882394EA-70C8-4D86-9AEF-5D273D8E518C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "855AD3CC-F404-48C5-80D2-7F2765D16D72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "26B6BF72-9124-4213-B3C0-BD31B46E8C91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE8FBE89-8FDA-4B9B-BA1A-90FFD482A585",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "149C3872-8DA9-48DD-ADD0-2E84C1A76A40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2D33E8C-294A-4C43-8DB6-9DA9F61F0B3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E23ACB0-DF8B-4672-A819-4DCD3104CE4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4723B88-62BA-40E6-AA89-BAC02D6A036F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C698819-3C8E-4A16-8F52-42FF1E54C076",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D3CE74E-59E7-448A-8417-18F97C05C798",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "0986C171-0E75-4F6F-A9BD-276830104E5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "66A2777A-7831-4324-AEB2-5D93B5F6C04B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "37045680-9189-4B7F-A4F7-4E682FE20A09",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6C9F37B-CF3C-4861-A969-C7CF4946274A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A1DAF21-3FED-4691-9D4C-8FD8CEA7FB3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB938E58-4963-4A31-8836-88E958592B30",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E317897-EE97-44F3-96BB-E54228D72A7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EF7FAB2-158D-4C48-9246-E7AD3BF1D801",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.37:*:*:*:*:*:*:*",
              "matchCriteriaId": "056D43AE-ECDB-40D2-A196-18DDCD02629E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.38:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3E555F3-3580-4D71-8D8D-92FE72763D62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "93013503-8B9A-4160-AF7E-277958FA6E9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3B009FD-0F2B-4511-8EDF-C3E670623F89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "52579D8D-E855-42B3-B406-32DD1C39F721",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.47:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7E44FC6-12A2-4F76-A095-28F3804B619F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.48:*:*:*:*:*:*:*",
              "matchCriteriaId": "42917E5E-E362-4B40-B2B2-3C77BA35641C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.50:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF317FA3-EBF3-49BB-A9E6-0D4295FA3F60",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.52:*:*:*:*:*:*:*",
              "matchCriteriaId": "F98B1683-914F-43D3-AE1C-311D3A90BE8C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.54:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8D24656-CAB1-4A98-A440-482927FEDD16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.55:*:*:*:*:*:*:*",
              "matchCriteriaId": "E504557C-DA5D-4D0F-A813-4CE7D5109F15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.56:*:*:*:*:*:*:*",
              "matchCriteriaId": "04D2A067-C717-4921-BBF5-3EFBE02736EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.58:*:*:*:*:*:*:*",
              "matchCriteriaId": "36DDEC5B-4BEA-499C-9F34-BB3D39B7A963",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "52D83C3A-ED0B-42D5-A08A-97D27E189875",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "A649E319-D408-4AA2-8293-C9E37AF14BA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4187EFE-4D7E-4493-A6E0-24C98256CF79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "6730194F-5069-40AB-AE66-871D3992560C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E257F98-D1A0-4D28-9504-1749CC090D49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FF1A5FC-73BE-4218-86D9-2E81FA64EABD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E492943-6EC0-4E34-9DBC-DD1C2CF1CDCC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "589E46F3-8038-4B87-8C40-55C6268B82F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F3B73F6-139E-42DC-B895-DDD17B5A1138",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A2590E7-FE04-4B29-B36B-AABAA5F3B9AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E4FD5E3-7E82-4294-8B05-D2045D857029",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E998A4A-5346-4CFA-A617-FD1106C6B7A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "91265549-A16E-4A00-A031-4F1EB8D6881C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA3C316B-5485-4CDD-A1A1-6C0A9CB4719F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECE6D033-7B8B-4F61-B653-0C0EF13466EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "14441650-DAD5-4959-83DF-4D6F3D6A05FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B21ABC9-A64B-43E4-8951-1E6C0F427DBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "A48EC041-322F-422D-B95B-0FC07BDA2B6B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE0D50C0-DADB-4747-8649-8A5257111FE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEE2699F-353F-44CB-A778-981783DDC31F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D8E50BD-1FBD-483B-9C27-70E95C732E55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "F46E5E4F-787C-4C05-B1E7-C39BB9125D16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6A29312-38E7-456B-94DD-4D7329691114",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "27F7BB31-C733-4C32-BF0F-33B5AF020156",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC313568-33A6-435B-98FF-8A7091D9C451",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F85710A-28CE-4913-8523-356461908FBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6069950-016B-419A-B754-D58956CB6D14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A2F3FEC-624F-47C5-B056-836861BB038A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA0B9B73-A9E6-4924-9EAE-B57E534938FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "012812C4-EFF8-465F-A771-134BEB617CC9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "E06141A9-8C37-445A-B58A-45739AFE7D4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "7EDC09E5-51D3-4672-B910-B34A9CBD6128",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "71ED7A71-81CB-444C-A4ED-EA4A58D5E73C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "CAD13331-0EB8-4C8D-85CC-D96CA9F829AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "7137F22B-F993-4620-9378-9412DAEA9EF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "923A40E8-6456-4288-B9AB-DBF5F9C4246A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "13F57A86-6284-4269-823E-B30C57185D14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.1.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6560447-039C-40FA-A24D-C8994AC2743B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "378ED826-F5FE-40BA-9FC0-9C185A13518B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "130B6FD9-764D-4EF8-91AA-37E52AE9B3E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "225861CE-FFF8-4AFA-A07B-CB8D5BC9C361",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD08C4E8-3ADB-4048-9B3C-4F0385201523",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4875811-F209-49ED-B310-8377B2F87FF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "99C52C7B-B626-4A3C-A2EC-28A20E7FA95F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "08CCBF5E-257A-4A1F-8930-3643A9588838",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "782BC9ED-1395-472B-9F34-DED812AA5BFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "153449C0-B93F-49A2-8A6A-BE84305E8D2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "853A002C-839A-4372-8485-750A86E9F6E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "C62BB5D6-CE75-4C83-82DC-4148EF8CB1F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "D32F1365-EAF8-4570-B2FF-45E47E8586F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFD07F9B-6BB3-4423-8DBE-4E89A6478E65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "34FE4F28-B704-4325-AE8A-C790163FEE71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "E832BC0C-8439-4779-9064-C2D93F231031",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA99DF94-D031-4375-9A16-306606FE28F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC149D03-5609-46E6-A1B3-F4D91F282B49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.27:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5D7FC6F-1370-4272-97E5-226C2ED1D335",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "27ACBA2A-87A7-4836-A474-AFD7D22F820D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "C73E0B2E-BABF-4998-A1D7-4E803F9D78AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "59306ADF-FAA6-4970-ADFB-C5D9A5AEF1AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "959107AC-E9EC-467C-901B-A3164E3762E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F944F8F-0255-42BE-BD44-D21EC9F0FFC4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F39C535-5A41-47CE-A9CF-B360998D4BF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9CEAEFC-7B82-41F9-A09D-C86A3A60A4FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "40FAC31D-19C0-4BA0-A019-C7E7A0BA0B5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "6CAAFE0F-416F-4BCA-BA37-30EAEADA8AFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BA16A6D-2747-4DAC-A30A-166F1FD906FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "289F9874-FC01-4809-9BDA-1AF583FB60B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "74EDFC67-E4EE-4D2C-BF9F-5881C987C662",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "826869BE-4874-4BBA-9392-14851560BA10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF52D477-3045-45D1-9FD3-12F396266463",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "88E310BF-F1F6-4124-A875-81967B9B531E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B330F8F-F0DA-472C-A932-AD1D232C7DB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BF59DAA-268C-4FCF-A0AA-7967128AEBC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.46:*:*:*:*:*:*:*",
              "matchCriteriaId": "140ED95D-173C-4ADB-A2E6-97F0D595D1AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEE52F59-AABA-4069-A909-64AD5DFD2B18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "20D7966E-B02B-48C8-BF96-723DD6C25314",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA618249-E76F-4104-9326-C9F2DC8DE3D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C925E1F-6BD9-4CD1-8AC4-4263A9094786",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D726F07-06F1-4B0A-B010-E607E0C2A280",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FAD2427-82A3-4E64-ADB5-FA4F40B568F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "08D5A647-AC21-40AC-8B3C-EE5D3EDA038A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BAE999A-5244-46CF-8C12-D68E789BDEE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6468D3D-C5A7-4FAE-B4B9-AD862CD11055",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6E4808D-592E-46A6-A83A-A46227D817B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AB45136-ACCD-4230-8975-0EBB30D5B375",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2C39AC1-1B96-4253-9FC8-4CC26D6261F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE9102C8-F211-4E50-967F-FD51C7FC904F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4933642-89E5-4909-AD3C-862CD3B77790",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9A6C776-79B3-47ED-B013-100B8F08E1C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "E504F28A-44CE-4B3E-9330-6A98728E3AEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEA0DD43-D206-4C1C-8B17-DA47F96B3BAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "1983172D-4F52-479F-BF14-A84B92D36864",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "4122D982-A57A-4249-A8DC-CE9FC6C98803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "96464380-F665-4266-B0AD-693E078C9F82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C230B8A-570D-4F58-83E1-AFA50B813EA4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD3F39CB-C4C2-4B13-94F0-9E44322314BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "59A71873-0EB2-418F-AE33-8474A1010FA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2DF0B07-8C2A-4341-8AFF-DE7E5E5B3A43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E6BD0EE-649E-4ED6-A09C-8364335DEF52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AE11554-FE3C-4C8B-8986-5D88E4967342",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1C11983-22A8-4859-A240-571A7815FF54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "24CD0B0A-2B91-45DD-9522-8D1D3850CC9B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7026F0E-72A7-4CDF-BADC-E34FE6FADC51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "63B85369-FBAE-456C-BC99-5418B043688A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "86434346-D5F0-49BA-803E-244C3266E361",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2FA7B3C-002D-4755-B323-CA24B770A5B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1CB7EBC-F3D5-4855-A8D8-BA5AB21FD719",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2A5530C-DF29-421B-9712-3454C1769446",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "41170977-FEEA-4B51-BF98-8493096CD691",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "B05791F9-0B31-4C4C-A9BA-9268CAA45FB2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D975CBA-7F01-4A4C-991B-9571410C4F07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6D7AF29-4E08-4BFD-AFE0-994309E66F08",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2EFA476-5021-4A00-859E-1643009D6156",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6E3A5DC-A237-46E4-A4E5-F135482F984A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCD69468-8067-4A5D-B2B0-EC510D889AA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "20AE4051-FA3B-4F0B-BD3D-083A14269FF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "46A42D07-FF3E-41B4-BA39-3A5BDA4E0E61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3985EA37-2B77-45F2-ABA5-5CCC7B35CA2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "67FB5ABE-3C40-4C58-B91F-0621C2180FAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "53909FD6-EC74-4D2F-99DA-26E70400B53F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "55FE024D-0D43-40AD-9645-8C54ECF17824",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC411A8D-CD39-46F5-B8FC-6753E618FAEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "D46E2E00-BA86-4002-B67B-2C1A6C1AAAE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "91AD8BA2-EB8D-4D8B-B707-AF5C2A831998",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "85F22403-B4EE-4303-9C94-915D3E0AC944",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "828E3DE1-B62E-4FEC-AAD3-EB0E452C9CBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "596EC5DD-D7F4-44C8-B4B5-E2DC142FC486",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C356E0E6-5B87-40CF-996E-6FFEDFD82A31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBCA75A6-0A3E-4393-8884-9F3CE190641E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F3C12D3-7662-46C5-9E88-D1BE6CF605E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "046B53A0-6BC1-461A-9C28-C534CE12C4BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA889E1-4E8F-4ECE-88AC-7A240D5CBF0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D1C767F-3E06-43B7-A0CC-D51D97A053EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "43A950B0-A7CA-4CE7-A393-A18C8C41B08E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7E221CB-BD0F-4AEE-8646-998B75647714",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "225382DE-2919-48F4-9CC0-DE685EAAFDF4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBA2DFE7-F478-46EC-9832-4B2C738FC879",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "39FE5927-2421-4CBE-97EA-6AED892DA1C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D619BF54-1BA9-45D0-A876-92D7010088A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "469EA365-DED5-4436-AAC2-5553529DE700",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D94F400-5A35-41F5-B37F-E9DA6F87ED8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5364CB94-BEA3-4E9A-A2F9-EE96A2D7F8AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FD5D12-CF1A-4990-99B3-1840EFBA5611",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCD2D11D-FF08-44E4-BF67-D8DD1E701FCD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F788D156-1F1F-4A08-848B-257BC4CCE000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "795ED164-7800-4D50-8E37-665BE30190D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B0664B8-1670-4F47-A01E-089D05A9618A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6826018-5620-4924-BE92-6A245378F610",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBC0C3DC-4761-488A-90A9-6EA45EE61526",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "62EE065B-F8B6-4125-8486-B2EE0566B27A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5245DEF8-64BE-47C9-AA3C-DF3F7F92A89F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the AnyConnect SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to send packets with another VPN user\u0027s source IP address. This vulnerability is due to improper validation of the packet\u0027s inner source IP address after decryption. An attacker could exploit this vulnerability by sending crafted packets through the tunnel. A successful exploit could allow the attacker to send a packet impersonating another VPN user\u0027s IP address. It is not possible for the attacker to receive return packets."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la funci\u00f3n AnyConnect SSL VPN del software Cisco Adaptive Security Appliance (ASA) y el software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir que un atacante remoto autenticado env\u00ede paquetes con la direcci\u00f3n IP de origen de otro usuario de VPN. Esta vulnerabilidad se debe a una validaci\u00f3n incorrecta de la direcci\u00f3n IP de origen interna del paquete despu\u00e9s del descifrado. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando paquetes manipulados a trav\u00e9s del t\u00fanel. Un exploit exitoso podr\u00eda permitir al atacante enviar un paquete suplantando la direcci\u00f3n IP de otro usuario de VPN. No es posible que el atacante reciba paquetes de devoluci\u00f3n."
    }
  ],
  "id": "CVE-2023-20275",
  "lastModified": "2024-11-21T07:41:03.457",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.1,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.3,
        "impactScore": 1.4,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-12-12T18:15:16.520",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ssl-vpn-Y88QOm77"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ssl-vpn-Y88QOm77"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-346"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-10-21 19:15

Modified

2024-11-21 05:31

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Summary

A vulnerability in the ICMP ingress packet processing of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 4110 appliances could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to incomplete input validation upon receiving ICMP packets. An attacker could exploit this vulnerability by sending a high number of crafted ICMP or ICMPv6 packets to an affected device. A successful exploit could allow the attacker to cause a memory exhaustion condition that may result in an unexpected reload. No manual intervention is needed to recover the device after the reload.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-icmp-dos-hxxcycM	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-icmp-dos-hxxcycM	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_4110	-
cisco	firepower_4112	-
cisco	firepower_4115	-
cisco	firepower_4120	-
cisco	firepower_4125	-
cisco	firepower_4140	-
cisco	firepower_4145	-
cisco	firepower_4150	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D27DE97-510A-4761-8184-6940745B54E2",
              "versionEndExcluding": "6.3.0.6",
              "versionStartIncluding": "6.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "53C69C8B-5A19-4613-8861-683CF21806B7",
              "versionEndExcluding": "6.4.0.10",
              "versionStartIncluding": "6.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3ED0E59C-146C-494F-AD46-F6FB43F9C575",
              "versionEndExcluding": "6.5.0.5",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "957D64EB-D60E-4775-B9A8-B21CA48ED3B1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A694AD51-9008-4AE6-8240-98B17AB527EE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "38AE6DC0-2B03-4D36-9856-42530312CC46",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71DCEF22-ED20-4330-8502-EC2DD4C9838F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3DB2822B-B752-4CD9-A178-934957E306B4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "81F4868A-6D62-479C-9C19-F9AABDBB6B24",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "65378F3A-777C-4AE2-87FB-1E7402F9EA1B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the ICMP ingress packet processing of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 4110 appliances could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to incomplete input validation upon receiving ICMP packets. An attacker could exploit this vulnerability by sending a high number of crafted ICMP or ICMPv6 packets to an affected device. A successful exploit could allow the attacker to cause a memory exhaustion condition that may result in an unexpected reload. No manual intervention is needed to recover the device after the reload."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el procesamiento de paquetes de entrada ICMP de Cisco Firepower Threat Defense (FTD) Software para dispositivos Cisco Firepower 4110, podr\u00eda permitir a un atacante remoto no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado.\u0026#xa0;La vulnerabilidad es debido a una comprobaci\u00f3n de entrada incompleta al recibir paquetes ICMP.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de una gran cantidad de paquetes ICMP o ICMPv6 dise\u00f1ados a un dispositivo afectado.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir a un atacante causar una condici\u00f3n de agotamiento de la memoria que puede resultar en una recarga inesperada.\u0026#xa0;No se necesita ninguna intervenci\u00f3n manual para recuperar el dispositivo despu\u00e9s de la recarga"
    }
  ],
  "id": "CVE-2020-3571",
  "lastModified": "2024-11-21T05:31:20.243",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-10-21T19:15:18.230",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-icmp-dos-hxxcycM"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-icmp-dos-hxxcycM"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-05-06 17:15

Modified

2024-11-21 05:30

Severity ?

5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

Summary

A vulnerability in the Transport Layer Security version 1.3 (TLS 1.3) policy with URL category functionality for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured TLS 1.3 policy to block traffic for a specific URL. The vulnerability is due to a logic error with Snort handling of the connection with the TLS 1.3 policy and URL category configuration. An attacker could exploit this vulnerability by sending crafted TLS 1.3 connections to an affected device. A successful exploit could allow the attacker to bypass the TLS 1.3 policy and access URLs that are outside the affected device and normally would be dropped.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ssl-bypass-O5tGum2n	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ssl-bypass-O5tGum2n	Vendor Advisory

Impacted products

	Vendor	Product	Version
	cisco	firepower_threat_defense	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E666AAC-620E-4658-A5DA-7E4890B1931A",
              "versionEndIncluding": "6.4.0.8",
              "versionStartIncluding": "6.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the Transport Layer Security version 1.3 (TLS 1.3) policy with URL category functionality for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured TLS 1.3 policy to block traffic for a specific URL. The vulnerability is due to a logic error with Snort handling of the connection with the TLS 1.3 policy and URL category configuration. An attacker could exploit this vulnerability by sending crafted TLS 1.3 connections to an affected device. A successful exploit could allow the attacker to bypass the TLS 1.3 policy and access URLs that are outside the affected device and normally would be dropped."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la pol\u00edtica Transport Layer Security versi\u00f3n 1.3 (TLS 1.3) con funcionalidad URL category para el Cisco Firepower Threat Defense (FTD) Software, podr\u00eda permitir a un atacante remoto no autenticado omitir una pol\u00edtica TLS versi\u00f3n 1.3 configurada para bloquear el tr\u00e1fico de una URL espec\u00edfica. La vulnerabilidad es debido a un error l\u00f3gico con el manejo de la conexi\u00f3n de Snort con la pol\u00edtica TLS versi\u00f3n 1.3 y la configuraci\u00f3n de URL category. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de conexiones TLS versi\u00f3n 1.3 dise\u00f1adas hacia un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir a un atacante omitir la pol\u00edtica TLS versi\u00f3n 1.3 y acceder a las URL que est\u00e1n fuera del dispositivo afectado y que normalmente se descartar\u00edan."
    }
  ],
  "id": "CVE-2020-3285",
  "lastModified": "2024-11-21T05:30:43.573",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-05-06T17:15:12.887",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ssl-bypass-O5tGum2n"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ssl-bypass-O5tGum2n"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-693"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2024-10-23 18:15

Modified

2025-08-01 16:05

Severity ?

7.7 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

Summary

A vulnerability in the Dynamic Access Policies (DAP) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause an affected device to reload unexpectedly. To exploit this vulnerability, an attacker would need valid remote access VPN user credentials on the affected device. This vulnerability is due to improper validation of data in HTTPS POST requests. An attacker could exploit this vulnerability by sending a crafted HTTPS POST request to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a denial of service (DoS) condition.

References

▼	URL	Tags
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dap-dos-bhEkP7n	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance_software	9.8.1
cisco	adaptive_security_appliance_software	9.8.1.5
cisco	adaptive_security_appliance_software	9.8.1.7
cisco	adaptive_security_appliance_software	9.8.2
cisco	adaptive_security_appliance_software	9.8.2.8
cisco	adaptive_security_appliance_software	9.8.2.14
cisco	adaptive_security_appliance_software	9.8.2.15
cisco	adaptive_security_appliance_software	9.8.2.17
cisco	adaptive_security_appliance_software	9.8.2.20
cisco	adaptive_security_appliance_software	9.8.2.24
cisco	adaptive_security_appliance_software	9.8.2.26
cisco	adaptive_security_appliance_software	9.8.2.28
cisco	adaptive_security_appliance_software	9.8.2.33
cisco	adaptive_security_appliance_software	9.8.2.35
cisco	adaptive_security_appliance_software	9.8.2.38
cisco	adaptive_security_appliance_software	9.8.2.45
cisco	adaptive_security_appliance_software	9.8.3
cisco	adaptive_security_appliance_software	9.8.3.8
cisco	adaptive_security_appliance_software	9.8.3.11
cisco	adaptive_security_appliance_software	9.8.3.14
cisco	adaptive_security_appliance_software	9.8.3.16
cisco	adaptive_security_appliance_software	9.8.3.18
cisco	adaptive_security_appliance_software	9.8.3.21
cisco	adaptive_security_appliance_software	9.8.3.26
cisco	adaptive_security_appliance_software	9.8.3.29
cisco	adaptive_security_appliance_software	9.8.4
cisco	adaptive_security_appliance_software	9.8.4.3
cisco	adaptive_security_appliance_software	9.8.4.7
cisco	adaptive_security_appliance_software	9.8.4.8
cisco	adaptive_security_appliance_software	9.8.4.10
cisco	adaptive_security_appliance_software	9.8.4.12
cisco	adaptive_security_appliance_software	9.8.4.15
cisco	adaptive_security_appliance_software	9.8.4.17
cisco	adaptive_security_appliance_software	9.8.4.20
cisco	adaptive_security_appliance_software	9.8.4.22
cisco	adaptive_security_appliance_software	9.8.4.25
cisco	adaptive_security_appliance_software	9.8.4.26
cisco	adaptive_security_appliance_software	9.8.4.29
cisco	adaptive_security_appliance_software	9.8.4.32
cisco	adaptive_security_appliance_software	9.8.4.33
cisco	adaptive_security_appliance_software	9.8.4.34
cisco	adaptive_security_appliance_software	9.8.4.35
cisco	adaptive_security_appliance_software	9.8.4.39
cisco	adaptive_security_appliance_software	9.8.4.40
cisco	adaptive_security_appliance_software	9.8.4.41
cisco	adaptive_security_appliance_software	9.8.4.43
cisco	adaptive_security_appliance_software	9.8.4.44
cisco	adaptive_security_appliance_software	9.8.4.45
cisco	adaptive_security_appliance_software	9.8.4.46
cisco	adaptive_security_appliance_software	9.8.4.48
cisco	adaptive_security_appliance_software	9.12.1
cisco	adaptive_security_appliance_software	9.12.1.2
cisco	adaptive_security_appliance_software	9.12.1.3
cisco	adaptive_security_appliance_software	9.12.2
cisco	adaptive_security_appliance_software	9.12.2.1
cisco	adaptive_security_appliance_software	9.12.2.4
cisco	adaptive_security_appliance_software	9.12.2.5
cisco	adaptive_security_appliance_software	9.12.2.9
cisco	adaptive_security_appliance_software	9.12.3
cisco	adaptive_security_appliance_software	9.12.3.2
cisco	adaptive_security_appliance_software	9.12.3.7
cisco	adaptive_security_appliance_software	9.12.3.9
cisco	adaptive_security_appliance_software	9.12.3.12
cisco	adaptive_security_appliance_software	9.12.4
cisco	adaptive_security_appliance_software	9.12.4.2
cisco	adaptive_security_appliance_software	9.12.4.4
cisco	adaptive_security_appliance_software	9.12.4.7
cisco	adaptive_security_appliance_software	9.12.4.8
cisco	adaptive_security_appliance_software	9.12.4.10
cisco	adaptive_security_appliance_software	9.12.4.13
cisco	adaptive_security_appliance_software	9.12.4.18
cisco	adaptive_security_appliance_software	9.12.4.24
cisco	adaptive_security_appliance_software	9.12.4.26
cisco	adaptive_security_appliance_software	9.12.4.29
cisco	adaptive_security_appliance_software	9.12.4.30
cisco	adaptive_security_appliance_software	9.12.4.35
cisco	adaptive_security_appliance_software	9.12.4.37
cisco	adaptive_security_appliance_software	9.12.4.38
cisco	adaptive_security_appliance_software	9.12.4.39
cisco	adaptive_security_appliance_software	9.12.4.40
cisco	adaptive_security_appliance_software	9.12.4.41
cisco	adaptive_security_appliance_software	9.12.4.47
cisco	adaptive_security_appliance_software	9.12.4.48
cisco	adaptive_security_appliance_software	9.12.4.50
cisco	adaptive_security_appliance_software	9.12.4.52
cisco	adaptive_security_appliance_software	9.12.4.54
cisco	adaptive_security_appliance_software	9.12.4.55
cisco	adaptive_security_appliance_software	9.12.4.56
cisco	adaptive_security_appliance_software	9.12.4.58
cisco	adaptive_security_appliance_software	9.12.4.62
cisco	adaptive_security_appliance_software	9.12.4.65
cisco	adaptive_security_appliance_software	9.12.4.67
cisco	adaptive_security_appliance_software	9.14.1
cisco	adaptive_security_appliance_software	9.14.1.6
cisco	adaptive_security_appliance_software	9.14.1.10
cisco	adaptive_security_appliance_software	9.14.1.15
cisco	adaptive_security_appliance_software	9.14.1.19
cisco	adaptive_security_appliance_software	9.14.1.30
cisco	adaptive_security_appliance_software	9.14.2
cisco	adaptive_security_appliance_software	9.14.2.4
cisco	adaptive_security_appliance_software	9.14.2.8
cisco	adaptive_security_appliance_software	9.14.2.13
cisco	adaptive_security_appliance_software	9.14.2.15
cisco	adaptive_security_appliance_software	9.14.3
cisco	adaptive_security_appliance_software	9.14.3.1
cisco	adaptive_security_appliance_software	9.14.3.9
cisco	adaptive_security_appliance_software	9.14.3.11
cisco	adaptive_security_appliance_software	9.14.3.13
cisco	adaptive_security_appliance_software	9.14.3.15
cisco	adaptive_security_appliance_software	9.14.3.18
cisco	adaptive_security_appliance_software	9.14.4
cisco	adaptive_security_appliance_software	9.14.4.6
cisco	adaptive_security_appliance_software	9.14.4.7
cisco	adaptive_security_appliance_software	9.14.4.12
cisco	adaptive_security_appliance_software	9.14.4.13
cisco	adaptive_security_appliance_software	9.14.4.14
cisco	adaptive_security_appliance_software	9.14.4.15
cisco	adaptive_security_appliance_software	9.14.4.17
cisco	adaptive_security_appliance_software	9.14.4.22
cisco	adaptive_security_appliance_software	9.14.4.23
cisco	adaptive_security_appliance_software	9.14.4.24
cisco	adaptive_security_appliance_software	9.15.1
cisco	adaptive_security_appliance_software	9.15.1.1
cisco	adaptive_security_appliance_software	9.15.1.7
cisco	adaptive_security_appliance_software	9.15.1.10
cisco	adaptive_security_appliance_software	9.15.1.15
cisco	adaptive_security_appliance_software	9.15.1.16
cisco	adaptive_security_appliance_software	9.15.1.17
cisco	adaptive_security_appliance_software	9.15.1.21
cisco	adaptive_security_appliance_software	9.16.1
cisco	adaptive_security_appliance_software	9.16.1.28
cisco	adaptive_security_appliance_software	9.16.2
cisco	adaptive_security_appliance_software	9.16.2.3
cisco	adaptive_security_appliance_software	9.16.2.7
cisco	adaptive_security_appliance_software	9.16.2.11
cisco	adaptive_security_appliance_software	9.16.2.13
cisco	adaptive_security_appliance_software	9.16.2.14
cisco	adaptive_security_appliance_software	9.16.3
cisco	adaptive_security_appliance_software	9.16.3.3
cisco	adaptive_security_appliance_software	9.16.3.14
cisco	adaptive_security_appliance_software	9.16.3.15
cisco	adaptive_security_appliance_software	9.16.3.19
cisco	adaptive_security_appliance_software	9.16.3.23
cisco	adaptive_security_appliance_software	9.16.4
cisco	adaptive_security_appliance_software	9.16.4.9
cisco	adaptive_security_appliance_software	9.16.4.14
cisco	adaptive_security_appliance_software	9.16.4.18
cisco	adaptive_security_appliance_software	9.16.4.19
cisco	adaptive_security_appliance_software	9.16.4.27
cisco	adaptive_security_appliance_software	9.16.4.38
cisco	adaptive_security_appliance_software	9.16.4.39
cisco	adaptive_security_appliance_software	9.16.4.42
cisco	adaptive_security_appliance_software	9.16.4.48
cisco	adaptive_security_appliance_software	9.16.4.55
cisco	adaptive_security_appliance_software	9.16.4.57
cisco	adaptive_security_appliance_software	9.17.1
cisco	adaptive_security_appliance_software	9.17.1.7
cisco	adaptive_security_appliance_software	9.17.1.9
cisco	adaptive_security_appliance_software	9.17.1.10
cisco	adaptive_security_appliance_software	9.17.1.11
cisco	adaptive_security_appliance_software	9.17.1.13
cisco	adaptive_security_appliance_software	9.17.1.15
cisco	adaptive_security_appliance_software	9.17.1.20
cisco	adaptive_security_appliance_software	9.17.1.30
cisco	adaptive_security_appliance_software	9.17.1.33
cisco	adaptive_security_appliance_software	9.17.1.39
cisco	adaptive_security_appliance_software	9.18.1
cisco	adaptive_security_appliance_software	9.18.1.3
cisco	adaptive_security_appliance_software	9.18.2
cisco	adaptive_security_appliance_software	9.18.2.5
cisco	adaptive_security_appliance_software	9.18.2.7
cisco	adaptive_security_appliance_software	9.18.2.8
cisco	adaptive_security_appliance_software	9.18.3
cisco	adaptive_security_appliance_software	9.18.3.39
cisco	adaptive_security_appliance_software	9.18.3.46
cisco	adaptive_security_appliance_software	9.18.3.53
cisco	adaptive_security_appliance_software	9.18.3.55
cisco	adaptive_security_appliance_software	9.18.3.56
cisco	adaptive_security_appliance_software	9.18.4
cisco	adaptive_security_appliance_software	9.18.4.5
cisco	adaptive_security_appliance_software	9.18.4.8
cisco	adaptive_security_appliance_software	9.18.4.22
cisco	adaptive_security_appliance_software	9.19.1
cisco	adaptive_security_appliance_software	9.19.1.5
cisco	adaptive_security_appliance_software	9.19.1.9
cisco	adaptive_security_appliance_software	9.19.1.12
cisco	adaptive_security_appliance_software	9.19.1.18
cisco	adaptive_security_appliance_software	9.19.1.22
cisco	adaptive_security_appliance_software	9.19.1.24
cisco	adaptive_security_appliance_software	9.19.1.27
cisco	adaptive_security_appliance_software	9.19.1.28
cisco	adaptive_security_appliance_software	9.20.1
cisco	adaptive_security_appliance_software	9.20.1.5
cisco	adaptive_security_appliance_software	9.20.2
cisco	adaptive_security_appliance_software	9.20.2.10
cisco	firepower_threat_defense	6.2.3
cisco	firepower_threat_defense	6.2.3.1
cisco	firepower_threat_defense	6.2.3.2
cisco	firepower_threat_defense	6.2.3.3
cisco	firepower_threat_defense	6.2.3.4
cisco	firepower_threat_defense	6.2.3.5
cisco	firepower_threat_defense	6.2.3.6
cisco	firepower_threat_defense	6.2.3.7
cisco	firepower_threat_defense	6.2.3.8
cisco	firepower_threat_defense	6.2.3.9
cisco	firepower_threat_defense	6.2.3.10
cisco	firepower_threat_defense	6.2.3.11
cisco	firepower_threat_defense	6.2.3.12
cisco	firepower_threat_defense	6.2.3.13
cisco	firepower_threat_defense	6.2.3.14
cisco	firepower_threat_defense	6.2.3.15
cisco	firepower_threat_defense	6.2.3.16
cisco	firepower_threat_defense	6.2.3.17
cisco	firepower_threat_defense	6.2.3.18
cisco	firepower_threat_defense	6.4.0
cisco	firepower_threat_defense	6.4.0.1
cisco	firepower_threat_defense	6.4.0.2
cisco	firepower_threat_defense	6.4.0.3
cisco	firepower_threat_defense	6.4.0.4
cisco	firepower_threat_defense	6.4.0.5
cisco	firepower_threat_defense	6.4.0.6
cisco	firepower_threat_defense	6.4.0.7
cisco	firepower_threat_defense	6.4.0.8
cisco	firepower_threat_defense	6.4.0.9
cisco	firepower_threat_defense	6.4.0.10
cisco	firepower_threat_defense	6.4.0.11
cisco	firepower_threat_defense	6.4.0.12
cisco	firepower_threat_defense	6.4.0.13
cisco	firepower_threat_defense	6.4.0.14
cisco	firepower_threat_defense	6.4.0.15
cisco	firepower_threat_defense	6.4.0.16
cisco	firepower_threat_defense	6.4.0.17
cisco	firepower_threat_defense	6.4.0.18
cisco	firepower_threat_defense	6.6.0
cisco	firepower_threat_defense	6.6.0.1
cisco	firepower_threat_defense	6.6.1
cisco	firepower_threat_defense	6.6.3
cisco	firepower_threat_defense	6.6.4
cisco	firepower_threat_defense	6.6.5
cisco	firepower_threat_defense	6.6.5.1
cisco	firepower_threat_defense	6.6.5.2
cisco	firepower_threat_defense	6.6.7
cisco	firepower_threat_defense	6.6.7.1
cisco	firepower_threat_defense	6.6.7.2
cisco	firepower_threat_defense	6.7.0
cisco	firepower_threat_defense	6.7.0.1
cisco	firepower_threat_defense	6.7.0.2
cisco	firepower_threat_defense	6.7.0.3
cisco	firepower_threat_defense	7.0.0
cisco	firepower_threat_defense	7.0.0.1
cisco	firepower_threat_defense	7.0.1
cisco	firepower_threat_defense	7.0.1.1
cisco	firepower_threat_defense	7.0.2
cisco	firepower_threat_defense	7.0.2.1
cisco	firepower_threat_defense	7.0.3
cisco	firepower_threat_defense	7.0.4
cisco	firepower_threat_defense	7.0.5
cisco	firepower_threat_defense	7.0.6
cisco	firepower_threat_defense	7.0.6.1
cisco	firepower_threat_defense	7.0.6.2
cisco	firepower_threat_defense	7.1.0
cisco	firepower_threat_defense	7.1.0.1
cisco	firepower_threat_defense	7.1.0.2
cisco	firepower_threat_defense	7.1.0.3
cisco	firepower_threat_defense	7.2.0
cisco	firepower_threat_defense	7.2.0.1
cisco	firepower_threat_defense	7.2.1
cisco	firepower_threat_defense	7.2.2
cisco	firepower_threat_defense	7.2.3
cisco	firepower_threat_defense	7.2.4
cisco	firepower_threat_defense	7.2.4.1
cisco	firepower_threat_defense	7.2.5
cisco	firepower_threat_defense	7.2.5.1
cisco	firepower_threat_defense	7.2.5.2
cisco	firepower_threat_defense	7.2.6
cisco	firepower_threat_defense	7.2.7
cisco	firepower_threat_defense	7.2.8
cisco	firepower_threat_defense	7.2.8.1
cisco	firepower_threat_defense	7.3.0
cisco	firepower_threat_defense	7.3.1
cisco	firepower_threat_defense	7.3.1.1
cisco	firepower_threat_defense	7.3.1.2
cisco	firepower_threat_defense	7.4.0
cisco	firepower_threat_defense	7.4.1
cisco	firepower_threat_defense	7.4.1.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D482F818-0A8E-49D7-8E3E-0958019FA629",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E7BFB57-BC02-4930-A02F-83583E6A0FC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "026F1960-C879-4611-A60A-96311B63CCA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAF8B33E-0C95-467D-A865-0A234E69D0CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFF144F5-D933-4DE4-818C-001BD9E3958A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "00112ED3-FE7B-425B-9A28-1E5F2BC8BB01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDD491D5-FAAB-493F-91A6-D2F3B5F5970E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "1519F49D-588F-4B70-B38F-EF4F3E13FEAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "15354443-5EB7-4712-B2DE-61DB33830759",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "248D6B44-E134-4DEC-A947-636824E3FDFA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "0820A79C-F3EF-407F-9AC7-DCAB4CD39C89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D3E8805-85D2-4345-8076-039513209A31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "14BB907B-D75A-4F5E-B20D-5457A71A70EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "F118B803-4C55-436A-A136-0C1FEA49858F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.38:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A272121-408E-45F6-A2A1-0BA6EBC060A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.45:*:*:*:*:*:*:*",
              "matchCriteriaId": "61C3A433-0792-434E-AC90-A84B346499D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "980CEA3B-5A81-4E8C-BEA3-DD31BE7DA2CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3910211-D4DB-4CA7-BBEA-DD8246FF10ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "C260BF30-7A33-4C70-9509-404856C93666",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF894850-39EC-4B57-BBFF-F1AB4F8389A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1FAFCF9-0ABE-483E-9604-329762BB7870",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "83DB4278-3126-4765-97C4-6C0A8C78DA78",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "174E631B-6099-47DE-8790-BBF4B7FDB8CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FE3538B-F612-4105-BFDE-A4B594482DCF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "3143B0FF-C855-485E-A908-E48974B1643C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "26DD9992-6D98-4E03-9599-ECF38A186FBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "24DCEAE6-355B-40AE-A7C8-AF744FCA8A86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "2097E81E-B422-4B93-AF09-F300A0E8AF71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "454DEA31-A607-4054-82D3-24A4FEB7358F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "57F0B213-8187-4465-84F1-FB8D92B36020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "E540771E-BA0B-42D1-8251-B576B0F142C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEC2A833-BECF-4000-A592-6113A84C2D20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "077F1416-924A-4D25-9CEE-3BD66A96A019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BDC8D92-D6E0-40EE-B190-D2B32C7DEB75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "23CD5619-E534-4F40-998D-39DC19FA0451",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5D0EB11-14B1-44B3-8D46-B9DD872F772C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FA399CF-12DB-42E0-A66F-14508B52A453",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B5A7608-E737-420E-9B5E-836600DAC701",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.32:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7EB6801-336D-4F41-ADE7-1C58C63C3F6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "8413DA41-02A5-4269-8C88-9DD5076AF91B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.34:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA00285F-6914-4749-8A47-FC4EDAFFF3C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "4AA4D367-32B9-4F54-8352-A959F61A1FDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "2259FF9E-0C8B-440F-B1AC-51BDE3F60E68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C522B55-904D-4C08-B73E-1457D877C0AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "4483056A-FBF3-4E00-81EB-1E97334EF240",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.43:*:*:*:*:*:*:*",
              "matchCriteriaId": "48677330-06AB-4C7F-B2AD-F7E465A9632A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.44:*:*:*:*:*:*:*",
              "matchCriteriaId": "7AEA80D2-5DB8-4334-9A88-7DDE395832C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.45:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB1C38A5-1028-4AD3-8CC7-A00091091E76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.46:*:*:*:*:*:*:*",
              "matchCriteriaId": "848147B2-C49A-43F6-9069-FC8885BDFDA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.48:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6FEF0DA-741E-4361-8143-068EB47D6520",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F002FD55-F881-450E-BC1B-8073E188F47E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA940C4F-13BB-465F-BB8D-CBD0109BF012",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B0434F5-9A50-4B57-9C5B-E09415D098C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE727035-06CB-4E37-A9D2-96BD54502120",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FE52B81-2CF8-48E5-A7BA-A163A25A669B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8E8D7C9-5272-40E6-869B-B33959F9F0CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE8D5D71-5C85-4644-8A84-F073549ADB50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "0790DDC2-7BA0-42DC-A157-754C0CBBE178",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "882394EA-70C8-4D86-9AEF-5D273D8E518C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "855AD3CC-F404-48C5-80D2-7F2765D16D72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "26B6BF72-9124-4213-B3C0-BD31B46E8C91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE8FBE89-8FDA-4B9B-BA1A-90FFD482A585",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "149C3872-8DA9-48DD-ADD0-2E84C1A76A40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2D33E8C-294A-4C43-8DB6-9DA9F61F0B3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E23ACB0-DF8B-4672-A819-4DCD3104CE4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4723B88-62BA-40E6-AA89-BAC02D6A036F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C698819-3C8E-4A16-8F52-42FF1E54C076",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D3CE74E-59E7-448A-8417-18F97C05C798",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "0986C171-0E75-4F6F-A9BD-276830104E5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "66A2777A-7831-4324-AEB2-5D93B5F6C04B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "37045680-9189-4B7F-A4F7-4E682FE20A09",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6C9F37B-CF3C-4861-A969-C7CF4946274A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A1DAF21-3FED-4691-9D4C-8FD8CEA7FB3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB938E58-4963-4A31-8836-88E958592B30",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E317897-EE97-44F3-96BB-E54228D72A7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EF7FAB2-158D-4C48-9246-E7AD3BF1D801",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.37:*:*:*:*:*:*:*",
              "matchCriteriaId": "056D43AE-ECDB-40D2-A196-18DDCD02629E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.38:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3E555F3-3580-4D71-8D8D-92FE72763D62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "93013503-8B9A-4160-AF7E-277958FA6E9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3B009FD-0F2B-4511-8EDF-C3E670623F89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "52579D8D-E855-42B3-B406-32DD1C39F721",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.47:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7E44FC6-12A2-4F76-A095-28F3804B619F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.48:*:*:*:*:*:*:*",
              "matchCriteriaId": "42917E5E-E362-4B40-B2B2-3C77BA35641C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.50:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF317FA3-EBF3-49BB-A9E6-0D4295FA3F60",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.52:*:*:*:*:*:*:*",
              "matchCriteriaId": "F98B1683-914F-43D3-AE1C-311D3A90BE8C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.54:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8D24656-CAB1-4A98-A440-482927FEDD16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.55:*:*:*:*:*:*:*",
              "matchCriteriaId": "E504557C-DA5D-4D0F-A813-4CE7D5109F15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.56:*:*:*:*:*:*:*",
              "matchCriteriaId": "04D2A067-C717-4921-BBF5-3EFBE02736EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.58:*:*:*:*:*:*:*",
              "matchCriteriaId": "36DDEC5B-4BEA-499C-9F34-BB3D39B7A963",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.62:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4E44C37-0F6F-440B-BA26-FB6D0B179E44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.65:*:*:*:*:*:*:*",
              "matchCriteriaId": "6AEE0050-34DC-49CB-B859-8ED500FD79A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.67:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A47E5C5-E058-4B4C-A258-6DF7CE0EA92B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "52D83C3A-ED0B-42D5-A08A-97D27E189875",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "A649E319-D408-4AA2-8293-C9E37AF14BA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4187EFE-4D7E-4493-A6E0-24C98256CF79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "6730194F-5069-40AB-AE66-871D3992560C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E257F98-D1A0-4D28-9504-1749CC090D49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FF1A5FC-73BE-4218-86D9-2E81FA64EABD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E492943-6EC0-4E34-9DBC-DD1C2CF1CDCC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "589E46F3-8038-4B87-8C40-55C6268B82F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F3B73F6-139E-42DC-B895-DDD17B5A1138",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A2590E7-FE04-4B29-B36B-AABAA5F3B9AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E4FD5E3-7E82-4294-8B05-D2045D857029",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E998A4A-5346-4CFA-A617-FD1106C6B7A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "91265549-A16E-4A00-A031-4F1EB8D6881C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA3C316B-5485-4CDD-A1A1-6C0A9CB4719F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECE6D033-7B8B-4F61-B653-0C0EF13466EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "14441650-DAD5-4959-83DF-4D6F3D6A05FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B21ABC9-A64B-43E4-8951-1E6C0F427DBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "A48EC041-322F-422D-B95B-0FC07BDA2B6B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE0D50C0-DADB-4747-8649-8A5257111FE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEE2699F-353F-44CB-A778-981783DDC31F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D8E50BD-1FBD-483B-9C27-70E95C732E55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "F46E5E4F-787C-4C05-B1E7-C39BB9125D16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6A29312-38E7-456B-94DD-4D7329691114",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "27F7BB31-C733-4C32-BF0F-33B5AF020156",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC313568-33A6-435B-98FF-8A7091D9C451",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F85710A-28CE-4913-8523-356461908FBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6069950-016B-419A-B754-D58956CB6D14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A2F3FEC-624F-47C5-B056-836861BB038A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C4B1136-66B6-42BA-BC17-86E7DCE1CF29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA0B9B73-A9E6-4924-9EAE-B57E534938FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "012812C4-EFF8-465F-A771-134BEB617CC9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "E06141A9-8C37-445A-B58A-45739AFE7D4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "7EDC09E5-51D3-4672-B910-B34A9CBD6128",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "71ED7A71-81CB-444C-A4ED-EA4A58D5E73C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "CAD13331-0EB8-4C8D-85CC-D96CA9F829AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "7137F22B-F993-4620-9378-9412DAEA9EF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "923A40E8-6456-4288-B9AB-DBF5F9C4246A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "13F57A86-6284-4269-823E-B30C57185D14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.1.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6560447-039C-40FA-A24D-C8994AC2743B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "378ED826-F5FE-40BA-9FC0-9C185A13518B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "130B6FD9-764D-4EF8-91AA-37E52AE9B3E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "225861CE-FFF8-4AFA-A07B-CB8D5BC9C361",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD08C4E8-3ADB-4048-9B3C-4F0385201523",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4875811-F209-49ED-B310-8377B2F87FF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "99C52C7B-B626-4A3C-A2EC-28A20E7FA95F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "08CCBF5E-257A-4A1F-8930-3643A9588838",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "782BC9ED-1395-472B-9F34-DED812AA5BFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "153449C0-B93F-49A2-8A6A-BE84305E8D2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "853A002C-839A-4372-8485-750A86E9F6E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "C62BB5D6-CE75-4C83-82DC-4148EF8CB1F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "D32F1365-EAF8-4570-B2FF-45E47E8586F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFD07F9B-6BB3-4423-8DBE-4E89A6478E65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "34FE4F28-B704-4325-AE8A-C790163FEE71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "E832BC0C-8439-4779-9064-C2D93F231031",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA99DF94-D031-4375-9A16-306606FE28F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC149D03-5609-46E6-A1B3-F4D91F282B49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.27:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5D7FC6F-1370-4272-97E5-226C2ED1D335",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.38:*:*:*:*:*:*:*",
              "matchCriteriaId": "164D5774-D51B-47C6-AD32-ED6B84E78BBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "24A810C8-1BB5-4589-84AB-C357C1937201",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.42:*:*:*:*:*:*:*",
              "matchCriteriaId": "F22D8D65-2E88-4557-BF85-1E3ABD4CCAE8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.48:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF62C9AF-70F5-4A12-9B0A-F32551FB2C40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.55:*:*:*:*:*:*:*",
              "matchCriteriaId": "A04EB4FB-0C9F-441E-B02A-6B22F195348F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.57:*:*:*:*:*:*:*",
              "matchCriteriaId": "ACDD7BD6-1C1D-49FE-8478-D0F37EB59BC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "27ACBA2A-87A7-4836-A474-AFD7D22F820D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "C73E0B2E-BABF-4998-A1D7-4E803F9D78AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "59306ADF-FAA6-4970-ADFB-C5D9A5AEF1AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "959107AC-E9EC-467C-901B-A3164E3762E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F944F8F-0255-42BE-BD44-D21EC9F0FFC4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F39C535-5A41-47CE-A9CF-B360998D4BF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9CEAEFC-7B82-41F9-A09D-C86A3A60A4FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "40FAC31D-19C0-4BA0-A019-C7E7A0BA0B5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "6CAAFE0F-416F-4BCA-BA37-30EAEADA8AFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E1E8552-58F0-491E-B7D7-E89527872FC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "9347D71D-1F50-4F85-9F6D-E11D79BD26E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BA16A6D-2747-4DAC-A30A-166F1FD906FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "289F9874-FC01-4809-9BDA-1AF583FB60B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "74EDFC67-E4EE-4D2C-BF9F-5881C987C662",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "826869BE-4874-4BBA-9392-14851560BA10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF52D477-3045-45D1-9FD3-12F396266463",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "88E310BF-F1F6-4124-A875-81967B9B531E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B330F8F-F0DA-472C-A932-AD1D232C7DB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BF59DAA-268C-4FCF-A0AA-7967128AEBC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.46:*:*:*:*:*:*:*",
              "matchCriteriaId": "140ED95D-173C-4ADB-A2E6-97F0D595D1AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.53:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC9B00E1-3E50-4356-B6D9-F84BCD552402",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.55:*:*:*:*:*:*:*",
              "matchCriteriaId": "552319A9-01F7-47BA-83B3-B2DD648AA07E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.56:*:*:*:*:*:*:*",
              "matchCriteriaId": "4914603C-4B1B-48F1-826C-DB803BD21F87",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AE21762-3085-4AFC-B1DE-A4562CDAC509",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "852C3478-7529-4002-8540-ABA4D556DEFC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "23B8A815-5D58-4952-936E-D47B83637BEB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.4.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C98D085-E321-4BAE-AF03-ABDEDC4D24BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEE52F59-AABA-4069-A909-64AD5DFD2B18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "20D7966E-B02B-48C8-BF96-723DD6C25314",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA618249-E76F-4104-9326-C9F2DC8DE3D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C925E1F-6BD9-4CD1-8AC4-4263A9094786",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5EE76D9-6D18-4823-B6B0-E1394A4D140C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F635946-586D-4DE2-927B-300CE569C596",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "459C11B9-ABA1-472A-8CDA-9C7B4E48E943",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.27:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA060112-E2D8-4EC5-8400-D8D189A119B5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3888BB0-B529-486C-8563-392BD1C5DFD5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B25468E3-03F9-4C2A-B82A-F87F4FCD57E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EC6F412-4A30-4E9A-B8DF-C4BF80E5C4B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA47E8EA-29F2-40F3-826E-E7295FFAD8C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.2.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4D303F8-E6AA-4F1C-9988-055EECD0A902",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D726F07-06F1-4B0A-B010-E607E0C2A280",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FAD2427-82A3-4E64-ADB5-FA4F40B568F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "08D5A647-AC21-40AC-8B3C-EE5D3EDA038A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BAE999A-5244-46CF-8C12-D68E789BDEE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6468D3D-C5A7-4FAE-B4B9-AD862CD11055",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6E4808D-592E-46A6-A83A-A46227D817B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AB45136-ACCD-4230-8975-0EBB30D5B375",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2C39AC1-1B96-4253-9FC8-4CC26D6261F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE9102C8-F211-4E50-967F-FD51C7FC904F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4933642-89E5-4909-AD3C-862CD3B77790",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9A6C776-79B3-47ED-B013-100B8F08E1C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "E504F28A-44CE-4B3E-9330-6A98728E3AEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEA0DD43-D206-4C1C-8B17-DA47F96B3BAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "1983172D-4F52-479F-BF14-A84B92D36864",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "4122D982-A57A-4249-A8DC-CE9FC6C98803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "96464380-F665-4266-B0AD-693E078C9F82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C230B8A-570D-4F58-83E1-AFA50B813EA4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD3F39CB-C4C2-4B13-94F0-9E44322314BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "59A71873-0EB2-418F-AE33-8474A1010FA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2DF0B07-8C2A-4341-8AFF-DE7E5E5B3A43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E6BD0EE-649E-4ED6-A09C-8364335DEF52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AE11554-FE3C-4C8B-8986-5D88E4967342",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1C11983-22A8-4859-A240-571A7815FF54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "24CD0B0A-2B91-45DD-9522-8D1D3850CC9B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7026F0E-72A7-4CDF-BADC-E34FE6FADC51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "63B85369-FBAE-456C-BC99-5418B043688A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "86434346-D5F0-49BA-803E-244C3266E361",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2FA7B3C-002D-4755-B323-CA24B770A5B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1CB7EBC-F3D5-4855-A8D8-BA5AB21FD719",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2A5530C-DF29-421B-9712-3454C1769446",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "41170977-FEEA-4B51-BF98-8493096CD691",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "B05791F9-0B31-4C4C-A9BA-9268CAA45FB2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D975CBA-7F01-4A4C-991B-9571410C4F07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6D7AF29-4E08-4BFD-AFE0-994309E66F08",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2EFA476-5021-4A00-859E-1643009D6156",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6E3A5DC-A237-46E4-A4E5-F135482F984A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "B166867E-E51B-46E3-A6E2-B10E67364058",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "1CE51492-8C9B-459E-9F80-64F426009905",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCD69468-8067-4A5D-B2B0-EC510D889AA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "20AE4051-FA3B-4F0B-BD3D-083A14269FF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "46A42D07-FF3E-41B4-BA39-3A5BDA4E0E61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3985EA37-2B77-45F2-ABA5-5CCC7B35CA2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "67FB5ABE-3C40-4C58-B91F-0621C2180FAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "53909FD6-EC74-4D2F-99DA-26E70400B53F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "55FE024D-0D43-40AD-9645-8C54ECF17824",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC411A8D-CD39-46F5-B8FC-6753E618FAEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "D46E2E00-BA86-4002-B67B-2C1A6C1AAAE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "91AD8BA2-EB8D-4D8B-B707-AF5C2A831998",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FA95508-0A28-4D4A-81A7-5CDD1F5DA46C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "85F22403-B4EE-4303-9C94-915D3E0AC944",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "828E3DE1-B62E-4FEC-AAD3-EB0E452C9CBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "596EC5DD-D7F4-44C8-B4B5-E2DC142FC486",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C356E0E6-5B87-40CF-996E-6FFEDFD82A31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBCA75A6-0A3E-4393-8884-9F3CE190641E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F3C12D3-7662-46C5-9E88-D1BE6CF605E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "046B53A0-6BC1-461A-9C28-C534CE12C4BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA889E1-4E8F-4ECE-88AC-7A240D5CBF0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D1C767F-3E06-43B7-A0CC-D51D97A053EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "43A950B0-A7CA-4CE7-A393-A18C8C41B08E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7E221CB-BD0F-4AEE-8646-998B75647714",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "225382DE-2919-48F4-9CC0-DE685EAAFDF4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBA2DFE7-F478-46EC-9832-4B2C738FC879",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "39FE5927-2421-4CBE-97EA-6AED892DA1C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8BF2227-3C50-4FD1-98DB-21196E75D1DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5460064F-FF50-4F54-A8DF-180C76AF9B8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D619BF54-1BA9-45D0-A876-92D7010088A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "469EA365-DED5-4436-AAC2-5553529DE700",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D94F400-5A35-41F5-B37F-E9DA6F87ED8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5364CB94-BEA3-4E9A-A2F9-EE96A2D7F8AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FD5D12-CF1A-4990-99B3-1840EFBA5611",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCD2D11D-FF08-44E4-BF67-D8DD1E701FCD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F788D156-1F1F-4A08-848B-257BC4CCE000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "795ED164-7800-4D50-8E37-665BE30190D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B0664B8-1670-4F47-A01E-089D05A9618A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6826018-5620-4924-BE92-6A245378F610",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A49A07CF-12BA-481C-B5FF-754520080A8A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "F203C7D1-AA92-4367-B7A5-EBAE6B76EE6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0064C97F-1140-43AC-8229-C8CCC367DC4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9296D33-D59A-463D-9722-9D4C3F720E7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9F66CCA-0982-4107-BC5B-79D727479343",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "77B80698-1E76-4B13-AB83-A03FF8C785FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "7106C567-726C-4399-ABE0-4A26B9572D40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D5EEF62-DFD3-4E08-8959-2BCD4B1308CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBC0C3DC-4761-488A-90A9-6EA45EE61526",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "62EE065B-F8B6-4125-8486-B2EE0566B27A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5245DEF8-64BE-47C9-AA3C-DF3F7F92A89F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5A52991-802D-46FB-A508-5616BA1CEB78",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3E08AAC-9C5E-4D18-817C-C466D1D6C4DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "724A3B6F-DDAB-4A2F-8430-9E1F352D755F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.4.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDBF14DD-0654-47F3-A698-020397A1EAA3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the Dynamic Access Policies (DAP) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause an affected device to reload unexpectedly. To exploit this vulnerability, an attacker would need valid remote access VPN user credentials on the affected device.\r\n\r This vulnerability is due to improper validation of data in HTTPS POST requests. An attacker could exploit this vulnerability by sending a crafted HTTPS POST request to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a denial of service (DoS) condition."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la funci\u00f3n de pol\u00edticas de acceso din\u00e1mico (DAP) del software Cisco Adaptive Security Appliance (ASA) y del software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir que un atacante remoto autenticado haga que un dispositivo afectado se recargue inesperadamente. Para aprovechar esta vulnerabilidad, un atacante necesitar\u00eda credenciales de usuario de VPN de acceso remoto v\u00e1lidas en el dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n incorrecta de los datos en las solicitudes HTTPS POST. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una solicitud HTTPS POST manipulada a un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante haga que el dispositivo se recargue, lo que da como resultado una condici\u00f3n de denegaci\u00f3n de servicio (DoS)."
    }
  ],
  "id": "CVE-2024-20408",
  "lastModified": "2025-08-01T16:05:35.080",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.7,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.1,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-10-23T18:15:08.697",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dap-dos-bhEkP7n"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-1287"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2025-08-14 17:15

Modified

2025-08-25 14:35

Severity ?

7.7 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

Summary

A vulnerability in the TLS 1.3 implementation for a specific cipher for Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software for Cisco Firepower 3100 and 4200 Series devices could allow an authenticated, remote attacker to consume resources that are associated with incoming TLS 1.3 connections, which eventually could cause the device to stop accepting any new SSL/TLS or VPN requests. This vulnerability is due to the implementation of the TLS 1.3 Cipher TLS_CHACHA20_POLY1305_SHA256. An attacker could exploit this vulnerability by sending a large number of TLS 1.3 connections with the specific TLS 1.3 Cipher TLS_CHACHA20_POLY1305_SHA256. A successful exploit could allow the attacker to cause a denial of service (DoS) condition where no new incoming encrypted connections are accepted. The device must be reloaded to clear this condition. Note: These incoming TLS 1.3 connections include both data traffic and user-management traffic. After the device is in the vulnerable state, no new encrypted connections can be accepted.

References

▼	URL	Tags
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-3100_4200_tlsdos-2yNSCd54	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	7.4.0
cisco	firepower_threat_defense	7.4.1
cisco	firepower_threat_defense	7.4.1.1
cisco	firepower_threat_defense	7.4.2
cisco	firepower_threat_defense	7.4.2.1
cisco	firepower_threat_defense	7.6.0
cisco	secure_firewall_3105	-
cisco	secure_firewall_3110	-
cisco	secure_firewall_3120	-
cisco	secure_firewall_3130	-
cisco	secure_firewall_3140	-
cisco	secure_firewall_4215	-
cisco	secure_firewall_4225	-
cisco	secure_firewall_4245	-
cisco	adaptive_security_appliance_software	9.20.1
cisco	adaptive_security_appliance_software	9.20.1.5
cisco	adaptive_security_appliance_software	9.20.2
cisco	adaptive_security_appliance_software	9.20.2.10
cisco	adaptive_security_appliance_software	9.20.2.21
cisco	adaptive_security_appliance_software	9.20.2.22
cisco	adaptive_security_appliance_software	9.20.3
cisco	adaptive_security_appliance_software	9.20.3.4
cisco	adaptive_security_appliance_software	9.20.3.7
cisco	adaptive_security_appliance_software	9.22.1.1
cisco	secure_firewall_3105	-
cisco	secure_firewall_3110	-
cisco	secure_firewall_3120	-
cisco	secure_firewall_3130	-
cisco	secure_firewall_3140	-
cisco	secure_firewall_4215	-
cisco	secure_firewall_4225	-
cisco	secure_firewall_4245	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3E08AAC-9C5E-4D18-817C-C466D1D6C4DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "724A3B6F-DDAB-4A2F-8430-9E1F352D755F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.4.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDBF14DD-0654-47F3-A698-020397A1EAA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "8920FFA0-1F84-44FE-A776-4FFA654D8419",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.4.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7586BFE-973B-4481-A004-20EB1FEB2D6E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "76B73F03-93B6-48C3-BF97-FEAF26895A2D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:secure_firewall_3105:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5D9FDF8-13BF-425F-9802-1A334065D7C0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:secure_firewall_3110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "87403E0F-659C-4C5B-863D-0274D2828A9A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:secure_firewall_3120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "73D24C57-2311-48E9-879E-124472E98F6F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:secure_firewall_3130:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE02D38A-5354-47E6-A46F-06D53F14F5A8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:secure_firewall_3140:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F191A423-DB18-4F3A-9D31-C3DD8F185C88",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:secure_firewall_4215:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC379023-9ECB-4BED-B667-5BCFC9872416",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:secure_firewall_4225:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "05C4027A-0B7E-4E0F-AD5F-27CB4BBFE558",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:secure_firewall_4245:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B17ECD44-086D-47B6-A7C8-E0F9DF492D93",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B25468E3-03F9-4C2A-B82A-F87F4FCD57E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EC6F412-4A30-4E9A-B8DF-C4BF80E5C4B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA47E8EA-29F2-40F3-826E-E7295FFAD8C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.2.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4D303F8-E6AA-4F1C-9988-055EECD0A902",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.2.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DCBBA66-6D00-4D8B-86FE-81EF431A7806",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.2.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB768AFD-64C1-4AD4-8194-2A1D428BAC67",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B6648F1-B019-4A67-A1D6-9B8FD522E393",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "53667E6B-7B95-4051-94C6-707789CB15A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6796587-5205-46ED-95D4-0B9DE1499FDA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.22.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B6367AC-F605-472B-9B11-B2FE9AD918A0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:secure_firewall_3105:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5D9FDF8-13BF-425F-9802-1A334065D7C0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:secure_firewall_3110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "87403E0F-659C-4C5B-863D-0274D2828A9A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:secure_firewall_3120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "73D24C57-2311-48E9-879E-124472E98F6F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:secure_firewall_3130:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE02D38A-5354-47E6-A46F-06D53F14F5A8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:secure_firewall_3140:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F191A423-DB18-4F3A-9D31-C3DD8F185C88",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:secure_firewall_4215:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC379023-9ECB-4BED-B667-5BCFC9872416",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:secure_firewall_4225:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "05C4027A-0B7E-4E0F-AD5F-27CB4BBFE558",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:secure_firewall_4245:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B17ECD44-086D-47B6-A7C8-E0F9DF492D93",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the TLS 1.3 implementation for a specific cipher for Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software for Cisco Firepower 3100 and 4200 Series devices could allow an authenticated, remote attacker to consume resources that are associated with incoming TLS 1.3 connections, which eventually could cause the device to stop accepting any new SSL/TLS or VPN requests.\r\n\r\nThis vulnerability is due to the implementation of the TLS 1.3 Cipher TLS_CHACHA20_POLY1305_SHA256. An attacker could exploit this vulnerability by sending a large number of TLS 1.3 connections with the specific TLS 1.3 Cipher TLS_CHACHA20_POLY1305_SHA256. A successful exploit could allow the attacker to cause a denial of service (DoS) condition where no new incoming encrypted connections are accepted. The device must be reloaded to clear this condition.\r\nNote: These incoming TLS 1.3 connections include both data traffic and user-management traffic. After the device is in the vulnerable state, no new encrypted connections can be accepted."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la implementaci\u00f3n de TLS 1.3 para un cifrado espec\u00edfico del software Cisco Secure Firewall Adaptive Security Appliance (ASA) y del software Cisco Secure Firewall Threat Defense (FTD) para dispositivos Cisco Firepower de las series 3100 y 4200 podr\u00eda permitir que un atacante remoto autenticado consuma recursos asociados con conexiones entrantes TLS 1.3, lo que eventualmente podr\u00eda provocar que el dispositivo deje de aceptar nuevas solicitudes SSL/TLS o VPN. Esta vulnerabilidad se debe a la implementaci\u00f3n del cifrado TLS_CHACHA20_POLY1305_SHA256 de TLS 1.3. Un atacante podr\u00eda explotar esta vulnerabilidad enviando un gran n\u00famero de conexiones TLS 1.3 con el cifrado TLS_CHACHA20_POLY1305_SHA256. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante causar una denegaci\u00f3n de servicio (DoS) donde no se aceptan nuevas conexiones cifradas entrantes. El dispositivo debe reiniciarse para solucionar esta situaci\u00f3n. Nota: Estas conexiones entrantes TLS 1.3 incluyen tanto tr\u00e1fico de datos como de administraci\u00f3n de usuarios. Una vez que el dispositivo se encuentra en estado vulnerable, no se pueden aceptar nuevas conexiones cifradas."
    }
  ],
  "id": "CVE-2025-20127",
  "lastModified": "2025-08-25T14:35:24.387",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.7,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.1,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Primary"
      }
    ]
  },
  "published": "2025-08-14T17:15:33.907",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-3100_4200_tlsdos-2yNSCd54"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-404"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2021-04-29 18:15

Modified

2024-11-21 05:44

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

Multiple vulnerabilities in Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. These vulnerabilities are due to lack of proper input validation of the HTTPS request. An attacker could exploit these vulnerabilities by sending a crafted HTTPS request to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Note: This vulnerability affects only specific AnyConnect and WebVPN configurations. For more information, see the Vulnerable Products section.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-vpn-dos-fpBcpEcD	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-vpn-dos-fpBcpEcD	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "04202164-FCC4-413E-90B5-01FE08AC6EEC",
              "versionEndExcluding": "6.6.4",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "599292E2-4F97-462D-93E0-7CCAEA7C5ED8",
              "versionEndExcluding": "6.7.0.1",
              "versionStartIncluding": "6.7.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "94DC7008-9043-474E-A23C-535C5E34C668",
              "versionEndExcluding": "9.8.4.34",
              "versionStartIncluding": "9.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A9BFFBC-F577-47CD-83E8-A6227B17D557",
              "versionEndExcluding": "9.9.2.85",
              "versionStartIncluding": "9.9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C70E158-4028-4CA4-91CB-22E549CFBC07",
              "versionEndExcluding": "9.12.4.13",
              "versionStartIncluding": "9.10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B74C14F-C95B-4AF5-A255-1CA824AA7FDE",
              "versionEndExcluding": "9.13.1.21",
              "versionStartIncluding": "9.13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "282F4D3B-CCBB-484E-BDEE-C316637E2F21",
              "versionEndExcluding": "9.14.2.8",
              "versionStartIncluding": "9.14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE692449-D353-4726-82EF-4396E3336890",
              "versionEndExcluding": "9.15.1.7",
              "versionStartIncluding": "9.15",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple vulnerabilities in Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. These vulnerabilities are due to lack of proper input validation of the HTTPS request. An attacker could exploit these vulnerabilities by sending a crafted HTTPS request to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Note: This vulnerability affects only specific AnyConnect and WebVPN configurations. For more information, see the Vulnerable Products section."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades en el software Cisco Adaptive Security Appliance (ASA) y el software Firepower Threat Defense (FTD), podr\u00edan permitir a un atacante remoto no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado.\u0026#xa0;Estas vulnerabilidades son debido a una falta de comprobaci\u00f3n de entrada apropiada de la petici\u00f3n HTTPS.\u0026#xa0;Un atacante podr\u00eda explotar estas vulnerabilidades mediante el env\u00edo de una petici\u00f3n HTTPS dise\u00f1ada hacia un dispositivo afectado.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar que el dispositivo afectado se recargue, resultando en una condici\u00f3n DoS.\u0026#xa0;Nota: Esta vulnerabilidad afecta solo a configuraciones espec\u00edficas de AnyConnect y WebVPN.\u0026#xa0;Para obtener m\u00e1s informaci\u00f3n, consulte la secci\u00f3n Productos vulnerables"
    }
  ],
  "id": "CVE-2021-1445",
  "lastModified": "2024-11-21T05:44:22.823",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-04-29T18:15:08.967",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-vpn-dos-fpBcpEcD"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-vpn-dos-fpBcpEcD"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-10-21 19:15

Modified

2024-11-21 05:30

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Summary

A vulnerability in the IP fragment-handling implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a memory leak on an affected device. This memory leak could prevent traffic from being processed through the device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper error handling when specific failures occur during IP fragment reassembly. An attacker could exploit this vulnerability by sending crafted, fragmented IP traffic to a targeted device. A successful exploit could allow the attacker to continuously consume memory on the affected device and eventually impact traffic, resulting in a DoS condition. The device could require a manual reboot to recover from the DoS condition. Note: This vulnerability applies to both IP Version 4 (IPv4) and IP Version 6 (IPv6) traffic.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-frag-memleak-mCtqdP9n	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-frag-memleak-mCtqdP9n	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	6.6.0.1
cisco	adaptive_security_appliance_software	9.8.4.22
cisco	adaptive_security_appliance_software	9.8.4.25
cisco	adaptive_security_appliance_software	9.12.4.2
cisco	adaptive_security_appliance_software	9.12.4.3
cisco	adaptive_security_appliance_software	9.13.1.12
cisco	adaptive_security_appliance_software	9.14.1.15

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "20AE4051-FA3B-4F0B-BD3D-083A14269FF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "23CD5619-E534-4F40-998D-39DC19FA0451",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5D0EB11-14B1-44B3-8D46-B9DD872F772C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E23ACB0-DF8B-4672-A819-4DCD3104CE4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "714B961B-E808-4F9A-B6C3-7926BA813A81",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.13.1.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "40145CFB-CEE8-4ABA-A9C2-BA262B7A9AEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "6730194F-5069-40AB-AE66-871D3992560C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the IP fragment-handling implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a memory leak on an affected device. This memory leak could prevent traffic from being processed through the device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper error handling when specific failures occur during IP fragment reassembly. An attacker could exploit this vulnerability by sending crafted, fragmented IP traffic to a targeted device. A successful exploit could allow the attacker to continuously consume memory on the affected device and eventually impact traffic, resulting in a DoS condition. The device could require a manual reboot to recover from the DoS condition. Note: This vulnerability applies to both IP Version 4 (IPv4) and IP Version 6 (IPv6) traffic."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la implementaci\u00f3n de manejo de fragmentos IP de Cisco Adaptive Security Appliance (ASA) Software y Cisco Firepower Threat Defense (FTD) Software, podr\u00eda permitir a un atacante remoto no autenticado causar una p\u00e9rdida de memoria en un dispositivo afectado.\u0026#xa0;Esta p\u00e9rdida de memoria podr\u00eda impedir que el tr\u00e1fico sea procesado por medio del dispositivo, resultando en una condici\u00f3n de denegaci\u00f3n de servicio (DoS).\u0026#xa0;La vulnerabilidad es debido al manejo inapropiado de errores cuando fallos espec\u00edficos ocurren durante el reensamblaje del fragmento IP.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de tr\u00e1fico IP fragmentado y dise\u00f1ado hacia un dispositivo objetivo.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir a un atacante consumir memoria continuamente en el dispositivo afectado y eventualmente impactar el tr\u00e1fico, resultando en una condici\u00f3n de DoS.\u0026#xa0;El dispositivo podr\u00eda requerir un reinicio manual para recuperarse de la condici\u00f3n de DoS.\u0026#xa0;Nota: Esta vulnerabilidad se aplica tanto al tr\u00e1fico IP versi\u00f3n 4 (IPv4) como al tr\u00e1fico IP versi\u00f3n 6 (IPv6)"
    }
  ],
  "id": "CVE-2020-3373",
  "lastModified": "2024-11-21T05:30:54.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-10-21T19:15:15.903",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-frag-memleak-mCtqdP9n"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-frag-memleak-mCtqdP9n"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-401"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2024-10-23 17:15

Modified

2025-08-06 15:17

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

A vulnerability in the Snort 2 and Snort 3 TCP and UDP detection engine of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Appliances could allow an unauthenticated, remote attacker to cause memory corruption, which could cause the Snort detection engine to restart unexpectedly. This vulnerability is due to improper memory management when the Snort detection engine processes specific TCP or UDP packets. An attacker could exploit this vulnerability by sending crafted TCP or UDP packets through a device that is inspecting traffic using the Snort detection engine. A successful exploit could allow the attacker to restart the Snort detection engine repeatedly, which could cause a denial of service (DoS) condition. The DoS condition impacts only the traffic through the device that is examined by the Snort detection engine. The device can still be managed over the network. Note: Once a memory block is corrupted, it cannot be cleared until the Cisco Firepower 2100 Series Appliance is manually reloaded. This means that the Snort detection engine could crash repeatedly, causing traffic that is processed by the Snort detection engine to be dropped until the device is manually reloaded.

References

URL	Tags
psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-M446vbEO	Broken Link
psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd2100-snort-dos-M9HuMt75	Vendor Advisory
psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	7.0.0.0
cisco	firepower_threat_defense	7.0.0.1
cisco	firepower_threat_defense	7.0.1
cisco	firepower_threat_defense	7.0.1.1
cisco	firepower_threat_defense	7.0.2
cisco	firepower_threat_defense	7.0.2.1
cisco	firepower_threat_defense	7.0.3
cisco	firepower_threat_defense	7.0.4
cisco	firepower_threat_defense	7.0.5
cisco	firepower_threat_defense	7.0.6
cisco	firepower_threat_defense	7.0.6.1
cisco	firepower_threat_defense	7.0.6.2
cisco	firepower_threat_defense	7.0.6.3
cisco	firepower_threat_defense	7.1.0
cisco	firepower_threat_defense	7.1.0.1
cisco	firepower_threat_defense	7.1.0.3
cisco	firepower_threat_defense	7.2.0
cisco	firepower_threat_defense	7.2.0.1
cisco	firepower_threat_defense	7.2.1
cisco	firepower_threat_defense	7.2.2
cisco	firepower_threat_defense	7.2.3
cisco	firepower_threat_defense	7.2.4
cisco	firepower_threat_defense	7.2.4.1
cisco	firepower_threat_defense	7.2.5
cisco	firepower_threat_defense	7.2.5.1
cisco	firepower_threat_defense	7.2.5.2
cisco	firepower_threat_defense	7.2.6
cisco	firepower_threat_defense	7.2.7
cisco	firepower_threat_defense	7.2.8
cisco	firepower_threat_defense	7.2.8.1
cisco	firepower_threat_defense	7.3.0
cisco	firepower_threat_defense	7.3.1
cisco	firepower_threat_defense	7.3.1.1
cisco	firepower_threat_defense	7.3.1.2
cisco	firepower_threat_defense	7.4.1
cisco	firepower_threat_defense	7.4.1.1
cisco	firepower_threat_defense	7.4.2
cisco	firepower_2100	-
cisco	firepower_2110	-
cisco	firepower_2120	-
cisco	firepower_2130	-
cisco	firepower_2140	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C647DC8B-CA17-4A60-99A3-FF4DC18ED79F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F3C12D3-7662-46C5-9E88-D1BE6CF605E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "046B53A0-6BC1-461A-9C28-C534CE12C4BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA889E1-4E8F-4ECE-88AC-7A240D5CBF0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D1C767F-3E06-43B7-A0CC-D51D97A053EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "43A950B0-A7CA-4CE7-A393-A18C8C41B08E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7E221CB-BD0F-4AEE-8646-998B75647714",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "225382DE-2919-48F4-9CC0-DE685EAAFDF4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBA2DFE7-F478-46EC-9832-4B2C738FC879",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "39FE5927-2421-4CBE-97EA-6AED892DA1C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8BF2227-3C50-4FD1-98DB-21196E75D1DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5460064F-FF50-4F54-A8DF-180C76AF9B8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6B1A4F4-899E-4487-AB1C-0A8AE66306D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D619BF54-1BA9-45D0-A876-92D7010088A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "469EA365-DED5-4436-AAC2-5553529DE700",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5364CB94-BEA3-4E9A-A2F9-EE96A2D7F8AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FD5D12-CF1A-4990-99B3-1840EFBA5611",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCD2D11D-FF08-44E4-BF67-D8DD1E701FCD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F788D156-1F1F-4A08-848B-257BC4CCE000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "795ED164-7800-4D50-8E37-665BE30190D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B0664B8-1670-4F47-A01E-089D05A9618A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6826018-5620-4924-BE92-6A245378F610",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A49A07CF-12BA-481C-B5FF-754520080A8A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "F203C7D1-AA92-4367-B7A5-EBAE6B76EE6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0064C97F-1140-43AC-8229-C8CCC367DC4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9296D33-D59A-463D-9722-9D4C3F720E7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9F66CCA-0982-4107-BC5B-79D727479343",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "77B80698-1E76-4B13-AB83-A03FF8C785FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "7106C567-726C-4399-ABE0-4A26B9572D40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D5EEF62-DFD3-4E08-8959-2BCD4B1308CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBC0C3DC-4761-488A-90A9-6EA45EE61526",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "62EE065B-F8B6-4125-8486-B2EE0566B27A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5245DEF8-64BE-47C9-AA3C-DF3F7F92A89F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5A52991-802D-46FB-A508-5616BA1CEB78",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "724A3B6F-DDAB-4A2F-8430-9E1F352D755F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.4.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDBF14DD-0654-47F3-A698-020397A1EAA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "8920FFA0-1F84-44FE-A776-4FFA654D8419",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D23A26EF-5B43-437C-A962-4FC69D8A0FF4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "52D96810-5F79-4A83-B8CA-D015790FCF72",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FE2945-4975-4003-AE48-7E134E167A7F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2130:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCE7122A-5AA7-4ECD-B024-E27C9D0CFB7B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2140:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "976901BF-C52C-4F81-956A-711AF8A60140",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the Snort 2 and Snort 3 TCP and UDP detection engine of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Appliances could allow an unauthenticated, remote attacker to cause memory corruption, which could cause the Snort detection engine to restart unexpectedly.\r\n\r\nThis vulnerability is due to improper memory management when the Snort detection engine processes specific TCP or UDP packets. An attacker could exploit this vulnerability by sending crafted TCP or UDP packets through a device that is inspecting traffic using the Snort detection engine. A successful exploit could allow the attacker to restart the Snort detection engine repeatedly, which could cause a denial of service (DoS) condition. The DoS condition impacts only the traffic through the device that is examined by the Snort detection engine. The device can still be managed over the network.\r\nNote: Once a memory block is corrupted, it cannot be cleared until the Cisco Firepower 2100 Series Appliance is manually reloaded. This means that the Snort detection engine could crash repeatedly, causing traffic that is processed by the Snort detection engine to be dropped until the device is manually reloaded."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el motor de detecci\u00f3n de TCP y UDP Snort 2 y Snort 3 del software Cisco Firepower Threat Defense (FTD) para los dispositivos Cisco Firepower de la serie 2100 podr\u00eda permitir que un atacante remoto no autenticado provoque da\u00f1os en la memoria, lo que podr\u00eda provocar que el motor de detecci\u00f3n de Snort se reinicie inesperadamente. Esta vulnerabilidad se debe a una administraci\u00f3n de memoria inadecuada cuando el motor de detecci\u00f3n de Snort procesa paquetes TCP o UDP espec\u00edficos. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando paquetes TCP o UDP manipulados a trav\u00e9s de un dispositivo que est\u00e9 inspeccionando el tr\u00e1fico mediante el motor de detecci\u00f3n de Snort. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante reiniciar el motor de detecci\u00f3n de Snort repetidamente, lo que podr\u00eda provocar una condici\u00f3n de denegaci\u00f3n de servicio (DoS). La condici\u00f3n de DoS afecta solo al tr\u00e1fico a trav\u00e9s del dispositivo que examina el motor de detecci\u00f3n de Snort. El dispositivo a\u00fan se puede administrar a trav\u00e9s de la red. Nota: Una vez que se da\u00f1a un bloque de memoria, no se puede borrar hasta que se vuelva a cargar manualmente el dispositivo Cisco Firepower de la serie 2100. Esto significa que el motor de detecci\u00f3n de Snort podr\u00eda fallar repetidamente, provocando que el tr\u00e1fico procesado por el motor de detecci\u00f3n de Snort se descarte hasta que el dispositivo se vuelva a cargar manualmente."
    }
  ],
  "id": "CVE-2024-20330",
  "lastModified": "2025-08-06T15:17:28.963",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-10-23T17:15:17.663",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Broken Link"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-M446vbEO"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd2100-snort-dos-M9HuMt75"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-788"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-10-21 19:15

Modified

2024-11-21 05:30

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

A vulnerability in the ssl_inspection component of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to crash Snort instances. The vulnerability is due to insufficient input validation in the ssl_inspection component. An attacker could exploit this vulnerability by sending a malformed TLS packet through a Cisco Adaptive Security Appliance (ASA). A successful exploit could allow the attacker to crash a Snort instance, resulting in a denial of service (DoS) condition.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-ssl-mf3822Z	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-ssl-mf3822Z	Vendor Advisory

Impacted products

	Vendor	Product	Version
	cisco	firepower_threat_defense	*
	cisco	firepower_threat_defense	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4198F5CF-C5E2-47B8-8CD4-5163BFEB7036",
              "versionEndExcluding": "6.4.0.10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3ED0E59C-146C-494F-AD46-F6FB43F9C575",
              "versionEndExcluding": "6.5.0.5",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the ssl_inspection component of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to crash Snort instances. The vulnerability is due to insufficient input validation in the ssl_inspection component. An attacker could exploit this vulnerability by sending a malformed TLS packet through a Cisco Adaptive Security Appliance (ASA). A successful exploit could allow the attacker to crash a Snort instance, resulting in a denial of service (DoS) condition."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el componente ssl_inspection de Cisco Firepower Threat Defense (FTD) Software, podr\u00eda permitir a un atacante remoto no autenticado bloquear las instancias de Snort.\u0026#xa0;La vulnerabilidad es debido a una comprobaci\u00f3n insuficiente de la entrada  en el componente ssl_inspection.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de un paquete TLS malformado por medio de un dispositivo de seguridad adaptable de Cisco (ASA).\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir a un atacante bloquear una instancia de Snort, resultando en una condici\u00f3n de denegaci\u00f3n de servicio (DoS)"
    }
  ],
  "id": "CVE-2020-3317",
  "lastModified": "2024-11-21T05:30:47.783",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-10-21T19:15:15.717",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-ssl-mf3822Z"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-ssl-mf3822Z"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-05-06 17:15

Modified

2024-11-21 05:30

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Summary

A vulnerability in DNS over IPv6 packet processing for Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to unexpectedly reload, resulting in a denial of service (DoS) condition. The vulnerability is due to improper length validation of a field in an IPv6 DNS packet. An attacker could exploit this vulnerability by sending a crafted DNS query over IPv6, which traverses the affected device. An exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. This vulnerability is specific to DNS over IPv6 traffic only.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ipv6-67pA658k	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ipv6-67pA658k	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	asa_5505_firmware	9.4\(1\)
cisco	asa_5505_firmware	96.4\(0.42\)
cisco	asa_5505	-
cisco	asa_5510_firmware	9.4\(1\)
cisco	asa_5510_firmware	96.4\(0.42\)
cisco	asa_5510	-
cisco	asa_5512-x_firmware	9.4\(1\)
cisco	asa_5512-x_firmware	96.4\(0.42\)
cisco	asa_5512-x	-
cisco	asa_5515-x_firmware	9.4\(1\)
cisco	asa_5515-x_firmware	96.4\(0.42\)
cisco	asa_5515-x	-
cisco	asa_5520_firmware	9.4\(1\)
cisco	asa_5520_firmware	96.4\(0.42\)
cisco	asa_5520	-
cisco	asa_5525-x_firmware	9.4\(1\)
cisco	asa_5525-x_firmware	96.4\(0.42\)
cisco	asa_5525-x	-
cisco	asa_5540_firmware	9.4\(1\)
cisco	asa_5540_firmware	96.4\(0.42\)
cisco	asa_5540	-
cisco	asa_5545-x_firmware	9.4\(1\)
cisco	asa_5545-x_firmware	96.4\(0.42\)
cisco	asa_5545-x	-
cisco	asa_5550_firmware	9.4\(1\)
cisco	asa_5550_firmware	96.4\(0.42\)
cisco	asa_5550	-
cisco	asa_5555-x_firmware	9.4\(1\)
cisco	asa_5555-x_firmware	96.4\(0.42\)
cisco	asa_5555-x	-
cisco	asa_5580_firmware	9.4\(1\)
cisco	asa_5580_firmware	96.4\(0.42\)
cisco	asa_5580	-
cisco	asa_5585-x_firmware	9.4\(1\)
cisco	asa_5585-x_firmware	96.4\(0.42\)
cisco	asa_5585-x	-
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4B2E5D3-ED34-4A7E-BD8F-8492B6737677",
              "versionEndExcluding": "6.2.3.16",
              "versionStartIncluding": "6.2.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D27DE97-510A-4761-8184-6940745B54E2",
              "versionEndExcluding": "6.3.0.6",
              "versionStartIncluding": "6.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3EDD3A04-6832-4533-8CE6-6083720E8654",
              "versionEndExcluding": "6.4.0.6",
              "versionStartIncluding": "6.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5505_firmware:9.4\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "4151DD11-8D9E-4B30-9762-62A7C8900AF1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5505_firmware:96.4\\(0.42\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "9D19BFA6-5642-423A-BC3E-CEBACD06F3F9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E6A8BB7-2000-4CA2-9DD7-89573CE4C73A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5510_firmware:9.4\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "365F7DD4-29F7-4DBB-B86E-2E0CBFF31407",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5510_firmware:96.4\\(0.42\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "C11F9B11-9B16-492F-9142-AC0D920F1E19",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B091B9BA-D4CA-435B-8D66-602B45F0E0BD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5512-x_firmware:9.4\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "058F618F-81C5-473D-81E1-7F52ED122391",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5512-x_firmware:96.4\\(0.42\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "87A60AD4-7E61-4538-B0BC-DE08810C4819",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08F0F160-DAD2-48D4-B7B2-4818B2526F35",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5515-x_firmware:9.4\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "723FCCD5-BBB7-4EFC-BC10-7DF675B35469",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5515-x_firmware:96.4\\(0.42\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "D4DDC3BE-ABCF-4E30-B5C8-2C6C8FD87FCB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "977D597B-F6DE-4438-AB02-06BE64D71EBE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5520_firmware:9.4\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "1CD21786-2506-4E5B-94D0-A4ADBEB8AA50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5520_firmware:96.4\\(0.42\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "2B2F410E-05C8-48C0-81FD-3E4B30AC6AE8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5520:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B387F62-6341-434D-903F-9B72E7F84ECB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5525-x_firmware:9.4\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "0C027842-9992-4E73-A5B4-EFC4B9AA8EF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5525-x_firmware:96.4\\(0.42\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "12DF8456-3785-44EA-868F-659AED7A6052",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB71EB29-0115-4307-A9F7-262394FD9FB0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5540_firmware:9.4\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "FD48789B-881D-4223-9E22-1CEEB3F9D8C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5540_firmware:96.4\\(0.42\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "41B1AA35-0D67-431A-8A08-D1A094BEA00C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5540:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C5A524-E1D9-480F-B655-0680AA5BF720",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5545-x_firmware:9.4\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "5113A511-B85E-432B-B602-D8DBF8801113",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5545-x_firmware:96.4\\(0.42\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "B307A668-401B-452F-83D3-DC4122571357",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5545-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57179F60-E330-4FF0-9664-B1E4637FF210",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5550_firmware:9.4\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "3A0E63B4-C2F4-43C9-8F0E-BCD484BCFAE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5550_firmware:96.4\\(0.42\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "A5EF6675-0D00-48D5-BD2E-FC3AA0A2C064",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5550:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6287D95-F564-44B7-A0F9-91396D7C2C4E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5555-x_firmware:9.4\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "5B0A4AC7-B0D9-485F-8F55-B74264238E6E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5555-x_firmware:96.4\\(0.42\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "09A7B7E5-E0EA-48CE-9A18-2BA590C85B7C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5535C936-391B-4619-AA03-B35265FC15D7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5580_firmware:9.4\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "EF631E5F-998A-4AA7-89CF-954B58899DDA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5580_firmware:96.4\\(0.42\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "919DBFD7-D5F9-41C8-B777-DC949D245CC4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1E828B8-5ECC-4A09-B2AD-DEDC558713DE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5585-x_firmware:9.4\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "85936D50-13C2-4D1D-9987-2BE8DA7E2DA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5585-x_firmware:96.4\\(0.42\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "CCAC6D10-D0F7-48C8-BC2F-A22F3CBF9B8A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16AE20C2-C77E-4E04-BF13-A48696E52426",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "679D5374-F120-4540-B9D8-6A69D4E99CDD",
              "versionEndExcluding": "9.6.4.36",
              "versionStartIncluding": "9.6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C74FF4EA-4CF7-4477-882F-8F0EABBE47A4",
              "versionEndExcluding": "9.8.4.12",
              "versionStartIncluding": "9.8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEE81D32-51D0-41F7-B06B-0750DCB1F589",
              "versionEndExcluding": "9.9.2.66",
              "versionStartIncluding": "9.9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "49FFDB02-2944-4B31-BBC0-30E60BA9F9D1",
              "versionEndExcluding": "9.10.1.37",
              "versionStartIncluding": "9.10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C0F64F2-0DFE-4904-85D6-ECD3D37E7385",
              "versionEndExcluding": "9.12.2.9",
              "versionStartIncluding": "9.12",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in DNS over IPv6 packet processing for Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to unexpectedly reload, resulting in a denial of service (DoS) condition. The vulnerability is due to improper length validation of a field in an IPv6 DNS packet. An attacker could exploit this vulnerability by sending a crafted DNS query over IPv6, which traverses the affected device. An exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. This vulnerability is specific to DNS over IPv6 traffic only."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el procesamiento de paquetes DNS sobre IPv6 para el Cisco Adaptive Security Appliance (ASA) Software y el Firepower Threat Defense (FTD) Software, podr\u00eda permitir a un atacante remoto no autenticado causar que el dispositivo se sobrecargue inesperadamente, resultando en una condici\u00f3n de denegaci\u00f3n de servicio (DoS). La vulnerabilidad es debido a una comprobaci\u00f3n inapropiada de la longitud de un campo en un paquete DNS IPv6. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de una consulta DNS sobre IPv6 dise\u00f1ada, que atraviesa el dispositivo afectado. Una explotaci\u00f3n podr\u00eda permitir al atacante causar que el dispositivo se sobrecargue, resultando en una condici\u00f3n DoS. Esta vulnerabilidad es espec\u00edfica solo de DNS sobre el tr\u00e1fico IPv6."
    }
  ],
  "id": "CVE-2020-3191",
  "lastModified": "2024-11-21T05:30:30.980",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-05-06T17:15:12.290",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ipv6-67pA658k"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ipv6-67pA658k"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2021-10-27 19:15

Modified

2024-11-21 06:23

Severity ?

5.3 (Medium) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Summary

A vulnerability in the Internet Key Exchange Version 2 (IKEv2) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to trigger a denial of service (DoS) condition on an affected device. This vulnerability is due to improper control of a resource. An attacker with the ability to spoof a trusted IKEv2 site-to-site VPN peer and in possession of valid IKEv2 credentials for that peer could exploit this vulnerability by sending malformed, authenticated IKEv2 messages to an affected device. A successful exploit could allow the attacker to trigger a reload of the device.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ikev2-dos-g4cmrr7C	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ikev2-dos-g4cmrr7C	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	asa_5512-x_firmware	009.016\(001.025\)
cisco	asa_5512-x	-
cisco	asa_5505_firmware	009.016\(001.025\)
cisco	asa_5505	-
cisco	asa_5515-x_firmware	009.016\(001.025\)
cisco	asa_5515-x	-
cisco	asa_5525-x_firmware	009.016\(001.025\)
cisco	asa_5525-x	-
cisco	asa_5545-x_firmware	009.016\(001.025\)
cisco	asa_5545-x	-
cisco	asa_5555-x_firmware	009.016\(001.025\)
cisco	asa_5555-x	-
cisco	asa_5580_firmware	009.016\(001.025\)
cisco	asa_5580	-
cisco	asa_5585-x_firmware	009.016\(001.025\)
cisco	asa_5585-x	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5429F29E-BEE8-4989-B5F3-A9BABBF64D31",
              "versionEndExcluding": "6.4.0.13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "37A74256-AF9A-473B-9DC7-A57618BA9F00",
              "versionEndExcluding": "6.6.5",
              "versionStartIncluding": "6.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "98DEDDAB-B8C5-4753-A208-94638E694FC1",
              "versionEndExcluding": "6.7.0.3",
              "versionStartIncluding": "6.7.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B2F537A-A488-45B6-AD4B-48B7064AE84C",
              "versionEndExcluding": "7.0.1",
              "versionStartIncluding": "7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F6EF272-6D43-476C-B35D-DDE79A7A01C5",
              "versionEndExcluding": "9.8.4.40",
              "versionStartIncluding": "9.8.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "36510038-2C7B-45D4-8531-C0FFD3D913F4",
              "versionEndExcluding": "9.12.4.30",
              "versionStartIncluding": "9.9.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6828628-B179-4188-92CE-1D488859D92D",
              "versionEndExcluding": "9.14.3.9",
              "versionStartIncluding": "9.14.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6EC0723-CBC7-45A7-8B30-B680E8A771EF",
              "versionEndExcluding": "9.15.1.17",
              "versionStartIncluding": "9.15.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "25DBA8C5-EB2F-4C01-88BA-EC2D720F9F7C",
              "versionEndExcluding": "9.16.2",
              "versionStartIncluding": "9.16.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5512-x_firmware:009.016\\(001.025\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "BEEEB3EB-7AD9-4498-BEE5-12A374AEF0FC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08F0F160-DAD2-48D4-B7B2-4818B2526F35",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5505_firmware:009.016\\(001.025\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "74DF1599-7739-47DD-AD89-B9C48D1ED2EC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E6A8BB7-2000-4CA2-9DD7-89573CE4C73A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5515-x_firmware:009.016\\(001.025\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "96EDFC77-6634-4427-98F8-ACDC704F670F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "977D597B-F6DE-4438-AB02-06BE64D71EBE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5525-x_firmware:009.016\\(001.025\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "AD551733-BBAE-4FE3-8E20-877084CA5E5D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB71EB29-0115-4307-A9F7-262394FD9FB0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5545-x_firmware:009.016\\(001.025\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "1819434E-FE47-4544-8BCB-D1765760E1BB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5545-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57179F60-E330-4FF0-9664-B1E4637FF210",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5555-x_firmware:009.016\\(001.025\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "FB65CEFA-1874-438A-B4F3-9DE96564D291",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5535C936-391B-4619-AA03-B35265FC15D7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5580_firmware:009.016\\(001.025\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "4BED5416-48BE-48A4-9209-DD22BC247819",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1E828B8-5ECC-4A09-B2AD-DEDC558713DE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5585-x_firmware:009.016\\(001.025\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "C7A8E03D-F2C3-4766-B004-961B58C172E2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16AE20C2-C77E-4E04-BF13-A48696E52426",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the Internet Key Exchange Version 2 (IKEv2) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to trigger a denial of service (DoS) condition on an affected device. This vulnerability is due to improper control of a resource. An attacker with the ability to spoof a trusted IKEv2 site-to-site VPN peer and in possession of valid IKEv2 credentials for that peer could exploit this vulnerability by sending malformed, authenticated IKEv2 messages to an affected device. A successful exploit could allow the attacker to trigger a reload of the device."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la implementaci\u00f3n del Intercambio de Claves de Internet Versi\u00f3n 2 (IKEv2) del software Cisco Adaptive Security Appliance (ASA) y del software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir a un atacante remoto autenticado desencadenar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado. Esta vulnerabilidad es debido a un control inapropiado de un recurso. Un atacante con la capacidad de falsificar un peer IKEv2 site-to-site VPN confiable y en posesi\u00f3n de credenciales IKEv2 v\u00e1lidas para ese peer podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de mensajes IKEv2 malformados y autenticados a un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante desencadenar una recarga del dispositivo"
    }
  ],
  "id": "CVE-2021-40125",
  "lastModified": "2024-11-21T06:23:37.697",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 6.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:S/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 6.8,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.6,
        "impactScore": 3.6,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-10-27T19:15:08.877",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ikev2-dos-g4cmrr7C"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ikev2-dos-g4cmrr7C"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-416"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-10-21 19:15

Modified

2024-11-21 05:31

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Summary

A vulnerability in the packet processing functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to inefficient memory management. An attacker could exploit this vulnerability by sending a large number of TCP packets to a specific port on an affected device. A successful exploit could allow the attacker to exhaust system memory, which could cause the device to reload unexpectedly. No manual intervention is needed to recover the device after it has reloaded.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tcp-dos-GDcZDqAf	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tcp-dos-GDcZDqAf	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D27DE97-510A-4761-8184-6940745B54E2",
              "versionEndExcluding": "6.3.0.6",
              "versionStartIncluding": "6.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "53C69C8B-5A19-4613-8861-683CF21806B7",
              "versionEndExcluding": "6.4.0.10",
              "versionStartIncluding": "6.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3ED0E59C-146C-494F-AD46-F6FB43F9C575",
              "versionEndExcluding": "6.5.0.5",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the packet processing functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to inefficient memory management. An attacker could exploit this vulnerability by sending a large number of TCP packets to a specific port on an affected device. A successful exploit could allow the attacker to exhaust system memory, which could cause the device to reload unexpectedly. No manual intervention is needed to recover the device after it has reloaded."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la funcionalidad de procesamiento de paquetes de Cisco Firepower Threat Defense (FTD) Software, podr\u00eda permitir a un atacante remoto no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado.\u0026#xa0;La vulnerabilidad es debido a una administraci\u00f3n de memoria infeciente.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de una gran cantidad de paquetes TCP a un puerto espec\u00edfico en un dispositivo afectado.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir a un atacante agotar la memoria del sistema, lo que podr\u00eda hacer que el dispositivo se recargue inesperadamente.\u0026#xa0;No se necesita intervenci\u00f3n manual para recuperar el dispositivo despu\u00e9s de que se haya recargado"
    }
  ],
  "id": "CVE-2020-3563",
  "lastModified": "2024-11-21T05:31:19.380",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-10-21T19:15:17.967",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tcp-dos-GDcZDqAf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tcp-dos-GDcZDqAf"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2021-10-27 19:15

Modified

2024-11-21 06:23

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

A vulnerability in SSL/TLS message handler for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability exists because incoming SSL/TLS packets are not properly processed. An attacker could exploit this vulnerability by sending a crafted SSL/TLS packet to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dos-4ygzLKU9	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dos-4ygzLKU9	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	asa_5512-x_firmware	009.009\(002.085\)
cisco	asa_5512-x_firmware	009.014\(002.106\)
cisco	asa_5512-x	-
cisco	asa_5505_firmware	009.009\(002.085\)
cisco	asa_5505_firmware	009.014\(002.106\)
cisco	asa_5505	-
cisco	asa_5515-x_firmware	009.009\(002.085\)
cisco	asa_5515-x_firmware	009.014\(002.106\)
cisco	asa_5515-x	-
cisco	asa_5525-x_firmware	009.009\(002.085\)
cisco	asa_5525-x_firmware	009.014\(002.106\)
cisco	asa_5525-x	-
cisco	asa_5545-x_firmware	009.009\(002.085\)
cisco	asa_5545-x_firmware	009.014\(002.106\)
cisco	asa_5545-x	-
cisco	asa_5555-x_firmware	009.009\(002.085\)
cisco	asa_5555-x_firmware	009.014\(002.106\)
cisco	asa_5555-x	-
cisco	asa_5580_firmware	009.009\(002.085\)
cisco	asa_5580_firmware	009.014\(002.106\)
cisco	asa_5580	-
cisco	asa_5585-x_firmware	009.009\(002.085\)
cisco	asa_5585-x_firmware	009.014\(002.106\)
cisco	asa_5585-x	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C7F329B-4EF5-411A-9AB6-02E6A4162D6D",
              "versionEndExcluding": "9.8.4.40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF9BD61A-3390-4FEC-A6FC-B828700734F1",
              "versionEndExcluding": "6.2.3.17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F27ABB44-FC9A-457D-AFB7-D7CB8119C9AE",
              "versionEndExcluding": "6.4.0.13",
              "versionStartIncluding": "6.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "18589C74-19D2-44F0-AF26-68910E26655D",
              "versionEndExcluding": "6.6.5",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "98DEDDAB-B8C5-4753-A208-94638E694FC1",
              "versionEndExcluding": "6.7.0.3",
              "versionStartIncluding": "6.7.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B2F537A-A488-45B6-AD4B-48B7064AE84C",
              "versionEndExcluding": "7.0.1",
              "versionStartIncluding": "7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9F99428-8509-489C-8658-6422BAE20B86",
              "versionEndExcluding": "9.12.4.26",
              "versionStartIncluding": "9.9.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "333EFE8A-1514-4F7A-BBF4-876DC1B2E5A4",
              "versionEndExcluding": "9.14.3.9",
              "versionStartIncluding": "9.13.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6EC0723-CBC7-45A7-8B30-B680E8A771EF",
              "versionEndExcluding": "9.15.1.17",
              "versionStartIncluding": "9.15.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "310B86D1-730D-4D8A-AC95-31FBE4F7D1E6",
              "versionEndExcluding": "9.16.2.3",
              "versionStartIncluding": "9.16.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5512-x_firmware:009.009\\(002.085\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "1A6C8151-DD31-4176-9871-64F6D0473D92",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5512-x_firmware:009.014\\(002.106\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "013CE3DB-A4D9-47EB-9CA6-F3A116E0FDB2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08F0F160-DAD2-48D4-B7B2-4818B2526F35",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5505_firmware:009.009\\(002.085\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "7B6B6A4A-903A-4DC2-ACF8-C8A3F07B905E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5505_firmware:009.014\\(002.106\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "7166E020-D9CE-4CF4-96F3-DE60487CCF31",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E6A8BB7-2000-4CA2-9DD7-89573CE4C73A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5515-x_firmware:009.009\\(002.085\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "2F51225C-BDF6-4C62-A6D0-29858BB409BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5515-x_firmware:009.014\\(002.106\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "1806CB8E-BA50-405C-84F8-09B7E46A42F2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "977D597B-F6DE-4438-AB02-06BE64D71EBE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5525-x_firmware:009.009\\(002.085\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "59BAA486-CB14-475F-B3EB-4EDBECF80046",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5525-x_firmware:009.014\\(002.106\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "D35C749C-F2BB-4A5D-8D95-971AFCE0C0A0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB71EB29-0115-4307-A9F7-262394FD9FB0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5545-x_firmware:009.009\\(002.085\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "4A2012ED-9F23-4169-8501-B0897F658AFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5545-x_firmware:009.014\\(002.106\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "8EDD12C0-7F42-4AE2-A3DA-57D5DC82050F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5545-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57179F60-E330-4FF0-9664-B1E4637FF210",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5555-x_firmware:009.009\\(002.085\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "3233ED72-BAF5-4532-8478-6F44B5A66FA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5555-x_firmware:009.014\\(002.106\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "C40D9C60-CD17-4ACE-961C-8580EC2256C1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5535C936-391B-4619-AA03-B35265FC15D7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5580_firmware:009.009\\(002.085\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "EAEA3B03-7E79-4917-9E7A-EA73E90E3D61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5580_firmware:009.014\\(002.106\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "02308BB6-79AA-46A4-B723-12A30BF15119",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1E828B8-5ECC-4A09-B2AD-DEDC558713DE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5585-x_firmware:009.009\\(002.085\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "E904DE37-F6C5-459F-8A8A-9E9AA7C59170",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5585-x_firmware:009.014\\(002.106\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "CF60431F-E808-4828-B67D-1B87A4E5DDF2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16AE20C2-C77E-4E04-BF13-A48696E52426",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in SSL/TLS message handler for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability exists because incoming SSL/TLS packets are not properly processed. An attacker could exploit this vulnerability by sending a crafted SSL/TLS packet to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el administrador de mensajes SSL/TLS para el software Cisco Adaptive Security Appliance (ASA) y el software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir a un atacante remoto no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado. Esta vulnerabilidad se presenta porque los paquetes SSL/TLS entrantes no se procesan correctamente. Un atacante podr\u00eda aprovechar esta vulnerabilidad mediante el env\u00edo de un paquete SSL/TLS dise\u00f1ado a un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar una recarga del dispositivo afectado, resultando en una condici\u00f3n de DoS"
    }
  ],
  "id": "CVE-2021-40117",
  "lastModified": "2024-11-21T06:23:36.370",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-10-27T19:15:08.770",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dos-4ygzLKU9"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dos-4ygzLKU9"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-10-21 19:15

Modified

2024-11-21 05:30

Severity ?

5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

Summary

Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured File Policy for HTTP. The vulnerability is due to incorrect detection of modified HTTP packets used in chunked responses. An attacker could exploit this vulnerability by sending crafted HTTP packets through an affected device. A successful exploit could allow the attacker to bypass a configured File Policy for HTTP packets and deliver a malicious payload.

References

URL	Tags
psirt@cisco.com	https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html
psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-bypass-3eCfd24j	Vendor Advisory
psirt@cisco.com	https://www.debian.org/security/2023/dsa-5354
af854a3a-2127-422b-91ae-364da2661108	https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html
af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-bypass-3eCfd24j	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.debian.org/security/2023/dsa-5354

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	cloud_services_router_1000v	-
cisco	isrv	-
cisco	1100-4p	-
cisco	1100-8p	-
cisco	1101-4p	-
cisco	1109-2p	-
cisco	1109-4p	-
cisco	1111x-8p	-
cisco	4221_integrated_services_router	-
cisco	4331_integrated_services_router	-
cisco	4431_integrated_services_router	-
cisco	4461_integrated_services_router	-
cisco	isa_3000	-
cisco	meraki_mx	-
snort	snort	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F7D9238-1584-434D-979A-3232DF02DF7C",
              "versionEndExcluding": "6.3.0.1",
              "versionStartIncluding": "6.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:cloud_services_router_1000v:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "237136F5-5A1B-4033-8B7C-CDAD66AF25DF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:cisco:isrv:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "61BAD503-1B99-4489-BA0D-DF8F4E7398A1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1100-4p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA8D5057-138A-42C4-BA35-8077A0A60068",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1100-8p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED555B12-41F4-4D62-B519-22601FB7AF8D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1101-4p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "21B10158-5235-483E-BACD-C407609EA6BE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1109-2p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8964F9BA-6E6C-44BF-9A8C-93D081B6678C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1109-4p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "51251FE1-67D2-4903-B7D3-E0C727B9A93C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1111x-8p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "784E4562-FE26-4049-9D23-4CA46432EE14",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4221_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C8AED7C-DDA3-4C29-BB95-6518C02C551A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4331_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5419CB9F-241F-4431-914F-2659BE27BEA5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4431_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5720462A-BE6B-4E84-A1A1-01E80BBA86AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4461_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8B60888-6E2B-494E-AC65-83337661EE7D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:isa_3000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9510E97A-FD78-43C6-85BC-223001ACA264",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "43B23A83-E4ED-486F-8D7B-36A15C30564B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:snort:snort:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E80D88BC-34B2-4D1D-92D8-F51D50F46B5D",
              "versionEndExcluding": "2.9.13.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured File Policy for HTTP. The vulnerability is due to incorrect detection of modified HTTP packets used in chunked responses. An attacker could exploit this vulnerability by sending crafted HTTP packets through an affected device. A successful exploit could allow the attacker to bypass a configured File Policy for HTTP packets and deliver a malicious payload."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples productos de Cisco est\u00e1n afectados por una vulnerabilidad en el motor de detecci\u00f3n de Snort que podr\u00eda permitir a un atacante remoto no autenticado omitir una Pol\u00edtica de Archivos configurada para HTTP.\u0026#xa0;La vulnerabilidad es debido a una detecci\u00f3n incorrecta de paquetes HTTP modificados utilizados en respuestas fragmentadas.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de paquetes HTTP dise\u00f1ados a trav\u00e9s de un dispositivo afectado.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir a un atacante omitir una Pol\u00edtica de Archivos configurada para paquetes HTTP y entregar una carga \u00fatil maliciosa"
    }
  ],
  "id": "CVE-2020-3299",
  "lastModified": "2024-11-21T05:30:45.790",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-10-21T19:15:15.513",
  "references": [
    {
      "source": "psirt@cisco.com",
      "url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-bypass-3eCfd24j"
    },
    {
      "source": "psirt@cisco.com",
      "url": "https://www.debian.org/security/2023/dsa-5354"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-bypass-3eCfd24j"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.debian.org/security/2023/dsa-5354"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-693"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-05-06 17:15

Modified

2024-11-21 05:30

Severity ?

5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Summary

A vulnerability in how Cisco Firepower Threat Defense (FTD) Software handles session timeouts for management connections could allow an unauthenticated, remote attacker to cause a buildup of remote management connections to an affected device, which could result in a denial of service (DoS) condition. The vulnerability exists because the default session timeout period for specific to-the-box remote management connections is too long. An attacker could exploit this vulnerability by sending a large and sustained number of crafted remote management connections to an affected device, resulting in a buildup of those connections over time. A successful exploit could allow the attacker to cause the remote management interface or Cisco Firepower Device Manager (FDM) to stop responding and cause other management functions to go offline, resulting in a DoS condition. The user traffic that is flowing through the device would not be affected, and the DoS condition would be isolated to remote management only.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-mgmt-interface-dos-FkG4MuTU	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-mgmt-interface-dos-FkG4MuTU	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	asa_5505_firmware	9.8\(3\)
cisco	asa_5505_firmware	101.6\(1.96\)
cisco	asa_5505	-
cisco	asa_5510_firmware	9.8\(3\)
cisco	asa_5510_firmware	101.6\(1.96\)
cisco	asa_5510	-
cisco	asa_5512-x_firmware	9.8\(3\)
cisco	asa_5512-x_firmware	101.6\(1.96\)
cisco	asa_5512-x	-
cisco	asa_5515-x_firmware	9.8\(3\)
cisco	asa_5515-x_firmware	101.6\(1.96\)
cisco	asa_5515-x	-
cisco	asa_5520_firmware	9.8\(3\)
cisco	asa_5520_firmware	101.6\(1.96\)
cisco	asa_5520	-
cisco	asa_5525-x_firmware	9.8\(3\)
cisco	asa_5525-x_firmware	101.6\(1.96\)
cisco	asa_5525-x	-
cisco	asa_5540_firmware	9.8\(3\)
cisco	asa_5540_firmware	101.6\(1.96\)
cisco	asa_5540	-
cisco	asa_5545-x_firmware	9.8\(3\)
cisco	asa_5545-x_firmware	101.6\(1.96\)
cisco	asa_5545-x	-
cisco	asa_5550_firmware	9.8\(3\)
cisco	asa_5550_firmware	101.6\(1.96\)
cisco	asa_5550	-
cisco	asa_5555-x_firmware	9.8\(3\)
cisco	asa_5555-x_firmware	101.6\(1.96\)
cisco	asa_5555-x	-
cisco	asa_5580_firmware	9.8\(3\)
cisco	asa_5580_firmware	101.6\(1.96\)
cisco	asa_5580	-
cisco	asa_5585-x_firmware	9.8\(3\)
cisco	asa_5585-x_firmware	101.6\(1.96\)
cisco	asa_5585-x	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "06741056-2BFD-4F88-917A-F581F813B69E",
              "versionEndExcluding": "6.4.0.9",
              "versionStartIncluding": "6.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3ED0E59C-146C-494F-AD46-F6FB43F9C575",
              "versionEndExcluding": "6.5.0.5",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5505_firmware:9.8\\(3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "D20B7556-CB33-4E96-8B4A-4E70C350079D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5505_firmware:101.6\\(1.96\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "51DFD14D-033B-4AA3-B7C6-E5CE9EEF69DD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E6A8BB7-2000-4CA2-9DD7-89573CE4C73A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5510_firmware:9.8\\(3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "4DC4AD47-1789-494E-949F-483CBC2EDF4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5510_firmware:101.6\\(1.96\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "4A9AF36E-F7F0-4A0E-B95D-2DF5584D5072",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B091B9BA-D4CA-435B-8D66-602B45F0E0BD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5512-x_firmware:9.8\\(3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "39AC2543-8397-4CAD-A87C-10AD2F5672A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5512-x_firmware:101.6\\(1.96\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "70CC1F85-2E5C-4939-9879-417484C58F5A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08F0F160-DAD2-48D4-B7B2-4818B2526F35",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5515-x_firmware:9.8\\(3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "715FA7AF-438C-4B73-B411-F5242D82E6DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5515-x_firmware:101.6\\(1.96\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "028C5F69-DBAB-42DA-A759-555FACE4CF08",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "977D597B-F6DE-4438-AB02-06BE64D71EBE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5520_firmware:9.8\\(3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "1C833630-408A-4491-88E3-F8F50BC0988E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5520_firmware:101.6\\(1.96\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "AD20CA7A-9EF1-4BA5-883E-EB9791AB1982",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5520:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B387F62-6341-434D-903F-9B72E7F84ECB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5525-x_firmware:9.8\\(3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "400F4C4E-75A0-420C-A3D0-35EBCA9439C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5525-x_firmware:101.6\\(1.96\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "76F77E11-71F3-4197-871F-FEA1E53D7CFB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB71EB29-0115-4307-A9F7-262394FD9FB0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5540_firmware:9.8\\(3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "28EE51A4-C914-4B9C-B483-A56E0AAA788F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5540_firmware:101.6\\(1.96\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "33A3EB45-FDC6-4BAB-9E6D-96A463C1A9B3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5540:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C5A524-E1D9-480F-B655-0680AA5BF720",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5545-x_firmware:9.8\\(3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "BA31C6C9-EC1F-4548-AF39-FD49DD98BBBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5545-x_firmware:101.6\\(1.96\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "2AA06D7D-A0BA-4B17-9EF3-165A203F8921",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5545-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57179F60-E330-4FF0-9664-B1E4637FF210",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5550_firmware:9.8\\(3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "7C6DCED6-241A-4FB6-B2A4-B4E4DD3B7547",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5550_firmware:101.6\\(1.96\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "414DE2B9-AE0A-4DE4-9D0A-8C1E11AF85D3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5550:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6287D95-F564-44B7-A0F9-91396D7C2C4E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5555-x_firmware:9.8\\(3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "611D736A-1C49-4FF7-BC6B-01D735771450",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5555-x_firmware:101.6\\(1.96\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "3E584FE6-A477-4EFE-B562-35FC65229F26",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5535C936-391B-4619-AA03-B35265FC15D7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5580_firmware:9.8\\(3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "E2CBAFBF-8727-43F3-9C9E-E3CCCF93BE29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5580_firmware:101.6\\(1.96\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "B400A5F1-2DDA-4881-AB68-3F59262C981D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1E828B8-5ECC-4A09-B2AD-DEDC558713DE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5585-x_firmware:9.8\\(3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "AE020E81-C231-4975-9695-ECE383C32B2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5585-x_firmware:101.6\\(1.96\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "C8D5DAF8-D27D-41A7-9912-580D657557E0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16AE20C2-C77E-4E04-BF13-A48696E52426",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in how Cisco Firepower Threat Defense (FTD) Software handles session timeouts for management connections could allow an unauthenticated, remote attacker to cause a buildup of remote management connections to an affected device, which could result in a denial of service (DoS) condition. The vulnerability exists because the default session timeout period for specific to-the-box remote management connections is too long. An attacker could exploit this vulnerability by sending a large and sustained number of crafted remote management connections to an affected device, resulting in a buildup of those connections over time. A successful exploit could allow the attacker to cause the remote management interface or Cisco Firepower Device Manager (FDM) to stop responding and cause other management functions to go offline, resulting in a DoS condition. The user traffic that is flowing through the device would not be affected, and the DoS condition would be isolated to remote management only."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en como el Cisco Firepower Threat Defense (FTD) Software maneja los tiempos de espera de sesi\u00f3n para las conexiones de administraci\u00f3n, podr\u00eda permitir a un atacante remoto no autenticado causar una acumulaci\u00f3n de conexiones de administraci\u00f3n remota en un dispositivo afectado, lo que podr\u00eda resultar en una condici\u00f3n de denegaci\u00f3n de servicio (DoS). La vulnerabilidad se presenta porque el per\u00edodo de tiempo de espera de la sesi\u00f3n predeterminada para conexiones de administraci\u00f3n remota espec\u00edficas es demasiado largo. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de un n\u00famero grande y sostenido de conexiones de administraci\u00f3n remota dise\u00f1adas sobre un dispositivo afectado, resultando en una acumulaci\u00f3n de esas conexiones sobre el tiempo. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir a un atacante causar que la interfaz de administraci\u00f3n remota o el Cisco Firepower Device Manager (FDM) dejen de responder y cause que otras funciones de administraci\u00f3n se desconecten, resultando en una condici\u00f3n DoS. El tr\u00e1fico del usuario que fluye a trav\u00e9s del dispositivo no estar\u00eda afectado, y la condici\u00f3n DoS estar\u00eda aislada para la administraci\u00f3n remota solamente."
    }
  ],
  "id": "CVE-2020-3188",
  "lastModified": "2024-11-21T05:30:30.560",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-05-06T17:15:12.150",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-mgmt-interface-dos-FkG4MuTU"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-mgmt-interface-dos-FkG4MuTU"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-613"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-10-21 19:15

Modified

2024-11-21 05:31

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Summary

A vulnerability in the SSL/TLS session handler of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a memory leak when closing SSL/TLS connections in a specific state. An attacker could exploit this vulnerability by establishing several SSL/TLS sessions and ensuring they are closed under certain conditions. A successful exploit could allow the attacker to exhaust memory resources in the affected device, which would prevent it from processing new SSL/TLS connections, resulting in a DoS. Manual intervention is required to recover an affected device.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-tcp-dos-N3DMnU4T	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-tcp-dos-N3DMnU4T	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AED88F6A-9C56-4005-B809-00E5637CCA27",
              "versionEndExcluding": "9.6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB4FADF7-A3CD-44B4-85DF-75F28369B459",
              "versionEndExcluding": "6.3.0.6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "53C69C8B-5A19-4613-8861-683CF21806B7",
              "versionEndExcluding": "6.4.0.10",
              "versionStartIncluding": "6.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8499CD6E-FFF8-4CAB-966A-497D4C42EEC9",
              "versionEndExcluding": "6.6.1",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E38D6F74-E407-4232-86C9-178AC3D00F1C",
              "versionEndExcluding": "9.8.4.26",
              "versionStartIncluding": "9.8.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E16D2CA3-B494-4348-BF0C-03969D1423D0",
              "versionEndExcluding": "9.9.2.80",
              "versionStartIncluding": "9.9.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFF8B79C-41E6-4367-8A37-C1A41DA8345E",
              "versionEndExcluding": "9.10.1.44",
              "versionStartIncluding": "9.10.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F71893A1-284B-453E-A9F4-579FAB514E9B",
              "versionEndExcluding": "9.12.4.4",
              "versionStartIncluding": "9.12.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4148D30-F285-4045-A017-82F5BF074233",
              "versionEndExcluding": "9.13.1.13",
              "versionStartIncluding": "9.13.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "97B216C8-49C2-43DA-9D7C-3290B5EBF334",
              "versionEndExcluding": "9.14.1.19",
              "versionStartIncluding": "9.14.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the SSL/TLS session handler of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a memory leak when closing SSL/TLS connections in a specific state. An attacker could exploit this vulnerability by establishing several SSL/TLS sessions and ensuring they are closed under certain conditions. A successful exploit could allow the attacker to exhaust memory resources in the affected device, which would prevent it from processing new SSL/TLS connections, resulting in a DoS. Manual intervention is required to recover an affected device."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el manejador de sesi\u00f3n SSL/TLS Cisco Adaptive Security Appliance (ASA) Software y Cisco Firepower Threat Defense (FTD) Software, podr\u00eda permitir a un atacante remoto no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado.\u0026#xa0;La vulnerabilidad es debido a una p\u00e9rdida de memoria al cerrar las conexiones SSL/TLS en un estado espec\u00edfico.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad mediante el establecimiento de m\u00faltiples sesiones SSL/TLS y asegur\u00e1ndose de que est\u00e9n cerradas en determinadas condiciones.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir a un atacante agotar los recursos de la memoria en el dispositivo afectado, lo que impedir\u00eda el procesamiento de nuevas conexiones SSL/TLS, resultando en una DoS.\u0026#xa0;Es requerida una intervenci\u00f3n manual para recuperar un dispositivo afectado"
    }
  ],
  "id": "CVE-2020-3572",
  "lastModified": "2024-11-21T05:31:20.360",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-10-21T19:15:18.327",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-tcp-dos-N3DMnU4T"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-tcp-dos-N3DMnU4T"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-401"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2018-10-05 14:29

Modified

2024-11-21 03:50

Severity ?

6.8 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H

Summary

A vulnerability in the TCP syslog module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to exhaust the 1550-byte buffers on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to a missing boundary check in an internal function. An attacker could exploit this vulnerability by establishing a man-in-the-middle position between an affected device and its configured TCP syslog server and then maliciously modifying the TCP header in segments that are sent from the syslog server to the affected device. A successful exploit could allow the attacker to exhaust buffer on the affected device and cause all TCP-based features to stop functioning, resulting in a DoS condition. The affected TCP-based features include AnyConnect SSL VPN, clientless SSL VPN, and management connections such as Secure Shell (SSH), Telnet, and HTTPS.

References

URL	Tags
psirt@cisco.com	http://www.securitytracker.com/id/1041785	Third Party Advisory, VDB Entry
psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-asa-syslog-dos	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1041785	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-asa-syslog-dos	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance_software	9.4\(4\)
cisco	adaptive_security_appliance_software	9.8\(2\)
cisco	firepower_threat_defense	6.2.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4\\(4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "34B82BEF-0046-4095-9D8F-7D67518659E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "8EA6DC7B-87E1-4331-A199-B5013F113D6E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1DC52A8B-7DF4-47B2-9F49-627F59656E5E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the TCP syslog module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to exhaust the 1550-byte buffers on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to a missing boundary check in an internal function. An attacker could exploit this vulnerability by establishing a man-in-the-middle position between an affected device and its configured TCP syslog server and then maliciously modifying the TCP header in segments that are sent from the syslog server to the affected device. A successful exploit could allow the attacker to exhaust buffer on the affected device and cause all TCP-based features to stop functioning, resulting in a DoS condition. The affected TCP-based features include AnyConnect SSL VPN, clientless SSL VPN, and management connections such as Secure Shell (SSH), Telnet, and HTTPS."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el m\u00f3dulo TCP syslog de Cisco Adaptive Security Appliance (ASA) Software y Cisco Firepower Threat Defense (FTD) Software podr\u00edan permitir que un atacante remoto no autenticado agote los b\u00fafers de 1550 bytes en un dispositivo afectado, lo que resulta en una denegaci\u00f3n de servicio (DoS). La vulnerabilidad se debe a una falta de comprobaci\u00f3n de l\u00edmites en una funci\u00f3n interna. Un atacante podr\u00eda explotar esta vulnerabilidad estableciendo una posici\u00f3n Man-in-the-Middle (MitM) entre un dispositivo afectado y su servidor syslog TCP configurado y, despu\u00e9s, modificando la cabecera TCP en los segmentos que se env\u00edan desde el servidor syslog al dispositivo afectado. Su explotaci\u00f3n con \u00e9xito podr\u00eda permitir que el atacante agote el b\u00fafer del dispositivo afectado y haga que todas las funcionalidades basadas en TCP dejen de funcionar, lo que resulta en una denegaci\u00f3n de servicio (DoS). Las funcionalidades basadas en TCP incluyen AnyConnect SSL VPN y SSL VPN sin cliente, as\u00ed como las conexiones de gesti\u00f3n como Secure Shell (SSH), Telnet y HTTPS."
    }
  ],
  "id": "CVE-2018-15399",
  "lastModified": "2024-11-21T03:50:42.333",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 4.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-10-05T14:29:08.327",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1041785"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-asa-syslog-dos"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1041785"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-asa-syslog-dos"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-770"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2019-05-03 16:29

Modified

2024-11-21 04:37

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Summary

A vulnerability in the Internet Key Exchange Version 2 Mobility and Multihoming Protocol (MOBIKE) feature for the Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a memory leak or a reload of an affected device that leads to a denial of service (DoS) condition. The vulnerability is due to the incorrect processing of certain MOBIKE packets. An attacker could exploit this vulnerability by sending crafted MOBIKE packets to an affected device to be processed. A successful exploit could cause an affected device to continuously consume memory and eventually reload, resulting in a DoS condition. The MOBIKE feature is supported only for IPv4 addresses.

References

URL	Tags
psirt@cisco.com	http://www.securityfocus.com/bid/108166	Third Party Advisory, VDB Entry
psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftd-ike-dos	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/108166	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftd-ike-dos	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	asa-5506-x	-
cisco	asa-5525-x	-
cisco	asa-5555-x	-
cisco	asa_5506h-x	-
cisco	asa_5506w-x	-
cisco	asa_5508-x	-
cisco	asa_5516-x	-
cisco	asa_5545-x	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "660EA1E6-E045-47EA-81D9-6B7199129B20",
              "versionEndIncluding": "6.2.3.12",
              "versionStartIncluding": "6.2.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "20F76E4C-C428-4360-89B5-CD23332D7878",
              "versionEndIncluding": "6.3.0.3",
              "versionStartIncluding": "6.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "730A1D46-E66F-440A-B756-007C73BF97A6",
              "versionEndIncluding": "9.8.4",
              "versionStartIncluding": "9.8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A250526-6A3F-4C3B-A4DC-078A360924E9",
              "versionEndIncluding": "9.9.2.50",
              "versionStartIncluding": "9.9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4DDEA4A-D45F-4AE0-82AB-2FB75E9A344D",
              "versionEndIncluding": "9.10.1.17",
              "versionStartIncluding": "9.10",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa-5506-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4916B846-AEAD-4C06-9705-048627F27236",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa-5525-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "45A11CA4-D93C-4D32-81C7-E3CF71EC4BBB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa-5555-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A567EFB6-9A19-4BC0-8EE2-6E2219D09961",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5506h-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "30AC6907-3091-409F-967D-64A82A0C5A8C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5506w-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D11AF728-8EB0-45EB-A7DD-F2D52B3BB7B8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5508-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "92AE506A-E710-465B-B795-470FDE0E0ECA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5516-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E07AF10-FFB2-4AC7-BBE7-199C3EFED81F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5545-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57179F60-E330-4FF0-9664-B1E4637FF210",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the Internet Key Exchange Version 2 Mobility and Multihoming Protocol (MOBIKE) feature for the Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a memory leak or a reload of an affected device that leads to a denial of service (DoS) condition. The vulnerability is due to the incorrect processing of certain MOBIKE packets. An attacker could exploit this vulnerability by sending crafted MOBIKE packets to an affected device to be processed. A successful exploit could cause an affected device to continuously consume memory and eventually reload, resulting in a DoS condition. The MOBIKE feature is supported only for IPv4 addresses."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la caracter\u00edstica del Internet Key Exchange Version 2 Mobility and Multihoming Protocol (MOBIKE) (Cisco Mobility) para el programa ASA (Cisco Adaptive Security Appliance) y el programa Cisco Firepower Threat Defense (FTD) podr\u00eda permitir que un atacante remoto no autenticado provoque una p\u00e9rdida de memoria o recarga de un dispositivo afectado que lleva a una condici\u00f3n de denegaci\u00f3n de servicio (DoS). La vulnerabilidad se debe al procesamiento inapropiado de ciertos paquetes MOBIKE. Un atacante podr\u00eda explotar esta vulnerabilidad enviando paquetes MOBIKE creados a un dispositivo afectado para procesarlos. Una explotaci\u00f3n con \u00e9xito podr\u00eda hacer que un dispositivo afectado consumiera memoria continuamente y finalmente se recargara, resultando en una condici\u00f3n DoS. La funci\u00f3n MOBIKE solo es compatible con direcciones IPv4."
    }
  ],
  "id": "CVE-2019-1708",
  "lastModified": "2024-11-21T04:37:08.910",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-05-03T16:29:00.680",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/108166"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftd-ike-dos"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/108166"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftd-ike-dos"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-404"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-401"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2023-10-10 14:15

Modified

2025-06-11 17:29

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

References

URL	Tags
cve@mitre.org	http://www.openwall.com/lists/oss-security/2023/10/10/6	Mailing List, Third Party Advisory
cve@mitre.org	http://www.openwall.com/lists/oss-security/2023/10/10/7	Mailing List, Third Party Advisory
cve@mitre.org	http://www.openwall.com/lists/oss-security/2023/10/13/4	Mailing List, Third Party Advisory
cve@mitre.org	http://www.openwall.com/lists/oss-security/2023/10/13/9	Mailing List, Third Party Advisory
cve@mitre.org	http://www.openwall.com/lists/oss-security/2023/10/18/4	Mailing List, Third Party Advisory
cve@mitre.org	http://www.openwall.com/lists/oss-security/2023/10/18/8	Mailing List, Third Party Advisory
cve@mitre.org	http://www.openwall.com/lists/oss-security/2023/10/19/6	Mailing List, Third Party Advisory
cve@mitre.org	http://www.openwall.com/lists/oss-security/2023/10/20/8	Mailing List, Third Party Advisory
cve@mitre.org	https://access.redhat.com/security/cve/cve-2023-44487	Vendor Advisory
cve@mitre.org	https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/	Press/Media Coverage, Third Party Advisory
cve@mitre.org	https://aws.amazon.com/security/security-bulletins/AWS-2023-011/	Third Party Advisory
cve@mitre.org	https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/	Technical Description, Vendor Advisory
cve@mitre.org	https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/	Third Party Advisory, Vendor Advisory
cve@mitre.org	https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/	Vendor Advisory
cve@mitre.org	https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack	Press/Media Coverage, Third Party Advisory
cve@mitre.org	https://blog.vespa.ai/cve-2023-44487/	Vendor Advisory
cve@mitre.org	https://bugzilla.proxmox.com/show_bug.cgi?id=4988	Issue Tracking, Third Party Advisory
cve@mitre.org	https://bugzilla.redhat.com/show_bug.cgi?id=2242803	Issue Tracking, Vendor Advisory
cve@mitre.org	https://bugzilla.suse.com/show_bug.cgi?id=1216123	Issue Tracking, Vendor Advisory
cve@mitre.org	https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9	Mailing List, Patch, Vendor Advisory
cve@mitre.org	https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/	Technical Description, Vendor Advisory
cve@mitre.org	https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack	Technical Description, Vendor Advisory
cve@mitre.org	https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125	Vendor Advisory
cve@mitre.org	https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715	Third Party Advisory
cve@mitre.org	https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve	Broken Link
cve@mitre.org	https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764	Vendor Advisory
cve@mitre.org	https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088	Issue Tracking, Patch
cve@mitre.org	https://github.com/Azure/AKS/issues/3947	Issue Tracking
cve@mitre.org	https://github.com/Kong/kong/discussions/11741	Issue Tracking
cve@mitre.org	https://github.com/advisories/GHSA-qppj-fm5r-hxr3	Vendor Advisory
cve@mitre.org	https://github.com/advisories/GHSA-vx74-f528-fxqg	Mitigation, Patch, Vendor Advisory
cve@mitre.org	https://github.com/advisories/GHSA-xpw8-rcwv-8f8p	Patch, Vendor Advisory
cve@mitre.org	https://github.com/akka/akka-http/issues/4323	Issue Tracking
cve@mitre.org	https://github.com/alibaba/tengine/issues/1872	Issue Tracking
cve@mitre.org	https://github.com/apache/apisix/issues/10320	Issue Tracking
cve@mitre.org	https://github.com/apache/httpd-site/pull/10	Issue Tracking
cve@mitre.org	https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113	Product
cve@mitre.org	https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2	Product, Third Party Advisory
cve@mitre.org	https://github.com/apache/trafficserver/pull/10564	Issue Tracking, Patch
cve@mitre.org	https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487	Vendor Advisory
cve@mitre.org	https://github.com/bcdannyboy/CVE-2023-44487	Third Party Advisory
cve@mitre.org	https://github.com/caddyserver/caddy/issues/5877	Issue Tracking, Vendor Advisory
cve@mitre.org	https://github.com/caddyserver/caddy/releases/tag/v2.7.5	Release Notes, Third Party Advisory
cve@mitre.org	https://github.com/dotnet/announcements/issues/277	Issue Tracking, Mitigation, Vendor Advisory
cve@mitre.org	https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73	Product, Release Notes
cve@mitre.org	https://github.com/eclipse/jetty.project/issues/10679	Issue Tracking
cve@mitre.org	https://github.com/envoyproxy/envoy/pull/30055	Issue Tracking, Patch
cve@mitre.org	https://github.com/etcd-io/etcd/issues/16740	Issue Tracking, Patch
cve@mitre.org	https://github.com/facebook/proxygen/pull/466	Issue Tracking, Patch
cve@mitre.org	https://github.com/golang/go/issues/63417	Issue Tracking
cve@mitre.org	https://github.com/grpc/grpc-go/pull/6703	Issue Tracking, Patch
cve@mitre.org	https://github.com/grpc/grpc/releases/tag/v1.59.2	Mailing List
cve@mitre.org	https://github.com/h2o/h2o/pull/3291	Issue Tracking, Patch
cve@mitre.org	https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf	Vendor Advisory
cve@mitre.org	https://github.com/haproxy/haproxy/issues/2312	Issue Tracking
cve@mitre.org	https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244	Product
cve@mitre.org	https://github.com/junkurihara/rust-rpxy/issues/97	Issue Tracking
cve@mitre.org	https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1	Patch
cve@mitre.org	https://github.com/kazu-yamamoto/http2/issues/93	Issue Tracking
cve@mitre.org	https://github.com/kubernetes/kubernetes/pull/121120	Issue Tracking, Patch
cve@mitre.org	https://github.com/line/armeria/pull/5232	Issue Tracking, Patch
cve@mitre.org	https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632	Patch
cve@mitre.org	https://github.com/micrictor/http2-rst-stream	Exploit, Third Party Advisory
cve@mitre.org	https://github.com/microsoft/CBL-Mariner/pull/6381	Issue Tracking, Patch
cve@mitre.org	https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61	Patch
cve@mitre.org	https://github.com/nghttp2/nghttp2/pull/1961	Issue Tracking, Patch
cve@mitre.org	https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0	Release Notes
cve@mitre.org	https://github.com/ninenines/cowboy/issues/1615	Issue Tracking
cve@mitre.org	https://github.com/nodejs/node/pull/50121	Issue Tracking
cve@mitre.org	https://github.com/openresty/openresty/issues/930	Issue Tracking
cve@mitre.org	https://github.com/opensearch-project/data-prepper/issues/3474	Issue Tracking, Patch
cve@mitre.org	https://github.com/oqtane/oqtane.framework/discussions/3367	Issue Tracking
cve@mitre.org	https://github.com/projectcontour/contour/pull/5826	Issue Tracking, Patch
cve@mitre.org	https://github.com/tempesta-tech/tempesta/issues/1986	Issue Tracking
cve@mitre.org	https://github.com/varnishcache/varnish-cache/issues/3996	Issue Tracking
cve@mitre.org	https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo	Mailing List, Release Notes, Vendor Advisory
cve@mitre.org	https://istio.io/latest/news/security/istio-security-2023-004/	Vendor Advisory
cve@mitre.org	https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/	Vendor Advisory
cve@mitre.org	https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q	Mailing List
cve@mitre.org	https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html	Mailing List, Third Party Advisory
cve@mitre.org	https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html	Mailing List
cve@mitre.org	https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html	Mailing List
cve@mitre.org	https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html	Mailing List
cve@mitre.org	https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html	Mailing List
cve@mitre.org	https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html	Mailing List
cve@mitre.org	https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html	Mailing List
cve@mitre.org	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/	Mailing List
cve@mitre.org	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/	Mailing List
cve@mitre.org	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/	Mailing List
cve@mitre.org	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/	Mailing List
cve@mitre.org	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/	Mailing List
cve@mitre.org	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/	Mailing List
cve@mitre.org	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/	Mailing List
cve@mitre.org	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/	Mailing List
cve@mitre.org	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/	Mailing List
cve@mitre.org	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/	Mailing List
cve@mitre.org	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/	Mailing List
cve@mitre.org	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/	Mailing List
cve@mitre.org	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/	Mailing List
cve@mitre.org	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/	Mailing List
cve@mitre.org	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/	Mailing List
cve@mitre.org	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/	Mailing List
cve@mitre.org	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/	Mailing List
cve@mitre.org	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/	Mailing List
cve@mitre.org	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/	Mailing List
cve@mitre.org	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/	Mailing List
cve@mitre.org	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/	Mailing List
cve@mitre.org	https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html	Mailing List, Third Party Advisory
cve@mitre.org	https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html	Mailing List, Patch, Third Party Advisory
cve@mitre.org	https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html	Third Party Advisory
cve@mitre.org	https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/	Patch, Vendor Advisory
cve@mitre.org	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487	Mitigation, Patch, Vendor Advisory
cve@mitre.org	https://my.f5.com/manage/s/article/K000137106	Vendor Advisory
cve@mitre.org	https://netty.io/news/2023/10/10/4-1-100-Final.html	Release Notes, Vendor Advisory
cve@mitre.org	https://news.ycombinator.com/item?id=37830987	Issue Tracking
cve@mitre.org	https://news.ycombinator.com/item?id=37830998	Issue Tracking, Press/Media Coverage
cve@mitre.org	https://news.ycombinator.com/item?id=37831062	Issue Tracking
cve@mitre.org	https://news.ycombinator.com/item?id=37837043	Issue Tracking
cve@mitre.org	https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/	Third Party Advisory
cve@mitre.org	https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected	Third Party Advisory
cve@mitre.org	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http2-reset-d8Kf32vZ	Vendor Advisory
cve@mitre.org	https://security.gentoo.org/glsa/202311-09	Third Party Advisory
cve@mitre.org	https://security.netapp.com/advisory/ntap-20231016-0001/	Third Party Advisory
cve@mitre.org	https://security.netapp.com/advisory/ntap-20240426-0007/	Third Party Advisory
cve@mitre.org	https://security.netapp.com/advisory/ntap-20240621-0006/	Exploit, Third Party Advisory
cve@mitre.org	https://security.netapp.com/advisory/ntap-20240621-0007/	Third Party Advisory
cve@mitre.org	https://security.paloaltonetworks.com/CVE-2023-44487	Vendor Advisory
cve@mitre.org	https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14	Release Notes
cve@mitre.org	https://ubuntu.com/security/CVE-2023-44487	Vendor Advisory
cve@mitre.org	https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/	Third Party Advisory
cve@mitre.org	https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487	Third Party Advisory, US Government Resource
cve@mitre.org	https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event	Press/Media Coverage, Third Party Advisory
cve@mitre.org	https://www.debian.org/security/2023/dsa-5521	Mailing List, Vendor Advisory
cve@mitre.org	https://www.debian.org/security/2023/dsa-5522	Mailing List, Vendor Advisory
cve@mitre.org	https://www.debian.org/security/2023/dsa-5540	Mailing List, Third Party Advisory
cve@mitre.org	https://www.debian.org/security/2023/dsa-5549	Mailing List, Third Party Advisory
cve@mitre.org	https://www.debian.org/security/2023/dsa-5558	Mailing List, Third Party Advisory
cve@mitre.org	https://www.debian.org/security/2023/dsa-5570	Third Party Advisory
cve@mitre.org	https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487	Third Party Advisory, Vendor Advisory
cve@mitre.org	https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/	Vendor Advisory
cve@mitre.org	https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/	Mitigation, Vendor Advisory
cve@mitre.org	https://www.openwall.com/lists/oss-security/2023/10/10/6	Mailing List, Third Party Advisory
cve@mitre.org	https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack	Press/Media Coverage
cve@mitre.org	https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/	Press/Media Coverage, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2023/10/13/4	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2023/10/13/9	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2023/10/18/4	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2023/10/18/8	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2023/10/19/6	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2023/10/20/8	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/security/cve/cve-2023-44487	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/	Press/Media Coverage, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://aws.amazon.com/security/security-bulletins/AWS-2023-011/	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/	Technical Description, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/	Third Party Advisory, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack	Press/Media Coverage, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://blog.vespa.ai/cve-2023-44487/	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.proxmox.com/show_bug.cgi?id=4988	Issue Tracking, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=2242803	Issue Tracking, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.suse.com/show_bug.cgi?id=1216123	Issue Tracking, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9	Mailing List, Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/	Technical Description, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack	Technical Description, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve	Broken Link
af854a3a-2127-422b-91ae-364da2661108	https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088	Issue Tracking, Patch
af854a3a-2127-422b-91ae-364da2661108	https://github.com/Azure/AKS/issues/3947	Issue Tracking
af854a3a-2127-422b-91ae-364da2661108	https://github.com/Kong/kong/discussions/11741	Issue Tracking
af854a3a-2127-422b-91ae-364da2661108	https://github.com/advisories/GHSA-qppj-fm5r-hxr3	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/advisories/GHSA-vx74-f528-fxqg	Mitigation, Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/advisories/GHSA-xpw8-rcwv-8f8p	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/akka/akka-http/issues/4323	Issue Tracking
af854a3a-2127-422b-91ae-364da2661108	https://github.com/alibaba/tengine/issues/1872	Issue Tracking
af854a3a-2127-422b-91ae-364da2661108	https://github.com/apache/apisix/issues/10320	Issue Tracking
af854a3a-2127-422b-91ae-364da2661108	https://github.com/apache/httpd-site/pull/10	Issue Tracking
af854a3a-2127-422b-91ae-364da2661108	https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113	Product
af854a3a-2127-422b-91ae-364da2661108	https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2	Product, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/apache/trafficserver/pull/10564	Issue Tracking, Patch
af854a3a-2127-422b-91ae-364da2661108	https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/bcdannyboy/CVE-2023-44487	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/caddyserver/caddy/issues/5877	Issue Tracking, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/caddyserver/caddy/releases/tag/v2.7.5	Release Notes, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/dotnet/announcements/issues/277	Issue Tracking, Mitigation, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73	Product, Release Notes
af854a3a-2127-422b-91ae-364da2661108	https://github.com/eclipse/jetty.project/issues/10679	Issue Tracking
af854a3a-2127-422b-91ae-364da2661108	https://github.com/envoyproxy/envoy/pull/30055	Issue Tracking, Patch
af854a3a-2127-422b-91ae-364da2661108	https://github.com/etcd-io/etcd/issues/16740	Issue Tracking, Patch
af854a3a-2127-422b-91ae-364da2661108	https://github.com/facebook/proxygen/pull/466	Issue Tracking, Patch
af854a3a-2127-422b-91ae-364da2661108	https://github.com/golang/go/issues/63417	Issue Tracking
af854a3a-2127-422b-91ae-364da2661108	https://github.com/grpc/grpc-go/pull/6703	Issue Tracking, Patch
af854a3a-2127-422b-91ae-364da2661108	https://github.com/h2o/h2o/pull/3291	Issue Tracking, Patch
af854a3a-2127-422b-91ae-364da2661108	https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/haproxy/haproxy/issues/2312	Issue Tracking
af854a3a-2127-422b-91ae-364da2661108	https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244	Product
af854a3a-2127-422b-91ae-364da2661108	https://github.com/junkurihara/rust-rpxy/issues/97	Issue Tracking
af854a3a-2127-422b-91ae-364da2661108	https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1	Patch
af854a3a-2127-422b-91ae-364da2661108	https://github.com/kazu-yamamoto/http2/issues/93	Issue Tracking
af854a3a-2127-422b-91ae-364da2661108	https://github.com/kubernetes/kubernetes/pull/121120	Issue Tracking, Patch
af854a3a-2127-422b-91ae-364da2661108	https://github.com/line/armeria/pull/5232	Issue Tracking, Patch
af854a3a-2127-422b-91ae-364da2661108	https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632	Patch
af854a3a-2127-422b-91ae-364da2661108	https://github.com/micrictor/http2-rst-stream	Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/microsoft/CBL-Mariner/pull/6381	Issue Tracking, Patch
af854a3a-2127-422b-91ae-364da2661108	https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61	Patch
af854a3a-2127-422b-91ae-364da2661108	https://github.com/nghttp2/nghttp2/pull/1961	Issue Tracking, Patch
af854a3a-2127-422b-91ae-364da2661108	https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0	Release Notes
af854a3a-2127-422b-91ae-364da2661108	https://github.com/ninenines/cowboy/issues/1615	Issue Tracking
af854a3a-2127-422b-91ae-364da2661108	https://github.com/nodejs/node/pull/50121	Issue Tracking
af854a3a-2127-422b-91ae-364da2661108	https://github.com/openresty/openresty/issues/930	Issue Tracking
af854a3a-2127-422b-91ae-364da2661108	https://github.com/opensearch-project/data-prepper/issues/3474	Issue Tracking, Patch
af854a3a-2127-422b-91ae-364da2661108	https://github.com/oqtane/oqtane.framework/discussions/3367	Issue Tracking
af854a3a-2127-422b-91ae-364da2661108	https://github.com/projectcontour/contour/pull/5826	Issue Tracking, Patch
af854a3a-2127-422b-91ae-364da2661108	https://github.com/tempesta-tech/tempesta/issues/1986	Issue Tracking
af854a3a-2127-422b-91ae-364da2661108	https://github.com/varnishcache/varnish-cache/issues/3996	Issue Tracking
af854a3a-2127-422b-91ae-364da2661108	https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo	Mailing List, Release Notes, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://istio.io/latest/news/security/istio-security-2023-004/	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q	Mailing List
af854a3a-2127-422b-91ae-364da2661108	https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html	Mailing List
af854a3a-2127-422b-91ae-364da2661108	https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html	Mailing List
af854a3a-2127-422b-91ae-364da2661108	https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html	Mailing List
af854a3a-2127-422b-91ae-364da2661108	https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html	Mailing List
af854a3a-2127-422b-91ae-364da2661108	https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html	Mailing List
af854a3a-2127-422b-91ae-364da2661108	https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html	Mailing List
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/	Mailing List
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/	Mailing List
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/	Mailing List
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/	Mailing List
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/	Mailing List
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/	Mailing List
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/	Mailing List
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/	Mailing List
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/	Mailing List
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/	Mailing List
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/	Mailing List
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/	Mailing List
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/	Mailing List
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/	Mailing List
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/	Mailing List
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/	Mailing List
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/	Mailing List
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/	Mailing List
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/	Mailing List
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/	Mailing List
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html	Mailing List, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487	Mitigation, Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://my.f5.com/manage/s/article/K000137106	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://netty.io/news/2023/10/10/4-1-100-Final.html	Release Notes, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://news.ycombinator.com/item?id=37830987	Issue Tracking
af854a3a-2127-422b-91ae-364da2661108	https://news.ycombinator.com/item?id=37830998	Issue Tracking, Press/Media Coverage
af854a3a-2127-422b-91ae-364da2661108	https://news.ycombinator.com/item?id=37831062	Issue Tracking
af854a3a-2127-422b-91ae-364da2661108	https://news.ycombinator.com/item?id=37837043	Issue Tracking
af854a3a-2127-422b-91ae-364da2661108	https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://security.gentoo.org/glsa/202311-09	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://security.netapp.com/advisory/ntap-20231016-0001/	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://security.netapp.com/advisory/ntap-20240426-0007/	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://security.netapp.com/advisory/ntap-20240621-0006/	Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://security.netapp.com/advisory/ntap-20240621-0007/	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://security.paloaltonetworks.com/CVE-2023-44487	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14	Release Notes
af854a3a-2127-422b-91ae-364da2661108	https://ubuntu.com/security/CVE-2023-44487	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487	Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event	Press/Media Coverage, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.debian.org/security/2023/dsa-5521	Mailing List, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.debian.org/security/2023/dsa-5522	Mailing List, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.debian.org/security/2023/dsa-5540	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.debian.org/security/2023/dsa-5549	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.debian.org/security/2023/dsa-5558	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.debian.org/security/2023/dsa-5570	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487	Third Party Advisory, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/	Mitigation, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.openwall.com/lists/oss-security/2023/10/10/6	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack	Press/Media Coverage
af854a3a-2127-422b-91ae-364da2661108	https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/	Press/Media Coverage, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.vicarius.io/vsociety/posts/rapid-reset-cve-2023-44487-dos-in-http2-understanding-the-root-cause	Third Party Advisory

Impacted products

Vendor	Product	Version
ietf	http	2.0
nghttp2	nghttp2	*
netty	netty	*
envoyproxy	envoy	1.24.10
envoyproxy	envoy	1.25.9
envoyproxy	envoy	1.26.4
envoyproxy	envoy	1.27.0
eclipse	jetty	*
eclipse	jetty	*
eclipse	jetty	*
eclipse	jetty	*
caddyserver	caddy	*
golang	go	*
golang	go	*
golang	http2	*
golang	networking	*
f5	big-ip_access_policy_manager	*
f5	big-ip_access_policy_manager	*
f5	big-ip_access_policy_manager	*
f5	big-ip_access_policy_manager	*
f5	big-ip_access_policy_manager	17.1.0
f5	big-ip_advanced_firewall_manager	*
f5	big-ip_advanced_firewall_manager	*
f5	big-ip_advanced_firewall_manager	*
f5	big-ip_advanced_firewall_manager	*
f5	big-ip_advanced_firewall_manager	17.1.0
f5	big-ip_advanced_web_application_firewall	*
f5	big-ip_advanced_web_application_firewall	*
f5	big-ip_advanced_web_application_firewall	*
f5	big-ip_advanced_web_application_firewall	*
f5	big-ip_advanced_web_application_firewall	17.1.0
f5	big-ip_analytics	*
f5	big-ip_analytics	*
f5	big-ip_analytics	*
f5	big-ip_analytics	*
f5	big-ip_analytics	17.1.0
f5	big-ip_application_acceleration_manager	*
f5	big-ip_application_acceleration_manager	*
f5	big-ip_application_acceleration_manager	*
f5	big-ip_application_acceleration_manager	*
f5	big-ip_application_acceleration_manager	17.1.0
f5	big-ip_application_security_manager	*
f5	big-ip_application_security_manager	*
f5	big-ip_application_security_manager	*
f5	big-ip_application_security_manager	*
f5	big-ip_application_security_manager	17.1.0
f5	big-ip_application_visibility_and_reporting	*
f5	big-ip_application_visibility_and_reporting	*
f5	big-ip_application_visibility_and_reporting	*
f5	big-ip_application_visibility_and_reporting	*
f5	big-ip_application_visibility_and_reporting	17.1.0
f5	big-ip_carrier-grade_nat	*
f5	big-ip_carrier-grade_nat	*
f5	big-ip_carrier-grade_nat	*
f5	big-ip_carrier-grade_nat	*
f5	big-ip_carrier-grade_nat	17.1.0
f5	big-ip_ddos_hybrid_defender	*
f5	big-ip_ddos_hybrid_defender	*
f5	big-ip_ddos_hybrid_defender	*
f5	big-ip_ddos_hybrid_defender	*
f5	big-ip_ddos_hybrid_defender	17.1.0
f5	big-ip_domain_name_system	*
f5	big-ip_domain_name_system	*
f5	big-ip_domain_name_system	*
f5	big-ip_domain_name_system	*
f5	big-ip_domain_name_system	17.1.0
f5	big-ip_fraud_protection_service	*
f5	big-ip_fraud_protection_service	*
f5	big-ip_fraud_protection_service	*
f5	big-ip_fraud_protection_service	*
f5	big-ip_fraud_protection_service	17.1.0
f5	big-ip_global_traffic_manager	*
f5	big-ip_global_traffic_manager	*
f5	big-ip_global_traffic_manager	*
f5	big-ip_global_traffic_manager	*
f5	big-ip_global_traffic_manager	17.1.0
f5	big-ip_link_controller	*
f5	big-ip_link_controller	*
f5	big-ip_link_controller	*
f5	big-ip_link_controller	*
f5	big-ip_link_controller	17.1.0
f5	big-ip_local_traffic_manager	*
f5	big-ip_local_traffic_manager	*
f5	big-ip_local_traffic_manager	*
f5	big-ip_local_traffic_manager	*
f5	big-ip_local_traffic_manager	17.1.0
f5	big-ip_next	20.0.1
f5	big-ip_next_service_proxy_for_kubernetes	*
f5	big-ip_policy_enforcement_manager	*
f5	big-ip_policy_enforcement_manager	*
f5	big-ip_policy_enforcement_manager	*
f5	big-ip_policy_enforcement_manager	*
f5	big-ip_policy_enforcement_manager	17.1.0
f5	big-ip_ssl_orchestrator	*
f5	big-ip_ssl_orchestrator	*
f5	big-ip_ssl_orchestrator	*
f5	big-ip_ssl_orchestrator	*
f5	big-ip_ssl_orchestrator	17.1.0
f5	big-ip_webaccelerator	*
f5	big-ip_webaccelerator	*
f5	big-ip_webaccelerator	*
f5	big-ip_webaccelerator	*
f5	big-ip_webaccelerator	17.1.0
f5	big-ip_websafe	*
f5	big-ip_websafe	*
f5	big-ip_websafe	*
f5	big-ip_websafe	*
f5	big-ip_websafe	17.1.0
f5	nginx	*
f5	nginx_ingress_controller	*
f5	nginx_ingress_controller	*
f5	nginx_plus	*
f5	nginx_plus	r29
f5	nginx_plus	r30
apache	tomcat	*
apache	tomcat	*
apache	tomcat	*
apache	tomcat	11.0.0
apache	tomcat	11.0.0
apache	tomcat	11.0.0
apache	tomcat	11.0.0
apache	tomcat	11.0.0
apache	tomcat	11.0.0
apache	tomcat	11.0.0
apache	tomcat	11.0.0
apache	tomcat	11.0.0
apache	tomcat	11.0.0
apache	tomcat	11.0.0
apple	swiftnio_http\/2	*
grpc	grpc	*
grpc	grpc	*
grpc	grpc	*
grpc	grpc	1.57.0
microsoft	.net	*
microsoft	.net	*
microsoft	asp.net_core	*
microsoft	asp.net_core	*
microsoft	azure_kubernetes_service	*
microsoft	visual_studio_2022	*
microsoft	visual_studio_2022	*
microsoft	visual_studio_2022	*
microsoft	visual_studio_2022	*
microsoft	windows_10_1607	*
microsoft	windows_10_1607	*
microsoft	windows_10_1809	*
microsoft	windows_10_21h2	*
microsoft	windows_10_22h2	*
microsoft	windows_11_21h2	*
microsoft	windows_11_22h2	*
microsoft	windows_server_2016	-
microsoft	windows_server_2019	-
microsoft	windows_server_2022	-
nodejs	node.js	*
nodejs	node.js	*
microsoft	cbl-mariner	*
dena	h2o	*
facebook	proxygen	*
apache	apisix	*
apache	traffic_server	*
apache	traffic_server	*
amazon	opensearch_data_prepper	*
debian	debian_linux	10.0
debian	debian_linux	11.0
debian	debian_linux	12.0
kazu-yamamoto	http2	*
istio	istio	*
istio	istio	*
istio	istio	*
varnish_cache_project	varnish_cache	*
traefik	traefik	*
traefik	traefik	3.0.0
traefik	traefik	3.0.0
traefik	traefik	3.0.0
projectcontour	contour	*
linkerd	linkerd	*
linkerd	linkerd	2.13.0
linkerd	linkerd	2.13.1
linkerd	linkerd	2.14.0
linkerd	linkerd	2.14.1
linecorp	armeria	*
redhat	3scale_api_management_platform	2.0
redhat	advanced_cluster_management_for_kubernetes	2.0
redhat	advanced_cluster_security	3.0
redhat	advanced_cluster_security	4.0
redhat	ansible_automation_platform	2.0
redhat	build_of_optaplanner	8.0
redhat	build_of_quarkus	-
redhat	ceph_storage	5.0
redhat	cert-manager_operator_for_red_hat_openshift	-
redhat	certification_for_red_hat_enterprise_linux	8.0
redhat	certification_for_red_hat_enterprise_linux	9.0
redhat	cost_management	-
redhat	cryostat	2.0
redhat	decision_manager	7.0
redhat	fence_agents_remediation_operator	-
redhat	integration_camel_for_spring_boot	-
redhat	integration_camel_k	-
redhat	integration_service_registry	-
redhat	jboss_a-mq	7
redhat	jboss_a-mq_streams	-
redhat	jboss_core_services	-
redhat	jboss_data_grid	7.0.0
redhat	jboss_enterprise_application_platform	6.0.0
redhat	jboss_enterprise_application_platform	7.0.0
redhat	jboss_fuse	6.0.0
redhat	jboss_fuse	7.0.0
redhat	logging_subsystem_for_red_hat_openshift	-
redhat	machine_deletion_remediation_operator	-
redhat	migration_toolkit_for_applications	6.0
redhat	migration_toolkit_for_containers	-
redhat	migration_toolkit_for_virtualization	-
redhat	network_observability_operator	-
redhat	node_healthcheck_operator	-
redhat	node_maintenance_operator	-
redhat	openshift	-
redhat	openshift_api_for_data_protection	-
redhat	openshift_container_platform	4.0
redhat	openshift_container_platform_assisted_installer	-
redhat	openshift_data_science	-
redhat	openshift_dev_spaces	-
redhat	openshift_developer_tools_and_services	-
redhat	openshift_distributed_tracing	-
redhat	openshift_gitops	-
redhat	openshift_pipelines	-
redhat	openshift_sandboxed_containers	-
redhat	openshift_secondary_scheduler_operator	-
redhat	openshift_serverless	-
redhat	openshift_service_mesh	2.0
redhat	openshift_virtualization	4
redhat	openstack_platform	16.1
redhat	openstack_platform	16.2
redhat	openstack_platform	17.1
redhat	process_automation	7.0
redhat	quay	3.0.0
redhat	run_once_duration_override_operator	-
redhat	satellite	6.0
redhat	self_node_remediation_operator	-
redhat	service_interconnect	1.0
redhat	single_sign-on	7.0
redhat	support_for_spring_boot	-
redhat	web_terminal	-
redhat	enterprise_linux	6.0
redhat	enterprise_linux	8.0
redhat	enterprise_linux	9.0
redhat	service_telemetry_framework	1.5
redhat	enterprise_linux	8.0
fedoraproject	fedora	37
fedoraproject	fedora	38
netapp	astra_control_center	-
netapp	oncommand_insight	-
akka	http_server	*
konghq	kong_gateway	*
jenkins	jenkins	*
jenkins	jenkins	*
apache	solr	*
openresty	openresty	*
cisco	business_process_automation	*
cisco	connected_mobile_experiences	*
cisco	crosswork_data_gateway	*
cisco	crosswork_data_gateway	*
cisco	crosswork_situation_manager	-
cisco	crosswork_zero_touch_provisioning	*
cisco	data_center_network_manager	-
cisco	enterprise_chat_and_email	-
cisco	expressway	*
cisco	firepower_threat_defense	*
cisco	iot_field_network_director	*
cisco	prime_access_registrar	*
cisco	prime_cable_provisioning	*
cisco	prime_infrastructure	*
cisco	prime_network_registrar	*
cisco	secure_dynamic_attributes_connector	*
cisco	secure_malware_analytics	*
cisco	telepresence_video_communication_server	*
cisco	ultra_cloud_core_-_policy_control_function	*
cisco	ultra_cloud_core_-_policy_control_function	2024.01.0
cisco	ultra_cloud_core_-_serving_gateway_function	*
cisco	ultra_cloud_core_-_session_management_function	*
cisco	unified_attendant_console_advanced	-
cisco	unified_contact_center_domain_manager	-
cisco	unified_contact_center_enterprise	-
cisco	unified_contact_center_enterprise_-_live_data_server	*
cisco	unified_contact_center_management_portal	-
cisco	fog_director	*
cisco	ios_xe	*
cisco	ios_xr	*
cisco	secure_web_appliance_firmware	*
cisco	secure_web_appliance	-
cisco	nx-os	*
cisco	nx-os	*
cisco	nx-os	*
cisco	nexus_3016	-
cisco	nexus_3016q	-
cisco	nexus_3048	-
cisco	nexus_3064	-
cisco	nexus_3064-32t	-
cisco	nexus_3064-t	-
cisco	nexus_3064-x	-
cisco	nexus_3064t	-
cisco	nexus_3064x	-
cisco	nexus_3100	-
cisco	nexus_3100-v	-
cisco	nexus_3100-z	-
cisco	nexus_3100v	-
cisco	nexus_31108pc-v	-
cisco	nexus_31108pv-v	-
cisco	nexus_31108tc-v	-
cisco	nexus_31128pq	-
cisco	nexus_3132c-z	-
cisco	nexus_3132q	-
cisco	nexus_3132q-v	-
cisco	nexus_3132q-x	-
cisco	nexus_3132q-x\/3132q-xl	-
cisco	nexus_3132q-xl	-
cisco	nexus_3164q	-
cisco	nexus_3172	-
cisco	nexus_3172pq	-
cisco	nexus_3172pq-xl	-
cisco	nexus_3172pq\/pq-xl	-
cisco	nexus_3172tq	-
cisco	nexus_3172tq-32t	-
cisco	nexus_3172tq-xl	-
cisco	nexus_3200	-
cisco	nexus_3232	-
cisco	nexus_3232c	-
cisco	nexus_3232c_	-
cisco	nexus_3264c-e	-
cisco	nexus_3264q	-
cisco	nexus_3400	-
cisco	nexus_3408-s	-
cisco	nexus_34180yc	-
cisco	nexus_34200yc-sm	-
cisco	nexus_3432d-s	-
cisco	nexus_3464c	-
cisco	nexus_3500	-
cisco	nexus_3524	-
cisco	nexus_3524-x	-
cisco	nexus_3524-x\/xl	-
cisco	nexus_3524-xl	-
cisco	nexus_3548	-
cisco	nexus_3548-x	-
cisco	nexus_3548-x\/xl	-
cisco	nexus_3548-xl	-
cisco	nexus_3600	-
cisco	nexus_36180yc-r	-
cisco	nexus_3636c-r	-
cisco	nx-os	*
cisco	nx-os	*
cisco	nx-os	*
cisco	nexus_9000v	-
cisco	nexus_9200	-
cisco	nexus_9200yc	-
cisco	nexus_92160yc-x	-
cisco	nexus_92160yc_switch	-
cisco	nexus_9221c	-
cisco	nexus_92300yc	-
cisco	nexus_92300yc_switch	-
cisco	nexus_92304qc	-
cisco	nexus_92304qc_switch	-
cisco	nexus_9232e	-
cisco	nexus_92348gc-x	-
cisco	nexus_9236c	-
cisco	nexus_9236c_switch	-
cisco	nexus_9272q	-
cisco	nexus_9272q_switch	-
cisco	nexus_9300	-
cisco	nexus_93108tc-ex	-
cisco	nexus_93108tc-ex-24	-
cisco	nexus_93108tc-ex_switch	-
cisco	nexus_93108tc-fx	-
cisco	nexus_93108tc-fx-24	-
cisco	nexus_93108tc-fx3h	-
cisco	nexus_93108tc-fx3p	-
cisco	nexus_93120tx	-
cisco	nexus_93120tx_switch	-
cisco	nexus_93128	-
cisco	nexus_93128tx	-
cisco	nexus_93128tx_switch	-
cisco	nexus_9316d-gx	-
cisco	nexus_93180lc-ex	-
cisco	nexus_93180lc-ex_switch	-
cisco	nexus_93180tc-ex	-
cisco	nexus_93180yc-ex	-
cisco	nexus_93180yc-ex-24	-
cisco	nexus_93180yc-ex_switch	-
cisco	nexus_93180yc-fx	-
cisco	nexus_93180yc-fx-24	-
cisco	nexus_93180yc-fx3	-
cisco	nexus_93180yc-fx3h	-
cisco	nexus_93180yc-fx3s	-
cisco	nexus_93216tc-fx2	-
cisco	nexus_93240tc-fx2	-
cisco	nexus_93240yc-fx2	-
cisco	nexus_9332c	-
cisco	nexus_9332d-gx2b	-
cisco	nexus_9332d-h2r	-
cisco	nexus_9332pq	-
cisco	nexus_9332pq_switch	-
cisco	nexus_93360yc-fx2	-
cisco	nexus_9336c-fx2	-
cisco	nexus_9336c-fx2-e	-
cisco	nexus_9336pq	-
cisco	nexus_9336pq_aci	-
cisco	nexus_9336pq_aci_spine	-
cisco	nexus_9336pq_aci_spine_switch	-
cisco	nexus_9348d-gx2a	-
cisco	nexus_9348gc-fx3	-
cisco	nexus_9348gc-fxp	-
cisco	nexus_93600cd-gx	-
cisco	nexus_9364c	-
cisco	nexus_9364c-gx	-
cisco	nexus_9364d-gx2a	-
cisco	nexus_9372px	-
cisco	nexus_9372px-e	-
cisco	nexus_9372px-e_switch	-
cisco	nexus_9372px_switch	-
cisco	nexus_9372tx	-
cisco	nexus_9372tx-e	-
cisco	nexus_9372tx-e_switch	-
cisco	nexus_9372tx_switch	-
cisco	nexus_9396px	-
cisco	nexus_9396px_switch	-
cisco	nexus_9396tx	-
cisco	nexus_9396tx_switch	-
cisco	nexus_9408	-
cisco	nexus_9432pq	-
cisco	nexus_9500	-
cisco	nexus_9500_16-slot	-
cisco	nexus_9500_4-slot	-
cisco	nexus_9500_8-slot	-
cisco	nexus_9500_supervisor_a	-
cisco	nexus_9500_supervisor_a\+	-
cisco	nexus_9500_supervisor_b	-
cisco	nexus_9500_supervisor_b\+	-
cisco	nexus_9500r	-
cisco	nexus_9504	-
cisco	nexus_9504_switch	-
cisco	nexus_9508	-
cisco	nexus_9508_switch	-
cisco	nexus_9516	-
cisco	nexus_9516_switch	-
cisco	nexus_9536pq	-
cisco	nexus_9636pq	-
cisco	nexus_9716d-gx	-
cisco	nexus_9736pq	-
cisco	nexus_9800	-
cisco	nexus_9804	-
cisco	nexus_9808	-

JSON

To clipboard

{
  "cisaActionDue": "2023-10-31",
  "cisaExploitAdd": "2023-10-10",
  "cisaRequiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
  "cisaVulnerabilityName": "HTTP/2 Rapid Reset Attack Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ietf:http:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5200E35-222B-42E0-83E0-5B702684D992",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:nghttp2:nghttp2:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3BDC297-F023-4E87-8518-B84CCF9DD6A8",
              "versionEndExcluding": "1.57.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:netty:netty:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D12D5257-7ED2-400F-9EF7-40E0D3650C2B",
              "versionEndExcluding": "4.1.100",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:envoyproxy:envoy:1.24.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B058776-B5B7-4079-B0AF-23F40926DCEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:envoyproxy:envoy:1.25.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D565975-EFD9-467C-B6E3-1866A4EF17A4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:envoyproxy:envoy:1.26.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D487271-1B5E-4F16-B0CB-A7B8908935C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:envoyproxy:envoy:1.27.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA6ED627-EFB3-4BDD-8ECC-C5947A1470B2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4A6F189-6C43-462D-85C9-B0EBDA8A4683",
              "versionEndExcluding": "9.4.53",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C993C920-85C0-4181-A95E-5D965A670738",
              "versionEndExcluding": "10.0.17",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "08E79A8E-E12C-498F-AF4F-1AAA7135661E",
              "versionEndExcluding": "11.0.17",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F138D800-9A3B-4C76-8A3C-4793083A1517",
              "versionEndExcluding": "12.0.2",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:caddyserver:caddy:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6341DDDA-AD27-4087-9D59-0A212F0037B4",
              "versionEndExcluding": "2.7.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "328120E4-C031-44B4-9BE5-03B0CDAA066F",
              "versionEndExcluding": "1.20.10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5FD9AB15-E5F6-4DBC-9EC7-D0ABA705802A",
              "versionEndExcluding": "1.21.3",
              "versionStartIncluding": "1.21.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:golang:http2:*:*:*:*:*:go:*:*",
              "matchCriteriaId": "D7D2F801-6F65-4705-BCB9-D057EA54A707",
              "versionEndExcluding": "0.17.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:golang:networking:*:*:*:*:*:go:*:*",
              "matchCriteriaId": "801F25DA-F38C-4452-8E90-235A3B1A5FF0",
              "versionEndExcluding": "0.17.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D93F04AD-DF14-48AB-9F13-8B2E491CF42E",
              "versionEndIncluding": "13.1.5",
              "versionStartIncluding": "13.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7522C760-7E07-406F-BF50-5656D5723C4F",
              "versionEndIncluding": "14.1.5",
              "versionStartIncluding": "14.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A7F605E-EB10-40FB-98D6-7E3A95E310BC",
              "versionEndIncluding": "15.1.10",
              "versionStartIncluding": "15.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "783E62F2-F867-48F1-B123-D1227C970674",
              "versionEndIncluding": "16.1.4",
              "versionStartIncluding": "16.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:17.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A8D90B7-A1AF-4EFB-B688-1563D81E5C6D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6603ED6A-3366-4572-AFCD-B3D4B1EC7606",
              "versionEndIncluding": "13.1.5",
              "versionStartIncluding": "13.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "88978E38-81D3-4EFE-8525-A300B101FA69",
              "versionEndIncluding": "14.1.5",
              "versionStartIncluding": "14.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0510296F-92D7-4388-AE3A-0D9799C2FC4D",
              "versionEndIncluding": "15.1.10",
              "versionStartIncluding": "15.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7698D6C-B1F7-43C1-BBA6-88E956356B3D",
              "versionEndIncluding": "16.1.4",
              "versionStartIncluding": "16.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:17.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A1CC91B-6920-4AF0-9EDD-DD3189E78F4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "05E452AA-A520-4CBE-8767-147772B69194",
              "versionEndIncluding": "13.1.5",
              "versionStartIncluding": "13.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "596FC5D5-7329-4E39-841E-CAE937C02219",
              "versionEndIncluding": "14.1.5",
              "versionStartIncluding": "14.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3C7A168-F370-441E-8790-73014BCEC39F",
              "versionEndIncluding": "15.1.10",
              "versionStartIncluding": "15.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF16FD01-7704-40AB-ACB2-80A883804D22",
              "versionEndIncluding": "16.1.4",
              "versionStartIncluding": "16.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:17.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1769D69A-CB59-46B1-89B3-FB97DC6DEB9B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9167FEC1-2C37-4946-9657-B4E69301FB24",
              "versionEndIncluding": "13.1.5",
              "versionStartIncluding": "13.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B4B3442-E0C0-48CD-87AD-060E15C9801E",
              "versionEndIncluding": "14.1.5",
              "versionStartIncluding": "14.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FA85EC1-D91A-49DD-949B-2AF7AC813CA5",
              "versionEndIncluding": "15.1.10",
              "versionStartIncluding": "15.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "20662BB0-4C3D-4CF0-B068-3555C65DD06C",
              "versionEndIncluding": "16.1.4",
              "versionStartIncluding": "16.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:17.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "59203EBF-C52A-45A1-B8DF-00E17E3EFB51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7EC2324D-EC8B-41DF-88A7-819E53AAD0FC",
              "versionEndIncluding": "13.1.5",
              "versionStartIncluding": "13.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B88F9D1-B54B-40C7-A18A-26C4A071D7EC",
              "versionEndIncluding": "14.1.5",
              "versionStartIncluding": "14.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8F39403-C259-4D6F-9E9A-53671017EEDB",
              "versionEndIncluding": "15.1.10",
              "versionStartIncluding": "15.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "220F2D38-FA82-45EF-B957-7678C9FEDBC1",
              "versionEndIncluding": "16.1.4",
              "versionStartIncluding": "16.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:17.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C698C1C-A3DD-46E2-B05A-12F2604E7F85",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "922AA845-530A-4B4B-9976-4CBC30C8A324",
              "versionEndIncluding": "13.1.5",
              "versionStartIncluding": "13.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F938EB43-8373-47EB-B269-C6DF058A9244",
              "versionEndIncluding": "14.1.5",
              "versionStartIncluding": "14.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1771493E-ACAA-477F-8AB4-25DB12F6AD6E",
              "versionEndIncluding": "15.1.10",
              "versionStartIncluding": "15.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E86F3D5-65A4-48CE-A6A2-736BBB88E3F8",
              "versionEndIncluding": "16.1.4",
              "versionStartIncluding": "16.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:17.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "87670A74-34FE-45DF-A725-25B804C845B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7E422F6-C4C2-43AC-B137-0997B5739030",
              "versionEndIncluding": "13.1.5",
              "versionStartIncluding": "13.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC3F710F-DBCB-4976-9719-CF063DA22377",
              "versionEndIncluding": "14.1.5",
              "versionStartIncluding": "14.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B9B76A1-7C5A-453F-A4ED-F1A81BCEBEB5",
              "versionEndIncluding": "15.1.10",
              "versionStartIncluding": "15.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "88EDFCD9-775C-48FA-9CDA-2B04DA8D0612",
              "versionEndIncluding": "16.1.4",
              "versionStartIncluding": "16.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:17.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "67DB21AE-DF53-442D-B492-C4ED9A20B105",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C9FCBCB-9CE0-49E7-85C8-69E71D211912",
              "versionEndIncluding": "13.1.5",
              "versionStartIncluding": "13.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "112DFA85-90AD-478D-BD70-8C7C0C074F1B",
              "versionEndIncluding": "14.1.5",
              "versionStartIncluding": "14.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB704A1C-D8B7-48BB-A15A-C14DB591FE4A",
              "versionEndIncluding": "15.1.10",
              "versionStartIncluding": "15.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "21D51D9F-2840-4DEA-A007-D20111A1745C",
              "versionEndIncluding": "16.1.4",
              "versionStartIncluding": "16.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_carrier-grade_nat:17.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7BC1D037-74D2-4F92-89AD-C90F6CBF440B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CAEF3EA4-7D5A-4B44-9CE3-258AEC745866",
              "versionEndIncluding": "13.1.5",
              "versionStartIncluding": "13.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FBCE2D1-9D93-415D-AB2C-2060307C305A",
              "versionEndIncluding": "14.1.5",
              "versionStartIncluding": "14.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8070B469-8CC4-4D2F-97D7-12D0ABB963C1",
              "versionEndIncluding": "15.1.10",
              "versionStartIncluding": "15.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A326597E-725D-45DE-BEF7-2ED92137B253",
              "versionEndIncluding": "16.1.4",
              "versionStartIncluding": "16.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:17.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B235A78-649B-46C5-B24B-AB485A884654",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "08B25AAB-A98C-4F89-9131-29E3A8C0ED23",
              "versionEndIncluding": "13.1.5",
              "versionStartIncluding": "13.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED9B976A-D3AD-4445-BF8A-067C3EBDFBB0",
              "versionEndIncluding": "14.1.5",
              "versionStartIncluding": "14.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "98D2CE1E-DED0-470A-AA78-C78EF769C38E",
              "versionEndIncluding": "15.1.10",
              "versionStartIncluding": "15.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C966FABA-7199-4F0D-AB8C-4590FE9D2FFF",
              "versionEndIncluding": "16.1.4",
              "versionStartIncluding": "16.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:17.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "84D00768-E71B-4FF7-A7BF-F2C8CFBC900D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3D2ABA3-D4A9-4267-B0DF-7C3BBEEAEB66",
              "versionEndIncluding": "13.1.5",
              "versionStartIncluding": "13.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC36311E-BB00-4750-85C8-51F5A2604F07",
              "versionEndIncluding": "14.1.5",
              "versionStartIncluding": "14.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A65D357E-4B40-42EC-9AAA-2B6CEF78C401",
              "versionEndIncluding": "15.1.10",
              "versionStartIncluding": "15.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7EF9865-FE65-4DFB-BF21-62FBCE65FF1C",
              "versionEndIncluding": "16.1.4",
              "versionStartIncluding": "16.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:17.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABBD10E8-6054-408F-9687-B9BF6375CA09",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6018B01-048C-43BB-A78D-66910ED60CA9",
              "versionEndIncluding": "13.1.5",
              "versionStartIncluding": "13.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A6A5686-5A8B-45D5-9165-BC99D2CCAC47",
              "versionEndIncluding": "14.1.5",
              "versionStartIncluding": "14.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D2A121F-5BD2-4263-8ED3-1DDE25B5C306",
              "versionEndIncluding": "15.1.10",
              "versionStartIncluding": "15.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A4F7BAD-3EDD-4DE0-AAB7-DE5ACA34DD79",
              "versionEndIncluding": "16.1.4",
              "versionStartIncluding": "16.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:17.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "83794B04-87E2-4CA9-81F5-BB820D0F5395",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9EC2237-117F-43BD-ADEC-516CF72E04EF",
              "versionEndIncluding": "13.1.5",
              "versionStartIncluding": "13.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F70D4B6F-65CF-48F4-9A07-072DFBCE53D9",
              "versionEndIncluding": "14.1.5",
              "versionStartIncluding": "14.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "29563719-1AF2-4BB8-8CCA-A0869F87795D",
              "versionEndIncluding": "15.1.10",
              "versionStartIncluding": "15.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D24815DD-579A-46D1-B9F2-3BB2C56BC54D",
              "versionEndIncluding": "16.1.4",
              "versionStartIncluding": "16.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:17.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A6E7035-3299-474F-8F67-945EA9A059D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0360F76D-E75E-4B05-A294-B47012323ED9",
              "versionEndIncluding": "13.1.5",
              "versionStartIncluding": "13.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A4607BF-41AC-4E84-A110-74E085FF0445",
              "versionEndIncluding": "14.1.5",
              "versionStartIncluding": "14.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "441CC945-7CA3-49C0-AE10-94725301E31D",
              "versionEndIncluding": "15.1.10",
              "versionStartIncluding": "15.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "46BA8E8A-6ED5-4FB2-8BBC-586AA031085A",
              "versionEndIncluding": "16.1.4",
              "versionStartIncluding": "16.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:17.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "56FB92F7-FF1E-425D-A5AB-9D9FB0BB9450",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_next:20.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "969C4F14-F6D6-46D6-B348-FC1463877680",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_next_service_proxy_for_kubernetes:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "41AD5040-1250-45F5-AB63-63F333D49BCC",
              "versionEndIncluding": "1.8.2",
              "versionStartIncluding": "1.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8257AA59-C14D-4EC1-B22C-DFBB92CBC297",
              "versionEndIncluding": "13.1.5",
              "versionStartIncluding": "13.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "37DB32BB-F4BA-4FB5-94B1-55C3F06749CF",
              "versionEndIncluding": "14.1.5",
              "versionStartIncluding": "14.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFF5007E-761C-4697-8D34-C064DF0ABE8D",
              "versionEndIncluding": "15.1.10",
              "versionStartIncluding": "15.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "910441D3-90EF-4375-B007-D51120A60AB2",
              "versionEndIncluding": "16.1.4",
              "versionStartIncluding": "16.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:17.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "667EB77B-DA13-4BA4-9371-EE3F3A109F38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A6F9699-A485-4614-8F38-5A556D31617E",
              "versionEndIncluding": "13.1.5",
              "versionStartIncluding": "13.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A90F547-97A2-41EC-9FDF-25F869F0FA38",
              "versionEndIncluding": "14.1.5",
              "versionStartIncluding": "14.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E76E1B82-F1DC-4366-B388-DBDF16C586A0",
              "versionEndIncluding": "15.1.10",
              "versionStartIncluding": "15.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "660137F4-15A1-42D1-BBAC-99A1D5BB398B",
              "versionEndIncluding": "16.1.4",
              "versionStartIncluding": "16.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_ssl_orchestrator:17.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C446827A-1F71-4FAD-9422-580642D26AD1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1932D32D-0E4B-4BBD-816F-6D47AB2E2F04",
              "versionEndIncluding": "13.1.5",
              "versionStartIncluding": "13.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D47B7691-A95B-45C0-BAB4-27E047F3C379",
              "versionEndIncluding": "14.1.5",
              "versionStartIncluding": "14.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CD1637D-0E42-4928-867A-BA0FDB6E8462",
              "versionEndIncluding": "15.1.10",
              "versionStartIncluding": "15.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A599F90-F66B-4DF0-AD7D-D234F328BD59",
              "versionEndIncluding": "16.1.4",
              "versionStartIncluding": "16.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:17.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D1B2000-C3FE-4B4C-885A-A5076EB164E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5326759A-AFB0-4A15-B4E9-3C9A2E5DB32A",
              "versionEndIncluding": "13.1.5",
              "versionStartIncluding": "13.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "57D92D05-C67D-437E-88F3-DCC3F6B0ED2F",
              "versionEndIncluding": "14.1.5",
              "versionStartIncluding": "14.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECCB8C30-861E-4E48-A5F5-30EE523C1FB6",
              "versionEndIncluding": "15.1.10",
              "versionStartIncluding": "15.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5FEAD2A-3A58-432E-BEBB-6E3FDE24395F",
              "versionEndIncluding": "16.1.4",
              "versionStartIncluding": "16.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_websafe:17.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8AB23AE6-245E-43D6-B832-933F8259F937",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1188B4A9-2684-413C-83D1-E91C75AE0FCF",
              "versionEndIncluding": "1.25.2",
              "versionStartIncluding": "1.9.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:nginx_ingress_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3337609D-5291-4A52-BC6A-6A8D4E60EB20",
              "versionEndIncluding": "2.4.2",
              "versionStartIncluding": "2.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:nginx_ingress_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6CF0ABD9-EB28-4966-8C31-EED7AFBF1527",
              "versionEndIncluding": "3.3.0",
              "versionStartIncluding": "3.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:nginx_plus:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F291CB34-47A4-425A-A200-087CC295AEC8",
              "versionEndExcluding": "r29",
              "versionStartIncluding": "r25",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:nginx_plus:r29:-:*:*:*:*:*:*",
              "matchCriteriaId": "5892B558-EC3A-43FF-A1D5-B2D9F70796F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:nginx_plus:r30:-:*:*:*:*:*:*",
              "matchCriteriaId": "96BF2B19-52C7-4051-BA58-CAE6F912B72F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABD26B48-CC80-4FAE-BD3D-78DE4C80C92B",
              "versionEndIncluding": "8.5.93",
              "versionStartIncluding": "8.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3EC20B6-B2AB-41F5-9BF9-D16C1FE67C34",
              "versionEndIncluding": "9.0.80",
              "versionStartIncluding": "9.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0765CC3D-AB1A-4147-8900-EF4C105321F2",
              "versionEndIncluding": "10.1.13",
              "versionStartIncluding": "10.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone1:*:*:*:*:*:*",
              "matchCriteriaId": "D1AA7FF6-E8E7-4BF6-983E-0A99B0183008",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone10:*:*:*:*:*:*",
              "matchCriteriaId": "57088BDD-A136-45EF-A8A1-2EBF79CEC2CE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone11:*:*:*:*:*:*",
              "matchCriteriaId": "B32D1D7A-A04F-444E-8F45-BB9A9E4B0199",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone2:*:*:*:*:*:*",
              "matchCriteriaId": "2AAD52CE-94F5-4F98-A027-9A7E68818CB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone3:*:*:*:*:*:*",
              "matchCriteriaId": "F1F981F5-035A-4EDD-8A9F-481EE8BC7FF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone4:*:*:*:*:*:*",
              "matchCriteriaId": "03A171AF-2EC8-4422-912C-547CDB58CAAA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone5:*:*:*:*:*:*",
              "matchCriteriaId": "538E68C4-0BA4-495F-AEF8-4EF6EE7963CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone6:*:*:*:*:*:*",
              "matchCriteriaId": "49350A6E-5E1D-45B2-A874-3B8601B3ADCC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone7:*:*:*:*:*:*",
              "matchCriteriaId": "5F50942F-DF54-46C0-8371-9A476DD3EEA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone8:*:*:*:*:*:*",
              "matchCriteriaId": "D12C2C95-B79F-4AA4-8CE3-99A3EE7991AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone9:*:*:*:*:*:*",
              "matchCriteriaId": "98792138-DD56-42DF-9612-3BDC65EEC117",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apple:swiftnio_http\\/2:*:*:*:*:*:swift:*:*",
              "matchCriteriaId": "08190072-3880-4EF5-B642-BA053090D95B",
              "versionEndExcluding": "1.28.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:grpc:grpc:*:*:*:*:*:go:*:*",
              "matchCriteriaId": "5F4CDEA9-CB47-4881-B096-DA896E2364F3",
              "versionEndExcluding": "1.56.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:grpc:grpc:*:*:*:*:*:-:*:*",
              "matchCriteriaId": "E65AF7BC-7DAE-408A-8485-FBED22815F75",
              "versionEndIncluding": "1.59.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:grpc:grpc:*:*:*:*:*:go:*:*",
              "matchCriteriaId": "DD868DDF-C889-4F36-B5E6-68B6D9EA48CC",
              "versionEndExcluding": "1.58.3",
              "versionStartIncluding": "1.58.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:grpc:grpc:1.57.0:-:*:*:*:go:*:*",
              "matchCriteriaId": "FBD991E2-DB5A-4AAD-95BA-4B5ACB811C96",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4496821E-BD55-4F31-AD9C-A3D66CBBD6BD",
              "versionEndExcluding": "6.0.23",
              "versionStartIncluding": "6.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DF7ECF6-178D-433C-AA21-BAE9EF248F37",
              "versionEndExcluding": "7.0.12",
              "versionStartIncluding": "7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:asp.net_core:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C3418F4-B8BF-4666-BB39-C188AB01F45C",
              "versionEndExcluding": "6.0.23",
              "versionStartIncluding": "6.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:asp.net_core:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1278DD1C-EFA9-4316-AD32-24C1B1FB0CEA",
              "versionEndExcluding": "7.0.12",
              "versionStartIncluding": "7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:azure_kubernetes_service:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3BDFB0FF-0F4A-4B7B-94E8-ED72A8106314",
              "versionEndExcluding": "2023-10-08",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "16A8F269-E07E-402F-BFD5-60F3988A5EAF",
              "versionEndExcluding": "17.2.20",
              "versionStartIncluding": "17.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4B2B972-69E2-4D21-9A7C-B2AFF1D89EB8",
              "versionEndExcluding": "17.4.12",
              "versionStartIncluding": "17.4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA5834D4-F52F-41C0-AA11-C974FFEEA063",
              "versionEndExcluding": "17.6.8",
              "versionStartIncluding": "17.6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2166106F-ACD6-4C7B-B0CC-977B83CC5F73",
              "versionEndExcluding": "17.7.5",
              "versionStartIncluding": "17.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*",
              "matchCriteriaId": "4CD49C41-6D90-47D3-AB4F-4A74169D3A8F",
              "versionEndExcluding": "10.0.14393.6351",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
              "matchCriteriaId": "BAEFEE13-9CD7-46A2-8AF6-0A33C79C05F1",
              "versionEndExcluding": "10.0.14393.6351",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E500D59C-6597-45E9-A57B-BE26C0C231D3",
              "versionEndExcluding": "10.0.17763.4974",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9F9A643-90C6-489C-98A0-D2739CE72F86",
              "versionEndExcluding": "10.0.19044.3570",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1814619C-ED07-49E0-A50A-E28D824D43BC",
              "versionEndExcluding": "10.0.19045.3570",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "100A27D3-87B0-4E72-83F6-7605E3F35E63",
              "versionEndExcluding": "10.0.22000.2538",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6A36795-0238-45C9-ABE6-3DCCF751915B",
              "versionEndExcluding": "10.0.22621.2428",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "94BAB9EB-1527-4D9A-BADE-0708579536CF",
              "versionEndExcluding": "18.18.2",
              "versionStartIncluding": "18.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "69843DE4-4721-4F0A-A9B7-0F6DF5AAA388",
              "versionEndExcluding": "20.8.1",
              "versionStartIncluding": "20.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:microsoft:cbl-mariner:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B25279EF-C406-4133-99ED-0492703E0A4E",
              "versionEndExcluding": "2023-10-11",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:dena:h2o:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FFFF84B-F35C-43DE-959A-A5D10C3AE9F5",
              "versionEndExcluding": "2023-10-10",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:facebook:proxygen:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9DCE8C89-7C22-48CA-AF22-B34C8AA2CB8C",
              "versionEndExcluding": "2023.10.16.00",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apache:apisix:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDEB508E-0EBD-4450-9074-983DDF568AB4",
              "versionEndExcluding": "3.6.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "93A1A748-6C71-4191-8A16-A93E94E2CDE4",
              "versionEndExcluding": "8.1.9",
              "versionStartIncluding": "8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E4BCAF6-B246-41EC-9EE1-24296BFC4F5A",
              "versionEndExcluding": "9.2.3",
              "versionStartIncluding": "9.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:amazon:opensearch_data_prepper:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F70360D-6214-46BA-AF82-6AB01E13E4E9",
              "versionEndExcluding": "2.5.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "46D69DCC-AE4D-4EA5-861C-D60951444C6C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:kazu-yamamoto:http2:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2DA759E-1AF8-49D3-A3FC-1B426C13CA82",
              "versionEndExcluding": "4.2.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:istio:istio:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "28BE6F7B-AE66-4C8A-AAFA-F1262671E9BF",
              "versionEndExcluding": "1.17.6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:istio:istio:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0C8E760-C8D2-483A-BBD4-6A6D292A3874",
              "versionEndExcluding": "1.18.3",
              "versionStartIncluding": "1.18.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:istio:istio:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D0F78BB-6A05-4C97-A8DB-E731B6CC8CC7",
              "versionEndExcluding": "1.19.1",
              "versionStartIncluding": "1.19.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:varnish_cache_project:varnish_cache:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "050AE218-3871-44D6-94DA-12D84C2093CB",
              "versionEndExcluding": "2023-10-10",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:traefik:traefik:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B36BFFB0-C0EC-4926-A1DB-0B711C846A68",
              "versionEndExcluding": "2.10.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:traefik:traefik:3.0.0:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "376EAF9B-E994-4268-9704-0A45EA30270F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:traefik:traefik:3.0.0:beta2:*:*:*:*:*:*",
              "matchCriteriaId": "F3D08335-C291-4623-B80C-3B14C4D1FA32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:traefik:traefik:3.0.0:beta3:*:*:*:*:*:*",
              "matchCriteriaId": "21033CEE-CEF5-4B0D-A565-4A6FC764AA6D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:projectcontour:contour:*:*:*:*:*:kubernetes:*:*",
              "matchCriteriaId": "FC4C66B1-42C0-495D-AE63-2889DE0BED84",
              "versionEndExcluding": "2023-10-11",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:linkerd:linkerd:*:*:*:*:stable:kubernetes:*:*",
              "matchCriteriaId": "8633E263-F066-4DD8-A734-90207207A873",
              "versionEndIncluding": "2.12.5",
              "versionStartIncluding": "2.12.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:linkerd:linkerd:2.13.0:*:*:*:stable:kubernetes:*:*",
              "matchCriteriaId": "34A23BD9-A0F4-4D85-8011-EAC93C29B4E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:linkerd:linkerd:2.13.1:*:*:*:stable:kubernetes:*:*",
              "matchCriteriaId": "27ED3533-A795-422F-B923-68BE071DC00D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:linkerd:linkerd:2.14.0:*:*:*:stable:kubernetes:*:*",
              "matchCriteriaId": "45F7E352-3208-4188-A5B1-906E00DF9896",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:linkerd:linkerd:2.14.1:*:*:*:stable:kubernetes:*:*",
              "matchCriteriaId": "DF89A8AD-66FE-439A-B732-CAAB304D765B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:linecorp:armeria:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A400C637-AF18-4BEE-B57C-145261B65DEC",
              "versionEndExcluding": "1.26.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:redhat:3scale_api_management_platform:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "653A5B08-0D02-4362-A8B1-D00B24C6C6F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:advanced_cluster_management_for_kubernetes:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B0E6B4B-BAA6-474E-A18C-72C9719CEC1F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:advanced_cluster_security:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0FD736A-8730-446A-BA3A-7B608DB62B0E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:advanced_cluster_security:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4C504B6-3902-46E2-82B7-48AEC9CDD48D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:ansible_automation_platform:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B4BE2D6-43C3-4065-A213-5DB1325DC78F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:build_of_optaplanner:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D54F5AE-61EC-4434-9D5F-9394A3979894",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:build_of_quarkus:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE29B9D6-63DC-4779-ACE8-4E51E6A0AF37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:ceph_storage:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E37E1B3-6F68-4502-85D6-68333643BDFF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:cert-manager_operator_for_red_hat_openshift:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D5A7736-A403-4617-8790-18E46CB74DA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:certification_for_red_hat_enterprise_linux:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "33F13B03-69BF-4A8B-A0A0-7F47FD857461",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:certification_for_red_hat_enterprise_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9393119E-F018-463F-9548-60436F104195",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:cost_management:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC45EE1E-2365-42D4-9D55-92FA24E5ED3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:cryostat:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E567CD9F-5A43-4D25-B911-B5D0440698F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:decision_manager:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "68146098-58F8-417E-B165-5182527117C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:fence_agents_remediation_operator:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB4D6790-63E5-4043-B8BE-B489D649061D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:integration_camel_for_spring_boot:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "78698F40-0777-4990-822D-02E1B5D0E2C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:integration_camel_k:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B87C8AD3-8878-4546-86C2-BF411876648C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:integration_service_registry:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF03BDE8-602D-4DEE-BA5B-5B20FDF47741",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:jboss_a-mq:7:*:*:*:*:*:*:*",
              "matchCriteriaId": "A58966CB-36AF-4E64-AB39-BE3A0753E155",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:jboss_a-mq_streams:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "585BC540-073B-425B-B664-5EA4C00AFED6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:jboss_core_services:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B453CF7-9AA6-4B94-A003-BF7AE0B82F53",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:jboss_data_grid:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD354E32-A8B0-484C-B4C6-9FBCD3430D2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B142ACCC-F7A9-4A3B-BE60-0D6691D5058D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "72A54BDA-311C-413B-8E4D-388AD65A170A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:jboss_fuse:6.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A305F012-544E-4245-9D69-1C8CD37748B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:jboss_fuse:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B40CCE4F-EA2C-453D-BB76-6388767E5C6D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:logging_subsystem_for_red_hat_openshift:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF93A27E-AA2B-4C2E-9B8D-FE7267847326",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:machine_deletion_remediation_operator:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B12A3A8-6456-481A-A0C9-524543FCC149",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:migration_toolkit_for_applications:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C2E7E3C-A507-4AB2-97E5-4944D8775CF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:migration_toolkit_for_containers:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E22EBF9-AA0D-4712-9D69-DD97679CE835",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:migration_toolkit_for_virtualization:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "941B114C-FBD7-42FF-B1D8-4EA30E99102C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:network_observability_operator:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "339CFB34-A795-49F9-BF6D-A00F3A1A4F63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:node_healthcheck_operator:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D044DBE-6F5A-4C53-828E-7B1A570CACFF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:node_maintenance_operator:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E23FA47F-B967-44AD-AB76-1BB2CAD3CA5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:openshift:-:*:*:*:*:aws:*:*",
              "matchCriteriaId": "65203CA1-5225-4E55-A187-6454C091F532",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:openshift_api_for_data_protection:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7BF8EFFB-5686-4F28-A68F-1A8854E098CE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "932D137F-528B-4526-9A89-CD59FA1AB0FE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:openshift_container_platform_assisted_installer:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DA9B2E2-958B-478D-87D6-E5CDDCD44315",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:openshift_data_science:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3F5FF1E-5DA3-4EC3-B41A-A362BDFC4C69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:openshift_dev_spaces:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "99B8A88B-0B31-4CFF-AFD7-C9D3DDD5790D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:openshift_developer_tools_and_services:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "97321212-0E07-4CC2-A917-7B5F61AB9A5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:openshift_distributed_tracing:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF390236-3259-4C8F-891C-62ACC4386CD1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:openshift_gitops:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0AAA300-691A-4957-8B69-F6888CC971B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:openshift_pipelines:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "45937289-2D64-47CB-A750-5B4F0D4664A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:openshift_sandboxed_containers:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B129311C-EB4B-4041-B85C-44D5E53FCAA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:openshift_secondary_scheduler_operator:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1AB54DB-3FB4-41CB-88ED-1400FD22AB85",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:openshift_serverless:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "77675CB7-67D7-44E9-B7FF-D224B3341AA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:openshift_service_mesh:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A76A2BCE-4AAE-46D7-93D6-2EDE0FC83145",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:openshift_virtualization:4:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C877879-B84B-471C-80CF-0656521CA8AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:openstack_platform:16.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCC81071-B46D-4F5D-AC25-B4A4CCC20C73",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:openstack_platform:16.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B3000D2-35DF-4A93-9FC0-1AD3AB8349B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:openstack_platform:17.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E315FC5C-FF19-43C9-A58A-CF2A5FF13824",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:process_automation:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "20A6B40D-F991-4712-8E30-5FE008505CB7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:quay:3.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1987BDA-0113-4603-B9BE-76647EB043F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:run_once_duration_override_operator:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D482A3D2-6E9B-42BA-9926-35E5BDD5F3BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:satellite:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "848C92A9-0677-442B-8D52-A448F2019903",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:self_node_remediation_operator:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F564701-EDC1-43CF-BB9F-287D6992C6CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:service_interconnect:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "12B0CF2B-D1E1-4E20-846E-6F0D873499A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:single_sign-on:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9EFEC7CA-8DDA-48A6-A7B6-1F1D14792890",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:support_for_spring_boot:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8885C2C-7FB8-40CA-BCB9-B48C50BF2499",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:web_terminal:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D88B140-D2A1-4A0A-A2E9-1A3B50C295AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:redhat:service_telemetry_framework:1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "A903C3AD-2D25-45B5-BF4A-A5BEB2286627",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
              "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:netapp:astra_control_center:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC5EBD2A-32A3-46D5-B155-B44DCB7F6902",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:akka:http_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2792650-851F-4820-B003-06A4BEA092D7",
              "versionEndExcluding": "10.5.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:konghq:kong_gateway:*:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "9F6B63B9-F4C9-4A3F-9310-E0918E1070D1",
              "versionEndExcluding": "3.4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*",
              "matchCriteriaId": "E6FF5F80-A991-43D4-B49F-D843E2BC5798",
              "versionEndIncluding": "2.414.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:jenkins:jenkins:*:*:*:*:-:*:*:*",
              "matchCriteriaId": "54D25DA9-12D0-4F14-83E6-C69D0293AAB9",
              "versionEndIncluding": "2.427",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E1AFFB9-C717-4727-B0C9-5A0C281710E2",
              "versionEndExcluding": "9.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:openresty:openresty:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "25C85001-E0AB-4B01-8EE7-1D9C77CD956E",
              "versionEndExcluding": "1.21.4.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:business_process_automation:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB2BDBAC-8D19-4F81-8D31-6D0955A53D82",
              "versionEndExcluding": "3.2.003.009",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:connected_mobile_experiences:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F98F9D27-6659-413F-8F29-4FDB0882AAC5",
              "versionEndExcluding": "11.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:crosswork_data_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C98BF315-C563-47C2-BAD1-63347A3D1008",
              "versionEndExcluding": "4.1.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:crosswork_data_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F30E209-FA52-4D3B-9B88-4193EA388554",
              "versionEndExcluding": "5.0.2",
              "versionStartIncluding": "5.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:crosswork_situation_manager:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3178F3A5-A072-44E1-A225-B04BC536F4FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:crosswork_zero_touch_provisioning:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA2BE0F1-DD16-4876-8EBA-F187BD38B159",
              "versionEndExcluding": "6.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:data_center_network_manager:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "796B6C58-2140-4105-A2A1-69865A194A75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:enterprise_chat_and_email:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEA99DC6-EA03-469F-A8BE-7F96FDF0B333",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:expressway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6560DBF4-AFE6-4672-95DE-74A0B8F4170A",
              "versionEndExcluding": "x14.3.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "84785919-796D-41E5-B652-6B5765C81D4A",
              "versionEndExcluding": "7.4.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:iot_field_network_director:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "92A74A1A-C69F-41E6-86D0-D6BB1C5D0A1E",
              "versionEndExcluding": "4.11.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:prime_access_registrar:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FE7BA33-2AC0-4A85-97AD-6D77F20BA2AD",
              "versionEndExcluding": "9.3.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:prime_cable_provisioning:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FE2F959-1084-48D1-B1F1-8182FC9862DD",
              "versionEndExcluding": "7.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:prime_infrastructure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CC17E6B-D7AB-40D7-AEC5-F5B555AC4D7F",
              "versionEndExcluding": "3.10.4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:prime_network_registrar:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BB6B48E-EA36-40A0-96D0-AF909BEC1147",
              "versionEndExcluding": "11.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_dynamic_attributes_connector:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CBED844-7F94-498C-836D-8593381A9657",
              "versionEndExcluding": "2.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_malware_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C170DBA1-0899-4ECC-9A0D-8FEB1DA1B510",
              "versionEndExcluding": "2.19.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:telepresence_video_communication_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "358FA1DC-63D3-49F6-AC07-9E277DD0D9DA",
              "versionEndExcluding": "x14.3.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ultra_cloud_core_-_policy_control_function:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFF2D182-7599-4B81-B56B-F44EDA1384C0",
              "versionEndExcluding": "2024.01.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ultra_cloud_core_-_policy_control_function:2024.01.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4868BCCA-24DE-4F24-A8AF-B3A545C0396E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ultra_cloud_core_-_serving_gateway_function:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "194F7A1F-FD43-4FF7-9AE2-C13AA5567E8A",
              "versionEndExcluding": "2024.02.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ultra_cloud_core_-_session_management_function:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEC75F99-C7F0-47EB-9032-C9D3A42EBA20",
              "versionEndExcluding": "2024.02.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_attendant_console_advanced:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6638F4E-16F7-447D-B755-52640BCB1C61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_domain_manager:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC34F742-530E-4AB4-8AFC-D1E088E256B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D31CC0E9-8E21-436B-AB84-EA1B1BC60DCD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise_-_live_data_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E22AD683-345B-4E16-BB9E-E9B1783E09AD",
              "versionEndExcluding": "12.6.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_management_portal:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5C0D694-9E24-4782-B35F-D7C3E3B0F2ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:fog_director:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2955BEE9-F567-4006-B96D-92E10FF84DB4",
              "versionEndExcluding": "1.22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "67502878-DB20-4410-ABA0-A1C5705064CD",
              "versionEndExcluding": "17.15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "177DED2D-8089-4494-BDD9-7F84FC06CD5B",
              "versionEndExcluding": "7.11.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:secure_web_appliance_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "54A29FD3-4128-4333-8445-A7DD04A6ECF6",
              "versionEndExcluding": "15.1.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:secure_web_appliance:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "67074526-9933-46B3-9FE3-A0BE73C5E8A7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EEB32D2E-AD9D-44A0-AEF7-689F7D2605C9",
              "versionEndExcluding": "10.2\\(7\\)",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A236A0A-6956-4D79-B8E5-B2D0C79FAE88",
              "versionEndExcluding": "10.3\\(5\\)",
              "versionStartIncluding": "10.3\\(1\\)",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE71D34C-227A-4789-BA4D-79E5FDE311DB",
              "versionEndExcluding": "10.4\\(2\\)",
              "versionStartIncluding": "10.4\\(1\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "528ED62B-D739-4E06-AC64-B506FD73BBAB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3016q:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D402AB0-BCFB-4F42-8C50-5DC930AEEC8B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "76C10D85-88AC-4A79-8866-BED88A0F8DF8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3064-32t:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "09AC2BAD-F536-48D0-A2F0-D4E290519EB6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3064-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECC4FFCC-E886-49BC-9737-5B5BA2AAB14B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3064t:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F4E8EE4-031D-47D3-A12E-EE5F792172EE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3064x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "00CDD8C3-67D5-4E9F-9D48-A77B55DB0AB1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "41C14CC9-C244-4B86-AEA6-C50BAD5DA9A6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3100-v:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8FF2EC4-0C09-4C00-9956-A2A4A894F63D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3100-z:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D14D4B4E-120E-4607-A4F1-447C7BF3052E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3100v:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "15702ACB-29F3-412D-8805-E107E0729E35",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E930332-CDDD-48D5-93BC-C22D693BBFA2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_31108pv-v:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "29B34855-D8D2-4114-80D2-A4D159C62458",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3DBBFE9-835C-4411-8492-6006E74BAC65",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3293438-3D18-45A2-B093-2C3F65783336",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3132q-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C97C29EE-9426-4BBE-8D84-AB5FF748703D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3132q-x\\/3132q-xl:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E142C18F-9FB5-4D96-866A-141D7D16CAF7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F43B770-D96C-44EA-BC12-9F39FC4317B9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7817F4E6-B2DA-4F06-95A4-AF329F594C02",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3172pq:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CED628B5-97A8-4B26-AA40-BEC854982157",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7BB9DD73-E31D-4921-A6D6-E14E04703588",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3172pq\\/pq-xl:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8EFC116A-627F-4E05-B631-651D161217C8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4532F513-0543-4960-9877-01F23CA7BA1B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B43502B-FD53-465A-B60F-6A359C6ACD99",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "32A532C0-B0E3-484A-B356-88970E7D0248",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3232:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C84D24C-2256-42AF-898A-221EBE9FE1E4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3232c_:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D008CA1C-6F5A-40EA-BB12-A9D84D5AF700",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "43913A0E-50D5-47DD-94D8-DD3391633619",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D397349-CCC6-479B-9273-FB1FFF4F34F2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_34200yc-sm:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA52D5C1-13D8-4D23-B022-954CCEF491F1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F7AF8D7-431B-43CE-840F-CC0817D159C0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8E1073F-D374-4311-8F12-AD8C72FAA293",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAF5AF71-15DF-4151-A1CF-E138A7103FC8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "10F80A72-AD54-4699-B8AE-82715F0B58E2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3524-x\\/xl:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E505C0B1-2119-4C6A-BF96-C282C633D169",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "088C0323-683A-44F5-8D42-FF6EC85D080E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "74CB4002-7636-4382-B33E-FBA060A13C34",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3548-x\\/xl:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "915EF8F6-6039-4DD0-B875-30D911752B74",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "10CEBF73-3EE0-459A-86C5-F8F6243FE27C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "97217080-455C-48E4-8CE1-6D5B9485864F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EEB32D2E-AD9D-44A0-AEF7-689F7D2605C9",
              "versionEndExcluding": "10.2\\(7\\)",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A236A0A-6956-4D79-B8E5-B2D0C79FAE88",
              "versionEndExcluding": "10.3\\(5\\)",
              "versionStartIncluding": "10.3\\(1\\)",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE71D34C-227A-4789-BA4D-79E5FDE311DB",
              "versionEndExcluding": "10.4\\(2\\)",
              "versionStartIncluding": "10.4\\(1\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "532CE4B0-A3C9-4613-AAAF-727817D06FB4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9200yc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "24CA1A59-2681-4507-AC74-53BD481099B9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_92160yc_switch:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF9147C9-5D8B-40F5-9AAA-66A3495A0AD8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9221c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFB9FDE8-8533-4F65-BF32-4066D042B2F7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_92300yc_switch:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3AA5389A-8AD1-476E-983A-54DF573C30F5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_92304qc_switch:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1B1A8F1-45B1-4E64-A254-7191FA93CB6D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9232e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "83DA8BFA-D7A2-476C-A6F5-CAE610033BC2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "557ED31C-C26A-4FAE-8B14-D06B49F7F08B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9236c_switch:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB2FFD26-8255-4351-8594-29D2AEFC06EF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9272q_switch:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "61E10975-B47E-4F4D-8096-AEC7B7733612",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "92E2CB2B-DA11-4CF7-9D57-3D4D48990DC0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex-24:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "40E40F42-632A-47DF-BE33-DC25B826310B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex_switch:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C67B7A6-9BB2-41FC-8FA3-8D0DF67CBC68",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx-24:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C47F6BF9-2ADB-41A4-8D7D-8BB00141BB23",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx3h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16C64136-89C2-443C-AF7B-BED81D3DE25A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx3p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBEF7F26-BB47-44BD-872E-130820557C23",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_93120tx_switch:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "182000E0-8204-4D8B-B7DE-B191AFE12E28",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_93128:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F309E7B9-B828-4CD2-9D2B-8966EE5B9CC1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_93128tx_switch:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDC208BC-7E19-48C6-A20E-A79A51B7362C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "102F91CD-DFB6-43D4-AE5B-DA157A696230",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex_switch:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "084D0191-563B-4FF0-B589-F35DA118E1C6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_93180tc-ex:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7DB6FC5-762A-4F16-AE8C-69330EFCF640",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex-24:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5394DE31-3863-4CA9-B7B1-E5227183100D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex_switch:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "968390BC-B430-4903-B614-13104BFAE635",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx-24:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE4BB834-2C00-4384-A78E-AF3BCDDC58AF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0D30D52-837F-4FDA-B8E5-A9066E9C6D2F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx3h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6678B8A-D905-447E-BE7E-6BFB4CC5DAFE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx3s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CE49B45-F2E9-491D-9C29-1B46E9CE14E2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_93240tc-fx2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4BFAD21E-59EE-4CCE-8F1E-621D2EA50905",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9332d-gx2b:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "02C3CE6D-BD54-48B1-A188-8E53DA001424",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9332d-h2r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "498991F7-39D6-428C-8C7D-DD8DC72A0346",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9332pq_switch:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7B90D36-5124-4669-8462-4EAF35B0F53D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CDD27C9-5EAF-4956-8AB7-740C84C9D4FC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9336pq:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F1127D2-12C0-454F-91EF-5EE334070D06",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D6EB963-E0F2-4A02-8765-AB2064BE19E9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine_switch:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEAAF99B-5406-4722-81FB-A91CBAC2DF41",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9348d-gx2a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "73DC1E93-561E-490C-AE0E-B02BAB9A7C8E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9348gc-fx3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "12DA2DE5-8ADA-4D6A-BC1A-9C06FA163B1C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CF467E2-4567-426E-8F48-39669E0F514C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9364c-gx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "68EA1FEF-B6B6-49FE-A0A4-5387F76303F8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9364d-gx2a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "40D6DB7F-C025-4971-9615-73393ED61078",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9372px-e_switch:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "737C724A-B6CD-4FF7-96E0-EBBF645D660E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9372px_switch:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7067AEC7-DFC8-4437-9338-C5165D9A8F36",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9372tx-e_switch:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71D4CF15-B293-4403-A1A9-96AD3933BAEF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9372tx_switch:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DBCC1515-2DBE-4DF2-8E83-29A869170F36",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9396px_switch:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7282AAFF-ED18-4992-AC12-D953C35EC328",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9396tx_switch:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "360409CC-4172-4878-A76B-EA1C1F8C7A79",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9408:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8D5D5E2-B40B-475D-9EF3-8441016E37E9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9432pq:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FDA8E1F0-74A6-4725-B6AA-A1112EFC5D0C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "63BE0266-1C00-4D6A-AD96-7F82532ABAA7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9500_16-slot:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "73F59A4B-AE92-4533-8EDC-D1DD850309FF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9500_4-slot:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "492A2C86-DD38-466B-9965-77629A73814F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9500_8-slot:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FB7AA46-4018-4925-963E-719E1037F759",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "31B9D1E4-10B9-4B6F-B848-D93ABF6486D6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_a\\+:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB270C45-756E-400A-979F-D07D750C881A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_b:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E8A085C-2DBA-4269-AB01-B16019FBB4DA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_b\\+:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A79DD582-AF68-44F1-B640-766B46EF2BE2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9500r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B04484DA-AA59-4833-916E-6A8C96D34F0D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9504_switch:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D07B5399-44C7-468D-9D57-BB5B5E26CE50",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9508_switch:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B76FB64F-16F0-4B0B-B304-B46258D434BA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9516_switch:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E128053-834B-4DD5-A517-D14B4FC2B56F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9536pq:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "163743A1-09E7-4EC5-8ECA-79E4B9CE173B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9636pq:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE340E4C-DC48-4FC8-921B-EE304DB5AE0A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9716d-gx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C367BBE0-D71F-4CB5-B50E-72B033E73FE1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9736pq:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "85E1D224-4751-4233-A127-A041068C804A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD31B075-01B1-429E-83F4-B999356A0EB9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9804:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A10C9C0A-C96A-4B45-90D0-6ED457EB5F4C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9808:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3284D16F-3275-4F8D-8AE4-D413DE19C4FA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023."
    },
    {
      "lang": "es",
      "value": "El protocolo HTTP/2 permite una denegaci\u00f3n de servicio (consumo de recursos del servidor) porque la cancelaci\u00f3n de solicitudes puede restablecer muchas transmisiones r\u00e1pidamente, como se explot\u00f3 en la naturaleza entre agosto y octubre de 2023."
    }
  ],
  "id": "CVE-2023-44487",
  "lastModified": "2025-06-11T17:29:54.137",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2023-10-10T14:15:10.883",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2023/10/10/6"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2023/10/10/7"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2023/10/13/4"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2023/10/13/9"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2023/10/18/4"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2023/10/18/8"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2023/10/19/6"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2023/10/20/8"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://access.redhat.com/security/cve/cve-2023-44487"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Press/Media Coverage",
        "Third Party Advisory"
      ],
      "url": "https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://aws.amazon.com/security/security-bulletins/AWS-2023-011/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Technical Description",
        "Vendor Advisory"
      ],
      "url": "https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "Vendor Advisory"
      ],
      "url": "https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Press/Media Coverage",
        "Third Party Advisory"
      ],
      "url": "https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://blog.vespa.ai/cve-2023-44487/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Issue Tracking",
        "Third Party Advisory"
      ],
      "url": "https://bugzilla.proxmox.com/show_bug.cgi?id=4988"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Issue Tracking",
        "Vendor Advisory"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Issue Tracking",
        "Vendor Advisory"
      ],
      "url": "https://bugzilla.suse.com/show_bug.cgi?id=1216123"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Technical Description",
        "Vendor Advisory"
      ],
      "url": "https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Technical Description",
        "Vendor Advisory"
      ],
      "url": "https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Issue Tracking",
        "Patch"
      ],
      "url": "https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://github.com/Azure/AKS/issues/3947"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://github.com/Kong/kong/discussions/11741"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://github.com/advisories/GHSA-qppj-fm5r-hxr3"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mitigation",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://github.com/advisories/GHSA-vx74-f528-fxqg"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://github.com/advisories/GHSA-xpw8-rcwv-8f8p"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://github.com/akka/akka-http/issues/4323"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://github.com/alibaba/tengine/issues/1872"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://github.com/apache/apisix/issues/10320"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://github.com/apache/httpd-site/pull/10"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Product"
      ],
      "url": "https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Product",
        "Third Party Advisory"
      ],
      "url": "https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Issue Tracking",
        "Patch"
      ],
      "url": "https://github.com/apache/trafficserver/pull/10564"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://github.com/bcdannyboy/CVE-2023-44487"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Issue Tracking",
        "Vendor Advisory"
      ],
      "url": "https://github.com/caddyserver/caddy/issues/5877"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Release Notes",
        "Third Party Advisory"
      ],
      "url": "https://github.com/caddyserver/caddy/releases/tag/v2.7.5"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Issue Tracking",
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "https://github.com/dotnet/announcements/issues/277"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Product",
        "Release Notes"
      ],
      "url": "https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://github.com/eclipse/jetty.project/issues/10679"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Issue Tracking",
        "Patch"
      ],
      "url": "https://github.com/envoyproxy/envoy/pull/30055"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Issue Tracking",
        "Patch"
      ],
      "url": "https://github.com/etcd-io/etcd/issues/16740"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Issue Tracking",
        "Patch"
      ],
      "url": "https://github.com/facebook/proxygen/pull/466"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://github.com/golang/go/issues/63417"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Issue Tracking",
        "Patch"
      ],
      "url": "https://github.com/grpc/grpc-go/pull/6703"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "https://github.com/grpc/grpc/releases/tag/v1.59.2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Issue Tracking",
        "Patch"
      ],
      "url": "https://github.com/h2o/h2o/pull/3291"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://github.com/haproxy/haproxy/issues/2312"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Product"
      ],
      "url": "https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://github.com/junkurihara/rust-rpxy/issues/97"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://github.com/kazu-yamamoto/http2/issues/93"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Issue Tracking",
        "Patch"
      ],
      "url": "https://github.com/kubernetes/kubernetes/pull/121120"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Issue Tracking",
        "Patch"
      ],
      "url": "https://github.com/line/armeria/pull/5232"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://github.com/micrictor/http2-rst-stream"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Issue Tracking",
        "Patch"
      ],
      "url": "https://github.com/microsoft/CBL-Mariner/pull/6381"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Issue Tracking",
        "Patch"
      ],
      "url": "https://github.com/nghttp2/nghttp2/pull/1961"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Release Notes"
      ],
      "url": "https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://github.com/ninenines/cowboy/issues/1615"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://github.com/nodejs/node/pull/50121"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://github.com/openresty/openresty/issues/930"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Issue Tracking",
        "Patch"
      ],
      "url": "https://github.com/opensearch-project/data-prepper/issues/3474"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://github.com/oqtane/oqtane.framework/discussions/3367"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Issue Tracking",
        "Patch"
      ],
      "url": "https://github.com/projectcontour/contour/pull/5826"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://github.com/tempesta-tech/tempesta/issues/1986"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://github.com/varnishcache/varnish-cache/issues/3996"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Release Notes",
        "Vendor Advisory"
      ],
      "url": "https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://istio.io/latest/news/security/istio-security-2023-004/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mitigation",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://my.f5.com/manage/s/article/K000137106"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Release Notes",
        "Vendor Advisory"
      ],
      "url": "https://netty.io/news/2023/10/10/4-1-100-Final.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://news.ycombinator.com/item?id=37830987"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Issue Tracking",
        "Press/Media Coverage"
      ],
      "url": "https://news.ycombinator.com/item?id=37830998"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://news.ycombinator.com/item?id=37831062"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://news.ycombinator.com/item?id=37837043"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http2-reset-d8Kf32vZ"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.gentoo.org/glsa/202311-09"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.netapp.com/advisory/ntap-20231016-0001/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.netapp.com/advisory/ntap-20240426-0007/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://security.netapp.com/advisory/ntap-20240621-0006/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.netapp.com/advisory/ntap-20240621-0007/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://security.paloaltonetworks.com/CVE-2023-44487"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Release Notes"
      ],
      "url": "https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://ubuntu.com/security/CVE-2023-44487"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Press/Media Coverage",
        "Third Party Advisory"
      ],
      "url": "https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Vendor Advisory"
      ],
      "url": "https://www.debian.org/security/2023/dsa-5521"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Vendor Advisory"
      ],
      "url": "https://www.debian.org/security/2023/dsa-5522"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://www.debian.org/security/2023/dsa-5540"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://www.debian.org/security/2023/dsa-5549"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://www.debian.org/security/2023/dsa-5558"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.debian.org/security/2023/dsa-5570"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "Vendor Advisory"
      ],
      "url": "https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://www.openwall.com/lists/oss-security/2023/10/10/6"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Press/Media Coverage"
      ],
      "url": "https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Press/Media Coverage",
        "Third Party Advisory"
      ],
      "url": "https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2023/10/13/4"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2023/10/13/9"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2023/10/18/4"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2023/10/18/8"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2023/10/19/6"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2023/10/20/8"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://access.redhat.com/security/cve/cve-2023-44487"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Press/Media Coverage",
        "Third Party Advisory"
      ],
      "url": "https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://aws.amazon.com/security/security-bulletins/AWS-2023-011/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Technical Description",
        "Vendor Advisory"
      ],
      "url": "https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "Vendor Advisory"
      ],
      "url": "https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Press/Media Coverage",
        "Third Party Advisory"
      ],
      "url": "https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://blog.vespa.ai/cve-2023-44487/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Third Party Advisory"
      ],
      "url": "https://bugzilla.proxmox.com/show_bug.cgi?id=4988"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Vendor Advisory"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Vendor Advisory"
      ],
      "url": "https://bugzilla.suse.com/show_bug.cgi?id=1216123"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Technical Description",
        "Vendor Advisory"
      ],
      "url": "https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Technical Description",
        "Vendor Advisory"
      ],
      "url": "https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Patch"
      ],
      "url": "https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://github.com/Azure/AKS/issues/3947"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://github.com/Kong/kong/discussions/11741"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://github.com/advisories/GHSA-qppj-fm5r-hxr3"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mitigation",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://github.com/advisories/GHSA-vx74-f528-fxqg"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://github.com/advisories/GHSA-xpw8-rcwv-8f8p"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://github.com/akka/akka-http/issues/4323"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://github.com/alibaba/tengine/issues/1872"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://github.com/apache/apisix/issues/10320"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://github.com/apache/httpd-site/pull/10"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Product"
      ],
      "url": "https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Product",
        "Third Party Advisory"
      ],
      "url": "https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Patch"
      ],
      "url": "https://github.com/apache/trafficserver/pull/10564"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://github.com/bcdannyboy/CVE-2023-44487"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Vendor Advisory"
      ],
      "url": "https://github.com/caddyserver/caddy/issues/5877"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Release Notes",
        "Third Party Advisory"
      ],
      "url": "https://github.com/caddyserver/caddy/releases/tag/v2.7.5"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "https://github.com/dotnet/announcements/issues/277"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Product",
        "Release Notes"
      ],
      "url": "https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://github.com/eclipse/jetty.project/issues/10679"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Patch"
      ],
      "url": "https://github.com/envoyproxy/envoy/pull/30055"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Patch"
      ],
      "url": "https://github.com/etcd-io/etcd/issues/16740"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Patch"
      ],
      "url": "https://github.com/facebook/proxygen/pull/466"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://github.com/golang/go/issues/63417"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Patch"
      ],
      "url": "https://github.com/grpc/grpc-go/pull/6703"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Patch"
      ],
      "url": "https://github.com/h2o/h2o/pull/3291"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://github.com/haproxy/haproxy/issues/2312"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Product"
      ],
      "url": "https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://github.com/junkurihara/rust-rpxy/issues/97"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://github.com/kazu-yamamoto/http2/issues/93"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Patch"
      ],
      "url": "https://github.com/kubernetes/kubernetes/pull/121120"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Patch"
      ],
      "url": "https://github.com/line/armeria/pull/5232"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://github.com/micrictor/http2-rst-stream"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Patch"
      ],
      "url": "https://github.com/microsoft/CBL-Mariner/pull/6381"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Patch"
      ],
      "url": "https://github.com/nghttp2/nghttp2/pull/1961"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Release Notes"
      ],
      "url": "https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://github.com/ninenines/cowboy/issues/1615"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://github.com/nodejs/node/pull/50121"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://github.com/openresty/openresty/issues/930"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Patch"
      ],
      "url": "https://github.com/opensearch-project/data-prepper/issues/3474"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://github.com/oqtane/oqtane.framework/discussions/3367"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Patch"
      ],
      "url": "https://github.com/projectcontour/contour/pull/5826"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://github.com/tempesta-tech/tempesta/issues/1986"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://github.com/varnishcache/varnish-cache/issues/3996"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Release Notes",
        "Vendor Advisory"
      ],
      "url": "https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://istio.io/latest/news/security/istio-security-2023-004/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mitigation",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://my.f5.com/manage/s/article/K000137106"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Release Notes",
        "Vendor Advisory"
      ],
      "url": "https://netty.io/news/2023/10/10/4-1-100-Final.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://news.ycombinator.com/item?id=37830987"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Press/Media Coverage"
      ],
      "url": "https://news.ycombinator.com/item?id=37830998"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://news.ycombinator.com/item?id=37831062"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://news.ycombinator.com/item?id=37837043"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.gentoo.org/glsa/202311-09"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.netapp.com/advisory/ntap-20231016-0001/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.netapp.com/advisory/ntap-20240426-0007/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://security.netapp.com/advisory/ntap-20240621-0006/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.netapp.com/advisory/ntap-20240621-0007/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://security.paloaltonetworks.com/CVE-2023-44487"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Release Notes"
      ],
      "url": "https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://ubuntu.com/security/CVE-2023-44487"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Press/Media Coverage",
        "Third Party Advisory"
      ],
      "url": "https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Vendor Advisory"
      ],
      "url": "https://www.debian.org/security/2023/dsa-5521"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Vendor Advisory"
      ],
      "url": "https://www.debian.org/security/2023/dsa-5522"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://www.debian.org/security/2023/dsa-5540"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://www.debian.org/security/2023/dsa-5549"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://www.debian.org/security/2023/dsa-5558"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.debian.org/security/2023/dsa-5570"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "Vendor Advisory"
      ],
      "url": "https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://www.openwall.com/lists/oss-security/2023/10/10/6"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Press/Media Coverage"
      ],
      "url": "https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Press/Media Coverage",
        "Third Party Advisory"
      ],
      "url": "https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.vicarius.io/vsociety/posts/rapid-reset-cve-2023-44487-dos-in-http2-understanding-the-root-cause"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2021-04-29 18:15

Modified

2024-11-21 05:44

Severity ?

6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Summary

A vulnerability in the CLI of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system (OS) of an affected device. The vulnerability is due to insufficient input validation of commands that are supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input for specific commands. A successful exploit could allow the attacker to execute commands on the underlying OS with root privileges. To exploit this vulnerability, an attacker must have valid administrator-level credentials.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-cmd-inj-SELprvG	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-cmd-inj-SELprvG	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "04202164-FCC4-413E-90B5-01FE08AC6EEC",
              "versionEndExcluding": "6.6.4",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FDDF492B-BC61-4814-B05F-3F6CD07080F7",
              "versionEndExcluding": "6.7.0.2",
              "versionStartIncluding": "6.7.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B74C14F-C95B-4AF5-A255-1CA824AA7FDE",
              "versionEndExcluding": "9.13.1.21",
              "versionStartIncluding": "9.13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "06071877-6E69-4440-9306-6410223218D7",
              "versionEndExcluding": "9.14.2.13",
              "versionStartIncluding": "9.14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "97985BC1-7D4F-465A-863B-9EAD980A4CF1",
              "versionEndExcluding": "9.15.1.10",
              "versionStartIncluding": "9.15",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the CLI of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system (OS) of an affected device. The vulnerability is due to insufficient input validation of commands that are supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input for specific commands. A successful exploit could allow the attacker to execute commands on the underlying OS with root privileges. To exploit this vulnerability, an attacker must have valid administrator-level credentials."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la CLI del Software Cisco Adaptive Security Appliance (ASA) y el software Cisco Firepower Threat Defense (FTD), podr\u00eda permitir a un atacante autenticado local ejecutar comandos arbitrarios en el sistema operativo (SO) subyacente de un dispositivo afectado.\u0026#xa0;La vulnerabilidad es debido a una comprobaci\u00f3n insuficiente de entrada  de los comandos suministrados por el usuario.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad al autenticarse en un dispositivo y enviar una entrada dise\u00f1ada para comandos espec\u00edficos.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante ejecutar comandos en el sistema operativo subyacente con privilegios root.\u0026#xa0;Para explotar esta vulnerabilidad, un atacante debe tener credenciales v\u00e1lidas de nivel de administrador"
    }
  ],
  "id": "CVE-2021-1476",
  "lastModified": "2024-11-21T05:44:26.607",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.9,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-04-29T18:15:09.197",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-cmd-inj-SELprvG"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-cmd-inj-SELprvG"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2019-10-02 19:15

Modified

2024-11-26 16:09

Severity ?

6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Summary

A vulnerability in the configuration of the Pluggable Authentication Module (PAM) used in Cisco Firepower Threat Defense (FTD) Software, Cisco Firepower Management Center (FMC) Software, and Cisco FXOS Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to improper resource management in the context of user session management. An attacker could exploit this vulnerability by connecting to an affected system and performing many simultaneous successful Secure Shell (SSH) logins. A successful exploit could allow the attacker to exhaust system resources and cause the device to reload, resulting in a DoS condition. To exploit this vulnerability, the attacker needs valid user credentials on the system.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-ftd-fpmc-dos	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-ftd-fpmc-dos	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_9300_firmware	r114
cisco	firepower_9300_firmware	r241
cisco	firepower_9300	-
cisco	firepower_extensible_operating_system	*
cisco	firepower_extensible_operating_system	*
cisco	firepower_extensible_operating_system	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	secure_firewall_management_center	*
cisco	secure_firewall_management_center	*
cisco	firepower_1000	-
cisco	firepower_2100	-
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	secure_firewall_management_center	*
cisco	secure_firewall_management_center	*
cisco	secure_firewall_management_center	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:firepower_9300_firmware:r114:*:*:*:*:*:*:*",
              "matchCriteriaId": "7BAFB031-B555-4291-94A7-B624CDDA6E22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_9300_firmware:r241:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9204F1F-5094-40F5-88C2-A709E599FFE8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "07DAFDDA-718B-4B69-A524-B0CEB80FE960",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8D9C558-2EDE-493B-B473-30686B1F5F1F",
              "versionEndIncluding": "2.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D69E67A-C3CE-4714-9DFF-6D4FAD4FA3BB",
              "versionEndExcluding": "2.3.1.155",
              "versionStartIncluding": "2.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4B07EAA-8923-4AE7-BB3E-578955C06251",
              "versionEndExcluding": "2.6.1.131",
              "versionStartIncluding": "2.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC5F3455-0918-4F29-987F-376FF74F8CE0",
              "versionEndIncluding": "6.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C50547D-4EEE-40B2-80F3-DC0059DF5B27",
              "versionEndExcluding": "6.2.3.14",
              "versionStartIncluding": "6.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "82A4999E-1D1C-45CD-BF8C-C08D9AB7DA0E",
              "versionEndIncluding": "6.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BB17BB1-4542-47AF-AE44-FF8A27BC1F86",
              "versionEndExcluding": "6.2.3.14",
              "versionStartIncluding": "6.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6F79864-CA70-4192-AC2C-E174DF3F25B2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D23A26EF-5B43-437C-A962-4FC69D8A0FF4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC5F3455-0918-4F29-987F-376FF74F8CE0",
              "versionEndIncluding": "6.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F67688A-E56F-49A6-955E-5D541E96E5F7",
              "versionEndExcluding": "6.2.2.5",
              "versionStartIncluding": "6.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B9EB1B7-F821-41A0-9282-8F9D698DF0AE",
              "versionEndExcluding": "6.2.3.7",
              "versionStartIncluding": "6.2.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "82A4999E-1D1C-45CD-BF8C-C08D9AB7DA0E",
              "versionEndIncluding": "6.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BB17BB1-4542-47AF-AE44-FF8A27BC1F86",
              "versionEndExcluding": "6.2.3.14",
              "versionStartIncluding": "6.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA4116CE-6AAC-4D3F-AF7F-B4C1B9E6A242",
              "versionEndExcluding": "6.2.3.7",
              "versionStartIncluding": "6.2.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the configuration of the Pluggable Authentication Module (PAM) used in Cisco Firepower Threat Defense (FTD) Software, Cisco Firepower Management Center (FMC) Software, and Cisco FXOS Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to improper resource management in the context of user session management. An attacker could exploit this vulnerability by connecting to an affected system and performing many simultaneous successful Secure Shell (SSH) logins. A successful exploit could allow the attacker to exhaust system resources and cause the device to reload, resulting in a DoS condition. To exploit this vulnerability, the attacker needs valid user credentials on the system."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la configuraci\u00f3n del Pluggable Authentication Module (PAM) utilizado en el Software Cisco Firepower Threat Defense (FTD), el Software Cisco Firepower Management Center (FMC) y el Software Cisco FXOS, podr\u00eda permitir a un atacante remoto autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS). La vulnerabilidad es debido a la administraci\u00f3n de recursos inapropiada en el contexto de la administraci\u00f3n de sesi\u00f3n del usuario. Un atacante podr\u00eda explotar esta vulnerabilidad mediante la conexi\u00f3n a un sistema afectado y realizando muchos inicios de sesi\u00f3n con \u00e9xito de Secure Shell (SSH) simult\u00e1neos. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante agotar los recursos del sistema y causar que el dispositivo se recargue, resultando en una condici\u00f3n DoS. Para explotar esta vulnerabilidad, el atacante necesita credenciales de usuario v\u00e1lidas en el sistema."
    }
  ],
  "id": "CVE-2019-12700",
  "lastModified": "2024-11-26T16:09:02.407",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 6.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.7,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.1,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-10-02T19:15:13.810",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-ftd-fpmc-dos"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-ftd-fpmc-dos"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2023-11-01 18:15

Modified

2024-11-21 07:40

Severity ?

5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

Summary

Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. This vulnerability is due to a flaw in the FTP module of the Snort detection engine. An attacker could exploit this vulnerability by sending crafted FTP traffic through an affected device. A successful exploit could allow the attacker to bypass FTP inspection and deliver a malicious payload.

References

▼	URL	Tags
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-ftd-zXYtnjOM	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-ftd-zXYtnjOM	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
snort	snort	2.0
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
snort	snort	*
cisco	cyber_vision	*
cisco	unified_threat_defense	*
cisco	unified_threat_defense	*
cisco	unified_threat_defense	*
cisco	unified_threat_defense	*
cisco	unified_threat_defense	*
cisco	meraki_mx_security_appliance_firmware	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C62E4A4C-EE6D-49B5-ADCC-21386CD9F2D9",
              "versionEndExcluding": "6.4.0.17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2A381B6-2AEF-4A0F-A151-8C3CEBBA7AC2",
              "versionEndExcluding": "7.0.6",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB0ABE0D-B90E-45BD-8978-DD6EBC863EC6",
              "versionEndExcluding": "7.2.4",
              "versionStartIncluding": "7.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "233409FB-3D8D-41A9-BEC6-8A0E758717ED",
              "versionEndExcluding": "7.3.1.2",
              "versionStartIncluding": "7.3.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:snort:snort:2.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "4C27CF59-184F-4FFD-9CE8-87F2589EB5AA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7792398D-F563-4441-900D-ABFECAA884AF",
              "versionEndExcluding": "7.0.5",
              "versionStartIncluding": "6.7.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F64FDF4-9696-4FC8-9ADA-DF1727EF1A63",
              "versionEndExcluding": "7.1.0.3",
              "versionStartIncluding": "7.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F712E334-BA34-4D9C-9E72-DBEFCF9B0E66",
              "versionEndExcluding": "7.2.1",
              "versionStartIncluding": "7.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:snort:snort:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5D0C2A5-A925-475B-8B2F-F8E3F27C0876",
              "versionEndExcluding": "3.1.32.0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCA9E447-86A4-46AC-9D6B-55D6F8664488",
              "versionEndExcluding": "4.1.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:unified_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE0EDFC9-F9CD-487F-AB5C-38E8340BF427",
              "versionEndExcluding": "17.3.8",
              "versionStartIncluding": "17.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "85C85786-8BA2-4194-9A07-9F8E676E75C9",
              "versionEndExcluding": "17.6.6",
              "versionStartIncluding": "17.6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B50A5D29-0995-469D-86B8-0C5473FC54FC",
              "versionEndExcluding": "17.9.4",
              "versionStartIncluding": "17.9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0DB2D2F1-FB90-485D-B6B4-B6E0A9351C95",
              "versionEndExcluding": "17.11.1a",
              "versionStartIncluding": "17.11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC04A2AB-CAAA-4723-90FD-C35CED76E029",
              "versionEndExcluding": "17.12.1a",
              "versionStartIncluding": "17.12",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx_security_appliance_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C60FD7B-F41F-4307-B3F4-905E7B7C17AF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. This vulnerability is due to a flaw in the FTP module of the Snort detection engine. An attacker could exploit this vulnerability by sending crafted FTP traffic through an affected device. A successful exploit could allow the attacker to bypass FTP inspection and deliver a malicious payload."
    },
    {
      "lang": "es",
      "value": "Varios productos de Cisco se ven afectados por una vulnerabilidad en el motor de detecci\u00f3n Snort que podr\u00eda permitir que un atacante remoto no autenticado omitir las pol\u00edticas configuradas en un sistema afectado. Esta vulnerabilidad se debe a una falla en el m\u00f3dulo FTP del motor de detecci\u00f3n de Snort. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando tr\u00e1fico FTP manipulado a trav\u00e9s de un dispositivo afectado. Un exploit exitoso podr\u00eda permitir al atacante omitir la inspecci\u00f3n de FTP y entregar un payload maliciosa."
    }
  ],
  "id": "CVE-2023-20071",
  "lastModified": "2024-11-21T07:40:29.093",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-11-01T18:15:09.090",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-ftd-zXYtnjOM"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-ftd-zXYtnjOM"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-1039"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2018-04-19 20:29

Modified

2024-11-21 03:37

Severity ?

5.8 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

Summary

A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass a configured file action policy that is intended to drop the Server Message Block Version 2 (SMB2) and SMB Version 3 (SMB3) protocols if malware is detected. The vulnerability is due to incorrect detection of an SMB2 or SMB3 file based on the total file length. An attacker could exploit this vulnerability by sending a crafted SMB2 or SMB3 transfer request through the targeted device. An exploit could allow the attacker to pass SMB2 or SMB3 files that could be malware even though the device is configured to block them. This vulnerability does not exist for SMB Version 1 (SMB1) files. This vulnerability affects Cisco Firepower System Software when one or more file action policies are configured, on software releases prior to 6.2.3. Cisco Bug IDs: CSCvg68807.

References

URL	Tags
psirt@cisco.com	http://www.securityfocus.com/bid/103943	Third Party Advisory, VDB Entry
psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-fss	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/103943	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-fss	Vendor Advisory

Impacted products

	Vendor	Product	Version
	cisco	firepower_threat_defense	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1D6BDEA-ADBE-4FAB-ACFD-60E4CD5B0F84",
              "versionEndExcluding": "6.2.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass a configured file action policy that is intended to drop the Server Message Block Version 2 (SMB2) and SMB Version 3 (SMB3) protocols if malware is detected. The vulnerability is due to incorrect detection of an SMB2 or SMB3 file based on the total file length. An attacker could exploit this vulnerability by sending a crafted SMB2 or SMB3 transfer request through the targeted device. An exploit could allow the attacker to pass SMB2 or SMB3 files that could be malware even though the device is configured to block them. This vulnerability does not exist for SMB Version 1 (SMB1) files. This vulnerability affects Cisco Firepower System Software when one or more file action policies are configured, on software releases prior to 6.2.3. Cisco Bug IDs: CSCvg68807."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el motor de detecci\u00f3n de Cisco Firepower System Software podr\u00eda permitir que un atacante remoto sin autenticar omita una pol\u00edtica de archivos que est\u00e9 configurada para anular los protocolos Server Message Block Version 2 (SMB2) y SMB Version 3 (SMB3) si se detecta malware. La vulnerabilidad se debe a la detecci\u00f3n incorrecta de un archivo SMB2 o SMB3 basado en el tama\u00f1o total del archivo. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de una petici\u00f3n de transferencia de SMB2 o SMB3 manipulada al dispositivo objetivo. Un exploit podr\u00eda permitir que el atacante pase archivos SMB2 o SMB3 que podr\u00edan ser malware, incluso aunque el dispositivo est\u00e9 configurado para bloquearlos. Esta vulnerabilidad no existe para los archivos SMB Version 1 (SMB1). Esta vulnerabilidad afecta a Cisco Firepower System Software cuando una o m\u00e1s pol\u00edticas de acci\u00f3n de archivos est\u00e1n configuradas en versiones del software anteriores a la 6.2.3. Cisco Bug IDs: CSCvg68807."
    }
  ],
  "id": "CVE-2018-0243",
  "lastModified": "2024-11-21T03:37:48.183",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-04-19T20:29:00.973",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/103943"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-fss"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/103943"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-fss"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-693"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-693"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2023-11-01 18:15

Modified

2024-11-21 07:40

Severity ?

4.0 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:L

Summary

A vulnerability in the SSL/TLS certificate handling of Snort 3 Detection Engine integration with Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the Snort 3 detection engine to restart. This vulnerability is due to a logic error that occurs when an SSL/TLS certificate that is under load is accessed when it is initiating an SSL connection. Under specific, time-based constraints, an attacker could exploit this vulnerability by sending a high rate of SSL/TLS connection requests to be inspected by the Snort 3 detection engine on an affected device. A successful exploit could allow the attacker to cause the Snort 3 detection engine to reload, resulting in either a bypass or a denial of service (DoS) condition, depending on device configuration. The Snort detection engine will restart automatically. No manual intervention is required.

References

▼	URL	Tags
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort3-8U4HHxH8	Mitigation, Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort3-8U4HHxH8	Mitigation, Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	6.7.0
cisco	firepower_threat_defense	6.7.0.1
cisco	firepower_threat_defense	6.7.0.2
cisco	firepower_threat_defense	6.7.0.3
cisco	firepower_threat_defense	7.0.0
cisco	firepower_threat_defense	7.0.0.1
cisco	firepower_threat_defense	7.0.1
cisco	firepower_threat_defense	7.0.1.1
cisco	firepower_threat_defense	7.0.2
cisco	firepower_threat_defense	7.0.2.1
cisco	firepower_threat_defense	7.0.3
cisco	firepower_threat_defense	7.0.4
cisco	firepower_threat_defense	7.0.5
cisco	firepower_threat_defense	7.2.0
cisco	firepower_threat_defense	7.2.0.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "85F22403-B4EE-4303-9C94-915D3E0AC944",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "828E3DE1-B62E-4FEC-AAD3-EB0E452C9CBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "596EC5DD-D7F4-44C8-B4B5-E2DC142FC486",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C356E0E6-5B87-40CF-996E-6FFEDFD82A31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBCA75A6-0A3E-4393-8884-9F3CE190641E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F3C12D3-7662-46C5-9E88-D1BE6CF605E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "046B53A0-6BC1-461A-9C28-C534CE12C4BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA889E1-4E8F-4ECE-88AC-7A240D5CBF0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D1C767F-3E06-43B7-A0CC-D51D97A053EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "43A950B0-A7CA-4CE7-A393-A18C8C41B08E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7E221CB-BD0F-4AEE-8646-998B75647714",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "225382DE-2919-48F4-9CC0-DE685EAAFDF4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBA2DFE7-F478-46EC-9832-4B2C738FC879",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FD5D12-CF1A-4990-99B3-1840EFBA5611",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCD2D11D-FF08-44E4-BF67-D8DD1E701FCD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the SSL/TLS certificate handling of Snort 3 Detection Engine integration with Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the Snort 3 detection engine to restart. This vulnerability is due to a logic error that occurs when an SSL/TLS certificate that is under load is accessed when it is initiating an SSL connection. Under specific, time-based constraints, an attacker could exploit this vulnerability by sending a high rate of SSL/TLS connection requests to be inspected by the Snort 3 detection engine on an affected device. A successful exploit could allow the attacker to cause the Snort 3 detection engine to reload, resulting in either a bypass or a denial of service (DoS) condition, depending on device configuration. The Snort detection engine will restart automatically. No manual intervention is required."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el manejo de certificados SSL/TLS de la integraci\u00f3n del motor de detecci\u00f3n Snort 3 con el software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir que un atacante remoto no autenticado provoque que el motor de detecci\u00f3n Snort 3 se reinicie. Esta vulnerabilidad se debe a un error l\u00f3gico que ocurre cuando se accede a un certificado SSL/TLS que est\u00e1 bajo carga cuando se inicia una conexi\u00f3n SSL. Bajo limitaciones espec\u00edficas basadas en el tiempo, un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una alta tasa de solicitudes de conexi\u00f3n SSL/TLS para ser inspeccionadas por el motor de detecci\u00f3n Snort 3 en un dispositivo afectado. Un exploit exitoso podr\u00eda permitir al atacante hacer que el motor de detecci\u00f3n de Snort 3 se recargue, lo que resultar\u00eda en una condici\u00f3n de omisi\u00f3n o Denegaci\u00f3n de Servicio (DoS), dependiendo de la configuraci\u00f3n del dispositivo. El motor de detecci\u00f3n de Snort se reiniciar\u00e1 autom\u00e1ticamente. No se requiere intervenci\u00f3n manual."
    }
  ],
  "id": "CVE-2023-20031",
  "lastModified": "2024-11-21T07:40:23.797",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.0,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 1.4,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 5.4,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 2.7,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-11-01T18:15:08.770",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort3-8U4HHxH8"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort3-8U4HHxH8"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-244"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2019-10-02 19:15

Modified

2024-11-21 04:23

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

A vulnerability in the Session Initiation Protocol (SIP) inspection module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper parsing of SIP messages. An attacker could exploit this vulnerability by sending a malicious SIP packet through an affected device. A successful exploit could allow the attacker to trigger an integer underflow, causing the software to try to read unmapped memory and resulting in a crash.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-ftd-sip-dos	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-ftd-sip-dos	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	asa_5505	-
cisco	asa_5510	-
cisco	asa_5512-x	-
cisco	asa_5515-x	-
cisco	asa_5520	-
cisco	asa_5525-x	-
cisco	asa_5550	-
cisco	asa_5555-x	-
cisco	asa_5580	-
cisco	asa_5585-x	-
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB6A7A4A-45A5-4348-AF15-AE070F98577E",
              "versionEndExcluding": "9.4.4.37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDD6750E-A7C2-4666-BF9E-05DD379CE324",
              "versionEndExcluding": "9.6.4.34",
              "versionStartIncluding": "9.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0810C0B8-ADF0-4436-A02E-E0F9F3A995D5",
              "versionEndExcluding": "9.8.4.7",
              "versionStartIncluding": "9.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3118855-5066-4FB7-B63E-EB694D6E00FA",
              "versionEndExcluding": "9.9.2.56",
              "versionStartIncluding": "9.9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D22E9AC-8A5B-4616-86C5-396929CB31F4",
              "versionEndExcluding": "9.10.1.27",
              "versionStartIncluding": "9.10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5706D2C-2710-4E83-892E-00B943E61783",
              "versionEndExcluding": "9.12.2.1",
              "versionStartIncluding": "9.12",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E6A8BB7-2000-4CA2-9DD7-89573CE4C73A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B091B9BA-D4CA-435B-8D66-602B45F0E0BD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08F0F160-DAD2-48D4-B7B2-4818B2526F35",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "977D597B-F6DE-4438-AB02-06BE64D71EBE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5520:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B387F62-6341-434D-903F-9B72E7F84ECB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB71EB29-0115-4307-A9F7-262394FD9FB0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5550:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6287D95-F564-44B7-A0F9-91396D7C2C4E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5535C936-391B-4619-AA03-B35265FC15D7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1E828B8-5ECC-4A09-B2AD-DEDC558713DE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16AE20C2-C77E-4E04-BF13-A48696E52426",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A1910D8-107F-4BD1-90D2-5653AA75F54A",
              "versionEndExcluding": "6.2.3.15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6FCB433-E565-4B76-AF20-10A7767AAE94",
              "versionEndExcluding": "6.3.0.4",
              "versionStartIncluding": "6.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "17D8647E-1FA8-486E-B150-1EEFE52C31BB",
              "versionEndExcluding": "6.4.0.4",
              "versionStartIncluding": "6.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the Session Initiation Protocol (SIP) inspection module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper parsing of SIP messages. An attacker could exploit this vulnerability by sending a malicious SIP packet through an affected device. A successful exploit could allow the attacker to trigger an integer underflow, causing the software to try to read unmapped memory and resulting in a crash."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el m\u00f3dulo de inspecci\u00f3n del Session Initiation Protocol (SIP) del Software Cisco Adaptive Security Appliance (ASA) y el Software Cisco Firepower Threat Defense (FTD), podr\u00eda permitir a un atacante remoto no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado. La vulnerabilidad es debido al an\u00e1lisis inapropiado de los mensajes SIP. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de un paquete SIP malicioso por medio de un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante desencadenar un subdesbordamiento de enteros, haciendo que el software intente leer una memoria no asignada y resultando en un bloqueo."
    }
  ],
  "id": "CVE-2019-12678",
  "lastModified": "2024-11-21T04:23:20.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-10-02T19:15:12.390",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-ftd-sip-dos"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-ftd-sip-dos"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-191"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-191"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2024-05-22 17:16

Modified

2025-07-30 19:11

Severity ?

5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

Summary

A vulnerability in the file policy feature that is used to inspect encrypted archive files of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured file policy to block an encrypted archive file. This vulnerability exists because of a logic error when a specific class of encrypted archive files is inspected. An attacker could exploit this vulnerability by sending a crafted, encrypted archive file through the affected device. A successful exploit could allow the attacker to send an encrypted archive file, which could contain malware and should have been blocked and dropped at the Cisco FTD device.

References

▼	URL	Tags
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-archive-bypass-z4wQjwcN	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-archive-bypass-z4wQjwcN	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	6.2.3
cisco	firepower_threat_defense	6.2.3.1
cisco	firepower_threat_defense	6.2.3.2
cisco	firepower_threat_defense	6.2.3.3
cisco	firepower_threat_defense	6.2.3.4
cisco	firepower_threat_defense	6.2.3.5
cisco	firepower_threat_defense	6.2.3.6
cisco	firepower_threat_defense	6.2.3.7
cisco	firepower_threat_defense	6.2.3.8
cisco	firepower_threat_defense	6.2.3.9
cisco	firepower_threat_defense	6.2.3.10
cisco	firepower_threat_defense	6.2.3.11
cisco	firepower_threat_defense	6.2.3.12
cisco	firepower_threat_defense	6.2.3.13
cisco	firepower_threat_defense	6.2.3.14
cisco	firepower_threat_defense	6.2.3.15
cisco	firepower_threat_defense	6.2.3.16
cisco	firepower_threat_defense	6.2.3.17
cisco	firepower_threat_defense	6.2.3.18
cisco	firepower_threat_defense	6.4.0
cisco	firepower_threat_defense	6.4.0.1
cisco	firepower_threat_defense	6.4.0.2
cisco	firepower_threat_defense	6.4.0.3
cisco	firepower_threat_defense	6.4.0.4
cisco	firepower_threat_defense	6.4.0.5
cisco	firepower_threat_defense	6.4.0.6
cisco	firepower_threat_defense	6.4.0.7
cisco	firepower_threat_defense	6.4.0.8
cisco	firepower_threat_defense	6.4.0.9
cisco	firepower_threat_defense	6.4.0.10
cisco	firepower_threat_defense	6.4.0.11
cisco	firepower_threat_defense	6.4.0.12
cisco	firepower_threat_defense	6.4.0.13
cisco	firepower_threat_defense	6.4.0.14
cisco	firepower_threat_defense	6.4.0.15
cisco	firepower_threat_defense	6.4.0.16
cisco	firepower_threat_defense	6.6.0
cisco	firepower_threat_defense	6.6.0.1
cisco	firepower_threat_defense	6.6.1
cisco	firepower_threat_defense	6.6.3
cisco	firepower_threat_defense	6.6.4
cisco	firepower_threat_defense	6.6.5
cisco	firepower_threat_defense	6.6.5.1
cisco	firepower_threat_defense	6.6.5.2
cisco	firepower_threat_defense	6.6.7
cisco	firepower_threat_defense	6.6.7.1
cisco	firepower_threat_defense	6.6.7.2
cisco	firepower_threat_defense	6.7.0
cisco	firepower_threat_defense	6.7.0.1
cisco	firepower_threat_defense	6.7.0.2
cisco	firepower_threat_defense	6.7.0.3
cisco	firepower_threat_defense	7.0.0
cisco	firepower_threat_defense	7.0.0.1
cisco	firepower_threat_defense	7.0.1
cisco	firepower_threat_defense	7.0.1.1
cisco	firepower_threat_defense	7.0.2
cisco	firepower_threat_defense	7.0.2.1
cisco	firepower_threat_defense	7.0.3
cisco	firepower_threat_defense	7.0.4
cisco	firepower_threat_defense	7.0.5
cisco	firepower_threat_defense	7.1.0
cisco	firepower_threat_defense	7.1.0.1
cisco	firepower_threat_defense	7.1.0.3
cisco	firepower_threat_defense	7.2.0
cisco	firepower_threat_defense	7.2.0.1
cisco	firepower_threat_defense	7.2.1
cisco	firepower_threat_defense	7.2.2
cisco	firepower_threat_defense	7.2.3
cisco	firepower_threat_defense	7.2.4
cisco	firepower_threat_defense	7.3.0
cisco	firepower_threat_defense	7.3.1
cisco	firepower_threat_defense	7.3.1.1
cisco	firepower_threat_defense	7.3.1.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D726F07-06F1-4B0A-B010-E607E0C2A280",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FAD2427-82A3-4E64-ADB5-FA4F40B568F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "08D5A647-AC21-40AC-8B3C-EE5D3EDA038A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BAE999A-5244-46CF-8C12-D68E789BDEE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6468D3D-C5A7-4FAE-B4B9-AD862CD11055",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6E4808D-592E-46A6-A83A-A46227D817B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AB45136-ACCD-4230-8975-0EBB30D5B375",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2C39AC1-1B96-4253-9FC8-4CC26D6261F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE9102C8-F211-4E50-967F-FD51C7FC904F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4933642-89E5-4909-AD3C-862CD3B77790",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9A6C776-79B3-47ED-B013-100B8F08E1C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "E504F28A-44CE-4B3E-9330-6A98728E3AEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEA0DD43-D206-4C1C-8B17-DA47F96B3BAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "1983172D-4F52-479F-BF14-A84B92D36864",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "4122D982-A57A-4249-A8DC-CE9FC6C98803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "96464380-F665-4266-B0AD-693E078C9F82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C230B8A-570D-4F58-83E1-AFA50B813EA4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD3F39CB-C4C2-4B13-94F0-9E44322314BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "59A71873-0EB2-418F-AE33-8474A1010FA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2DF0B07-8C2A-4341-8AFF-DE7E5E5B3A43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E6BD0EE-649E-4ED6-A09C-8364335DEF52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AE11554-FE3C-4C8B-8986-5D88E4967342",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1C11983-22A8-4859-A240-571A7815FF54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "24CD0B0A-2B91-45DD-9522-8D1D3850CC9B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7026F0E-72A7-4CDF-BADC-E34FE6FADC51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "63B85369-FBAE-456C-BC99-5418B043688A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "86434346-D5F0-49BA-803E-244C3266E361",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2FA7B3C-002D-4755-B323-CA24B770A5B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1CB7EBC-F3D5-4855-A8D8-BA5AB21FD719",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2A5530C-DF29-421B-9712-3454C1769446",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "41170977-FEEA-4B51-BF98-8493096CD691",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "B05791F9-0B31-4C4C-A9BA-9268CAA45FB2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D975CBA-7F01-4A4C-991B-9571410C4F07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6D7AF29-4E08-4BFD-AFE0-994309E66F08",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2EFA476-5021-4A00-859E-1643009D6156",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6E3A5DC-A237-46E4-A4E5-F135482F984A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCD69468-8067-4A5D-B2B0-EC510D889AA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "20AE4051-FA3B-4F0B-BD3D-083A14269FF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "46A42D07-FF3E-41B4-BA39-3A5BDA4E0E61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3985EA37-2B77-45F2-ABA5-5CCC7B35CA2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "67FB5ABE-3C40-4C58-B91F-0621C2180FAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "53909FD6-EC74-4D2F-99DA-26E70400B53F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "55FE024D-0D43-40AD-9645-8C54ECF17824",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC411A8D-CD39-46F5-B8FC-6753E618FAEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "D46E2E00-BA86-4002-B67B-2C1A6C1AAAE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "91AD8BA2-EB8D-4D8B-B707-AF5C2A831998",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FA95508-0A28-4D4A-81A7-5CDD1F5DA46C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "85F22403-B4EE-4303-9C94-915D3E0AC944",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "828E3DE1-B62E-4FEC-AAD3-EB0E452C9CBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "596EC5DD-D7F4-44C8-B4B5-E2DC142FC486",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C356E0E6-5B87-40CF-996E-6FFEDFD82A31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBCA75A6-0A3E-4393-8884-9F3CE190641E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F3C12D3-7662-46C5-9E88-D1BE6CF605E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "046B53A0-6BC1-461A-9C28-C534CE12C4BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA889E1-4E8F-4ECE-88AC-7A240D5CBF0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D1C767F-3E06-43B7-A0CC-D51D97A053EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "43A950B0-A7CA-4CE7-A393-A18C8C41B08E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7E221CB-BD0F-4AEE-8646-998B75647714",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "225382DE-2919-48F4-9CC0-DE685EAAFDF4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBA2DFE7-F478-46EC-9832-4B2C738FC879",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D619BF54-1BA9-45D0-A876-92D7010088A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "469EA365-DED5-4436-AAC2-5553529DE700",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5364CB94-BEA3-4E9A-A2F9-EE96A2D7F8AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FD5D12-CF1A-4990-99B3-1840EFBA5611",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCD2D11D-FF08-44E4-BF67-D8DD1E701FCD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F788D156-1F1F-4A08-848B-257BC4CCE000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "795ED164-7800-4D50-8E37-665BE30190D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B0664B8-1670-4F47-A01E-089D05A9618A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6826018-5620-4924-BE92-6A245378F610",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBC0C3DC-4761-488A-90A9-6EA45EE61526",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "62EE065B-F8B6-4125-8486-B2EE0566B27A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5245DEF8-64BE-47C9-AA3C-DF3F7F92A89F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5A52991-802D-46FB-A508-5616BA1CEB78",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the file policy feature that is used to inspect encrypted archive files of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured file policy to block an encrypted archive file. This vulnerability exists because of a logic error when a specific class of encrypted archive files is inspected. An attacker could exploit this vulnerability by sending a crafted, encrypted archive file through the affected device. A successful exploit could allow the attacker to send an encrypted archive file, which could contain malware and should have been blocked and dropped at the Cisco FTD device."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la funci\u00f3n de pol\u00edtica de archivos que se utiliza para inspeccionar archivos cifrados del software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir que un atacante remoto no autenticado omita una pol\u00edtica de archivos configurada para bloquear un archivo cifrado. Esta vulnerabilidad existe debido a un error l\u00f3gico cuando se inspecciona una clase espec\u00edfica de archivos cifrados. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando un archivo cifrado y manipulado a trav\u00e9s del dispositivo afectado. Un exploit exitoso podr\u00eda permitir al atacante enviar un archivo cifrado, que podr\u00eda contener malware y deber\u00eda haber sido bloqueado y colocado en el dispositivo FTD de Cisco."
    }
  ],
  "id": "CVE-2024-20261",
  "lastModified": "2025-07-30T19:11:18.480",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-05-22T17:16:12.873",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-archive-bypass-z4wQjwcN"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-archive-bypass-z4wQjwcN"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-284"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2017-04-07 17:59

Modified

2025-04-20 01:37

Severity ?

5.9 (Medium) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

A vulnerability in the detection engine that handles Secure Sockets Layer (SSL) packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition because the Snort process unexpectedly restarts. This vulnerability affects Cisco Firepower System Software prior to the first fixed release when it is configured with an SSL Decrypt-Resign policy. More Information: CSCvb62292. Known Affected Releases: 6.0.1 6.1.0 6.2.0. Known Fixed Releases: 6.2.0 6.1.0.2.

References

URL	Tags
psirt@cisco.com	http://www.securityfocus.com/bid/97453	Third Party Advisory, VDB Entry
psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170405-cfpw1	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/97453	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170405-cfpw1	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	6.0.1
cisco	firepower_threat_defense	6.1.0
cisco	firepower_threat_defense	6.2.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "995667FD-35F1-49E5-96DB-2FDFF5E0B523",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "61FB47CF-2A6A-4121-BFF7-5862E163B8E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1DC52A8B-7DF4-47B2-9F49-627F59656E5E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the detection engine that handles Secure Sockets Layer (SSL) packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition because the Snort process unexpectedly restarts. This vulnerability affects Cisco Firepower System Software prior to the first fixed release when it is configured with an SSL Decrypt-Resign policy. More Information: CSCvb62292. Known Affected Releases: 6.0.1 6.1.0 6.2.0. Known Fixed Releases: 6.2.0 6.1.0.2."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el motor de detecci\u00f3n que maneja los paquetes de Secure Sockets Layer (SSL) para el software Cisco Firepower System podr\u00eda permitir que un atacante remoto no autenticado provoque una condici\u00f3n de denegaci\u00f3n de servicio porque el proceso de Snort se reinicia inesperadamente. Esta vulnerabilidad afecta al software Cisco Firepower System antes de la primera versi\u00f3n fija cuando est\u00e1 configurada con una directiva Decrypt-Resign de SSL. M\u00e1s informaci\u00f3n: CSCvb62292. Lanzamientos afectados conocidos: 6.0.1 6.1.0 6.2.0. Lanzamientos fijos conocidos: 6.2.0 6.1.0.2."
    }
  ],
  "id": "CVE-2017-3887",
  "lastModified": "2025-04-20T01:37:25.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 5.9,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-04-07T17:59:00.450",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/97453"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170405-cfpw1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/97453"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170405-cfpw1"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-755"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-10-21 19:15

Modified

2024-11-21 05:31

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to restart unexpectedly. The vulnerability is due to a lack of sufficient memory management protections under heavy SNMP polling loads. An attacker could exploit this vulnerability by sending a high rate of SNMP requests to the SNMP daemon through the management interface on an affected device. A successful exploit could allow the attacker to cause the SNMP daemon process to consume a large amount of system memory over time, which could then lead to an unexpected device restart, causing a denial of service (DoS) condition. This vulnerability affects all versions of SNMP.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snmp-dos-R8ENPbOs	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snmp-dos-R8ENPbOs	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB4FADF7-A3CD-44B4-85DF-75F28369B459",
              "versionEndExcluding": "6.3.0.6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "53C69C8B-5A19-4613-8861-683CF21806B7",
              "versionEndExcluding": "6.4.0.10",
              "versionStartIncluding": "6.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3ED0E59C-146C-494F-AD46-F6FB43F9C575",
              "versionEndExcluding": "6.5.0.5",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "754010DE-2C33-4BA1-9567-90C46309B664",
              "versionEndExcluding": "6.6.1",
              "versionStartIncluding": "6.6.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to restart unexpectedly. The vulnerability is due to a lack of sufficient memory management protections under heavy SNMP polling loads. An attacker could exploit this vulnerability by sending a high rate of SNMP requests to the SNMP daemon through the management interface on an affected device. A successful exploit could allow the attacker to cause the SNMP daemon process to consume a large amount of system memory over time, which could then lead to an unexpected device restart, causing a denial of service (DoS) condition. This vulnerability affects all versions of SNMP."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el procesador de paquetes de entrada de Simple Network Management Protocol (SNMP) de Cisco Firepower Threat Defense (FTD) Software, podr\u00eda permitir a un atacante remoto no autenticado causar que un dispositivo afectado se reinicie inesperadamente.\u0026#xa0;La vulnerabilidad es debido a una falta de suficientes protecciones de administraci\u00f3n de memoria bajo cargas pesadas de sondeo SNMP.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de una alta tasa de peticiones SNMP al demonio SNMP por medio de la interfaz de administraci\u00f3n en un dispositivo afectado.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir a un atacante causar que el proceso del demonio SNMP consuma una gran cantidad de memoria del sistema a lo largo del tiempo, lo que podr\u00eda conllevar a un reinicio inesperado del dispositivo, causando una condici\u00f3n de denegaci\u00f3n de servicio (DoS).\u0026#xa0;Esta vulnerabilidad afecta a todas las versiones de SNMP"
    }
  ],
  "id": "CVE-2020-3533",
  "lastModified": "2024-11-21T05:31:15.980",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-10-21T19:15:17.043",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snmp-dos-R8ENPbOs"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snmp-dos-R8ENPbOs"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2021-10-27 19:15

Modified

2024-11-21 06:11

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

A vulnerability in the memory management of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper resource management when connection rates are high. An attacker could exploit this vulnerability by opening a significant number of connections on an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-dos-Unk689XY	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-dos-Unk689XY	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	asa_5512-x_firmware	009.014\(001.150\)
cisco	asa_5512-x_firmware	099.017\(001.211\)
cisco	asa_5512-x_firmware	099.017\(001.220\)
cisco	asa_5512-x_firmware	099.017\(015.050\)
cisco	asa_5512-x	-
cisco	asa_5505_firmware	009.014\(001.150\)
cisco	asa_5505_firmware	099.017\(001.211\)
cisco	asa_5505_firmware	099.017\(001.220\)
cisco	asa_5505_firmware	099.017\(015.050\)
cisco	asa_5505	-
cisco	asa_5515-x_firmware	009.014\(001.150\)
cisco	asa_5515-x_firmware	099.017\(001.211\)
cisco	asa_5515-x_firmware	099.017\(001.220\)
cisco	asa_5515-x_firmware	099.017\(015.050\)
cisco	asa_5515-x	-
cisco	asa_5525-x_firmware	009.014\(001.150\)
cisco	asa_5525-x_firmware	099.017\(001.211\)
cisco	asa_5525-x_firmware	099.017\(001.220\)
cisco	asa_5525-x_firmware	099.017\(015.050\)
cisco	asa_5525-x	-
cisco	asa_5545-x_firmware	009.014\(001.150\)
cisco	asa_5545-x_firmware	099.017\(001.211\)
cisco	asa_5545-x_firmware	099.017\(001.220\)
cisco	asa_5545-x_firmware	099.017\(015.050\)
cisco	asa_5545-x	-
cisco	asa_5555-x_firmware	009.014\(001.150\)
cisco	asa_5555-x_firmware	099.017\(001.211\)
cisco	asa_5555-x_firmware	099.017\(001.220\)
cisco	asa_5555-x_firmware	099.017\(015.050\)
cisco	asa_5555-x	-
cisco	asa_5580_firmware	009.014\(001.150\)
cisco	asa_5580_firmware	099.017\(001.211\)
cisco	asa_5580_firmware	099.017\(001.220\)
cisco	asa_5580_firmware	099.017\(015.050\)
cisco	asa_5580	-
cisco	asa_5585-x_firmware	009.014\(001.150\)
cisco	asa_5585-x_firmware	099.017\(001.211\)
cisco	asa_5585-x_firmware	099.017\(001.220\)
cisco	asa_5585-x_firmware	099.017\(015.050\)
cisco	asa_5585-x	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "17F461B5-E600-4C81-BA3C-1DBC90D4D438",
              "versionEndExcluding": "6.4.0.13",
              "versionStartIncluding": "6.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "37A74256-AF9A-473B-9DC7-A57618BA9F00",
              "versionEndExcluding": "6.6.5",
              "versionStartIncluding": "6.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "98DEDDAB-B8C5-4753-A208-94638E694FC1",
              "versionEndExcluding": "6.7.0.3",
              "versionStartIncluding": "6.7.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B2F537A-A488-45B6-AD4B-48B7064AE84C",
              "versionEndExcluding": "7.0.1",
              "versionStartIncluding": "7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F6EF272-6D43-476C-B35D-DDE79A7A01C5",
              "versionEndExcluding": "9.8.4.40",
              "versionStartIncluding": "9.8.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B10BB7F0-1CC7-4331-A05C-3C20B0584C04",
              "versionEndExcluding": "9.12.4.29",
              "versionStartIncluding": "9.12.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6828628-B179-4188-92CE-1D488859D92D",
              "versionEndExcluding": "9.14.3.9",
              "versionStartIncluding": "9.14.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6EC0723-CBC7-45A7-8B30-B680E8A771EF",
              "versionEndExcluding": "9.15.1.17",
              "versionStartIncluding": "9.15.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "310B86D1-730D-4D8A-AC95-31FBE4F7D1E6",
              "versionEndExcluding": "9.16.2.3",
              "versionStartIncluding": "9.16.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5512-x_firmware:009.014\\(001.150\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "75F668D8-664D-4BA3-B15C-CD26BE55A7A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5512-x_firmware:099.017\\(001.211\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "CC11F329-2DE6-4CC5-B548-8A2B51325444",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5512-x_firmware:099.017\\(001.220\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "1FB8A813-FDA4-4A92-9A46-9BCEB9CA90E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5512-x_firmware:099.017\\(015.050\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "156ED8FB-E2DD-4E84-98D7-18EA42D51439",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08F0F160-DAD2-48D4-B7B2-4818B2526F35",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5505_firmware:009.014\\(001.150\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "7964F713-2C01-46BF-B854-F3035666C407",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5505_firmware:099.017\\(001.211\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "C3D933AE-8EC0-43FC-84EA-FB4E027EF249",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5505_firmware:099.017\\(001.220\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "76CE2818-59C5-4841-AF19-FF6DF922DBA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5505_firmware:099.017\\(015.050\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "96B2A339-F296-47E0-87CB-D52E2F5E3283",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E6A8BB7-2000-4CA2-9DD7-89573CE4C73A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5515-x_firmware:009.014\\(001.150\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "3094D0EC-D1C9-4FC4-B35C-7293F13E9ABF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5515-x_firmware:099.017\\(001.211\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "17F07A2C-8A60-443C-B227-BE7613FFDA12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5515-x_firmware:099.017\\(001.220\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "E5EB1E56-1D97-452F-8A77-EAB4DBC91E74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5515-x_firmware:099.017\\(015.050\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "46373218-888A-40D2-80B5-3D0004B36142",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "977D597B-F6DE-4438-AB02-06BE64D71EBE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5525-x_firmware:009.014\\(001.150\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "1E2DA8D4-EE0B-4F45-AA9A-C2FA041E5E48",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5525-x_firmware:099.017\\(001.211\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "50BFC05A-8EC7-4735-B102-6EDF99489A36",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5525-x_firmware:099.017\\(001.220\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "2417DB3A-8F9D-424D-A7A1-E8F5A550D840",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5525-x_firmware:099.017\\(015.050\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "9A4D7B2F-3C45-476C-AA8F-536D1AB17777",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB71EB29-0115-4307-A9F7-262394FD9FB0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5545-x_firmware:009.014\\(001.150\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "2661ECD3-AD62-42FF-9A3D-F18D012D4726",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5545-x_firmware:099.017\\(001.211\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "995A8981-5E91-4CE0-9986-3C462900834A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5545-x_firmware:099.017\\(001.220\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "E6A25983-C296-468F-9EA9-F69EF5EE48C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5545-x_firmware:099.017\\(015.050\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "C471157A-DEF4-4DE5-92CC-AB5FD222881F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5545-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57179F60-E330-4FF0-9664-B1E4637FF210",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5555-x_firmware:009.014\\(001.150\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "E69D9C0A-2DD1-4EDF-AFA5-E7311D8D5252",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5555-x_firmware:099.017\\(001.211\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "86C6C5E4-A2C9-49EA-B88E-4C39D401E80B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5555-x_firmware:099.017\\(001.220\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "DC252DB9-0CB9-4B40-B21A-33D7C90414C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5555-x_firmware:099.017\\(015.050\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "50D8FC2B-80A5-41FB-B0B3-1BC2C36034E8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5535C936-391B-4619-AA03-B35265FC15D7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5580_firmware:009.014\\(001.150\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "0DF52F91-AE46-4825-AAA3-E053FD247872",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5580_firmware:099.017\\(001.211\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "87596BBB-33F4-45A3-92A6-6918B706B5BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5580_firmware:099.017\\(001.220\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "EA58ACA1-F693-4728-84BB-DCA54FD7E664",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5580_firmware:099.017\\(015.050\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "0482D81B-0FF1-4743-85DB-7386CC3906B1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1E828B8-5ECC-4A09-B2AD-DEDC558713DE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5585-x_firmware:009.014\\(001.150\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "456EB0AC-17DC-4A3F-858B-0325B123CEDF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5585-x_firmware:099.017\\(001.211\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "6A59106E-B38B-4DA4-BB16-2235639A5551",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5585-x_firmware:099.017\\(001.220\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "338CB0C2-CDC9-4316-8D34-331954943C6D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5585-x_firmware:099.017\\(015.050\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "40D07677-AEDB-4BDE-9446-EFF0A8A52FD9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16AE20C2-C77E-4E04-BF13-A48696E52426",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the memory management of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper resource management when connection rates are high. An attacker could exploit this vulnerability by opening a significant number of connections on an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la administraci\u00f3n de la memoria del software Cisco Adaptive Security Appliance (ASA) y del software Firepower Threat Defense (FTD) podr\u00eda permitir a un atacante remoto no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado. Esta vulnerabilidad es debido a una administraci\u00f3n inapropiada de los recursos cuando las tasas de conexi\u00f3n son altas. Un atacante podr\u00eda explotar esta vulnerabilidad al abrir un n\u00famero significativo de conexiones en un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar una recarga del dispositivo, resultando en una condici\u00f3n de DoS"
    }
  ],
  "id": "CVE-2021-34792",
  "lastModified": "2024-11-21T06:11:12.907",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-10-27T19:15:08.510",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-dos-Unk689XY"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-dos-Unk689XY"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-401"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2019-10-02 19:15

Modified

2024-11-21 04:28

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Summary

A vulnerability in the Internet Key Exchange version 1 (IKEv1) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper management of system memory. An attacker could exploit this vulnerability by sending malicious IKEv1 traffic to an affected device. The attacker does not need valid credentials to authenticate the VPN session, nor does the attacker's source address need to match a peer statement in the crypto map applied to the ingress interface of the affected device. An exploit could allow the attacker to exhaust system memory resources, leading to a reload of an affected device.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-ftd-ikev1-dos	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-ftd-ikev1-dos	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	asa_5505_firmware	9.9\(2.4\)
cisco	asa_5505_firmware	201.4\(1.21\)
cisco	asa_5505	-
cisco	asa_5510_firmware	9.9\(2.4\)
cisco	asa_5510_firmware	201.4\(1.21\)
cisco	asa_5510	-
cisco	asa_5512-x_firmware	9.9\(2.4\)
cisco	asa_5512-x_firmware	201.4\(1.21\)
cisco	asa_5512-x	-
cisco	asa_5515-x_firmware	9.9\(2.4\)
cisco	asa_5515-x_firmware	201.4\(1.21\)
cisco	asa_5515-x	-
cisco	asa_5520_firmware	9.9\(2.4\)
cisco	asa_5520_firmware	201.4\(1.21\)
cisco	asa_5520	-
cisco	asa_5525-x_firmware	9.9\(2.4\)
cisco	asa_5525-x_firmware	201.4\(1.21\)
cisco	asa_5525-x	-
cisco	asa_5540_firmware	9.9\(2.4\)
cisco	asa_5540_firmware	201.4\(1.21\)
cisco	asa_5540	-
cisco	asa_5545-x_firmware	9.9\(2.4\)
cisco	asa_5545-x_firmware	201.4\(1.21\)
cisco	asa_5545-x	-
cisco	asa_5550_firmware	9.9\(2.4\)
cisco	asa_5550_firmware	201.4\(1.21\)
cisco	asa_5550	-
cisco	asa_5555-x_firmware	9.9\(2.4\)
cisco	asa_5555-x_firmware	201.4\(1.21\)
cisco	asa_5555-x	-
cisco	asa_5580_firmware	9.9\(2.4\)
cisco	asa_5580_firmware	201.4\(1.21\)
cisco	asa_5580	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E740A242-E2D5-489A-9FFF-F6D3E11779AB",
              "versionEndExcluding": "9.8.4.10",
              "versionStartIncluding": "9.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C79B856A-D4E9-41C4-B387-36D1E81EAE9C",
              "versionEndExcluding": "9.9.2.47",
              "versionStartIncluding": "9.9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADA230E4-4D7F-4186-842A-27B3741EE468",
              "versionEndExcluding": "9.10.1.30",
              "versionStartIncluding": "9.10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7DC67CB-104C-4E29-8E4F-D1E577D36876",
              "versionEndExcluding": "9.12.2.5",
              "versionStartIncluding": "9.12",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "13124D93-921B-40FB-A240-111C9129C720",
              "versionEndExcluding": "6.2.3.11",
              "versionStartIncluding": "6.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E3FC9B7-B171-4A12-A6DA-B84A63C31388",
              "versionEndExcluding": "6.3.0.2",
              "versionStartIncluding": "6.3.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5505_firmware:9.9\\(2.4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "5B3B9F7C-4B04-4A72-92A5-ADDF19D06E82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5505_firmware:201.4\\(1.21\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "40FFA7E7-BC2A-4D0D-A6B2-D26567E0D80C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E6A8BB7-2000-4CA2-9DD7-89573CE4C73A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5510_firmware:9.9\\(2.4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "EC7BE4BD-961E-40F5-8574-41CC85295DD6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5510_firmware:201.4\\(1.21\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "2FABA62D-44B7-4EC3-8004-2710135F7CD3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B091B9BA-D4CA-435B-8D66-602B45F0E0BD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5512-x_firmware:9.9\\(2.4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "D2354531-C47B-4DDE-BEB9-F77CD8CF6DE4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5512-x_firmware:201.4\\(1.21\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "881A92AF-8E13-4FA2-A639-94B2528FD52D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08F0F160-DAD2-48D4-B7B2-4818B2526F35",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5515-x_firmware:9.9\\(2.4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "3E2CDC2D-EE60-4C72-85C7-60F9CF188236",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5515-x_firmware:201.4\\(1.21\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "136D60CB-CA0C-4120-9486-3DD14B03A4BB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "977D597B-F6DE-4438-AB02-06BE64D71EBE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5520_firmware:9.9\\(2.4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "10993486-B81D-4207-B7D2-29D2EC30A259",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5520_firmware:201.4\\(1.21\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "BB0F74FA-8D90-4561-8CF0-D4D6348846A4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5520:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B387F62-6341-434D-903F-9B72E7F84ECB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5525-x_firmware:9.9\\(2.4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "75F2E00F-0B49-46EC-9606-0BBB8CE659CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5525-x_firmware:201.4\\(1.21\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "D63C6843-C622-4C14-9948-1E1805EE1F30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB71EB29-0115-4307-A9F7-262394FD9FB0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5540_firmware:9.9\\(2.4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "C1A6DF83-F382-44F3-8E7D-0422075ADBA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5540_firmware:201.4\\(1.21\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "893E19B6-85F6-4A6F-B90E-73BF33B72C63",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5540:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C5A524-E1D9-480F-B655-0680AA5BF720",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5545-x_firmware:9.9\\(2.4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "52897052-F983-44EA-9AB4-483F095A4591",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5545-x_firmware:201.4\\(1.21\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "E6C554DB-4760-4EA0-A898-D08848B8BF05",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5545-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57179F60-E330-4FF0-9664-B1E4637FF210",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5550_firmware:9.9\\(2.4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "4189571E-E5E2-49CA-B261-E78DA59FA379",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5550_firmware:201.4\\(1.21\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "E059B44F-AD2B-45DC-A84D-3FB32CDCC3B0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5550:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6287D95-F564-44B7-A0F9-91396D7C2C4E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5555-x_firmware:9.9\\(2.4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "BCF942EF-5CFC-42B6-BBE4-DC49074FDA62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5555-x_firmware:201.4\\(1.21\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "0493AACC-A7C9-4F73-9C93-1D1AA00D6716",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5535C936-391B-4619-AA03-B35265FC15D7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5580_firmware:9.9\\(2.4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "B0C765F2-36D6-410C-B497-79CE7F7DD09D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5580_firmware:201.4\\(1.21\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "38AB13D1-8A96-49CB-A725-18BCE049C0AE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1E828B8-5ECC-4A09-B2AD-DEDC558713DE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the Internet Key Exchange version 1 (IKEv1) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper management of system memory. An attacker could exploit this vulnerability by sending malicious IKEv1 traffic to an affected device. The attacker does not need valid credentials to authenticate the VPN session, nor does the attacker\u0027s source address need to match a peer statement in the crypto map applied to the ingress interface of the affected device. An exploit could allow the attacker to exhaust system memory resources, leading to a reload of an affected device."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la funcionalidad Internet Key Exchange versi\u00f3n 1 (IKEv1) del Software Cisco Adaptive Security Appliance (ASA) y el Software Cisco Firepower Threat Defense (FTD), podr\u00eda permitir a un atacante remoto no autenticado desencadenar una recarga de un dispositivo afectado, resultando en un condici\u00f3n de denegaci\u00f3n de servicio (DoS). La vulnerabilidad es debido a una administraci\u00f3n inapropiada de la memoria del sistema. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de tr\u00e1fico malicioso IKEv1 hacia un dispositivo afectado. El atacante no necesita credenciales v\u00e1lidas para autenticar la sesi\u00f3n VPN, ni la direcci\u00f3n de origen del atacante debe coincidir con una declaraci\u00f3n de peer en el mapa criptogr\u00e1fico aplicado a la interfaz de entrada del dispositivo afectado. Una explotaci\u00f3n podr\u00eda permitir al atacante agotar los recursos de memoria del sistema, conllevando a la recarga de un dispositivo afectado."
    }
  ],
  "id": "CVE-2019-15256",
  "lastModified": "2024-11-21T04:28:18.393",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-10-02T19:15:15.217",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-ftd-ikev1-dos"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-ftd-ikev1-dos"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-10-21 19:15

Modified

2024-11-21 05:31

Severity ?

5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

Summary

A vulnerability in the TCP Intercept functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured Access Control Policies (including Geolocation) and Service Polices on an affected system. The vulnerability exists because TCP Intercept is invoked when the embryonic connection limit is reached, which can cause the underlying detection engine to process the packet incorrectly. An attacker could exploit this vulnerability by sending a crafted stream of traffic that matches a policy on which TCP Intercept is configured. A successful exploit could allow the attacker to match on an incorrect policy, which could allow the traffic to be forwarded when it should be dropped. In addition, the traffic could incorrectly be dropped.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-tcp-intercept-bypass-xG9M3PbY	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-tcp-intercept-bypass-xG9M3PbY	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2532F140-2D4A-41BC-A932-ED179B1C26B2",
              "versionEndExcluding": "6.4.0.8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2B6355D-CD58-4DDE-A9CC-2B957F95CDA1",
              "versionEndExcluding": "6.5.0.4",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "03CCDBE2-4AB6-4818-A954-4CA6F71C803C",
              "versionEndExcluding": "6.6.0",
              "versionStartIncluding": "6.5.0.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the TCP Intercept functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured Access Control Policies (including Geolocation) and Service Polices on an affected system. The vulnerability exists because TCP Intercept is invoked when the embryonic connection limit is reached, which can cause the underlying detection engine to process the packet incorrectly. An attacker could exploit this vulnerability by sending a crafted stream of traffic that matches a policy on which TCP Intercept is configured. A successful exploit could allow the attacker to match on an incorrect policy, which could allow the traffic to be forwarded when it should be dropped. In addition, the traffic could incorrectly be dropped."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la funcionalidad TCP Intercept de Cisco Firepower Threat Defense (FTD) Software, podr\u00eda permitir a un atacante remoto no autenticado omitir las pol\u00edticas de control de acceso configuradas (incluida la geolocalizaci\u00f3n) y las pol\u00edticas de servicio en un sistema afectado.\u0026#xa0;La vulnerabilidad se presenta porque TCP Intercept es invocado cuando el l\u00edmite de conexi\u00f3n embrionaria es alcanzado, lo que puede causar que el motor de detecci\u00f3n subyacente procese el paquete incorrectamente.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de un flujo de tr\u00e1fico dise\u00f1ado que coincida con una pol\u00edtica en la que se configura TCP Intercept.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir a un atacante coincidir con una pol\u00edtica inapropiada, lo que podr\u00eda permitir que el tr\u00e1fico se reenv\u00ede cuando deber\u00eda ser descartado.\u0026#xa0;Adem\u00e1s, el tr\u00e1fico podr\u00eda ser interrumpido incorrectamente"
    }
  ],
  "id": "CVE-2020-3565",
  "lastModified": "2024-11-21T05:31:19.623",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-10-21T19:15:18.137",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-tcp-intercept-bypass-xG9M3PbY"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-tcp-intercept-bypass-xG9M3PbY"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-284"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-287"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2022-05-03 04:15

Modified

2024-11-21 06:43

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

A vulnerability in the Snort rule evaluation function of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper handling of the DNS reputation enforcement rule. An attacker could exploit this vulnerability by sending crafted UDP packets through an affected device to force a buildup of UDP connections. A successful exploit could allow the attacker to cause traffic that is going through the affected device to be dropped, resulting in a DoS condition. Note: This vulnerability only affects Cisco FTD devices that are running Snort 3.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-FTD-snort3-DOS-Aq38LVdM	Mitigation, Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-FTD-snort3-DOS-Aq38LVdM	Mitigation, Vendor Advisory

Impacted products

	Vendor	Product	Version
	cisco	firepower_threat_defense	*
	cisco	firepower_threat_defense	7.1.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BC1250A-9BF3-4D7D-913C-8D61E45E35CA",
              "versionEndExcluding": "7.0.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D619BF54-1BA9-45D0-A876-92D7010088A0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the Snort rule evaluation function of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper handling of the DNS reputation enforcement rule. An attacker could exploit this vulnerability by sending crafted UDP packets through an affected device to force a buildup of UDP connections. A successful exploit could allow the attacker to cause traffic that is going through the affected device to be dropped, resulting in a DoS condition. Note: This vulnerability only affects Cisco FTD devices that are running Snort 3."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la funci\u00f3n de evaluaci\u00f3n de reglas Snort del software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir a un atacante remoto no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado. La vulnerabilidad es debido a un manejo inapropiado de la regla de aplicaci\u00f3n de la reputaci\u00f3n DNS. Un atacante podr\u00eda explotar esta vulnerabilidad  mediante el env\u00edo de paquetes UDP dise\u00f1ados a trav\u00e9s de un dispositivo afectado para forzar una acumulaci\u00f3n de conexiones UDP. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar un bloqueo del tr\u00e1fico que pasa por el dispositivo afectado, resultando en una condici\u00f3n de DoS. Nota: Esta vulnerabilidad s\u00f3lo afecta a dispositivos Cisco FTD que ejecutan Snort 3"
    }
  ],
  "id": "CVE-2022-20767",
  "lastModified": "2024-11-21T06:43:30.843",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-05-03T04:15:09.963",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-FTD-snort3-DOS-Aq38LVdM"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-FTD-snort3-DOS-Aq38LVdM"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-770"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2024-10-23 17:15

Modified

2025-08-01 16:10

Severity ?

5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

Summary

A vulnerability in the AnyConnect firewall for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should have been denied to flow through an affected device. This vulnerability is due to a logic error in populating group ACLs when an AnyConnect client establishes a new session toward an affected device. An attacker could exploit this vulnerability by establishing an AnyConnect connection to the affected device. A successful exploit could allow the attacker to bypass configured ACL rules.

References

URL	Tags
psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-acl-bypass-VvnLNKqf	Vendor Advisory
psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-M446vbEO	Broken Link
psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance_software	9.8.1
cisco	adaptive_security_appliance_software	9.8.1.5
cisco	adaptive_security_appliance_software	9.8.1.7
cisco	adaptive_security_appliance_software	9.8.2
cisco	adaptive_security_appliance_software	9.8.2.8
cisco	adaptive_security_appliance_software	9.8.2.14
cisco	adaptive_security_appliance_software	9.8.2.15
cisco	adaptive_security_appliance_software	9.8.2.17
cisco	adaptive_security_appliance_software	9.8.2.20
cisco	adaptive_security_appliance_software	9.8.2.24
cisco	adaptive_security_appliance_software	9.8.2.26
cisco	adaptive_security_appliance_software	9.8.2.28
cisco	adaptive_security_appliance_software	9.8.2.33
cisco	adaptive_security_appliance_software	9.8.2.35
cisco	adaptive_security_appliance_software	9.8.2.38
cisco	adaptive_security_appliance_software	9.8.2.45
cisco	adaptive_security_appliance_software	9.8.3
cisco	adaptive_security_appliance_software	9.8.3.8
cisco	adaptive_security_appliance_software	9.8.3.11
cisco	adaptive_security_appliance_software	9.8.3.14
cisco	adaptive_security_appliance_software	9.8.3.16
cisco	adaptive_security_appliance_software	9.8.3.18
cisco	adaptive_security_appliance_software	9.8.3.21
cisco	adaptive_security_appliance_software	9.8.3.26
cisco	adaptive_security_appliance_software	9.8.3.29
cisco	adaptive_security_appliance_software	9.8.4
cisco	adaptive_security_appliance_software	9.8.4.3
cisco	adaptive_security_appliance_software	9.8.4.7
cisco	adaptive_security_appliance_software	9.8.4.8
cisco	adaptive_security_appliance_software	9.8.4.10
cisco	adaptive_security_appliance_software	9.8.4.12
cisco	adaptive_security_appliance_software	9.8.4.15
cisco	adaptive_security_appliance_software	9.8.4.17
cisco	adaptive_security_appliance_software	9.8.4.20
cisco	adaptive_security_appliance_software	9.8.4.22
cisco	adaptive_security_appliance_software	9.8.4.25
cisco	adaptive_security_appliance_software	9.8.4.26
cisco	adaptive_security_appliance_software	9.8.4.29
cisco	adaptive_security_appliance_software	9.8.4.32
cisco	adaptive_security_appliance_software	9.8.4.33
cisco	adaptive_security_appliance_software	9.8.4.34
cisco	adaptive_security_appliance_software	9.8.4.35
cisco	adaptive_security_appliance_software	9.8.4.39
cisco	adaptive_security_appliance_software	9.8.4.40
cisco	adaptive_security_appliance_software	9.8.4.41
cisco	adaptive_security_appliance_software	9.8.4.43
cisco	adaptive_security_appliance_software	9.8.4.44
cisco	adaptive_security_appliance_software	9.8.4.45
cisco	adaptive_security_appliance_software	9.8.4.46
cisco	adaptive_security_appliance_software	9.8.4.48
cisco	adaptive_security_appliance_software	9.12.1
cisco	adaptive_security_appliance_software	9.12.1.2
cisco	adaptive_security_appliance_software	9.12.1.3
cisco	adaptive_security_appliance_software	9.12.2
cisco	adaptive_security_appliance_software	9.12.2.1
cisco	adaptive_security_appliance_software	9.12.2.4
cisco	adaptive_security_appliance_software	9.12.2.5
cisco	adaptive_security_appliance_software	9.12.2.9
cisco	adaptive_security_appliance_software	9.12.3
cisco	adaptive_security_appliance_software	9.12.3.2
cisco	adaptive_security_appliance_software	9.12.3.7
cisco	adaptive_security_appliance_software	9.12.3.9
cisco	adaptive_security_appliance_software	9.12.3.12
cisco	adaptive_security_appliance_software	9.12.4
cisco	adaptive_security_appliance_software	9.12.4.2
cisco	adaptive_security_appliance_software	9.12.4.4
cisco	adaptive_security_appliance_software	9.12.4.7
cisco	adaptive_security_appliance_software	9.12.4.8
cisco	adaptive_security_appliance_software	9.12.4.10
cisco	adaptive_security_appliance_software	9.12.4.13
cisco	adaptive_security_appliance_software	9.12.4.18
cisco	adaptive_security_appliance_software	9.12.4.24
cisco	adaptive_security_appliance_software	9.12.4.26
cisco	adaptive_security_appliance_software	9.12.4.29
cisco	adaptive_security_appliance_software	9.12.4.30
cisco	adaptive_security_appliance_software	9.12.4.35
cisco	adaptive_security_appliance_software	9.12.4.37
cisco	adaptive_security_appliance_software	9.12.4.38
cisco	adaptive_security_appliance_software	9.12.4.39
cisco	adaptive_security_appliance_software	9.12.4.40
cisco	adaptive_security_appliance_software	9.12.4.41
cisco	adaptive_security_appliance_software	9.12.4.47
cisco	adaptive_security_appliance_software	9.12.4.48
cisco	adaptive_security_appliance_software	9.12.4.50
cisco	adaptive_security_appliance_software	9.12.4.52
cisco	adaptive_security_appliance_software	9.12.4.54
cisco	adaptive_security_appliance_software	9.12.4.55
cisco	adaptive_security_appliance_software	9.14.1
cisco	adaptive_security_appliance_software	9.14.1.6
cisco	adaptive_security_appliance_software	9.14.1.10
cisco	adaptive_security_appliance_software	9.14.1.15
cisco	adaptive_security_appliance_software	9.14.1.19
cisco	adaptive_security_appliance_software	9.14.1.30
cisco	adaptive_security_appliance_software	9.14.2
cisco	adaptive_security_appliance_software	9.14.2.4
cisco	adaptive_security_appliance_software	9.14.2.8
cisco	adaptive_security_appliance_software	9.14.2.13
cisco	adaptive_security_appliance_software	9.14.2.15
cisco	adaptive_security_appliance_software	9.14.3
cisco	adaptive_security_appliance_software	9.14.3.1
cisco	adaptive_security_appliance_software	9.14.3.9
cisco	adaptive_security_appliance_software	9.14.3.11
cisco	adaptive_security_appliance_software	9.14.3.13
cisco	adaptive_security_appliance_software	9.14.3.15
cisco	adaptive_security_appliance_software	9.14.3.18
cisco	adaptive_security_appliance_software	9.14.4
cisco	adaptive_security_appliance_software	9.14.4.6
cisco	adaptive_security_appliance_software	9.14.4.7
cisco	adaptive_security_appliance_software	9.14.4.12
cisco	adaptive_security_appliance_software	9.14.4.13
cisco	adaptive_security_appliance_software	9.14.4.14
cisco	adaptive_security_appliance_software	9.14.4.15
cisco	adaptive_security_appliance_software	9.14.4.17
cisco	adaptive_security_appliance_software	9.15.1
cisco	adaptive_security_appliance_software	9.15.1.1
cisco	adaptive_security_appliance_software	9.15.1.7
cisco	adaptive_security_appliance_software	9.15.1.10
cisco	adaptive_security_appliance_software	9.15.1.15
cisco	adaptive_security_appliance_software	9.15.1.16
cisco	adaptive_security_appliance_software	9.15.1.17
cisco	adaptive_security_appliance_software	9.15.1.21
cisco	adaptive_security_appliance_software	9.16.1
cisco	adaptive_security_appliance_software	9.16.1.28
cisco	adaptive_security_appliance_software	9.16.2
cisco	adaptive_security_appliance_software	9.16.2.3
cisco	adaptive_security_appliance_software	9.16.2.7
cisco	adaptive_security_appliance_software	9.16.2.11
cisco	adaptive_security_appliance_software	9.16.2.13
cisco	adaptive_security_appliance_software	9.16.2.14
cisco	adaptive_security_appliance_software	9.16.3
cisco	adaptive_security_appliance_software	9.16.3.3
cisco	adaptive_security_appliance_software	9.16.3.14
cisco	adaptive_security_appliance_software	9.16.3.15
cisco	adaptive_security_appliance_software	9.16.3.19
cisco	adaptive_security_appliance_software	9.16.3.23
cisco	adaptive_security_appliance_software	9.16.4
cisco	adaptive_security_appliance_software	9.16.4.9
cisco	adaptive_security_appliance_software	9.17.1
cisco	adaptive_security_appliance_software	9.17.1.7
cisco	adaptive_security_appliance_software	9.17.1.9
cisco	adaptive_security_appliance_software	9.17.1.10
cisco	adaptive_security_appliance_software	9.17.1.11
cisco	adaptive_security_appliance_software	9.17.1.13
cisco	adaptive_security_appliance_software	9.17.1.15
cisco	adaptive_security_appliance_software	9.17.1.20
cisco	adaptive_security_appliance_software	9.18.1
cisco	adaptive_security_appliance_software	9.18.1.3
cisco	adaptive_security_appliance_software	9.18.2
cisco	adaptive_security_appliance_software	9.18.2.5
cisco	adaptive_security_appliance_software	9.18.2.7
cisco	adaptive_security_appliance_software	9.18.2.8
cisco	adaptive_security_appliance_software	9.19.1
cisco	firepower_threat_defense	6.2.3
cisco	firepower_threat_defense	6.2.3.1
cisco	firepower_threat_defense	6.2.3.2
cisco	firepower_threat_defense	6.2.3.3
cisco	firepower_threat_defense	6.2.3.4
cisco	firepower_threat_defense	6.2.3.5
cisco	firepower_threat_defense	6.2.3.6
cisco	firepower_threat_defense	6.2.3.7
cisco	firepower_threat_defense	6.2.3.8
cisco	firepower_threat_defense	6.2.3.9
cisco	firepower_threat_defense	6.2.3.10
cisco	firepower_threat_defense	6.2.3.11
cisco	firepower_threat_defense	6.2.3.12
cisco	firepower_threat_defense	6.2.3.13
cisco	firepower_threat_defense	6.2.3.14
cisco	firepower_threat_defense	6.2.3.15
cisco	firepower_threat_defense	6.2.3.16
cisco	firepower_threat_defense	6.2.3.17
cisco	firepower_threat_defense	6.2.3.18
cisco	firepower_threat_defense	6.4.0
cisco	firepower_threat_defense	6.4.0.1
cisco	firepower_threat_defense	6.4.0.2
cisco	firepower_threat_defense	6.4.0.3
cisco	firepower_threat_defense	6.4.0.4
cisco	firepower_threat_defense	6.4.0.5
cisco	firepower_threat_defense	6.4.0.6
cisco	firepower_threat_defense	6.4.0.7
cisco	firepower_threat_defense	6.4.0.8
cisco	firepower_threat_defense	6.4.0.9
cisco	firepower_threat_defense	6.4.0.10
cisco	firepower_threat_defense	6.4.0.11
cisco	firepower_threat_defense	6.4.0.12
cisco	firepower_threat_defense	6.4.0.13
cisco	firepower_threat_defense	6.4.0.14
cisco	firepower_threat_defense	6.4.0.15
cisco	firepower_threat_defense	6.4.0.16
cisco	firepower_threat_defense	6.6.0
cisco	firepower_threat_defense	6.6.0.1
cisco	firepower_threat_defense	6.6.1
cisco	firepower_threat_defense	6.6.3
cisco	firepower_threat_defense	6.6.4
cisco	firepower_threat_defense	6.6.5
cisco	firepower_threat_defense	6.6.5.1
cisco	firepower_threat_defense	6.6.5.2
cisco	firepower_threat_defense	6.6.7
cisco	firepower_threat_defense	6.6.7.1
cisco	firepower_threat_defense	6.6.7.2
cisco	firepower_threat_defense	6.7.0
cisco	firepower_threat_defense	6.7.0.1
cisco	firepower_threat_defense	6.7.0.2
cisco	firepower_threat_defense	6.7.0.3
cisco	firepower_threat_defense	7.0.0
cisco	firepower_threat_defense	7.0.0.1
cisco	firepower_threat_defense	7.0.1
cisco	firepower_threat_defense	7.0.1.1
cisco	firepower_threat_defense	7.0.2
cisco	firepower_threat_defense	7.0.2.1
cisco	firepower_threat_defense	7.0.3
cisco	firepower_threat_defense	7.0.4
cisco	firepower_threat_defense	7.0.5
cisco	firepower_threat_defense	7.1.0
cisco	firepower_threat_defense	7.1.0.1
cisco	firepower_threat_defense	7.1.0.2
cisco	firepower_threat_defense	7.1.0.3
cisco	firepower_threat_defense	7.2.0
cisco	firepower_threat_defense	7.2.0.1
cisco	firepower_threat_defense	7.2.1
cisco	firepower_threat_defense	7.2.2
cisco	firepower_threat_defense	7.2.3
cisco	firepower_threat_defense	7.3.0
cisco	firepower_threat_defense	7.3.1
cisco	firepower_threat_defense	7.3.1.1
cisco	firepower_threat_defense	7.3.1.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D482F818-0A8E-49D7-8E3E-0958019FA629",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E7BFB57-BC02-4930-A02F-83583E6A0FC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "026F1960-C879-4611-A60A-96311B63CCA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAF8B33E-0C95-467D-A865-0A234E69D0CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFF144F5-D933-4DE4-818C-001BD9E3958A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "00112ED3-FE7B-425B-9A28-1E5F2BC8BB01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDD491D5-FAAB-493F-91A6-D2F3B5F5970E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "1519F49D-588F-4B70-B38F-EF4F3E13FEAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "15354443-5EB7-4712-B2DE-61DB33830759",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "248D6B44-E134-4DEC-A947-636824E3FDFA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "0820A79C-F3EF-407F-9AC7-DCAB4CD39C89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D3E8805-85D2-4345-8076-039513209A31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "14BB907B-D75A-4F5E-B20D-5457A71A70EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "F118B803-4C55-436A-A136-0C1FEA49858F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.38:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A272121-408E-45F6-A2A1-0BA6EBC060A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.45:*:*:*:*:*:*:*",
              "matchCriteriaId": "61C3A433-0792-434E-AC90-A84B346499D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "980CEA3B-5A81-4E8C-BEA3-DD31BE7DA2CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3910211-D4DB-4CA7-BBEA-DD8246FF10ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "C260BF30-7A33-4C70-9509-404856C93666",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF894850-39EC-4B57-BBFF-F1AB4F8389A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1FAFCF9-0ABE-483E-9604-329762BB7870",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "83DB4278-3126-4765-97C4-6C0A8C78DA78",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "174E631B-6099-47DE-8790-BBF4B7FDB8CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FE3538B-F612-4105-BFDE-A4B594482DCF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "3143B0FF-C855-485E-A908-E48974B1643C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "26DD9992-6D98-4E03-9599-ECF38A186FBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "24DCEAE6-355B-40AE-A7C8-AF744FCA8A86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "2097E81E-B422-4B93-AF09-F300A0E8AF71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "454DEA31-A607-4054-82D3-24A4FEB7358F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "57F0B213-8187-4465-84F1-FB8D92B36020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "E540771E-BA0B-42D1-8251-B576B0F142C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEC2A833-BECF-4000-A592-6113A84C2D20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "077F1416-924A-4D25-9CEE-3BD66A96A019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BDC8D92-D6E0-40EE-B190-D2B32C7DEB75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "23CD5619-E534-4F40-998D-39DC19FA0451",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5D0EB11-14B1-44B3-8D46-B9DD872F772C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FA399CF-12DB-42E0-A66F-14508B52A453",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B5A7608-E737-420E-9B5E-836600DAC701",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.32:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7EB6801-336D-4F41-ADE7-1C58C63C3F6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "8413DA41-02A5-4269-8C88-9DD5076AF91B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.34:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA00285F-6914-4749-8A47-FC4EDAFFF3C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "4AA4D367-32B9-4F54-8352-A959F61A1FDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "2259FF9E-0C8B-440F-B1AC-51BDE3F60E68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C522B55-904D-4C08-B73E-1457D877C0AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "4483056A-FBF3-4E00-81EB-1E97334EF240",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.43:*:*:*:*:*:*:*",
              "matchCriteriaId": "48677330-06AB-4C7F-B2AD-F7E465A9632A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.44:*:*:*:*:*:*:*",
              "matchCriteriaId": "7AEA80D2-5DB8-4334-9A88-7DDE395832C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.45:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB1C38A5-1028-4AD3-8CC7-A00091091E76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.46:*:*:*:*:*:*:*",
              "matchCriteriaId": "848147B2-C49A-43F6-9069-FC8885BDFDA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.48:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6FEF0DA-741E-4361-8143-068EB47D6520",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F002FD55-F881-450E-BC1B-8073E188F47E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA940C4F-13BB-465F-BB8D-CBD0109BF012",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B0434F5-9A50-4B57-9C5B-E09415D098C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE727035-06CB-4E37-A9D2-96BD54502120",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FE52B81-2CF8-48E5-A7BA-A163A25A669B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8E8D7C9-5272-40E6-869B-B33959F9F0CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE8D5D71-5C85-4644-8A84-F073549ADB50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "0790DDC2-7BA0-42DC-A157-754C0CBBE178",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "882394EA-70C8-4D86-9AEF-5D273D8E518C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "855AD3CC-F404-48C5-80D2-7F2765D16D72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "26B6BF72-9124-4213-B3C0-BD31B46E8C91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE8FBE89-8FDA-4B9B-BA1A-90FFD482A585",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "149C3872-8DA9-48DD-ADD0-2E84C1A76A40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2D33E8C-294A-4C43-8DB6-9DA9F61F0B3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E23ACB0-DF8B-4672-A819-4DCD3104CE4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4723B88-62BA-40E6-AA89-BAC02D6A036F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C698819-3C8E-4A16-8F52-42FF1E54C076",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D3CE74E-59E7-448A-8417-18F97C05C798",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "0986C171-0E75-4F6F-A9BD-276830104E5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "66A2777A-7831-4324-AEB2-5D93B5F6C04B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "37045680-9189-4B7F-A4F7-4E682FE20A09",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6C9F37B-CF3C-4861-A969-C7CF4946274A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A1DAF21-3FED-4691-9D4C-8FD8CEA7FB3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB938E58-4963-4A31-8836-88E958592B30",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E317897-EE97-44F3-96BB-E54228D72A7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EF7FAB2-158D-4C48-9246-E7AD3BF1D801",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.37:*:*:*:*:*:*:*",
              "matchCriteriaId": "056D43AE-ECDB-40D2-A196-18DDCD02629E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.38:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3E555F3-3580-4D71-8D8D-92FE72763D62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "93013503-8B9A-4160-AF7E-277958FA6E9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3B009FD-0F2B-4511-8EDF-C3E670623F89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "52579D8D-E855-42B3-B406-32DD1C39F721",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.47:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7E44FC6-12A2-4F76-A095-28F3804B619F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.48:*:*:*:*:*:*:*",
              "matchCriteriaId": "42917E5E-E362-4B40-B2B2-3C77BA35641C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.50:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF317FA3-EBF3-49BB-A9E6-0D4295FA3F60",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.52:*:*:*:*:*:*:*",
              "matchCriteriaId": "F98B1683-914F-43D3-AE1C-311D3A90BE8C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.54:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8D24656-CAB1-4A98-A440-482927FEDD16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.55:*:*:*:*:*:*:*",
              "matchCriteriaId": "E504557C-DA5D-4D0F-A813-4CE7D5109F15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "52D83C3A-ED0B-42D5-A08A-97D27E189875",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "A649E319-D408-4AA2-8293-C9E37AF14BA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4187EFE-4D7E-4493-A6E0-24C98256CF79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "6730194F-5069-40AB-AE66-871D3992560C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E257F98-D1A0-4D28-9504-1749CC090D49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FF1A5FC-73BE-4218-86D9-2E81FA64EABD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E492943-6EC0-4E34-9DBC-DD1C2CF1CDCC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "589E46F3-8038-4B87-8C40-55C6268B82F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F3B73F6-139E-42DC-B895-DDD17B5A1138",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A2590E7-FE04-4B29-B36B-AABAA5F3B9AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E4FD5E3-7E82-4294-8B05-D2045D857029",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E998A4A-5346-4CFA-A617-FD1106C6B7A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "91265549-A16E-4A00-A031-4F1EB8D6881C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA3C316B-5485-4CDD-A1A1-6C0A9CB4719F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECE6D033-7B8B-4F61-B653-0C0EF13466EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "14441650-DAD5-4959-83DF-4D6F3D6A05FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B21ABC9-A64B-43E4-8951-1E6C0F427DBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "A48EC041-322F-422D-B95B-0FC07BDA2B6B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE0D50C0-DADB-4747-8649-8A5257111FE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEE2699F-353F-44CB-A778-981783DDC31F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D8E50BD-1FBD-483B-9C27-70E95C732E55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "F46E5E4F-787C-4C05-B1E7-C39BB9125D16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6A29312-38E7-456B-94DD-4D7329691114",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "27F7BB31-C733-4C32-BF0F-33B5AF020156",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC313568-33A6-435B-98FF-8A7091D9C451",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F85710A-28CE-4913-8523-356461908FBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA0B9B73-A9E6-4924-9EAE-B57E534938FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "012812C4-EFF8-465F-A771-134BEB617CC9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "E06141A9-8C37-445A-B58A-45739AFE7D4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "7EDC09E5-51D3-4672-B910-B34A9CBD6128",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "71ED7A71-81CB-444C-A4ED-EA4A58D5E73C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "CAD13331-0EB8-4C8D-85CC-D96CA9F829AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "7137F22B-F993-4620-9378-9412DAEA9EF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "923A40E8-6456-4288-B9AB-DBF5F9C4246A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "13F57A86-6284-4269-823E-B30C57185D14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.1.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6560447-039C-40FA-A24D-C8994AC2743B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "378ED826-F5FE-40BA-9FC0-9C185A13518B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "130B6FD9-764D-4EF8-91AA-37E52AE9B3E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "225861CE-FFF8-4AFA-A07B-CB8D5BC9C361",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD08C4E8-3ADB-4048-9B3C-4F0385201523",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4875811-F209-49ED-B310-8377B2F87FF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "99C52C7B-B626-4A3C-A2EC-28A20E7FA95F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "08CCBF5E-257A-4A1F-8930-3643A9588838",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "782BC9ED-1395-472B-9F34-DED812AA5BFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "153449C0-B93F-49A2-8A6A-BE84305E8D2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "853A002C-839A-4372-8485-750A86E9F6E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "C62BB5D6-CE75-4C83-82DC-4148EF8CB1F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "D32F1365-EAF8-4570-B2FF-45E47E8586F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFD07F9B-6BB3-4423-8DBE-4E89A6478E65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "34FE4F28-B704-4325-AE8A-C790163FEE71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "27ACBA2A-87A7-4836-A474-AFD7D22F820D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "C73E0B2E-BABF-4998-A1D7-4E803F9D78AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "59306ADF-FAA6-4970-ADFB-C5D9A5AEF1AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "959107AC-E9EC-467C-901B-A3164E3762E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F944F8F-0255-42BE-BD44-D21EC9F0FFC4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F39C535-5A41-47CE-A9CF-B360998D4BF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9CEAEFC-7B82-41F9-A09D-C86A3A60A4FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "40FAC31D-19C0-4BA0-A019-C7E7A0BA0B5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BA16A6D-2747-4DAC-A30A-166F1FD906FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "289F9874-FC01-4809-9BDA-1AF583FB60B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "74EDFC67-E4EE-4D2C-BF9F-5881C987C662",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "826869BE-4874-4BBA-9392-14851560BA10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF52D477-3045-45D1-9FD3-12F396266463",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "88E310BF-F1F6-4124-A875-81967B9B531E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEE52F59-AABA-4069-A909-64AD5DFD2B18",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D726F07-06F1-4B0A-B010-E607E0C2A280",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FAD2427-82A3-4E64-ADB5-FA4F40B568F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "08D5A647-AC21-40AC-8B3C-EE5D3EDA038A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BAE999A-5244-46CF-8C12-D68E789BDEE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6468D3D-C5A7-4FAE-B4B9-AD862CD11055",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6E4808D-592E-46A6-A83A-A46227D817B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AB45136-ACCD-4230-8975-0EBB30D5B375",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2C39AC1-1B96-4253-9FC8-4CC26D6261F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE9102C8-F211-4E50-967F-FD51C7FC904F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4933642-89E5-4909-AD3C-862CD3B77790",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9A6C776-79B3-47ED-B013-100B8F08E1C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "E504F28A-44CE-4B3E-9330-6A98728E3AEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEA0DD43-D206-4C1C-8B17-DA47F96B3BAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "1983172D-4F52-479F-BF14-A84B92D36864",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "4122D982-A57A-4249-A8DC-CE9FC6C98803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "96464380-F665-4266-B0AD-693E078C9F82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C230B8A-570D-4F58-83E1-AFA50B813EA4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD3F39CB-C4C2-4B13-94F0-9E44322314BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "59A71873-0EB2-418F-AE33-8474A1010FA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2DF0B07-8C2A-4341-8AFF-DE7E5E5B3A43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E6BD0EE-649E-4ED6-A09C-8364335DEF52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AE11554-FE3C-4C8B-8986-5D88E4967342",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1C11983-22A8-4859-A240-571A7815FF54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "24CD0B0A-2B91-45DD-9522-8D1D3850CC9B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7026F0E-72A7-4CDF-BADC-E34FE6FADC51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "63B85369-FBAE-456C-BC99-5418B043688A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "86434346-D5F0-49BA-803E-244C3266E361",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2FA7B3C-002D-4755-B323-CA24B770A5B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1CB7EBC-F3D5-4855-A8D8-BA5AB21FD719",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2A5530C-DF29-421B-9712-3454C1769446",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "41170977-FEEA-4B51-BF98-8493096CD691",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "B05791F9-0B31-4C4C-A9BA-9268CAA45FB2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D975CBA-7F01-4A4C-991B-9571410C4F07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6D7AF29-4E08-4BFD-AFE0-994309E66F08",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2EFA476-5021-4A00-859E-1643009D6156",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6E3A5DC-A237-46E4-A4E5-F135482F984A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCD69468-8067-4A5D-B2B0-EC510D889AA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "20AE4051-FA3B-4F0B-BD3D-083A14269FF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "46A42D07-FF3E-41B4-BA39-3A5BDA4E0E61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3985EA37-2B77-45F2-ABA5-5CCC7B35CA2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "67FB5ABE-3C40-4C58-B91F-0621C2180FAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "53909FD6-EC74-4D2F-99DA-26E70400B53F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "55FE024D-0D43-40AD-9645-8C54ECF17824",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC411A8D-CD39-46F5-B8FC-6753E618FAEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "D46E2E00-BA86-4002-B67B-2C1A6C1AAAE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "91AD8BA2-EB8D-4D8B-B707-AF5C2A831998",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FA95508-0A28-4D4A-81A7-5CDD1F5DA46C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "85F22403-B4EE-4303-9C94-915D3E0AC944",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "828E3DE1-B62E-4FEC-AAD3-EB0E452C9CBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "596EC5DD-D7F4-44C8-B4B5-E2DC142FC486",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C356E0E6-5B87-40CF-996E-6FFEDFD82A31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBCA75A6-0A3E-4393-8884-9F3CE190641E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F3C12D3-7662-46C5-9E88-D1BE6CF605E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "046B53A0-6BC1-461A-9C28-C534CE12C4BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA889E1-4E8F-4ECE-88AC-7A240D5CBF0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D1C767F-3E06-43B7-A0CC-D51D97A053EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "43A950B0-A7CA-4CE7-A393-A18C8C41B08E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7E221CB-BD0F-4AEE-8646-998B75647714",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "225382DE-2919-48F4-9CC0-DE685EAAFDF4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBA2DFE7-F478-46EC-9832-4B2C738FC879",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D619BF54-1BA9-45D0-A876-92D7010088A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "469EA365-DED5-4436-AAC2-5553529DE700",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D94F400-5A35-41F5-B37F-E9DA6F87ED8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5364CB94-BEA3-4E9A-A2F9-EE96A2D7F8AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FD5D12-CF1A-4990-99B3-1840EFBA5611",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCD2D11D-FF08-44E4-BF67-D8DD1E701FCD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F788D156-1F1F-4A08-848B-257BC4CCE000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "795ED164-7800-4D50-8E37-665BE30190D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B0664B8-1670-4F47-A01E-089D05A9618A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBC0C3DC-4761-488A-90A9-6EA45EE61526",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "62EE065B-F8B6-4125-8486-B2EE0566B27A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5245DEF8-64BE-47C9-AA3C-DF3F7F92A89F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5A52991-802D-46FB-A508-5616BA1CEB78",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the AnyConnect firewall for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should have been denied to flow through an affected device. This vulnerability is due to a logic error in populating group ACLs when an AnyConnect client establishes a new session toward an affected device. An attacker could exploit this vulnerability by establishing an AnyConnect connection to the affected device. A successful exploit could allow the attacker to bypass configured ACL rules."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el firewall AnyConnect para el software Cisco Adaptive Security Appliance (ASA) y el software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir que un atacante remoto no autenticado omita una lista de control de acceso (ACL) configurada y permita que el tr\u00e1fico que deber\u00eda haber sido denegado fluya a trav\u00e9s de un dispositivo afectado. Esta vulnerabilidad se debe a un error l\u00f3gico en el llenado de las ACL de grupo cuando un cliente AnyConnect establece una nueva sesi\u00f3n hacia un dispositivo afectado. Un atacante podr\u00eda aprovechar esta vulnerabilidad estableciendo una conexi\u00f3n AnyConnect con el dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante omitir las reglas de ACL configuradas."
    }
  ],
  "id": "CVE-2024-20299",
  "lastModified": "2025-08-01T16:10:51.010",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-10-23T17:15:16.900",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-acl-bypass-VvnLNKqf"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Broken Link"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-M446vbEO"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-290"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2021-01-13 22:15

Modified

2024-11-26 16:09

Severity ?

5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Summary

Multiple Cisco products are affected by a vulnerability with TCP Fast Open (TFO) when used in conjunction with the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect detection of the HTTP payload if it is contained at least partially within the TFO connection handshake. An attacker could exploit this vulnerability by sending crafted TFO packets with an HTTP payload through an affected device. A successful exploit could allow the attacker to bypass configured file policy for HTTP packets and deliver a malicious payload.

References

URL	Tags
psirt@cisco.com	https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html
psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-tfo-bypass-MmzZrtes	Vendor Advisory
psirt@cisco.com	https://www.debian.org/security/2023/dsa-5354
af854a3a-2127-422b-91ae-364da2661108	https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html
af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-tfo-bypass-MmzZrtes	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.debian.org/security/2023/dsa-5354

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	secure_firewall_management_center	2.9.14.0
cisco	secure_firewall_management_center	2.9.15
cisco	secure_firewall_management_center	2.9.16
cisco	secure_firewall_management_center	2.9.17
cisco	secure_firewall_management_center	2.9.18
cisco	secure_firewall_management_center	3.0.1
cisco	ios_xe	*
cisco	1100-4p_integrated_services_router	-
cisco	1100-8p_integrated_services_router	-
cisco	1101-4p_integrated_services_router	-
cisco	1109-2p_integrated_services_router	-
cisco	1109-4p_integrated_services_router	-
cisco	1111x-8p_integrated_services_router	-
cisco	4221_integrated_services_router	-
cisco	4321_integrated_services_router	-
cisco	4331_integrated_services_router	-
cisco	4351_integrated_services_router	-
cisco	4431_integrated_services_router	-
cisco	4451-x_integrated_services_router	-
cisco	4461_integrated_services_router	-
cisco	csr_1000v	-
cisco	isa_3000	-
snort	snort	*
cisco	meraki_mx64_firmware	-
cisco	meraki_mx64	-
cisco	meraki_mx64w_firmware	-
cisco	meraki_mx64w	-
cisco	meraki_mx67_firmware	-
cisco	meraki_mx67	-
cisco	meraki_mx67c_firmware	-
cisco	meraki_mx67c	-
cisco	meraki_mx67w_firmware	-
cisco	meraki_mx67w	-
cisco	meraki_mx68_firmware	-
cisco	meraki_mx68	-
cisco	meraki_mx68cw_firmware	-
cisco	meraki_mx68cw	-
cisco	meraki_mx68w_firmware	-
cisco	meraki_mx68w	-
cisco	meraki_mx100_firmware	-
cisco	meraki_mx100	-
cisco	meraki_mx84_firmware	-
cisco	meraki_mx84	-
cisco	meraki_mx250_firmware	-
cisco	meraki_mx250	-
cisco	meraki_mx450_firmware	-
cisco	meraki_mx450	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB1B5DAC-CE54-43E4-89F6-6DFD7A65C8EA",
              "versionEndExcluding": "6.7.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:2.9.14.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2986D5BD-1936-41BD-A992-7672C019F27E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:2.9.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "42493B4F-0CF2-45F0-B72D-36F0597CC274",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:2.9.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "06F2E7D8-BB95-480D-AE3E-F9B97C3A5379",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:2.9.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F41C382-C849-465C-AF77-0A787CA03BA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:2.9.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "80AD91C6-B7E3-48AC-8A51-3C05FE2659AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "408B880A-50EF-4246-BF38-213D812BD0BE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "72B91784-38A9-4A2A-AA92-8AB558924BBD",
              "versionEndExcluding": "17.4.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:1100-4p_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2D2305B-B69E-4F74-A44E-07B3205CE9F7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1100-8p_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "26DD41B3-1D1D-44D3-BA8E-5A66AFEE77E6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1101-4p_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AAD4397-6DCF-493A-BD61-3A890F6F3AB2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1109-2p_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F2F0A8E-97F6-41AC-BE67-4B2D60F9D36B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1109-4p_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB9229F3-7BCE-46C4-9879-D57B5BAAE44E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1111x-8p_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5A606FE-E6F1-43F9-B1CD-D9DF35FC3573",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4221_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C8AED7C-DDA3-4C29-BB95-6518C02C551A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4321_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9421DBEF-AE42-4234-B49F-FCC34B804D7F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4331_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5419CB9F-241F-4431-914F-2659BE27BEA5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4351_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DE02DBE-EAD5-4F37-8AB7-DF46A605A0E2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4431_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5720462A-BE6B-4E84-A1A1-01E80BBA86AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4451-x_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "818CEFA6-208C-43C3-8E43-474A93ADCF21",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4461_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8B60888-6E2B-494E-AC65-83337661EE7D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:csr_1000v:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF8B0B49-2C99-410B-B011-5B821C5992FB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:isa_3000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9510E97A-FD78-43C6-85BC-223001ACA264",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:snort:snort:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "715F9721-D26C-4086-873F-837D0FCAF1A5",
              "versionEndExcluding": "2.9.17",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx64_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7BCF0950-162A-4E47-BA2A-43701EA7782E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx64:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE749570-1EA6-4734-B96A-D02B3BA3A756",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx64w_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "15CD8683-DFB3-45E3-B6E2-92AFD846B0BA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx64w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1038F5F-020D-41FD-9C3D-F2685F1EA916",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx67_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF993C79-4C7F-4B99-B8BB-3996C4F3D8F0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx67:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2702FE73-E4AC-45C7-A212-44D783720798",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx67c_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C6A8AAC-9813-45C9-8C69-0579C0ADA0C3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx67c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9725A9F-B9B9-4784-AEEA-A5E5CE0A41F3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx67w_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B2F5CB3-1AE0-4905-A28B-090FDA56622E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx67w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2529662-8A54-4DFC-80E7-922CF22DE2F3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx68_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "24AB6590-8775-4744-BF84-892F0BD10225",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx68:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F6B4B5E-4FBB-48A9-B828-00C8AB479FB8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx68cw_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "39884334-73AF-4E98-B05A-20FFF82B5DF1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx68cw:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "18E682AA-05AD-483F-915F-A2B2C98233B7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx68w_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "85EF67F0-973F-4FD1-8077-CE68D2AB1149",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx68w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "03F9C184-3811-4A26-846D-54ECE7CF939F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx100_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "77C0B39F-AE49-44D7-8951-9DB0464FE43B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D4DE139-CCB5-4BDD-8827-07348B8F0FF2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx84_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8398495B-47DB-4A16-AF8C-053685D5DD9C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx84:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5A4239D-E115-4368-895A-002BBD94F243",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx250_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "90EC4BA2-0FA2-4841-9AB1-3FC92D22530D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx250:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D6CBE98-6B20-4F05-8871-0BEAD1D351B0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx450_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A685A8D6-9B97-46B3-8087-0D44EE0D65AD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx450:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B35EB71-8584-4803-A438-AEC406FD8445",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple Cisco products are affected by a vulnerability with TCP Fast Open (TFO) when used in conjunction with the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect detection of the HTTP payload if it is contained at least partially within the TFO connection handshake. An attacker could exploit this vulnerability by sending crafted TFO packets with an HTTP payload through an affected device. A successful exploit could allow the attacker to bypass configured file policy for HTTP packets and deliver a malicious payload."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples productos de Cisco est\u00e1n afectados por una vulnerabilidad con TCP Fast Open (TFO) cuando se usan en conjunto con el motor de detecci\u00f3n Snort que podr\u00eda permitir a un atacante remoto no autenticado omitir una pol\u00edtica de archivos configurada para HTTP.\u0026#xa0;La vulnerabilidad es debido a la detecci\u00f3n incorrecta de la carga \u00fatil HTTP si est\u00e1 contenida al menos parcialmente dentro del protocolo de enlace de la conexi\u00f3n TFO.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de paquetes TFO dise\u00f1ados con una carga \u00fatil HTTP a trav\u00e9s de un dispositivo afectado.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante omitir la pol\u00edtica de archivos configurada para paquetes HTTP y entregar una carga \u00fatil maliciosa."
    }
  ],
  "id": "CVE-2021-1224",
  "lastModified": "2024-11-26T16:09:02.407",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-01-13T22:15:20.410",
  "references": [
    {
      "source": "psirt@cisco.com",
      "url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-tfo-bypass-MmzZrtes"
    },
    {
      "source": "psirt@cisco.com",
      "url": "https://www.debian.org/security/2023/dsa-5354"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-tfo-bypass-MmzZrtes"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.debian.org/security/2023/dsa-5354"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-693"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2019-05-03 15:29

Modified

2024-11-21 03:50

Severity ?

8.6 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
8.6 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Summary

A vulnerability in the WebVPN login process of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause increased CPU utilization on an affected device. The vulnerability is due to excessive processing load for existing WebVPN login operations. An attacker could exploit this vulnerability by sending multiple WebVPN login requests to the device. A successful exploit could allow the attacker to increase CPU load on the device, resulting in a denial of service (DoS) condition.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-sd-cpu-dos	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-sd-cpu-dos	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	asa_5505	-
cisco	asa_5510	-
cisco	asa_5512-x	-
cisco	asa_5515-x	-
cisco	asa_5520	-
cisco	asa_5525-x	-
cisco	asa_5540	-
cisco	asa_5545-x	-
cisco	asa_5550	-
cisco	asa_5555-x	-
cisco	asa_5580	-
cisco	asa_5585-x	-
cisco	firepower_threat_defense	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "79F0345E-5661-4119-8620-8A1F42E97128",
              "versionEndExcluding": "9.4.4.34",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7789E32-76B1-4D16-A556-B6B5A8CDB5A0",
              "versionEndExcluding": "9.6.4.25",
              "versionStartIncluding": "9.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C812C8D5-3159-434C-8B9F-8CB0A8767923",
              "versionEndExcluding": "9.8.4",
              "versionStartIncluding": "9.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABCD2AF8-97D4-45C6-B80E-D5FA9B719BD5",
              "versionEndExcluding": "9.9.2.50",
              "versionStartIncluding": "9.9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E6A8BB7-2000-4CA2-9DD7-89573CE4C73A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B091B9BA-D4CA-435B-8D66-602B45F0E0BD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08F0F160-DAD2-48D4-B7B2-4818B2526F35",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "977D597B-F6DE-4438-AB02-06BE64D71EBE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5520:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B387F62-6341-434D-903F-9B72E7F84ECB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB71EB29-0115-4307-A9F7-262394FD9FB0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5540:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C5A524-E1D9-480F-B655-0680AA5BF720",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5545-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57179F60-E330-4FF0-9664-B1E4637FF210",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5550:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6287D95-F564-44B7-A0F9-91396D7C2C4E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5535C936-391B-4619-AA03-B35265FC15D7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1E828B8-5ECC-4A09-B2AD-DEDC558713DE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16AE20C2-C77E-4E04-BF13-A48696E52426",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "15251834-D900-42F9-AC0B-4167CE851116",
              "versionEndExcluding": "6.2.3.12",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the WebVPN login process of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause increased CPU utilization on an affected device. The vulnerability is due to excessive processing load for existing WebVPN login operations. An attacker could exploit this vulnerability by sending multiple WebVPN login requests to the device. A successful exploit could allow the attacker to increase CPU load on the device, resulting in a denial of service (DoS) condition."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el proceso de inicio de sesi\u00f3n (login) en la WebVPN de los software Adaptive Security Appliance (ASA) y Firepower Threat Defense (FTD) de Cisco, podr\u00eda permitir que un atacante remoto no identificado cause un aumento en la utilizaci\u00f3n de la CPU en un dispositivo afectado. La vulnerabilidad es debido a una carga de procesamiento excesiva para las operaciones de inicio de sesi\u00f3n de WebVPN existentes. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando m\u00faltiples peticiones de inicio de sesi\u00f3n desde WebVPN al dispositivo. Una operaci\u00f3n con \u00e9xito  podr\u00eda permitir al atacante incrementar la carga de la CPU en el dispositivo, dando como resultado una condici\u00f3n de Denegaci\u00f3n de Servicio (DoS)."
    }
  ],
  "id": "CVE-2018-15388",
  "lastModified": "2024-11-21T03:50:40.767",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-05-03T15:29:00.227",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-sd-cpu-dos"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-sd-cpu-dos"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-10-21 19:15

Modified

2024-11-21 05:31

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

A vulnerability in the TCP packet processing of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a memory exhaustion condition. An attacker could exploit this vulnerability by sending a high rate of crafted TCP traffic through an affected device. A successful exploit could allow the attacker to exhaust device resources, resulting in a DoS condition for traffic transiting the affected device.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dos-QFcNEPfx	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dos-QFcNEPfx	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	6.6.0
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D2F5B96-8C64-4A50-9C63-93AC36383DB1",
              "versionEndExcluding": "9.12.4.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2330600D-6AB1-4912-A595-2AE167853B93",
              "versionEndIncluding": "6.2.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "961753A1-2ECF-47EA-87AE-B81CC1D29599",
              "versionEndExcluding": "6.4.0.10",
              "versionStartIncluding": "6.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3ED0E59C-146C-494F-AD46-F6FB43F9C575",
              "versionEndExcluding": "6.5.0.5",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCD69468-8067-4A5D-B2B0-EC510D889AA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4148D30-F285-4045-A017-82F5BF074233",
              "versionEndExcluding": "9.13.1.13",
              "versionStartIncluding": "9.13.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDD8BF1D-E300-461E-99C5-E191BE4173C2",
              "versionEndExcluding": "9.14.1.30",
              "versionStartIncluding": "9.14.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the TCP packet processing of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a memory exhaustion condition. An attacker could exploit this vulnerability by sending a high rate of crafted TCP traffic through an affected device. A successful exploit could allow the attacker to exhaust device resources, resulting in a DoS condition for traffic transiting the affected device."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el procesamiento de paquetes TCP de Cisco Adaptive Security Appliance (ASA) Software y Cisco Firepower Threat Defense (FTD) Software, podr\u00eda permitir a un atacante remoto no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado.\u0026#xa0;La vulnerabilidad es debido a una condici\u00f3n de agotamiento de la memoria.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de una alta tasa de tr\u00e1fico TCP dise\u00f1ado por medio de un dispositivo afectado.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir a un atacante agotar los recursos del dispositivo, resultando en una condici\u00f3n de DoS para el tr\u00e1fico que transita por el dispositivo afectado"
    }
  ],
  "id": "CVE-2020-3554",
  "lastModified": "2024-11-21T05:31:18.257",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-10-21T19:15:17.420",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dos-QFcNEPfx"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dos-QFcNEPfx"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2024-05-22 17:16

Modified

2025-07-30 19:06

Severity ?

5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

Summary

A vulnerability in the activation of an access control list (ACL) on Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the protection that is offered by a configured ACL on an affected device. This vulnerability is due to a logic error that occurs when an ACL changes from inactive to active in the running configuration of an affected device. An attacker could exploit this vulnerability by sending traffic through the affected device that should be denied by the configured ACL. The reverse condition is also true—traffic that should be permitted could be denied by the configured ACL. A successful exploit could allow the attacker to bypass configured ACL protections on the affected device, allowing the attacker to access trusted networks that the device might be protecting. Note: This vulnerability applies to both IPv4 and IPv6 traffic as well as dual-stack ACL configurations in which both IPv4 and IPv6 ACLs are configured on an interface.

References

▼	URL	Tags
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ogsnsg-aclbyp-3XB8q6jX	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ogsnsg-aclbyp-3XB8q6jX	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	9.20.1
cisco	adaptive_security_appliance_software	9.20.1.5
cisco	firepower_threat_defense	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9998242-3C7B-4809-A049-AE20ABCD56A1",
              "versionEndIncluding": "9.19.1.24",
              "versionStartIncluding": "9.19.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B25468E3-03F9-4C2A-B82A-F87F4FCD57E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EC6F412-4A30-4E9A-B8DF-C4BF80E5C4B8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "851CB177-6E5D-4078-9615-EC2EE4406CB2",
              "versionEndIncluding": "7.4.0",
              "versionStartIncluding": "7.3.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the activation of an access control list (ACL) on Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the protection that is offered by a configured ACL on an affected device. This vulnerability is due to a logic error that occurs when an ACL changes from inactive to active in the running configuration of an affected device. An attacker could exploit this vulnerability by sending traffic through the affected device that should be denied by the configured ACL. The reverse condition is also true\u2014traffic that should be permitted could be denied by the configured ACL. A successful exploit could allow the attacker to bypass configured ACL protections on the affected device, allowing the attacker to access trusted networks that the device might be protecting. Note: This vulnerability applies to both IPv4 and IPv6 traffic as well as dual-stack ACL configurations in which both IPv4 and IPv6 ACLs are configured on an interface."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la activaci\u00f3n de una lista de control de acceso (ACL) en el software Cisco Adaptive Security Appliance (ASA) y el software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir que un atacante remoto no autenticado evite la protecci\u00f3n que ofrece una ACL configurada en un dispositivo afectado. Esta vulnerabilidad se debe a un error l\u00f3gico que ocurre cuando una ACL cambia de inactiva a activa en la configuraci\u00f3n en ejecuci\u00f3n de un dispositivo afectado. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando tr\u00e1fico a trav\u00e9s del dispositivo afectado que la ACL configurada deber\u00eda denegar. La condici\u00f3n inversa tambi\u00e9n es cierta: la ACL configurada podr\u00eda denegar el tr\u00e1fico que deber\u00eda permitirse. Un exploit exitoso podr\u00eda permitir al atacante eludir las protecciones ACL configuradas en el dispositivo afectado, permiti\u00e9ndole acceder a redes confiables que el dispositivo podr\u00eda estar protegiendo. Nota: Esta vulnerabilidad se aplica al tr\u00e1fico IPv4 e IPv6, as\u00ed como a configuraciones de ACL de doble pila en las que las ACL IPv4 e IPv6 est\u00e1n configuradas en una interfaz."
    }
  ],
  "id": "CVE-2024-20293",
  "lastModified": "2025-07-30T19:06:02.740",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-05-22T17:16:13.167",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ogsnsg-aclbyp-3XB8q6jX"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ogsnsg-aclbyp-3XB8q6jX"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-436"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2023-11-01 17:15

Modified

2024-11-21 07:40

Severity ?

5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

Summary

Multiple vulnerabilities in the per-user-override feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should be denied to flow through an affected device. These vulnerabilities are due to a logic error that could occur when the affected software constructs and applies per-user-override rules. An attacker could exploit these vulnerabilities by connecting to a network through an affected device that has a vulnerable configuration. A successful exploit could allow the attacker to bypass the interface ACL and access resources that would should be protected.

References

▼	URL	Tags
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ac-acl-bypass-bwd7q6Gb	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ac-acl-bypass-bwd7q6Gb	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance_software	9.8.3.14
cisco	adaptive_security_appliance_software	9.8.3.16
cisco	adaptive_security_appliance_software	9.8.3.18
cisco	adaptive_security_appliance_software	9.8.3.21
cisco	adaptive_security_appliance_software	9.8.3.26
cisco	adaptive_security_appliance_software	9.8.3.29
cisco	adaptive_security_appliance_software	9.8.4
cisco	adaptive_security_appliance_software	9.8.4.3
cisco	adaptive_security_appliance_software	9.8.4.7
cisco	adaptive_security_appliance_software	9.8.4.8
cisco	adaptive_security_appliance_software	9.8.4.10
cisco	adaptive_security_appliance_software	9.8.4.12
cisco	adaptive_security_appliance_software	9.8.4.15
cisco	adaptive_security_appliance_software	9.8.4.17
cisco	adaptive_security_appliance_software	9.8.4.20
cisco	adaptive_security_appliance_software	9.8.4.22
cisco	adaptive_security_appliance_software	9.8.4.25
cisco	adaptive_security_appliance_software	9.8.4.26
cisco	adaptive_security_appliance_software	9.8.4.29
cisco	adaptive_security_appliance_software	9.8.4.32
cisco	adaptive_security_appliance_software	9.8.4.33
cisco	adaptive_security_appliance_software	9.8.4.34
cisco	adaptive_security_appliance_software	9.8.4.35
cisco	adaptive_security_appliance_software	9.8.4.39
cisco	adaptive_security_appliance_software	9.8.4.40
cisco	adaptive_security_appliance_software	9.8.4.41
cisco	adaptive_security_appliance_software	9.8.4.43
cisco	adaptive_security_appliance_software	9.8.4.44
cisco	adaptive_security_appliance_software	9.8.4.45
cisco	adaptive_security_appliance_software	9.8.4.46
cisco	adaptive_security_appliance_software	9.8.4.48
cisco	adaptive_security_appliance_software	9.12.1
cisco	adaptive_security_appliance_software	9.12.1.2
cisco	adaptive_security_appliance_software	9.12.1.3
cisco	adaptive_security_appliance_software	9.12.2
cisco	adaptive_security_appliance_software	9.12.2.1
cisco	adaptive_security_appliance_software	9.12.2.4
cisco	adaptive_security_appliance_software	9.12.2.5
cisco	adaptive_security_appliance_software	9.12.2.9
cisco	adaptive_security_appliance_software	9.12.3
cisco	adaptive_security_appliance_software	9.12.3.2
cisco	adaptive_security_appliance_software	9.12.3.7
cisco	adaptive_security_appliance_software	9.12.3.9
cisco	adaptive_security_appliance_software	9.12.3.12
cisco	adaptive_security_appliance_software	9.12.4
cisco	adaptive_security_appliance_software	9.12.4.2
cisco	adaptive_security_appliance_software	9.12.4.4
cisco	adaptive_security_appliance_software	9.12.4.7
cisco	adaptive_security_appliance_software	9.12.4.8
cisco	adaptive_security_appliance_software	9.12.4.10
cisco	adaptive_security_appliance_software	9.12.4.13
cisco	adaptive_security_appliance_software	9.12.4.18
cisco	adaptive_security_appliance_software	9.12.4.24
cisco	adaptive_security_appliance_software	9.12.4.26
cisco	adaptive_security_appliance_software	9.12.4.29
cisco	adaptive_security_appliance_software	9.12.4.30
cisco	adaptive_security_appliance_software	9.12.4.35
cisco	adaptive_security_appliance_software	9.12.4.37
cisco	adaptive_security_appliance_software	9.12.4.38
cisco	adaptive_security_appliance_software	9.12.4.39
cisco	adaptive_security_appliance_software	9.12.4.40
cisco	adaptive_security_appliance_software	9.12.4.41
cisco	adaptive_security_appliance_software	9.12.4.47
cisco	adaptive_security_appliance_software	9.12.4.48
cisco	adaptive_security_appliance_software	9.12.4.50
cisco	adaptive_security_appliance_software	9.12.4.52
cisco	adaptive_security_appliance_software	9.12.4.54
cisco	adaptive_security_appliance_software	9.12.4.55
cisco	adaptive_security_appliance_software	9.12.4.56
cisco	adaptive_security_appliance_software	9.14.1
cisco	adaptive_security_appliance_software	9.14.1.6
cisco	adaptive_security_appliance_software	9.14.1.10
cisco	adaptive_security_appliance_software	9.14.1.15
cisco	adaptive_security_appliance_software	9.14.1.19
cisco	adaptive_security_appliance_software	9.14.1.30
cisco	adaptive_security_appliance_software	9.14.2
cisco	adaptive_security_appliance_software	9.14.2.4
cisco	adaptive_security_appliance_software	9.14.2.8
cisco	adaptive_security_appliance_software	9.14.2.13
cisco	adaptive_security_appliance_software	9.14.2.15
cisco	adaptive_security_appliance_software	9.14.3
cisco	adaptive_security_appliance_software	9.14.3.1
cisco	adaptive_security_appliance_software	9.14.3.9
cisco	adaptive_security_appliance_software	9.14.3.11
cisco	adaptive_security_appliance_software	9.14.3.13
cisco	adaptive_security_appliance_software	9.14.3.15
cisco	adaptive_security_appliance_software	9.14.3.18
cisco	adaptive_security_appliance_software	9.14.4
cisco	adaptive_security_appliance_software	9.14.4.6
cisco	adaptive_security_appliance_software	9.14.4.7
cisco	adaptive_security_appliance_software	9.14.4.12
cisco	adaptive_security_appliance_software	9.14.4.13
cisco	adaptive_security_appliance_software	9.14.4.14
cisco	adaptive_security_appliance_software	9.14.4.15
cisco	adaptive_security_appliance_software	9.14.4.17
cisco	adaptive_security_appliance_software	9.14.4.22
cisco	adaptive_security_appliance_software	9.14.4.23
cisco	adaptive_security_appliance_software	9.15.1
cisco	adaptive_security_appliance_software	9.15.1.1
cisco	adaptive_security_appliance_software	9.15.1.7
cisco	adaptive_security_appliance_software	9.15.1.10
cisco	adaptive_security_appliance_software	9.15.1.15
cisco	adaptive_security_appliance_software	9.15.1.16
cisco	adaptive_security_appliance_software	9.15.1.17
cisco	adaptive_security_appliance_software	9.15.1.21
cisco	adaptive_security_appliance_software	9.16.1
cisco	adaptive_security_appliance_software	9.16.1.28
cisco	adaptive_security_appliance_software	9.16.2
cisco	adaptive_security_appliance_software	9.16.2.3
cisco	adaptive_security_appliance_software	9.16.2.7
cisco	adaptive_security_appliance_software	9.16.2.11
cisco	adaptive_security_appliance_software	9.16.2.13
cisco	adaptive_security_appliance_software	9.16.2.14
cisco	adaptive_security_appliance_software	9.16.3
cisco	adaptive_security_appliance_software	9.16.3.3
cisco	adaptive_security_appliance_software	9.16.3.14
cisco	adaptive_security_appliance_software	9.16.3.15
cisco	adaptive_security_appliance_software	9.16.3.19
cisco	adaptive_security_appliance_software	9.16.3.23
cisco	adaptive_security_appliance_software	9.16.4
cisco	adaptive_security_appliance_software	9.16.4.9
cisco	adaptive_security_appliance_software	9.16.4.14
cisco	adaptive_security_appliance_software	9.16.4.18
cisco	adaptive_security_appliance_software	9.17.1
cisco	adaptive_security_appliance_software	9.17.1.7
cisco	adaptive_security_appliance_software	9.17.1.9
cisco	adaptive_security_appliance_software	9.17.1.10
cisco	adaptive_security_appliance_software	9.17.1.11
cisco	adaptive_security_appliance_software	9.17.1.13
cisco	adaptive_security_appliance_software	9.17.1.15
cisco	adaptive_security_appliance_software	9.17.1.20
cisco	adaptive_security_appliance_software	9.17.1.30
cisco	adaptive_security_appliance_software	9.18.1
cisco	adaptive_security_appliance_software	9.18.1.3
cisco	adaptive_security_appliance_software	9.18.2
cisco	adaptive_security_appliance_software	9.18.2.5
cisco	adaptive_security_appliance_software	9.18.2.7
cisco	adaptive_security_appliance_software	9.18.2.8
cisco	adaptive_security_appliance_software	9.18.3
cisco	adaptive_security_appliance_software	9.19.1
cisco	adaptive_security_appliance_software	9.19.1.5
cisco	adaptive_security_appliance_software	9.19.1.9
cisco	firepower_threat_defense	6.2.3.3
cisco	firepower_threat_defense	6.2.3.4
cisco	firepower_threat_defense	6.2.3.5
cisco	firepower_threat_defense	6.2.3.6
cisco	firepower_threat_defense	6.2.3.7
cisco	firepower_threat_defense	6.2.3.8
cisco	firepower_threat_defense	6.2.3.9
cisco	firepower_threat_defense	6.2.3.10
cisco	firepower_threat_defense	6.2.3.11
cisco	firepower_threat_defense	6.2.3.12
cisco	firepower_threat_defense	6.2.3.13
cisco	firepower_threat_defense	6.2.3.14
cisco	firepower_threat_defense	6.2.3.15
cisco	firepower_threat_defense	6.2.3.16
cisco	firepower_threat_defense	6.2.3.17
cisco	firepower_threat_defense	6.2.3.18
cisco	firepower_threat_defense	6.4.0
cisco	firepower_threat_defense	6.4.0.1
cisco	firepower_threat_defense	6.4.0.2
cisco	firepower_threat_defense	6.4.0.3
cisco	firepower_threat_defense	6.4.0.4
cisco	firepower_threat_defense	6.4.0.5
cisco	firepower_threat_defense	6.4.0.6
cisco	firepower_threat_defense	6.4.0.7
cisco	firepower_threat_defense	6.4.0.8
cisco	firepower_threat_defense	6.4.0.9
cisco	firepower_threat_defense	6.4.0.10
cisco	firepower_threat_defense	6.4.0.11
cisco	firepower_threat_defense	6.4.0.12
cisco	firepower_threat_defense	6.4.0.13
cisco	firepower_threat_defense	6.4.0.14
cisco	firepower_threat_defense	6.4.0.15
cisco	firepower_threat_defense	6.4.0.16
cisco	firepower_threat_defense	6.6.0
cisco	firepower_threat_defense	6.6.0.1
cisco	firepower_threat_defense	6.6.1
cisco	firepower_threat_defense	6.6.3
cisco	firepower_threat_defense	6.6.4
cisco	firepower_threat_defense	6.6.5
cisco	firepower_threat_defense	6.6.5.1
cisco	firepower_threat_defense	6.6.5.2
cisco	firepower_threat_defense	6.6.7
cisco	firepower_threat_defense	6.6.7.1
cisco	firepower_threat_defense	6.7.0
cisco	firepower_threat_defense	6.7.0.1
cisco	firepower_threat_defense	6.7.0.2
cisco	firepower_threat_defense	6.7.0.3
cisco	firepower_threat_defense	7.0.0
cisco	firepower_threat_defense	7.0.0.1
cisco	firepower_threat_defense	7.0.1
cisco	firepower_threat_defense	7.0.1.1
cisco	firepower_threat_defense	7.0.2
cisco	firepower_threat_defense	7.0.2.1
cisco	firepower_threat_defense	7.0.3
cisco	firepower_threat_defense	7.0.4
cisco	firepower_threat_defense	7.0.5
cisco	firepower_threat_defense	7.1.0
cisco	firepower_threat_defense	7.1.0.1
cisco	firepower_threat_defense	7.1.0.2
cisco	firepower_threat_defense	7.1.0.3
cisco	firepower_threat_defense	7.2.0
cisco	firepower_threat_defense	7.2.0.1
cisco	firepower_threat_defense	7.2.1
cisco	firepower_threat_defense	7.2.2
cisco	firepower_threat_defense	7.2.3
cisco	firepower_threat_defense	7.3.0
cisco	firepower_threat_defense	7.3.1
cisco	firepower_threat_defense	7.3.1.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF894850-39EC-4B57-BBFF-F1AB4F8389A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1FAFCF9-0ABE-483E-9604-329762BB7870",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "83DB4278-3126-4765-97C4-6C0A8C78DA78",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "174E631B-6099-47DE-8790-BBF4B7FDB8CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FE3538B-F612-4105-BFDE-A4B594482DCF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "3143B0FF-C855-485E-A908-E48974B1643C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "26DD9992-6D98-4E03-9599-ECF38A186FBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "24DCEAE6-355B-40AE-A7C8-AF744FCA8A86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "2097E81E-B422-4B93-AF09-F300A0E8AF71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "454DEA31-A607-4054-82D3-24A4FEB7358F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "57F0B213-8187-4465-84F1-FB8D92B36020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "E540771E-BA0B-42D1-8251-B576B0F142C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEC2A833-BECF-4000-A592-6113A84C2D20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "077F1416-924A-4D25-9CEE-3BD66A96A019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BDC8D92-D6E0-40EE-B190-D2B32C7DEB75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "23CD5619-E534-4F40-998D-39DC19FA0451",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5D0EB11-14B1-44B3-8D46-B9DD872F772C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FA399CF-12DB-42E0-A66F-14508B52A453",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B5A7608-E737-420E-9B5E-836600DAC701",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.32:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7EB6801-336D-4F41-ADE7-1C58C63C3F6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "8413DA41-02A5-4269-8C88-9DD5076AF91B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.34:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA00285F-6914-4749-8A47-FC4EDAFFF3C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "4AA4D367-32B9-4F54-8352-A959F61A1FDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "2259FF9E-0C8B-440F-B1AC-51BDE3F60E68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C522B55-904D-4C08-B73E-1457D877C0AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "4483056A-FBF3-4E00-81EB-1E97334EF240",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.43:*:*:*:*:*:*:*",
              "matchCriteriaId": "48677330-06AB-4C7F-B2AD-F7E465A9632A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.44:*:*:*:*:*:*:*",
              "matchCriteriaId": "7AEA80D2-5DB8-4334-9A88-7DDE395832C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.45:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB1C38A5-1028-4AD3-8CC7-A00091091E76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.46:*:*:*:*:*:*:*",
              "matchCriteriaId": "848147B2-C49A-43F6-9069-FC8885BDFDA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.48:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6FEF0DA-741E-4361-8143-068EB47D6520",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F002FD55-F881-450E-BC1B-8073E188F47E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA940C4F-13BB-465F-BB8D-CBD0109BF012",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B0434F5-9A50-4B57-9C5B-E09415D098C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE727035-06CB-4E37-A9D2-96BD54502120",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FE52B81-2CF8-48E5-A7BA-A163A25A669B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8E8D7C9-5272-40E6-869B-B33959F9F0CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE8D5D71-5C85-4644-8A84-F073549ADB50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "0790DDC2-7BA0-42DC-A157-754C0CBBE178",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "882394EA-70C8-4D86-9AEF-5D273D8E518C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "855AD3CC-F404-48C5-80D2-7F2765D16D72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "26B6BF72-9124-4213-B3C0-BD31B46E8C91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE8FBE89-8FDA-4B9B-BA1A-90FFD482A585",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "149C3872-8DA9-48DD-ADD0-2E84C1A76A40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2D33E8C-294A-4C43-8DB6-9DA9F61F0B3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E23ACB0-DF8B-4672-A819-4DCD3104CE4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4723B88-62BA-40E6-AA89-BAC02D6A036F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C698819-3C8E-4A16-8F52-42FF1E54C076",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D3CE74E-59E7-448A-8417-18F97C05C798",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "0986C171-0E75-4F6F-A9BD-276830104E5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "66A2777A-7831-4324-AEB2-5D93B5F6C04B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "37045680-9189-4B7F-A4F7-4E682FE20A09",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6C9F37B-CF3C-4861-A969-C7CF4946274A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A1DAF21-3FED-4691-9D4C-8FD8CEA7FB3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB938E58-4963-4A31-8836-88E958592B30",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E317897-EE97-44F3-96BB-E54228D72A7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EF7FAB2-158D-4C48-9246-E7AD3BF1D801",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.37:*:*:*:*:*:*:*",
              "matchCriteriaId": "056D43AE-ECDB-40D2-A196-18DDCD02629E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.38:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3E555F3-3580-4D71-8D8D-92FE72763D62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "93013503-8B9A-4160-AF7E-277958FA6E9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3B009FD-0F2B-4511-8EDF-C3E670623F89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "52579D8D-E855-42B3-B406-32DD1C39F721",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.47:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7E44FC6-12A2-4F76-A095-28F3804B619F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.48:*:*:*:*:*:*:*",
              "matchCriteriaId": "42917E5E-E362-4B40-B2B2-3C77BA35641C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.50:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF317FA3-EBF3-49BB-A9E6-0D4295FA3F60",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.52:*:*:*:*:*:*:*",
              "matchCriteriaId": "F98B1683-914F-43D3-AE1C-311D3A90BE8C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.54:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8D24656-CAB1-4A98-A440-482927FEDD16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.55:*:*:*:*:*:*:*",
              "matchCriteriaId": "E504557C-DA5D-4D0F-A813-4CE7D5109F15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.56:*:*:*:*:*:*:*",
              "matchCriteriaId": "04D2A067-C717-4921-BBF5-3EFBE02736EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "52D83C3A-ED0B-42D5-A08A-97D27E189875",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "A649E319-D408-4AA2-8293-C9E37AF14BA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4187EFE-4D7E-4493-A6E0-24C98256CF79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "6730194F-5069-40AB-AE66-871D3992560C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E257F98-D1A0-4D28-9504-1749CC090D49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FF1A5FC-73BE-4218-86D9-2E81FA64EABD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E492943-6EC0-4E34-9DBC-DD1C2CF1CDCC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "589E46F3-8038-4B87-8C40-55C6268B82F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F3B73F6-139E-42DC-B895-DDD17B5A1138",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A2590E7-FE04-4B29-B36B-AABAA5F3B9AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E4FD5E3-7E82-4294-8B05-D2045D857029",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E998A4A-5346-4CFA-A617-FD1106C6B7A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "91265549-A16E-4A00-A031-4F1EB8D6881C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA3C316B-5485-4CDD-A1A1-6C0A9CB4719F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECE6D033-7B8B-4F61-B653-0C0EF13466EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "14441650-DAD5-4959-83DF-4D6F3D6A05FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B21ABC9-A64B-43E4-8951-1E6C0F427DBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "A48EC041-322F-422D-B95B-0FC07BDA2B6B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE0D50C0-DADB-4747-8649-8A5257111FE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEE2699F-353F-44CB-A778-981783DDC31F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D8E50BD-1FBD-483B-9C27-70E95C732E55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "F46E5E4F-787C-4C05-B1E7-C39BB9125D16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6A29312-38E7-456B-94DD-4D7329691114",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "27F7BB31-C733-4C32-BF0F-33B5AF020156",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC313568-33A6-435B-98FF-8A7091D9C451",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F85710A-28CE-4913-8523-356461908FBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6069950-016B-419A-B754-D58956CB6D14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A2F3FEC-624F-47C5-B056-836861BB038A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA0B9B73-A9E6-4924-9EAE-B57E534938FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "012812C4-EFF8-465F-A771-134BEB617CC9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "E06141A9-8C37-445A-B58A-45739AFE7D4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "7EDC09E5-51D3-4672-B910-B34A9CBD6128",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "71ED7A71-81CB-444C-A4ED-EA4A58D5E73C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "CAD13331-0EB8-4C8D-85CC-D96CA9F829AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "7137F22B-F993-4620-9378-9412DAEA9EF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "923A40E8-6456-4288-B9AB-DBF5F9C4246A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "13F57A86-6284-4269-823E-B30C57185D14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.1.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6560447-039C-40FA-A24D-C8994AC2743B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "378ED826-F5FE-40BA-9FC0-9C185A13518B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "130B6FD9-764D-4EF8-91AA-37E52AE9B3E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "225861CE-FFF8-4AFA-A07B-CB8D5BC9C361",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD08C4E8-3ADB-4048-9B3C-4F0385201523",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4875811-F209-49ED-B310-8377B2F87FF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "99C52C7B-B626-4A3C-A2EC-28A20E7FA95F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "08CCBF5E-257A-4A1F-8930-3643A9588838",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "782BC9ED-1395-472B-9F34-DED812AA5BFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "153449C0-B93F-49A2-8A6A-BE84305E8D2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "853A002C-839A-4372-8485-750A86E9F6E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "C62BB5D6-CE75-4C83-82DC-4148EF8CB1F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "D32F1365-EAF8-4570-B2FF-45E47E8586F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFD07F9B-6BB3-4423-8DBE-4E89A6478E65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "34FE4F28-B704-4325-AE8A-C790163FEE71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "E832BC0C-8439-4779-9064-C2D93F231031",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA99DF94-D031-4375-9A16-306606FE28F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "27ACBA2A-87A7-4836-A474-AFD7D22F820D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "C73E0B2E-BABF-4998-A1D7-4E803F9D78AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "59306ADF-FAA6-4970-ADFB-C5D9A5AEF1AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "959107AC-E9EC-467C-901B-A3164E3762E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F944F8F-0255-42BE-BD44-D21EC9F0FFC4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F39C535-5A41-47CE-A9CF-B360998D4BF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9CEAEFC-7B82-41F9-A09D-C86A3A60A4FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "40FAC31D-19C0-4BA0-A019-C7E7A0BA0B5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "6CAAFE0F-416F-4BCA-BA37-30EAEADA8AFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BA16A6D-2747-4DAC-A30A-166F1FD906FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "289F9874-FC01-4809-9BDA-1AF583FB60B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "74EDFC67-E4EE-4D2C-BF9F-5881C987C662",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "826869BE-4874-4BBA-9392-14851560BA10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF52D477-3045-45D1-9FD3-12F396266463",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "88E310BF-F1F6-4124-A875-81967B9B531E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B330F8F-F0DA-472C-A932-AD1D232C7DB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEE52F59-AABA-4069-A909-64AD5DFD2B18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "20D7966E-B02B-48C8-BF96-723DD6C25314",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA618249-E76F-4104-9326-C9F2DC8DE3D7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BAE999A-5244-46CF-8C12-D68E789BDEE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6468D3D-C5A7-4FAE-B4B9-AD862CD11055",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6E4808D-592E-46A6-A83A-A46227D817B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AB45136-ACCD-4230-8975-0EBB30D5B375",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2C39AC1-1B96-4253-9FC8-4CC26D6261F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE9102C8-F211-4E50-967F-FD51C7FC904F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4933642-89E5-4909-AD3C-862CD3B77790",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9A6C776-79B3-47ED-B013-100B8F08E1C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "E504F28A-44CE-4B3E-9330-6A98728E3AEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEA0DD43-D206-4C1C-8B17-DA47F96B3BAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "1983172D-4F52-479F-BF14-A84B92D36864",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "4122D982-A57A-4249-A8DC-CE9FC6C98803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "96464380-F665-4266-B0AD-693E078C9F82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C230B8A-570D-4F58-83E1-AFA50B813EA4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD3F39CB-C4C2-4B13-94F0-9E44322314BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "59A71873-0EB2-418F-AE33-8474A1010FA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2DF0B07-8C2A-4341-8AFF-DE7E5E5B3A43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E6BD0EE-649E-4ED6-A09C-8364335DEF52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AE11554-FE3C-4C8B-8986-5D88E4967342",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1C11983-22A8-4859-A240-571A7815FF54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "24CD0B0A-2B91-45DD-9522-8D1D3850CC9B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7026F0E-72A7-4CDF-BADC-E34FE6FADC51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "63B85369-FBAE-456C-BC99-5418B043688A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "86434346-D5F0-49BA-803E-244C3266E361",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2FA7B3C-002D-4755-B323-CA24B770A5B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1CB7EBC-F3D5-4855-A8D8-BA5AB21FD719",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2A5530C-DF29-421B-9712-3454C1769446",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "41170977-FEEA-4B51-BF98-8493096CD691",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "B05791F9-0B31-4C4C-A9BA-9268CAA45FB2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D975CBA-7F01-4A4C-991B-9571410C4F07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6D7AF29-4E08-4BFD-AFE0-994309E66F08",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2EFA476-5021-4A00-859E-1643009D6156",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6E3A5DC-A237-46E4-A4E5-F135482F984A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCD69468-8067-4A5D-B2B0-EC510D889AA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "20AE4051-FA3B-4F0B-BD3D-083A14269FF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "46A42D07-FF3E-41B4-BA39-3A5BDA4E0E61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3985EA37-2B77-45F2-ABA5-5CCC7B35CA2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "67FB5ABE-3C40-4C58-B91F-0621C2180FAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "53909FD6-EC74-4D2F-99DA-26E70400B53F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "55FE024D-0D43-40AD-9645-8C54ECF17824",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC411A8D-CD39-46F5-B8FC-6753E618FAEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "D46E2E00-BA86-4002-B67B-2C1A6C1AAAE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "91AD8BA2-EB8D-4D8B-B707-AF5C2A831998",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "85F22403-B4EE-4303-9C94-915D3E0AC944",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "828E3DE1-B62E-4FEC-AAD3-EB0E452C9CBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "596EC5DD-D7F4-44C8-B4B5-E2DC142FC486",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C356E0E6-5B87-40CF-996E-6FFEDFD82A31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBCA75A6-0A3E-4393-8884-9F3CE190641E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F3C12D3-7662-46C5-9E88-D1BE6CF605E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "046B53A0-6BC1-461A-9C28-C534CE12C4BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA889E1-4E8F-4ECE-88AC-7A240D5CBF0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D1C767F-3E06-43B7-A0CC-D51D97A053EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "43A950B0-A7CA-4CE7-A393-A18C8C41B08E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7E221CB-BD0F-4AEE-8646-998B75647714",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "225382DE-2919-48F4-9CC0-DE685EAAFDF4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBA2DFE7-F478-46EC-9832-4B2C738FC879",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D619BF54-1BA9-45D0-A876-92D7010088A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "469EA365-DED5-4436-AAC2-5553529DE700",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D94F400-5A35-41F5-B37F-E9DA6F87ED8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5364CB94-BEA3-4E9A-A2F9-EE96A2D7F8AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FD5D12-CF1A-4990-99B3-1840EFBA5611",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCD2D11D-FF08-44E4-BF67-D8DD1E701FCD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F788D156-1F1F-4A08-848B-257BC4CCE000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "795ED164-7800-4D50-8E37-665BE30190D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B0664B8-1670-4F47-A01E-089D05A9618A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBC0C3DC-4761-488A-90A9-6EA45EE61526",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "62EE065B-F8B6-4125-8486-B2EE0566B27A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5245DEF8-64BE-47C9-AA3C-DF3F7F92A89F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple vulnerabilities in the per-user-override feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should be denied to flow through an affected device. These vulnerabilities are due to a logic error that could occur when the affected software constructs and applies per-user-override rules. An attacker could exploit these vulnerabilities by connecting to a network through an affected device that has a vulnerable configuration. A successful exploit could allow the attacker to bypass the interface ACL and access resources that would should be protected."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades en la funci\u00f3n de anulaci\u00f3n por usuario del software Cisco Adaptive Security Appliance (ASA) y el software Cisco Firepower Threat Defense (FTD) podr\u00edan permitir que un atacante remoto no autenticado omita una Lista de Control de Acceso (ACL) configurada y permita el tr\u00e1fico que deber\u00eda se le negar\u00e1 el flujo a trav\u00e9s de un dispositivo afectado. Estas vulnerabilidades se deben a un error l\u00f3gico que podr\u00eda ocurrir cuando el software afectado construye y aplica reglas de anulaci\u00f3n por usuario. Un atacante podr\u00eda aprovechar estas vulnerabilidades conect\u00e1ndose a una red a trav\u00e9s de un dispositivo afectado que tenga una configuraci\u00f3n vulnerable. Un exploit exitoso podr\u00eda permitir al atacante omitir la ACL de la interfaz y acceder a recursos que deber\u00edan estar protegidos."
    }
  ],
  "id": "CVE-2023-20245",
  "lastModified": "2024-11-21T07:40:58.890",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-11-01T17:15:11.643",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ac-acl-bypass-bwd7q6Gb"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ac-acl-bypass-bwd7q6Gb"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-290"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2022-05-03 04:15

Modified

2024-11-21 06:43

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

A vulnerability in the Snort detection engine integration for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause unlimited memory consumption, which could lead to a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient memory management for certain Snort events. An attacker could exploit this vulnerability by sending a series of crafted IP packets that would generate specific Snort events on an affected device. A sustained attack could cause an out of memory condition on the affected device. A successful exploit could allow the attacker to interrupt all traffic flowing through the affected device. In some circumstances, the attacker may be able to cause the device to reload, resulting in a DoS condition.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort-dos-hd2hFgM	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort-dos-hd2hFgM	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	7.1.0.0
cisco	firepower_1000	-
cisco	firepower_1010	-
cisco	firepower_1020	-
cisco	firepower_1030	-
cisco	firepower_1040	-
cisco	firepower_1120	-
cisco	firepower_1140	-
cisco	firepower_1150	-
cisco	firepower_2100	-
cisco	firepower_2110	-
cisco	firepower_2120	-
cisco	firepower_2130	-
cisco	firepower_2140	-
cisco	firepower_4100	-
cisco	firepower_4110	-
cisco	firepower_4112	-
cisco	firepower_4115	-
cisco	firepower_4120	-
cisco	firepower_4125	-
cisco	firepower_4140	-
cisco	firepower_4145	-
cisco	firepower_4150	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "35AD28D3-1C08-44EF-9148-371C9E7912E5",
              "versionEndExcluding": "6.4.0.15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD7675E1-AE0A-4C69-915D-144597F1250E",
              "versionEndExcluding": "6.6.5.2",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "536C9927-B64A-4959-BE92-9F2665AEA811",
              "versionEndExcluding": "7.0.2",
              "versionStartIncluding": "7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7533780-0DF9-41BE-8455-F60676785689",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6F79864-CA70-4192-AC2C-E174DF3F25B2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FFE3880-4B85-4E23-9836-70875D5109F7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA8B5AF8-6A57-482A-9442-E857EE7E207B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1030:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9929280-2AAC-4B56-A42C-1F6EDE83988E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F29B6BC3-D716-4A3D-9679-B7BE81F719C8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "727A02E8-40A1-4DFE-A3A2-91D628D3044F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1140:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "19F6546E-28F4-40DC-97D6-E0E023FE939B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB3B0EC3-4654-4D90-9D41-7EC2AD1DDF99",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D23A26EF-5B43-437C-A962-4FC69D8A0FF4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "52D96810-5F79-4A83-B8CA-D015790FCF72",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FE2945-4975-4003-AE48-7E134E167A7F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2130:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCE7122A-5AA7-4ECD-B024-E27C9D0CFB7B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2140:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "976901BF-C52C-4F81-956A-711AF8A60140",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E9552E6-0B9B-4B32-BE79-90D4E3887A7B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "957D64EB-D60E-4775-B9A8-B21CA48ED3B1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A694AD51-9008-4AE6-8240-98B17AB527EE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "38AE6DC0-2B03-4D36-9856-42530312CC46",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71DCEF22-ED20-4330-8502-EC2DD4C9838F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3DB2822B-B752-4CD9-A178-934957E306B4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "81F4868A-6D62-479C-9C19-F9AABDBB6B24",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "65378F3A-777C-4AE2-87FB-1E7402F9EA1B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the Snort detection engine integration for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause unlimited memory consumption, which could lead to a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient memory management for certain Snort events. An attacker could exploit this vulnerability by sending a series of crafted IP packets that would generate specific Snort events on an affected device. A sustained attack could cause an out of memory condition on the affected device. A successful exploit could allow the attacker to interrupt all traffic flowing through the affected device. In some circumstances, the attacker may be able to cause the device to reload, resulting in a DoS condition."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la integraci\u00f3n del motor de detecci\u00f3n Snort para el software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir a un atacante remoto no autenticado causar un consumo ilimitado de memoria, lo que podr\u00eda conllevar a una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado. Esta vulnerabilidad es debido a una administraci\u00f3n insuficiente de la memoria para determinados eventos de Snort. Un atacante podr\u00eda explotar esta vulnerabilidad  mediante el env\u00edo de una serie de paquetes IP dise\u00f1ados que generar\u00edan eventos Snort espec\u00edficos en un dispositivo afectado. Un ataque sostenido podr\u00eda causar una condici\u00f3n de falta de memoria en el dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante interrumpir todo el tr\u00e1fico que fluye a trav\u00e9s del dispositivo afectado. En algunas circunstancias, el atacante podr\u00eda causar la recarga del dispositivo, resultando en una condici\u00f3n de DoS"
    }
  ],
  "id": "CVE-2022-20751",
  "lastModified": "2024-11-21T06:43:28.677",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-05-03T04:15:09.700",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort-dos-hd2hFgM"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort-dos-hd2hFgM"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-770"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-770"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-02-26 17:15

Modified

2024-11-21 05:30

Severity ?

6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Summary

A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to read or write arbitrary files on the underlying operating system (OS). The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by including crafted arguments to a specific CLI command. A successful exploit could allow the attacker to read or write to arbitrary files on the underlying OS.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-cli-file	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-cli-file	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	firepower_1010	-
cisco	firepower_1120	-
cisco	firepower_1140	-
cisco	firepower_1150	-
cisco	firepower_2110	-
cisco	firepower_2120	-
cisco	firepower_2130	-
cisco	firepower_2140	-
cisco	firepower_extensible_operating_system	*
cisco	firepower_extensible_operating_system	*
cisco	firepower_extensible_operating_system	*
cisco	firepower_extensible_operating_system	*
cisco	firepower_4110	-
cisco	firepower_4115	-
cisco	firepower_4120	-
cisco	firepower_4125	-
cisco	firepower_4140	-
cisco	firepower_4145	-
cisco	firepower_4150	-
cisco	firepower_9300	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD82AC9D-AC39-4538-BBE4-173FC354CCF4",
              "versionEndExcluding": "6.2.3.16",
              "versionStartIncluding": "6.2.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3EC3BF8-E828-4DFA-9610-7AAECBC819DD",
              "versionEndExcluding": "6.5.0.3",
              "versionStartIncluding": "6.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A222901B-A007-419D-9A0A-D5420EC57083",
              "versionEndExcluding": "9.9.2.66",
              "versionStartIncluding": "9.8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A49B16A-5AB4-428C-93FC-6A898C93E8A8",
              "versionEndExcluding": "9.13.1.5",
              "versionStartIncluding": "9.10",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FFE3880-4B85-4E23-9836-70875D5109F7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "727A02E8-40A1-4DFE-A3A2-91D628D3044F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1140:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "19F6546E-28F4-40DC-97D6-E0E023FE939B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB3B0EC3-4654-4D90-9D41-7EC2AD1DDF99",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "52D96810-5F79-4A83-B8CA-D015790FCF72",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FE2945-4975-4003-AE48-7E134E167A7F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2130:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCE7122A-5AA7-4ECD-B024-E27C9D0CFB7B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2140:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "976901BF-C52C-4F81-956A-711AF8A60140",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F1B8162-68D8-43BA-BD9C-7B6CFBF3B369",
              "versionEndExcluding": "2.2.2.97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D69E67A-C3CE-4714-9DFF-6D4FAD4FA3BB",
              "versionEndExcluding": "2.3.1.155",
              "versionStartIncluding": "2.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "205AC1E3-B978-45B9-A6C2-FDCC7EBB73D4",
              "versionEndExcluding": "2.4.1.238",
              "versionStartIncluding": "2.4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0647E852-0AB6-4BD1-9C16-DD3CDBBFB631",
              "versionEndExcluding": "2.6.1.157",
              "versionStartIncluding": "2.6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A694AD51-9008-4AE6-8240-98B17AB527EE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "38AE6DC0-2B03-4D36-9856-42530312CC46",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71DCEF22-ED20-4330-8502-EC2DD4C9838F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3DB2822B-B752-4CD9-A178-934957E306B4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "81F4868A-6D62-479C-9C19-F9AABDBB6B24",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "65378F3A-777C-4AE2-87FB-1E7402F9EA1B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "07DAFDDA-718B-4B69-A524-B0CEB80FE960",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to read or write arbitrary files on the underlying operating system (OS). The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by including crafted arguments to a specific CLI command. A successful exploit could allow the attacker to read or write to arbitrary files on the underlying OS."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la CLI de Cisco FXOS Software, podr\u00eda permitir a un atacante local autenticado leer o escribir archivos arbitrarios en el sistema operativo (SO) subyacente. La vulnerabilidad es debido a una comprobaci\u00f3n de entrada insuficiente. Un atacante podr\u00eda explotar esta vulnerabilidad al incluir argumentos dise\u00f1ados en un comando de la CLI espec\u00edfico. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir a un atacante leer o escribir en archivos arbitrarios en el OS subyacente."
    }
  ],
  "id": "CVE-2020-3166",
  "lastModified": "2024-11-21T05:30:27.887",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.6,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "LOW",
          "baseScore": 4.2,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
          "version": "3.0"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 3.4,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-02-26T17:15:12.767",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-cli-file"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-cli-file"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2018-04-19 20:29

Modified

2024-11-21 03:37

Severity ?

5.8 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

Summary

A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass a configured file action policy to drop the Server Message Block (SMB) protocol if a malware file is detected. The vulnerability is due to how the SMB protocol handles a case in which a large file transfer fails. This case occurs when some pieces of the file are successfully transferred to the remote endpoint, but ultimately the file transfer fails and is reset. An attacker could exploit this vulnerability by sending a crafted SMB file transfer request through the targeted device. An exploit could allow the attacker to pass an SMB file that contains malware, which the device is configured to block. This vulnerability affects Cisco Firepower System Software when one or more file action policies are configured, on software releases prior to 6.2.3. Cisco Bug IDs: CSCvc20141.

References

URL	Tags
psirt@cisco.com	http://www.securityfocus.com/bid/103945	Third Party Advisory, VDB Entry
psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-fss1	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/103945	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-fss1	Vendor Advisory

Impacted products

	Vendor	Product	Version
	cisco	firepower_threat_defense	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1D6BDEA-ADBE-4FAB-ACFD-60E4CD5B0F84",
              "versionEndExcluding": "6.2.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass a configured file action policy to drop the Server Message Block (SMB) protocol if a malware file is detected. The vulnerability is due to how the SMB protocol handles a case in which a large file transfer fails. This case occurs when some pieces of the file are successfully transferred to the remote endpoint, but ultimately the file transfer fails and is reset. An attacker could exploit this vulnerability by sending a crafted SMB file transfer request through the targeted device. An exploit could allow the attacker to pass an SMB file that contains malware, which the device is configured to block. This vulnerability affects Cisco Firepower System Software when one or more file action policies are configured, on software releases prior to 6.2.3. Cisco Bug IDs: CSCvc20141."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el motor de detecci\u00f3n de Cisco Firepower System Software podr\u00eda permitir que un atacante remoto sin autenticar omita una pol\u00edtica de acci\u00f3n de archivos que est\u00e9 configurada para anular el protocolo Server Message Block si se detecta un archivo de malware. La vulnerabilidad se debe a c\u00f3mo el protocolo SMB gestiona un caso en el que fracasa una transferencia de un archivo grande. Este caso ocurre cuando algunas partes del archivo se transfieren con \u00e9xito al endpoint remoto pero, en \u00faltima instancia, la transferencia fracasa y se reinicia. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de una petici\u00f3n de transferencia de SMB manipulada al dispositivo objetivo. Su explotaci\u00f3n podr\u00eda permitir que el atacante pase un archivo SMB que contiene malware, que el dispositivo debe bloquear. Esta vulnerabilidad afecta a Cisco Firepower System Software cuando una o m\u00e1s pol\u00edticas de acci\u00f3n de archivos est\u00e1n configuradas en versiones del software anteriores a la 6.2.3. Cisco Bug IDs: CSCvc20141."
    }
  ],
  "id": "CVE-2018-0244",
  "lastModified": "2024-11-21T03:37:48.303",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-04-19T20:29:01.020",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/103945"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-fss1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/103945"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-fss1"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-693"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-693"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2022-05-03 04:15

Modified

2024-11-21 06:43

Severity ?

4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

A vulnerability in CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to inject XML into the command parser. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by including crafted input in commands. A successful exploit could allow the attacker to inject XML into the command parser, which could result in unexpected processing of the command and unexpected command output.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-xmlinj-8GWjGzKe	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-xmlinj-8GWjGzKe	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "35AD28D3-1C08-44EF-9148-371C9E7912E5",
              "versionEndExcluding": "6.4.0.15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD7675E1-AE0A-4C69-915D-144597F1250E",
              "versionEndExcluding": "6.6.5.2",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "22E1337C-A0EE-467D-A06E-FBE1541DDFD2",
              "versionEndExcluding": "7.0.2",
              "versionStartIncluding": "6.7.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to inject XML into the command parser. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by including crafted input in commands. A successful exploit could allow the attacker to inject XML into the command parser, which could result in unexpected processing of the command and unexpected command output."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la CLI del software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir a un atacante local autenticado inyectar XML en el analizador de comandos. Esta vulnerabilidad es debido a una comprobaci\u00f3n de entrada insuficiente. Un atacante podr\u00eda explotar esta vulnerabilidad al incluir entradas dise\u00f1adas en los comandos. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante inyectar XML en el analizador de comandos, lo que podr\u00eda resultar en un procesamiento inesperado del comando y a una salida no esperada del mismo"
    }
  ],
  "id": "CVE-2022-20729",
  "lastModified": "2024-11-21T06:43:25.883",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.6,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "NONE",
          "baseScore": 4.4,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 2.5,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-05-03T04:15:09.063",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-xmlinj-8GWjGzKe"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-xmlinj-8GWjGzKe"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-91"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-91"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2021-10-27 19:15

Modified

2024-11-21 06:11

Severity ?

4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
6.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H

Summary

A vulnerability in Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to overwrite or append arbitrary data to system files using root-level privileges. The attacker must have administrative credentials on the device. This vulnerability is due to incomplete validation of user input for a specific CLI command. An attacker could exploit this vulnerability by authenticating to the device with administrative privileges and issuing a CLI command with crafted user parameters. A successful exploit could allow the attacker to overwrite or append arbitrary data to system files using root-level privileges.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-file-write-SHVcmQVc	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-file-write-SHVcmQVc	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_management_center_virtual_appliance	6.2.3
cisco	firepower_management_center_virtual_appliance	6.4.0
cisco	firepower_management_center_virtual_appliance	6.6.1
cisco	firepower_management_center_virtual_appliance	6.7.0
cisco	firepower_management_center_virtual_appliance	7.0.0
cisco	firepower_management_center_virtual_appliance	7.1.0
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	sourcefire_defense_center	6.2.3
cisco	sourcefire_defense_center	6.4.0
cisco	sourcefire_defense_center	6.6.1
cisco	sourcefire_defense_center	6.7.0
cisco	sourcefire_defense_center	7.0.0
cisco	sourcefire_defense_center	7.1.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F75D9CB4-406B-4FBF-BC7A-35C2CCEFD8B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C0FC62F-65AD-4855-953A-DA5BBFC1B2E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B11AE299-AE40-42EB-9C0B-3865C932E766",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA792E5D-7270-4C23-A8D6-22EB00CB21A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CB38685-4255-4565-98AA-234B9DEEADE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CF689E1-22FF-467F-B5A7-59833D77971E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "17F461B5-E600-4C81-BA3C-1DBC90D4D438",
              "versionEndExcluding": "6.4.0.13",
              "versionStartIncluding": "6.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "37A74256-AF9A-473B-9DC7-A57618BA9F00",
              "versionEndExcluding": "6.6.5",
              "versionStartIncluding": "6.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "98DEDDAB-B8C5-4753-A208-94638E694FC1",
              "versionEndExcluding": "6.7.0.3",
              "versionStartIncluding": "6.7.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B2F537A-A488-45B6-AD4B-48B7064AE84C",
              "versionEndExcluding": "7.0.1",
              "versionStartIncluding": "7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E4A3574-53DC-4328-A229-87795AE4F7AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2EBC6544-6ADF-4F95-A969-A8D953D11B3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B02800C-6420-4758-89CF-66F47B4FCA19",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F41081E-06CF-4BA2-9072-E18D9032BEBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "52ED507A-5075-4444-A2D1-F5657453AD3F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5E9A6F5-8BC2-4FA5-9920-E980EFC5BCEE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to overwrite or append arbitrary data to system files using root-level privileges. The attacker must have administrative credentials on the device. This vulnerability is due to incomplete validation of user input for a specific CLI command. An attacker could exploit this vulnerability by authenticating to the device with administrative privileges and issuing a CLI command with crafted user parameters. A successful exploit could allow the attacker to overwrite or append arbitrary data to system files using root-level privileges."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir a un atacante local autenticado sobrescribir o a\u00f1adir datos arbitrarios a los archivos del sistema usando privilegios de nivel de root. El atacante debe tener credenciales administrativas en el dispositivo. Esta vulnerabilidad es debido a una comprobaci\u00f3n incompleta de la entrada del usuario para un comando CLI espec\u00edfico. Un atacante podr\u00eda explotar esta vulnerabilidad al autenticarse en el dispositivo con privilegios administrativos y emitiendo un comando CLI con par\u00e1metros de usuario dise\u00f1ados. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante sobrescribir o a\u00f1adir datos arbitrarios a los archivos del sistema usando privilegios de nivel root"
    }
  ],
  "id": "CVE-2021-34761",
  "lastModified": "2024-11-21T06:11:08.453",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 6.6,
          "confidentialityImpact": "NONE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:N/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 9.2,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "NONE",
          "baseScore": 4.4,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 3.6,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.0,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.2,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-10-27T19:15:08.003",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-file-write-SHVcmQVc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-file-write-SHVcmQVc"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-73"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-668"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2018-10-05 14:29

Modified

2024-11-21 03:50

Severity ?

6.8 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H

Summary

A vulnerability in the FTP inspection engine of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability exists because the affected software fails to release spinlocks when a device is running low on system memory, if the software is configured to apply FTP inspection and an access control rule to transit traffic, and the access control rule is associated with an FTP file policy. An attacker could exploit this vulnerability by sending a high rate of transit traffic through an affected device to cause a low-memory condition on the device. A successful exploit could allow the attacker to cause a software panic on the affected device, which could cause the device to reload and result in a temporary DoS condition.

References

URL	Tags
psirt@cisco.com	http://www.securityfocus.com/bid/105519	Third Party Advisory, VDB Entry
psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-ftd-inspect-dos	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/105519	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-ftd-inspect-dos	Vendor Advisory

Impacted products

	Vendor	Product	Version
	cisco	firepower_threat_defense	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D17D5E25-7D46-43F9-9539-C4657AD1B2B9",
              "versionEndIncluding": "6.2.3.4",
              "versionStartIncluding": "6.2.3.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the FTP inspection engine of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability exists because the affected software fails to release spinlocks when a device is running low on system memory, if the software is configured to apply FTP inspection and an access control rule to transit traffic, and the access control rule is associated with an FTP file policy. An attacker could exploit this vulnerability by sending a high rate of transit traffic through an affected device to cause a low-memory condition on the device. A successful exploit could allow the attacker to cause a software panic on the affected device, which could cause the device to reload and result in a temporary DoS condition."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el motor de inspecci\u00f3n FTP de Cisco Firepower Threat Defense (FTD) Software podr\u00eda permitir que un atacante remoto sin autenticar haga que el dispositivo afectado se reinicie, provocando una denegaci\u00f3n de servicio (DoS) en consecuencia. La vulnerabilidad existe debido a que el software afectado no libera spinlocks cuando un dispositivo se ejecuta con poca memoria del sistema, si el software est\u00e1 configurado para aplicar una inspecci\u00f3n FTP y una regla de control de acceso para pasar tr\u00e1fico, estando esa regla de control de acceso asociada con una pol\u00edtica de archivos FTP. Un atacante podr\u00eda explotar esta vulnerabilidad enviando un gran volumen de tr\u00e1fico en tr\u00e1nsito a trav\u00e9s de un dispositivo afectado para provocar una condici\u00f3n de baja memoria en el dispositivo. Su explotaci\u00f3n con \u00e9xito podr\u00eda permitir que el atacante provoque un p\u00e1nico del software en el dispositivo afectado, lo que provocar\u00e1 que el dispositivo se recargue y desemboque en una denegaci\u00f3n de servicio (DoS) temporal."
    }
  ],
  "id": "CVE-2018-15390",
  "lastModified": "2024-11-21T03:50:41.110",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 4.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-10-05T14:29:07.670",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/105519"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-ftd-inspect-dos"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/105519"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-ftd-inspect-dos"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-667"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-05-06 17:15

Modified

2024-11-21 05:30

Severity ?

6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Summary

A vulnerability in the support tunnel feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to access the shell of an affected device even though expert mode is disabled. The vulnerability is due to improper configuration of the support tunnel feature. An attacker could exploit this vulnerability by enabling the support tunnel, setting a key, and deriving the tunnel password. A successful exploit could allow the attacker to run any system command with root access on an affected device.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-shell-9rhJF68K	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-shell-9rhJF68K	Vendor Advisory

Impacted products

	Vendor	Product	Version
	cisco	firepower_threat_defense	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "72C6727D-277D-42A7-BEAD-A5C954FD3C6B",
              "versionEndExcluding": "6.5.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the support tunnel feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to access the shell of an affected device even though expert mode is disabled. The vulnerability is due to improper configuration of the support tunnel feature. An attacker could exploit this vulnerability by enabling the support tunnel, setting a key, and deriving the tunnel password. A successful exploit could allow the attacker to run any system command with root access on an affected device."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la funcionalidad support tunnel del Cisco Firepower Threat Defense (FTD) Software, podr\u00eda permitir a un atacante local autenticado acceder al shell de un dispositivo afectado aunque el modo expert est\u00e9 desactivado. La vulnerabilidad es debido a una configuraci\u00f3n inapropiada de la funcionalidad support tunnel. Un atacante podr\u00eda explotar esta vulnerabilidad al habilitar support tunnel, establecer una clave y derivar la contrase\u00f1a de tunnel. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir a un atacante ejecutar cualquier comando del sistema con acceso root sobre un dispositivo afectado."
    }
  ],
  "id": "CVE-2020-3253",
  "lastModified": "2024-11-21T05:30:39.773",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.9,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-05-06T17:15:12.540",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-shell-9rhJF68K"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-shell-9rhJF68K"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-284"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-05-06 17:15

Modified

2025-02-24 15:40

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Summary

A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to retrieve memory contents on an affected device, which could lead to the disclosure of confidential information. The vulnerability is due to a buffer tracking issue when the software parses invalid URLs that are requested from the web services interface. An attacker could exploit this vulnerability by sending a crafted GET request to the web services interface. A successful exploit could allow the attacker to retrieve memory contents, which could lead to the disclosure of confidential information. Note: This vulnerability affects only specific AnyConnect and WebVPN configurations. For more information, see the Vulnerable Products section.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-info-disclose-9eJtycMB	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-info-disclose-9eJtycMB	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*

JSON

To clipboard

{
  "cisaActionDue": "2024-03-07",
  "cisaExploitAdd": "2024-02-15",
  "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
  "cisaVulnerabilityName": "Cisco ASA and FTD Information Disclosure Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4B2E5D3-ED34-4A7E-BD8F-8492B6737677",
              "versionEndExcluding": "6.2.3.16",
              "versionStartIncluding": "6.2.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D27DE97-510A-4761-8184-6940745B54E2",
              "versionEndExcluding": "6.3.0.6",
              "versionStartIncluding": "6.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "06741056-2BFD-4F88-917A-F581F813B69E",
              "versionEndExcluding": "6.4.0.9",
              "versionStartIncluding": "6.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3ED0E59C-146C-494F-AD46-F6FB43F9C575",
              "versionEndExcluding": "6.5.0.5",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEB1AF51-43DA-4399-8264-E0A2E629F799",
              "versionEndExcluding": "9.8.4.20",
              "versionStartIncluding": "9.8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CA468F1-6A40-42FB-82D6-98AE314712A3",
              "versionEndExcluding": "9.9.2.67",
              "versionStartIncluding": "9.9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CCF1EAA-45F3-4155-B8DA-F34213C911F7",
              "versionEndExcluding": "9.10.1.40",
              "versionStartIncluding": "9.10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2380A3F-D64E-4DB2-95AB-783E83DA7E51",
              "versionEndExcluding": "9.12.3.9",
              "versionStartIncluding": "9.12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "526A1138-61C7-44AD-A925-B38BDB353238",
              "versionEndExcluding": "9.13.1.10",
              "versionStartIncluding": "9.13",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to retrieve memory contents on an affected device, which could lead to the disclosure of confidential information. The vulnerability is due to a buffer tracking issue when the software parses invalid URLs that are requested from the web services interface. An attacker could exploit this vulnerability by sending a crafted GET request to the web services interface. A successful exploit could allow the attacker to retrieve memory contents, which could lead to the disclosure of confidential information. Note: This vulnerability affects only specific AnyConnect and WebVPN configurations. For more information, see the Vulnerable Products section."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la interfaz de servicios web del Cisco Adaptive Security Appliance (ASA) Software y el Cisco Firepower Threat Defense (FTD) Software, podr\u00eda permitir a un atacante remoto no autenticado recuperar contenido de la memoria sobre un dispositivo afectado, lo que podr\u00eda conducir a la divulgaci\u00f3n de informaci\u00f3n confidencial . La vulnerabilidad es debido a un problema de rastreo del b\u00fafer cuando el software analiza las URL no v\u00e1lidas que son solicitadas desde la interfaz de servicios web. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de una petici\u00f3n GET dise\u00f1ada hacia la interfaz de servicios web. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir a un atacante recuperar el contenido de la memoria, lo que podr\u00eda conllevar a la divulgaci\u00f3n de informaci\u00f3n confidencial. Nota: Esta vulnerabilidad solo afecta a configuraciones espec\u00edficas de AnyConnect y WebVPN. Para m\u00e1s informaci\u00f3n, consulte la secci\u00f3n Vulnerable Products."
    }
  ],
  "id": "CVE-2020-3259",
  "lastModified": "2025-02-24T15:40:35.140",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-05-06T17:15:12.777",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-info-disclose-9eJtycMB"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-info-disclose-9eJtycMB"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-10-21 19:15

Modified

2024-11-21 05:31

Severity ?

5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
3.7 (Low) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

Summary

A vulnerability in the TLS handler of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 1000 Series firewalls could allow an unauthenticated, remote attacker to gain access to sensitive information. The vulnerability is due to improper implementation of countermeasures against the Bleichenbacher attack for cipher suites that rely on RSA for key exchange. An attacker could exploit this vulnerability by sending crafted TLS messages to the device, which would act as an oracle and allow the attacker to carry out a chosen-ciphertext attack. A successful exploit could allow the attacker to perform cryptanalytic operations that may allow decryption of previously captured TLS sessions to the affected device. To exploit this vulnerability, an attacker must be able to perform both of the following actions: Capture TLS traffic that is in transit between clients and the affected device Actively establish a considerable number of TLS connections to the affected device

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-tls-bb-2g9uWkP	Patch, Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-tls-bb-2g9uWkP	Patch, Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_1000	-
cisco	firepower_1010	-
cisco	firepower_1120	-
cisco	firepower_1140	-
cisco	firepower_1150	-
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	firepower_1000	-
cisco	firepower_1010	-
cisco	firepower_1120	-
cisco	firepower_1140	-
cisco	firepower_1150	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "07C5999A-6647-424E-A093-60D36561ACE7",
              "versionEndExcluding": "6.4.0.10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "38DCBF6C-AA34-4A5B-B2B1-57684DD5BB42",
              "versionEndExcluding": "6.5.0.5",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F0C6D76-9652-4EE6-9CA2-96BFBB469539",
              "versionEndExcluding": "6.6.1",
              "versionStartIncluding": "6.6.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6F79864-CA70-4192-AC2C-E174DF3F25B2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FFE3880-4B85-4E23-9836-70875D5109F7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "727A02E8-40A1-4DFE-A3A2-91D628D3044F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1140:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "19F6546E-28F4-40DC-97D6-E0E023FE939B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB3B0EC3-4654-4D90-9D41-7EC2AD1DDF99",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BB7D8DC-2652-4108-8574-12C4AFF0B93C",
              "versionEndExcluding": "9.13.1.13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5E49F5A-F8E9-4D0D-A58F-9F5BB5F0C9EE",
              "versionEndExcluding": "9.14.1.30",
              "versionStartIncluding": "9.14",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6F79864-CA70-4192-AC2C-E174DF3F25B2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FFE3880-4B85-4E23-9836-70875D5109F7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "727A02E8-40A1-4DFE-A3A2-91D628D3044F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1140:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "19F6546E-28F4-40DC-97D6-E0E023FE939B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB3B0EC3-4654-4D90-9D41-7EC2AD1DDF99",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the TLS handler of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 1000 Series firewalls could allow an unauthenticated, remote attacker to gain access to sensitive information. The vulnerability is due to improper implementation of countermeasures against the Bleichenbacher attack for cipher suites that rely on RSA for key exchange. An attacker could exploit this vulnerability by sending crafted TLS messages to the device, which would act as an oracle and allow the attacker to carry out a chosen-ciphertext attack. A successful exploit could allow the attacker to perform cryptanalytic operations that may allow decryption of previously captured TLS sessions to the affected device. To exploit this vulnerability, an attacker must be able to perform both of the following actions: Capture TLS traffic that is in transit between clients and the affected device Actively establish a considerable number of TLS connections to the affected device"
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el manejador TLS de Cisco Adaptive Security Appliance (ASA) Software y Cisco Firepower Threat Defense (FTD) Software para los firewalls Cisco Firepower 1000 Series, podr\u00eda permitir a un atacante remoto no autenticado obtener acceso a informaci\u00f3n confidencial.\u0026#xa0;La vulnerabilidad es debido a una implementaci\u00f3n inapropiada de contramedidas contra el ataque Bleichenbacher para conjuntos de cifrado que dependen de RSA para el intercambio de claves.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de mensajes TLS dise\u00f1ados hacia el dispositivo, que actuar\u00eda como un or\u00e1culo y permitir\u00eda a un atacante conducir un ataque de texto cifrado elegido.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir a un atacante realizar operaciones criptoanal\u00edticas que podr\u00edan habilitar el descifrado de sesiones TLS capturadas previamente en el dispositivo afectado.\u0026#xa0;Para aprovechar esta vulnerabilidad, un atacante necesita ser capaz de realizar ambas de las siguientes acciones: Capturar el tr\u00e1fico TLS que esta en transito entre clientes y el dispositivo afectado que establece Activamente un n\u00famero considerable de conexiones TLS hacia el dispositivo afectado"
    }
  ],
  "id": "CVE-2020-3585",
  "lastModified": "2024-11-21T05:31:21.627",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 3.7,
          "baseSeverity": "LOW",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-10-21T19:15:18.967",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-tls-bb-2g9uWkP"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-tls-bb-2g9uWkP"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-203"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-203"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2018-04-19 20:29

Modified

2024-11-21 03:37

Severity ?

8.6 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Summary

A vulnerability in the Transport Layer Security (TLS) library of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of the affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a malicious TLS message to an interface enabled for Secure Layer Socket (SSL) services on an affected device. Messages using SSL Version 3 (SSLv3) or SSL Version 2 (SSLv2) cannot be be used to exploit this vulnerability. An exploit could allow the attacker to cause a buffer underflow, triggering a crash on an affected device. This vulnerability affects Cisco ASA Software and Cisco FTD Software that is running on the following Cisco products: Adaptive Security Virtual Appliance (ASAv), Firepower Threat Defense Virtual (FTDv), Firepower 2100 Series Security Appliance. Cisco Bug IDs: CSCve18902, CSCve34335, CSCve38446.

References

URL	Tags
psirt@cisco.com	http://www.securitytracker.com/id/1040725	Third Party Advisory, VDB Entry
psirt@cisco.com	https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01	Third Party Advisory, US Government Resource
psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa3	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1040725	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01	Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa3	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance_software	9.8\(1\)
cisco	adaptive_security_appliance_software	98.1\(1.154\)
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "0BDC88FF-EC1E-4DE6-AF24-ED5FA6F23A36",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:98.1\\(1.154\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "B70B5017-9388-4BE6-82DD-18FE5E02A2E5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "21752F70-F117-4BEE-AF64-3A0A7999E9EC",
              "versionEndExcluding": "6.1.0.6",
              "versionStartIncluding": "6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "23649FB2-22EB-48EB-A05E-FD38916F0C04",
              "versionEndExcluding": "6.2.2.1",
              "versionStartIncluding": "6.2.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the Transport Layer Security (TLS) library of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of the affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a malicious TLS message to an interface enabled for Secure Layer Socket (SSL) services on an affected device. Messages using SSL Version 3 (SSLv3) or SSL Version 2 (SSLv2) cannot be be used to exploit this vulnerability. An exploit could allow the attacker to cause a buffer underflow, triggering a crash on an affected device. This vulnerability affects Cisco ASA Software and Cisco FTD Software that is running on the following Cisco products: Adaptive Security Virtual Appliance (ASAv), Firepower Threat Defense Virtual (FTDv), Firepower 2100 Series Security Appliance. Cisco Bug IDs: CSCve18902, CSCve34335, CSCve38446."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la biblioteca Transport Layer Security (TLS) de Cisco Adaptive Security Appliance (ASA) Software y Cisco Firepower Threat Defense (FTD) Software podr\u00eda permitir que un atacante remoto no autenticado desencadene una recarga del dispositivo afectado, lo que resulta en una denegaci\u00f3n de servicio (DoS). Esta vulnerabilidad se debe a una validaci\u00f3n insuficiente de las entradas realizadas por el usuario. Un atacante podr\u00eda explotar esta vulnerabilidad enviando un mensaje TLS malicioso a una interfaz habilitada para los servicios SSL (Secure Sockets Layer) en un dispositivo afectado. Los mensajes que empleen la versi\u00f3n 3 (SSLv3) o la versi\u00f3n 2 (SSLv2) de SSL no pueden emplearse para explotar esta vulnerabilidad. Su explotaci\u00f3n podr\u00eda permitir que el atacante provoque un subdesbordamiento de b\u00fafer, desencadenando un cierre inesperado en el dispositivo afectado. Esta vulnerabilidad afecta a las versiones de Cisco ASA Software y Cisco FTD Software que se ejecutan en los siguientes productos de Cisco: Adaptive Security Virtual Appliance (ASAv), Firepower Threat Defense Virtual (FTDv) y Firepower 2100 Series Security Appliance. Cisco Bug IDs: CSCve18902, CSCve34335, CSCve38446."
    }
  ],
  "id": "CVE-2018-0231",
  "lastModified": "2024-11-21T03:37:47.010",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-04-19T20:29:00.533",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1040725"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa3"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1040725"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa3"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2024-05-22 17:16

Modified

2025-07-30 19:04

Severity ?

5.0 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N
5.0 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N

Summary

A vulnerability in the implementation of SAML 2.0 single sign-on (SSO) for remote access VPN services in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to successfully establish a VPN session on an affected device. This vulnerability is due to improper separation of authorization domains when using SAML authentication. An attacker could exploit this vulnerability by using valid credentials to successfully authenticate using their designated connection profile (tunnel group), intercepting the SAML SSO token that is sent back from the Cisco ASA device, and then submitting the same SAML SSO token to a different tunnel group for authentication. A successful exploit could allow the attacker to establish a remote access VPN session using a connection profile that they are not authorized to use and connect to secured networks behind the affected device that they are not authorized to access. For successful exploitation, the attacker must have valid remote access VPN user credentials.

References

▼	URL	Tags
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-saml-bypass-KkNvXyKW	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-saml-bypass-KkNvXyKW	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance_software	9.8.2.28
cisco	adaptive_security_appliance_software	9.8.2.33
cisco	adaptive_security_appliance_software	9.8.2.35
cisco	adaptive_security_appliance_software	9.8.2.38
cisco	adaptive_security_appliance_software	9.8.3
cisco	adaptive_security_appliance_software	9.8.3.8
cisco	adaptive_security_appliance_software	9.8.3.11
cisco	adaptive_security_appliance_software	9.8.3.14
cisco	adaptive_security_appliance_software	9.8.3.16
cisco	adaptive_security_appliance_software	9.8.3.18
cisco	adaptive_security_appliance_software	9.8.3.21
cisco	adaptive_security_appliance_software	9.8.3.26
cisco	adaptive_security_appliance_software	9.8.3.29
cisco	adaptive_security_appliance_software	9.8.4
cisco	adaptive_security_appliance_software	9.8.4.3
cisco	adaptive_security_appliance_software	9.8.4.7
cisco	adaptive_security_appliance_software	9.8.4.8
cisco	adaptive_security_appliance_software	9.8.4.10
cisco	adaptive_security_appliance_software	9.8.4.12
cisco	adaptive_security_appliance_software	9.8.4.15
cisco	adaptive_security_appliance_software	9.8.4.17
cisco	adaptive_security_appliance_software	9.8.4.20
cisco	adaptive_security_appliance_software	9.8.4.22
cisco	adaptive_security_appliance_software	9.8.4.25
cisco	adaptive_security_appliance_software	9.8.4.26
cisco	adaptive_security_appliance_software	9.8.4.29
cisco	adaptive_security_appliance_software	9.8.4.32
cisco	adaptive_security_appliance_software	9.8.4.33
cisco	adaptive_security_appliance_software	9.8.4.34
cisco	adaptive_security_appliance_software	9.8.4.35
cisco	adaptive_security_appliance_software	9.8.4.39
cisco	adaptive_security_appliance_software	9.8.4.40
cisco	adaptive_security_appliance_software	9.8.4.41
cisco	adaptive_security_appliance_software	9.8.4.43
cisco	adaptive_security_appliance_software	9.8.4.44
cisco	adaptive_security_appliance_software	9.8.4.45
cisco	adaptive_security_appliance_software	9.8.4.46
cisco	adaptive_security_appliance_software	9.8.4.48
cisco	adaptive_security_appliance_software	9.12.1
cisco	adaptive_security_appliance_software	9.12.1.2
cisco	adaptive_security_appliance_software	9.12.1.3
cisco	adaptive_security_appliance_software	9.12.2
cisco	adaptive_security_appliance_software	9.12.2.1
cisco	adaptive_security_appliance_software	9.12.2.4
cisco	adaptive_security_appliance_software	9.12.2.5
cisco	adaptive_security_appliance_software	9.12.2.9
cisco	adaptive_security_appliance_software	9.12.3
cisco	adaptive_security_appliance_software	9.12.3.2
cisco	adaptive_security_appliance_software	9.12.3.7
cisco	adaptive_security_appliance_software	9.12.3.9
cisco	adaptive_security_appliance_software	9.12.3.12
cisco	adaptive_security_appliance_software	9.12.4
cisco	adaptive_security_appliance_software	9.12.4.2
cisco	adaptive_security_appliance_software	9.12.4.4
cisco	adaptive_security_appliance_software	9.12.4.7
cisco	adaptive_security_appliance_software	9.12.4.8
cisco	adaptive_security_appliance_software	9.12.4.10
cisco	adaptive_security_appliance_software	9.12.4.13
cisco	adaptive_security_appliance_software	9.12.4.18
cisco	adaptive_security_appliance_software	9.12.4.24
cisco	adaptive_security_appliance_software	9.12.4.26
cisco	adaptive_security_appliance_software	9.12.4.29
cisco	adaptive_security_appliance_software	9.12.4.30
cisco	adaptive_security_appliance_software	9.12.4.35
cisco	adaptive_security_appliance_software	9.12.4.37
cisco	adaptive_security_appliance_software	9.12.4.38
cisco	adaptive_security_appliance_software	9.12.4.39
cisco	adaptive_security_appliance_software	9.12.4.40
cisco	adaptive_security_appliance_software	9.12.4.41
cisco	adaptive_security_appliance_software	9.12.4.47
cisco	adaptive_security_appliance_software	9.12.4.48
cisco	adaptive_security_appliance_software	9.12.4.50
cisco	adaptive_security_appliance_software	9.12.4.52
cisco	adaptive_security_appliance_software	9.12.4.54
cisco	adaptive_security_appliance_software	9.12.4.55
cisco	adaptive_security_appliance_software	9.12.4.56
cisco	adaptive_security_appliance_software	9.12.4.58
cisco	adaptive_security_appliance_software	9.14.1
cisco	adaptive_security_appliance_software	9.14.1.6
cisco	adaptive_security_appliance_software	9.14.1.10
cisco	adaptive_security_appliance_software	9.14.1.15
cisco	adaptive_security_appliance_software	9.14.1.19
cisco	adaptive_security_appliance_software	9.14.1.30
cisco	adaptive_security_appliance_software	9.14.2
cisco	adaptive_security_appliance_software	9.14.2.4
cisco	adaptive_security_appliance_software	9.14.2.8
cisco	adaptive_security_appliance_software	9.14.2.13
cisco	adaptive_security_appliance_software	9.14.2.15
cisco	adaptive_security_appliance_software	9.14.3
cisco	adaptive_security_appliance_software	9.14.3.1
cisco	adaptive_security_appliance_software	9.14.3.9
cisco	adaptive_security_appliance_software	9.14.3.11
cisco	adaptive_security_appliance_software	9.14.3.13
cisco	adaptive_security_appliance_software	9.14.3.15
cisco	adaptive_security_appliance_software	9.14.3.18
cisco	adaptive_security_appliance_software	9.14.4
cisco	adaptive_security_appliance_software	9.14.4.6
cisco	adaptive_security_appliance_software	9.14.4.7
cisco	adaptive_security_appliance_software	9.14.4.12
cisco	adaptive_security_appliance_software	9.14.4.13
cisco	adaptive_security_appliance_software	9.14.4.14
cisco	adaptive_security_appliance_software	9.14.4.15
cisco	adaptive_security_appliance_software	9.14.4.17
cisco	adaptive_security_appliance_software	9.14.4.22
cisco	adaptive_security_appliance_software	9.14.4.23
cisco	adaptive_security_appliance_software	9.14.4.24
cisco	adaptive_security_appliance_software	9.15.1
cisco	adaptive_security_appliance_software	9.15.1.1
cisco	adaptive_security_appliance_software	9.15.1.7
cisco	adaptive_security_appliance_software	9.15.1.10
cisco	adaptive_security_appliance_software	9.15.1.15
cisco	adaptive_security_appliance_software	9.15.1.16
cisco	adaptive_security_appliance_software	9.15.1.17
cisco	adaptive_security_appliance_software	9.15.1.21
cisco	adaptive_security_appliance_software	9.16.1
cisco	adaptive_security_appliance_software	9.16.1.28
cisco	adaptive_security_appliance_software	9.16.2
cisco	adaptive_security_appliance_software	9.16.2.3
cisco	adaptive_security_appliance_software	9.16.2.7
cisco	adaptive_security_appliance_software	9.16.2.11
cisco	adaptive_security_appliance_software	9.16.2.13
cisco	adaptive_security_appliance_software	9.16.2.14
cisco	adaptive_security_appliance_software	9.16.3
cisco	adaptive_security_appliance_software	9.16.3.3
cisco	adaptive_security_appliance_software	9.16.3.14
cisco	adaptive_security_appliance_software	9.16.3.15
cisco	adaptive_security_appliance_software	9.16.3.19
cisco	adaptive_security_appliance_software	9.16.3.23
cisco	adaptive_security_appliance_software	9.16.4
cisco	adaptive_security_appliance_software	9.16.4.9
cisco	adaptive_security_appliance_software	9.16.4.14
cisco	adaptive_security_appliance_software	9.16.4.18
cisco	adaptive_security_appliance_software	9.16.4.19
cisco	adaptive_security_appliance_software	9.17.1
cisco	adaptive_security_appliance_software	9.17.1.7
cisco	adaptive_security_appliance_software	9.17.1.9
cisco	adaptive_security_appliance_software	9.17.1.10
cisco	adaptive_security_appliance_software	9.17.1.11
cisco	adaptive_security_appliance_software	9.17.1.13
cisco	adaptive_security_appliance_software	9.17.1.15
cisco	adaptive_security_appliance_software	9.17.1.20
cisco	adaptive_security_appliance_software	9.17.1.30
cisco	adaptive_security_appliance_software	9.18.1
cisco	adaptive_security_appliance_software	9.18.1.3
cisco	adaptive_security_appliance_software	9.18.2
cisco	adaptive_security_appliance_software	9.18.2.5
cisco	adaptive_security_appliance_software	9.18.2.7
cisco	adaptive_security_appliance_software	9.18.2.8
cisco	adaptive_security_appliance_software	9.18.3
cisco	adaptive_security_appliance_software	9.18.3.39
cisco	adaptive_security_appliance_software	9.19.1
cisco	adaptive_security_appliance_software	9.19.1.5
cisco	adaptive_security_appliance_software	9.19.1.9
cisco	firepower_threat_defense	6.2.3
cisco	firepower_threat_defense	6.2.3.1
cisco	firepower_threat_defense	6.2.3.2
cisco	firepower_threat_defense	6.2.3.3
cisco	firepower_threat_defense	6.2.3.4
cisco	firepower_threat_defense	6.2.3.5
cisco	firepower_threat_defense	6.2.3.6
cisco	firepower_threat_defense	6.2.3.7
cisco	firepower_threat_defense	6.2.3.8
cisco	firepower_threat_defense	6.2.3.9
cisco	firepower_threat_defense	6.2.3.10
cisco	firepower_threat_defense	6.2.3.11
cisco	firepower_threat_defense	6.2.3.12
cisco	firepower_threat_defense	6.2.3.13
cisco	firepower_threat_defense	6.2.3.14
cisco	firepower_threat_defense	6.2.3.15
cisco	firepower_threat_defense	6.2.3.16
cisco	firepower_threat_defense	6.2.3.17
cisco	firepower_threat_defense	6.2.3.18
cisco	firepower_threat_defense	6.4.0
cisco	firepower_threat_defense	6.4.0.1
cisco	firepower_threat_defense	6.4.0.2
cisco	firepower_threat_defense	6.4.0.3
cisco	firepower_threat_defense	6.4.0.4
cisco	firepower_threat_defense	6.4.0.5
cisco	firepower_threat_defense	6.4.0.6
cisco	firepower_threat_defense	6.4.0.7
cisco	firepower_threat_defense	6.4.0.8
cisco	firepower_threat_defense	6.4.0.9
cisco	firepower_threat_defense	6.4.0.10
cisco	firepower_threat_defense	6.4.0.11
cisco	firepower_threat_defense	6.4.0.12
cisco	firepower_threat_defense	6.4.0.13
cisco	firepower_threat_defense	6.4.0.14
cisco	firepower_threat_defense	6.4.0.15
cisco	firepower_threat_defense	6.4.0.16
cisco	firepower_threat_defense	6.6.0
cisco	firepower_threat_defense	6.6.0.1
cisco	firepower_threat_defense	6.6.1
cisco	firepower_threat_defense	6.6.3
cisco	firepower_threat_defense	6.6.4
cisco	firepower_threat_defense	6.6.5
cisco	firepower_threat_defense	6.6.5.1
cisco	firepower_threat_defense	6.6.5.2
cisco	firepower_threat_defense	6.6.7
cisco	firepower_threat_defense	6.6.7.1
cisco	firepower_threat_defense	6.6.7.2
cisco	firepower_threat_defense	6.7.0
cisco	firepower_threat_defense	6.7.0.1
cisco	firepower_threat_defense	6.7.0.2
cisco	firepower_threat_defense	6.7.0.3
cisco	firepower_threat_defense	7.0.0
cisco	firepower_threat_defense	7.0.0.1
cisco	firepower_threat_defense	7.0.1
cisco	firepower_threat_defense	7.0.1.1
cisco	firepower_threat_defense	7.0.2
cisco	firepower_threat_defense	7.0.2.1
cisco	firepower_threat_defense	7.0.3
cisco	firepower_threat_defense	7.0.4
cisco	firepower_threat_defense	7.0.5
cisco	firepower_threat_defense	7.1.0
cisco	firepower_threat_defense	7.1.0.1
cisco	firepower_threat_defense	7.1.0.2
cisco	firepower_threat_defense	7.1.0.3
cisco	firepower_threat_defense	7.2.0
cisco	firepower_threat_defense	7.2.0.1
cisco	firepower_threat_defense	7.2.1
cisco	firepower_threat_defense	7.2.2
cisco	firepower_threat_defense	7.2.3
cisco	firepower_threat_defense	7.2.4
cisco	firepower_threat_defense	7.3.0
cisco	firepower_threat_defense	7.3.1
cisco	firepower_threat_defense	7.3.1.1
cisco	firepower_threat_defense	7.3.1.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D3E8805-85D2-4345-8076-039513209A31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "14BB907B-D75A-4F5E-B20D-5457A71A70EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "F118B803-4C55-436A-A136-0C1FEA49858F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.38:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A272121-408E-45F6-A2A1-0BA6EBC060A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "980CEA3B-5A81-4E8C-BEA3-DD31BE7DA2CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3910211-D4DB-4CA7-BBEA-DD8246FF10ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "C260BF30-7A33-4C70-9509-404856C93666",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF894850-39EC-4B57-BBFF-F1AB4F8389A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1FAFCF9-0ABE-483E-9604-329762BB7870",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "83DB4278-3126-4765-97C4-6C0A8C78DA78",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "174E631B-6099-47DE-8790-BBF4B7FDB8CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FE3538B-F612-4105-BFDE-A4B594482DCF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "3143B0FF-C855-485E-A908-E48974B1643C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "26DD9992-6D98-4E03-9599-ECF38A186FBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "24DCEAE6-355B-40AE-A7C8-AF744FCA8A86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "2097E81E-B422-4B93-AF09-F300A0E8AF71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "454DEA31-A607-4054-82D3-24A4FEB7358F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "57F0B213-8187-4465-84F1-FB8D92B36020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "E540771E-BA0B-42D1-8251-B576B0F142C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEC2A833-BECF-4000-A592-6113A84C2D20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "077F1416-924A-4D25-9CEE-3BD66A96A019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BDC8D92-D6E0-40EE-B190-D2B32C7DEB75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "23CD5619-E534-4F40-998D-39DC19FA0451",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5D0EB11-14B1-44B3-8D46-B9DD872F772C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FA399CF-12DB-42E0-A66F-14508B52A453",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B5A7608-E737-420E-9B5E-836600DAC701",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.32:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7EB6801-336D-4F41-ADE7-1C58C63C3F6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "8413DA41-02A5-4269-8C88-9DD5076AF91B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.34:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA00285F-6914-4749-8A47-FC4EDAFFF3C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "4AA4D367-32B9-4F54-8352-A959F61A1FDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "2259FF9E-0C8B-440F-B1AC-51BDE3F60E68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C522B55-904D-4C08-B73E-1457D877C0AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "4483056A-FBF3-4E00-81EB-1E97334EF240",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.43:*:*:*:*:*:*:*",
              "matchCriteriaId": "48677330-06AB-4C7F-B2AD-F7E465A9632A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.44:*:*:*:*:*:*:*",
              "matchCriteriaId": "7AEA80D2-5DB8-4334-9A88-7DDE395832C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.45:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB1C38A5-1028-4AD3-8CC7-A00091091E76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.46:*:*:*:*:*:*:*",
              "matchCriteriaId": "848147B2-C49A-43F6-9069-FC8885BDFDA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.48:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6FEF0DA-741E-4361-8143-068EB47D6520",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F002FD55-F881-450E-BC1B-8073E188F47E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA940C4F-13BB-465F-BB8D-CBD0109BF012",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B0434F5-9A50-4B57-9C5B-E09415D098C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE727035-06CB-4E37-A9D2-96BD54502120",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FE52B81-2CF8-48E5-A7BA-A163A25A669B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8E8D7C9-5272-40E6-869B-B33959F9F0CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE8D5D71-5C85-4644-8A84-F073549ADB50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "0790DDC2-7BA0-42DC-A157-754C0CBBE178",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "882394EA-70C8-4D86-9AEF-5D273D8E518C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "855AD3CC-F404-48C5-80D2-7F2765D16D72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "26B6BF72-9124-4213-B3C0-BD31B46E8C91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE8FBE89-8FDA-4B9B-BA1A-90FFD482A585",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "149C3872-8DA9-48DD-ADD0-2E84C1A76A40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2D33E8C-294A-4C43-8DB6-9DA9F61F0B3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E23ACB0-DF8B-4672-A819-4DCD3104CE4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4723B88-62BA-40E6-AA89-BAC02D6A036F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C698819-3C8E-4A16-8F52-42FF1E54C076",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D3CE74E-59E7-448A-8417-18F97C05C798",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "0986C171-0E75-4F6F-A9BD-276830104E5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "66A2777A-7831-4324-AEB2-5D93B5F6C04B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "37045680-9189-4B7F-A4F7-4E682FE20A09",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6C9F37B-CF3C-4861-A969-C7CF4946274A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A1DAF21-3FED-4691-9D4C-8FD8CEA7FB3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB938E58-4963-4A31-8836-88E958592B30",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E317897-EE97-44F3-96BB-E54228D72A7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EF7FAB2-158D-4C48-9246-E7AD3BF1D801",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.37:*:*:*:*:*:*:*",
              "matchCriteriaId": "056D43AE-ECDB-40D2-A196-18DDCD02629E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.38:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3E555F3-3580-4D71-8D8D-92FE72763D62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "93013503-8B9A-4160-AF7E-277958FA6E9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3B009FD-0F2B-4511-8EDF-C3E670623F89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "52579D8D-E855-42B3-B406-32DD1C39F721",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.47:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7E44FC6-12A2-4F76-A095-28F3804B619F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.48:*:*:*:*:*:*:*",
              "matchCriteriaId": "42917E5E-E362-4B40-B2B2-3C77BA35641C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.50:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF317FA3-EBF3-49BB-A9E6-0D4295FA3F60",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.52:*:*:*:*:*:*:*",
              "matchCriteriaId": "F98B1683-914F-43D3-AE1C-311D3A90BE8C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.54:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8D24656-CAB1-4A98-A440-482927FEDD16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.55:*:*:*:*:*:*:*",
              "matchCriteriaId": "E504557C-DA5D-4D0F-A813-4CE7D5109F15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.56:*:*:*:*:*:*:*",
              "matchCriteriaId": "04D2A067-C717-4921-BBF5-3EFBE02736EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.58:*:*:*:*:*:*:*",
              "matchCriteriaId": "36DDEC5B-4BEA-499C-9F34-BB3D39B7A963",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "52D83C3A-ED0B-42D5-A08A-97D27E189875",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "A649E319-D408-4AA2-8293-C9E37AF14BA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4187EFE-4D7E-4493-A6E0-24C98256CF79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "6730194F-5069-40AB-AE66-871D3992560C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E257F98-D1A0-4D28-9504-1749CC090D49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FF1A5FC-73BE-4218-86D9-2E81FA64EABD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E492943-6EC0-4E34-9DBC-DD1C2CF1CDCC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "589E46F3-8038-4B87-8C40-55C6268B82F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F3B73F6-139E-42DC-B895-DDD17B5A1138",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A2590E7-FE04-4B29-B36B-AABAA5F3B9AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E4FD5E3-7E82-4294-8B05-D2045D857029",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E998A4A-5346-4CFA-A617-FD1106C6B7A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "91265549-A16E-4A00-A031-4F1EB8D6881C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA3C316B-5485-4CDD-A1A1-6C0A9CB4719F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECE6D033-7B8B-4F61-B653-0C0EF13466EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "14441650-DAD5-4959-83DF-4D6F3D6A05FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B21ABC9-A64B-43E4-8951-1E6C0F427DBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "A48EC041-322F-422D-B95B-0FC07BDA2B6B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE0D50C0-DADB-4747-8649-8A5257111FE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEE2699F-353F-44CB-A778-981783DDC31F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D8E50BD-1FBD-483B-9C27-70E95C732E55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "F46E5E4F-787C-4C05-B1E7-C39BB9125D16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6A29312-38E7-456B-94DD-4D7329691114",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "27F7BB31-C733-4C32-BF0F-33B5AF020156",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC313568-33A6-435B-98FF-8A7091D9C451",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F85710A-28CE-4913-8523-356461908FBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6069950-016B-419A-B754-D58956CB6D14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A2F3FEC-624F-47C5-B056-836861BB038A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C4B1136-66B6-42BA-BC17-86E7DCE1CF29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA0B9B73-A9E6-4924-9EAE-B57E534938FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "012812C4-EFF8-465F-A771-134BEB617CC9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "E06141A9-8C37-445A-B58A-45739AFE7D4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "7EDC09E5-51D3-4672-B910-B34A9CBD6128",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "71ED7A71-81CB-444C-A4ED-EA4A58D5E73C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "CAD13331-0EB8-4C8D-85CC-D96CA9F829AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "7137F22B-F993-4620-9378-9412DAEA9EF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "923A40E8-6456-4288-B9AB-DBF5F9C4246A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "13F57A86-6284-4269-823E-B30C57185D14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.1.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6560447-039C-40FA-A24D-C8994AC2743B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "378ED826-F5FE-40BA-9FC0-9C185A13518B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "130B6FD9-764D-4EF8-91AA-37E52AE9B3E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "225861CE-FFF8-4AFA-A07B-CB8D5BC9C361",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD08C4E8-3ADB-4048-9B3C-4F0385201523",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4875811-F209-49ED-B310-8377B2F87FF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "99C52C7B-B626-4A3C-A2EC-28A20E7FA95F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "08CCBF5E-257A-4A1F-8930-3643A9588838",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "782BC9ED-1395-472B-9F34-DED812AA5BFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "153449C0-B93F-49A2-8A6A-BE84305E8D2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "853A002C-839A-4372-8485-750A86E9F6E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "C62BB5D6-CE75-4C83-82DC-4148EF8CB1F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "D32F1365-EAF8-4570-B2FF-45E47E8586F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFD07F9B-6BB3-4423-8DBE-4E89A6478E65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "34FE4F28-B704-4325-AE8A-C790163FEE71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "E832BC0C-8439-4779-9064-C2D93F231031",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA99DF94-D031-4375-9A16-306606FE28F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC149D03-5609-46E6-A1B3-F4D91F282B49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "27ACBA2A-87A7-4836-A474-AFD7D22F820D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "C73E0B2E-BABF-4998-A1D7-4E803F9D78AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "59306ADF-FAA6-4970-ADFB-C5D9A5AEF1AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "959107AC-E9EC-467C-901B-A3164E3762E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F944F8F-0255-42BE-BD44-D21EC9F0FFC4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F39C535-5A41-47CE-A9CF-B360998D4BF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9CEAEFC-7B82-41F9-A09D-C86A3A60A4FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "40FAC31D-19C0-4BA0-A019-C7E7A0BA0B5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "6CAAFE0F-416F-4BCA-BA37-30EAEADA8AFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BA16A6D-2747-4DAC-A30A-166F1FD906FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "289F9874-FC01-4809-9BDA-1AF583FB60B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "74EDFC67-E4EE-4D2C-BF9F-5881C987C662",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "826869BE-4874-4BBA-9392-14851560BA10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF52D477-3045-45D1-9FD3-12F396266463",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "88E310BF-F1F6-4124-A875-81967B9B531E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B330F8F-F0DA-472C-A932-AD1D232C7DB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BF59DAA-268C-4FCF-A0AA-7967128AEBC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEE52F59-AABA-4069-A909-64AD5DFD2B18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "20D7966E-B02B-48C8-BF96-723DD6C25314",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA618249-E76F-4104-9326-C9F2DC8DE3D7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D726F07-06F1-4B0A-B010-E607E0C2A280",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FAD2427-82A3-4E64-ADB5-FA4F40B568F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "08D5A647-AC21-40AC-8B3C-EE5D3EDA038A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BAE999A-5244-46CF-8C12-D68E789BDEE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6468D3D-C5A7-4FAE-B4B9-AD862CD11055",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6E4808D-592E-46A6-A83A-A46227D817B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AB45136-ACCD-4230-8975-0EBB30D5B375",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2C39AC1-1B96-4253-9FC8-4CC26D6261F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE9102C8-F211-4E50-967F-FD51C7FC904F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4933642-89E5-4909-AD3C-862CD3B77790",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9A6C776-79B3-47ED-B013-100B8F08E1C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "E504F28A-44CE-4B3E-9330-6A98728E3AEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEA0DD43-D206-4C1C-8B17-DA47F96B3BAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "1983172D-4F52-479F-BF14-A84B92D36864",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "4122D982-A57A-4249-A8DC-CE9FC6C98803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "96464380-F665-4266-B0AD-693E078C9F82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C230B8A-570D-4F58-83E1-AFA50B813EA4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD3F39CB-C4C2-4B13-94F0-9E44322314BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "59A71873-0EB2-418F-AE33-8474A1010FA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2DF0B07-8C2A-4341-8AFF-DE7E5E5B3A43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E6BD0EE-649E-4ED6-A09C-8364335DEF52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AE11554-FE3C-4C8B-8986-5D88E4967342",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1C11983-22A8-4859-A240-571A7815FF54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "24CD0B0A-2B91-45DD-9522-8D1D3850CC9B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7026F0E-72A7-4CDF-BADC-E34FE6FADC51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "63B85369-FBAE-456C-BC99-5418B043688A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "86434346-D5F0-49BA-803E-244C3266E361",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2FA7B3C-002D-4755-B323-CA24B770A5B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1CB7EBC-F3D5-4855-A8D8-BA5AB21FD719",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2A5530C-DF29-421B-9712-3454C1769446",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "41170977-FEEA-4B51-BF98-8493096CD691",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "B05791F9-0B31-4C4C-A9BA-9268CAA45FB2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D975CBA-7F01-4A4C-991B-9571410C4F07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6D7AF29-4E08-4BFD-AFE0-994309E66F08",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2EFA476-5021-4A00-859E-1643009D6156",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6E3A5DC-A237-46E4-A4E5-F135482F984A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCD69468-8067-4A5D-B2B0-EC510D889AA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "20AE4051-FA3B-4F0B-BD3D-083A14269FF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "46A42D07-FF3E-41B4-BA39-3A5BDA4E0E61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3985EA37-2B77-45F2-ABA5-5CCC7B35CA2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "67FB5ABE-3C40-4C58-B91F-0621C2180FAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "53909FD6-EC74-4D2F-99DA-26E70400B53F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "55FE024D-0D43-40AD-9645-8C54ECF17824",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC411A8D-CD39-46F5-B8FC-6753E618FAEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "D46E2E00-BA86-4002-B67B-2C1A6C1AAAE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "91AD8BA2-EB8D-4D8B-B707-AF5C2A831998",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FA95508-0A28-4D4A-81A7-5CDD1F5DA46C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "85F22403-B4EE-4303-9C94-915D3E0AC944",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "828E3DE1-B62E-4FEC-AAD3-EB0E452C9CBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "596EC5DD-D7F4-44C8-B4B5-E2DC142FC486",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C356E0E6-5B87-40CF-996E-6FFEDFD82A31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBCA75A6-0A3E-4393-8884-9F3CE190641E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F3C12D3-7662-46C5-9E88-D1BE6CF605E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "046B53A0-6BC1-461A-9C28-C534CE12C4BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA889E1-4E8F-4ECE-88AC-7A240D5CBF0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D1C767F-3E06-43B7-A0CC-D51D97A053EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "43A950B0-A7CA-4CE7-A393-A18C8C41B08E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7E221CB-BD0F-4AEE-8646-998B75647714",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "225382DE-2919-48F4-9CC0-DE685EAAFDF4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBA2DFE7-F478-46EC-9832-4B2C738FC879",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D619BF54-1BA9-45D0-A876-92D7010088A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "469EA365-DED5-4436-AAC2-5553529DE700",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D94F400-5A35-41F5-B37F-E9DA6F87ED8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5364CB94-BEA3-4E9A-A2F9-EE96A2D7F8AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FD5D12-CF1A-4990-99B3-1840EFBA5611",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCD2D11D-FF08-44E4-BF67-D8DD1E701FCD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F788D156-1F1F-4A08-848B-257BC4CCE000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "795ED164-7800-4D50-8E37-665BE30190D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B0664B8-1670-4F47-A01E-089D05A9618A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6826018-5620-4924-BE92-6A245378F610",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBC0C3DC-4761-488A-90A9-6EA45EE61526",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "62EE065B-F8B6-4125-8486-B2EE0566B27A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5245DEF8-64BE-47C9-AA3C-DF3F7F92A89F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5A52991-802D-46FB-A508-5616BA1CEB78",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the implementation of SAML 2.0 single sign-on (SSO) for remote access VPN services in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to successfully establish a VPN session on an affected device. This vulnerability is due to improper separation of authorization domains when using SAML authentication. An attacker could exploit this vulnerability by using valid credentials to successfully authenticate using their designated connection profile (tunnel group), intercepting the SAML SSO token that is sent back from the Cisco ASA device, and then submitting the same SAML SSO token to a different tunnel group for authentication. A successful exploit could allow the attacker to establish a remote access VPN session using a connection profile that they are not authorized to use and connect to secured networks behind the affected device that they are not authorized to access. For successful exploitation, the attacker must have valid remote access VPN user credentials."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la implementaci\u00f3n del inicio de sesi\u00f3n \u00fanico (SSO) de SAML 2.0 para servicios VPN de acceso remoto en el software Cisco Adaptive Security Appliance (ASA) y el software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir que un atacante remoto autenticado establezca con \u00e9xito una VPN. sesi\u00f3n en un dispositivo afectado. Esta vulnerabilidad se debe a una separaci\u00f3n inadecuada de los dominios de autorizaci\u00f3n cuando se utiliza la autenticaci\u00f3n SAML. Un atacante podr\u00eda aprovechar esta vulnerabilidad utilizando credenciales v\u00e1lidas para autenticarse exitosamente usando su perfil de conexi\u00f3n designado (grupo de t\u00faneles), interceptando el token SAML SSO que se env\u00eda desde el dispositivo Cisco ASA y luego enviando el mismo token SAML SSO a un t\u00fanel diferente. grupo para la autenticaci\u00f3n. Un exploit exitoso podr\u00eda permitir al atacante establecer una sesi\u00f3n VPN de acceso remoto utilizando un perfil de conexi\u00f3n que no est\u00e1 autorizado a usar y conectarse a redes seguras detr\u00e1s del dispositivo afectado a las que no est\u00e1 autorizado a acceder. Para una explotaci\u00f3n exitosa, el atacante debe tener credenciales de usuario de VPN de acceso remoto v\u00e1lidas."
    }
  ],
  "id": "CVE-2024-20355",
  "lastModified": "2025-07-30T19:04:55.030",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.1,
        "impactScore": 1.4,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.1,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-05-22T17:16:13.477",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-saml-bypass-KkNvXyKW"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-saml-bypass-KkNvXyKW"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-862"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-05-06 17:15

Modified

2024-11-21 05:30

Severity ?

9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Summary

A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct directory traversal attacks and obtain read and delete access to sensitive files on a targeted system. The vulnerability is due to a lack of proper input validation of the HTTP URL. An attacker could exploit this vulnerability by sending a crafted HTTP request containing directory traversal character sequences. An exploit could allow the attacker to view or delete arbitrary files on the targeted system. When the device is reloaded after exploitation of this vulnerability, any files that were deleted are restored. The attacker can only view and delete files within the web services file system. This file system is enabled when the affected device is configured with either WebVPN or AnyConnect features. This vulnerability can not be used to obtain access to ASA or FTD system files or underlying operating system (OS) files. Reloading the affected device will restore all files within the web services file system.

References

URL	Tags
psirt@cisco.com	http://packetstormsecurity.com/files/158648/Cisco-Adaptive-Security-Appliance-Software-9.7-Arbitrary-File-Deletion.html	Exploit, Third Party Advisory, VDB Entry
psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-path-JE3azWw43	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/158648/Cisco-Adaptive-Security-Appliance-Software-9.7-Arbitrary-File-Deletion.html	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-path-JE3azWw43	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	asa_5505_firmware	9.6\(4\)
cisco	asa_5505	-
cisco	asa_5510_firmware	9.6\(4\)
cisco	asa_5510	-
cisco	asa_5512-x_firmware	9.6\(4\)
cisco	asa_5512-x	-
cisco	asa_5515-x_firmware	9.6\(4\)
cisco	asa_5515-x	-
cisco	asa_5520_firmware	9.6\(4\)
cisco	asa_5520	-
cisco	asa_5525-x_firmware	9.6\(4\)
cisco	asa_5525-x	-
cisco	asa_5540_firmware	9.6\(4\)
cisco	asa_5540	-
cisco	asa_5545-x_firmware	9.6\(4\)
cisco	asa_5545-x	-
cisco	asa_5550_firmware	9.6\(4\)
cisco	asa_5550	-
cisco	asa_5555-x_firmware	9.6\(4\)
cisco	asa_5555-x	-
cisco	asa_5580_firmware	9.6\(4\)
cisco	asa_5580	-
cisco	asa_5585-x_firmware	9.6\(4\)
cisco	asa_5585-x	-
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4B2E5D3-ED34-4A7E-BD8F-8492B6737677",
              "versionEndExcluding": "6.2.3.16",
              "versionStartIncluding": "6.2.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D27DE97-510A-4761-8184-6940745B54E2",
              "versionEndExcluding": "6.3.0.6",
              "versionStartIncluding": "6.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "849D6B53-B5CF-48F2-9883-CC153D38B9F7",
              "versionEndExcluding": "6.4.0.8",
              "versionStartIncluding": "6.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2B6355D-CD58-4DDE-A9CC-2B957F95CDA1",
              "versionEndExcluding": "6.5.0.4",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5505_firmware:9.6\\(4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "949BB1DD-BA47-4162-BF65-0A2947D5D555",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E6A8BB7-2000-4CA2-9DD7-89573CE4C73A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5510_firmware:9.6\\(4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "9731BEEE-9CC4-427C-A256-E4762BD95B3C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B091B9BA-D4CA-435B-8D66-602B45F0E0BD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5512-x_firmware:9.6\\(4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "84EEF9DF-FB57-4B00-9980-7B13B2C40EC1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08F0F160-DAD2-48D4-B7B2-4818B2526F35",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5515-x_firmware:9.6\\(4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "30BF96ED-74E2-470B-BA65-60CFDA50AE43",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "977D597B-F6DE-4438-AB02-06BE64D71EBE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5520_firmware:9.6\\(4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "63BCC677-5165-45BB-90B2-2CB75E733C6D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5520:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B387F62-6341-434D-903F-9B72E7F84ECB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5525-x_firmware:9.6\\(4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "B4FD7A91-123B-4A11-B7CD-178BA7E76CD9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB71EB29-0115-4307-A9F7-262394FD9FB0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5540_firmware:9.6\\(4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "307C13E2-1390-489A-9E77-C59B203E7150",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5540:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C5A524-E1D9-480F-B655-0680AA5BF720",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5545-x_firmware:9.6\\(4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "E964E103-2C82-498B-A6F7-069977309A99",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5545-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57179F60-E330-4FF0-9664-B1E4637FF210",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5550_firmware:9.6\\(4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "E2824D7D-5870-47B0-A6E1-DF2CF19AC076",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5550:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6287D95-F564-44B7-A0F9-91396D7C2C4E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5555-x_firmware:9.6\\(4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "8454F9C4-FF6A-4AA0-9902-5E165B5994DC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5535C936-391B-4619-AA03-B35265FC15D7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5580_firmware:9.6\\(4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "CBA1E3BB-DEDA-4074-8B36-9181525D82ED",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1E828B8-5ECC-4A09-B2AD-DEDC558713DE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5585-x_firmware:9.6\\(4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "223E0232-B901-431C-BDEC-738DF4B74DA3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16AE20C2-C77E-4E04-BF13-A48696E52426",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF907DBB-5201-49EC-92C5-3BD3752BDECC",
              "versionEndExcluding": "9.6.4.40",
              "versionStartIncluding": "9.6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "00F098B2-8740-4F24-AB9A-C56462464C67",
              "versionEndExcluding": "9.8.4.15",
              "versionStartIncluding": "9.8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEE81D32-51D0-41F7-B06B-0750DCB1F589",
              "versionEndExcluding": "9.9.2.66",
              "versionStartIncluding": "9.9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "49FFDB02-2944-4B31-BBC0-30E60BA9F9D1",
              "versionEndExcluding": "9.10.1.37",
              "versionStartIncluding": "9.10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BDBCE56-8434-43B5-A172-5A63536D9E9F",
              "versionEndExcluding": "9.12.3.2",
              "versionStartIncluding": "9.12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE14B138-4EED-43E1-A8F1-0D16F4A761C0",
              "versionEndExcluding": "9.13.1.7",
              "versionStartIncluding": "9.13",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct directory traversal attacks and obtain read and delete access to sensitive files on a targeted system. The vulnerability is due to a lack of proper input validation of the HTTP URL. An attacker could exploit this vulnerability by sending a crafted HTTP request containing directory traversal character sequences. An exploit could allow the attacker to view or delete arbitrary files on the targeted system. When the device is reloaded after exploitation of this vulnerability, any files that were deleted are restored. The attacker can only view and delete files within the web services file system. This file system is enabled when the affected device is configured with either WebVPN or AnyConnect features. This vulnerability can not be used to obtain access to ASA or FTD system files or underlying operating system (OS) files. Reloading the affected device will restore all files within the web services file system."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la interfaz de servicios web del Cisco Adaptive Security Appliance (ASA) Software y el Cisco Firepower Threat Defense (FTD) Software, podr\u00eda permitir a un atacante remoto no autenticado conducir ataques de tipo salto de directorio y obtener acceso de lectura y eliminaci\u00f3n a archivos confidenciales en un sistema apuntado. La vulnerabilidad es debido a una falta de comprobaci\u00f3n apropiada de la entrada de la URL HTTP. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de una petici\u00f3n HTTP dise\u00f1ada que contenga secuencias de caracteres de salto de directorio. Una explotaci\u00f3n podr\u00eda permitir a un atacante visualizar o eliminar archivos arbitrarios en el sistema apuntado. Cuando el dispositivo es reiniciado despu\u00e9s de la explotaci\u00f3n de esta vulnerabilidad, todos los archivos que fueron eliminados son restaurados. El atacante solo puede visualizar y eliminar archivos dentro del sistema de archivos de los servicios web. Este sistema de archivos es habilitado cuando el dispositivo afectado es configurado con las funciones WebVPN o AnyConnect. Esta vulnerabilidad no puede ser utilizada para obtener acceso a los archivos del sistema ASA o FTD o los archivos subyacentes del sistema operativo (SO). El reinicio del dispositivo afectado restaurar\u00e1 todos los archivos dentro del sistema de archivos de los servicios web."
    }
  ],
  "id": "CVE-2020-3187",
  "lastModified": "2024-11-21T05:30:30.407",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 9.1,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.2,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 9.1,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.2,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-05-06T17:15:12.087",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/158648/Cisco-Adaptive-Security-Appliance-Software-9.7-Arbitrary-File-Deletion.html"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-path-JE3azWw43"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/158648/Cisco-Adaptive-Security-Appliance-Software-9.7-Arbitrary-File-Deletion.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-path-JE3azWw43"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2021-10-27 19:15

Modified

2024-11-26 16:09

Severity ?

5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Summary

Multiple vulnerabilities in the payload inspection for Ethernet Industrial Protocol (ENIP) traffic for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured rules for ENIP traffic. These vulnerabilities are due to incomplete processing during deep packet inspection for ENIP packets. An attacker could exploit these vulnerabilities by sending a crafted ENIP packet to the targeted interface. A successful exploit could allow the attacker to bypass configured access control and intrusion policies that should be activated for the ENIP packet.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-enip-bypass-eFsxd8KP	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-enip-bypass-eFsxd8KP	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	secure_firewall_management_center	2.9.12
cisco	secure_firewall_management_center	2.9.14.0
cisco	secure_firewall_management_center	2.9.16
cisco	secure_firewall_management_center	2.9.17
cisco	secure_firewall_management_center	2.9.18

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "17F461B5-E600-4C81-BA3C-1DBC90D4D438",
              "versionEndExcluding": "6.4.0.13",
              "versionStartIncluding": "6.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDF402F7-DFC5-4A83-A209-9905AE54C49F",
              "versionEndExcluding": "6.6.5.1",
              "versionStartIncluding": "6.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "98DEDDAB-B8C5-4753-A208-94638E694FC1",
              "versionEndExcluding": "6.7.0.3",
              "versionStartIncluding": "6.7.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B2F537A-A488-45B6-AD4B-48B7064AE84C",
              "versionEndExcluding": "7.0.1",
              "versionStartIncluding": "7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:2.9.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "8532C989-889B-4DEE-8687-6C67F173E50D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:2.9.14.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2986D5BD-1936-41BD-A992-7672C019F27E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:2.9.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "06F2E7D8-BB95-480D-AE3E-F9B97C3A5379",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:2.9.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F41C382-C849-465C-AF77-0A787CA03BA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:2.9.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "80AD91C6-B7E3-48AC-8A51-3C05FE2659AB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple vulnerabilities in the payload inspection for Ethernet Industrial Protocol (ENIP) traffic for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured rules for ENIP traffic. These vulnerabilities are due to incomplete processing during deep packet inspection for ENIP packets. An attacker could exploit these vulnerabilities by sending a crafted ENIP packet to the targeted interface. A successful exploit could allow the attacker to bypass configured access control and intrusion policies that should be activated for the ENIP packet."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades en la inspecci\u00f3n de la carga \u00fatil del tr\u00e1fico del Protocolo Industrial Ethernet (ENIP) para el software Cisco Firepower Threat Defense (FTD) podr\u00edan permitir a un atacante remoto no autenticado omitir las reglas configuradas para el tr\u00e1fico ENIP. Estas vulnerabilidades son debido al procesamiento incompleto durante la inspecci\u00f3n profunda de paquetes para los paquetes ENIP. Un atacante podr\u00eda explotar estas vulnerabilidades enviando un paquete ENIP dise\u00f1ado a la interfaz objetivo. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante omitir el control de acceso configurado y las pol\u00edticas de intrusi\u00f3n que deber\u00edan activarse para el paquete ENIP"
    }
  ],
  "id": "CVE-2021-34754",
  "lastModified": "2024-11-26T16:09:02.407",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-10-27T19:15:07.820",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-enip-bypass-eFsxd8KP"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-enip-bypass-eFsxd8KP"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-284"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2022-05-03 04:15

Modified

2024-11-21 06:43

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

A vulnerability in the TCP proxy functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. This vulnerability is due to improper handling of TCP flows. An attacker could exploit this vulnerability by sending a crafted stream of TCP traffic through an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tcp-dos-kM9SHhOu	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tcp-dos-kM9SHhOu	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	7.1.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "35AD28D3-1C08-44EF-9148-371C9E7912E5",
              "versionEndExcluding": "6.4.0.15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD7675E1-AE0A-4C69-915D-144597F1250E",
              "versionEndExcluding": "6.6.5.2",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "536C9927-B64A-4959-BE92-9F2665AEA811",
              "versionEndExcluding": "7.0.2",
              "versionStartIncluding": "7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D619BF54-1BA9-45D0-A876-92D7010088A0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the TCP proxy functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. This vulnerability is due to improper handling of TCP flows. An attacker could exploit this vulnerability by sending a crafted stream of TCP traffic through an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la funcionalidad del proxy TCP del software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir a un atacante remoto no autenticado desencadenar una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Esta vulnerabilidad es debido a un manejo inapropiado de los flujos TCP. Un atacante podr\u00eda explotar esta vulnerabilidad  mediante el env\u00edo de un flujo dise\u00f1ado de tr\u00e1fico TCP a trav\u00e9s de un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar la recarga del dispositivo, resultando en una condici\u00f3n de DoS"
    }
  ],
  "id": "CVE-2022-20746",
  "lastModified": "2024-11-21T06:43:28.040",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-05-03T04:15:09.563",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tcp-dos-kM9SHhOu"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tcp-dos-kM9SHhOu"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-476"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-476"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-05-06 17:15

Modified

2024-11-21 05:30

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

A vulnerability in the Internet Key Exchange version 1 (IKEv1) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to improper management of system memory. An attacker could exploit this vulnerability by sending malicious IKEv1 traffic to an affected device. A successful exploit could allow the attacker to cause a DoS condition on the affected device.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-dos-BqYFRJt9	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-dos-BqYFRJt9	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	asa_5505	-
cisco	asa_5510	-
cisco	asa_5512-x	-
cisco	asa_5515-x	-
cisco	asa_5520	-
cisco	asa_5525-x	-
cisco	asa_5550	-
cisco	asa_5555-x	-
cisco	asa_5580	-
cisco	asa_5585-x	-
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "94146309-66F7-4349-83CF-7969E13F3A7A",
              "versionEndExcluding": "9.6.4.36",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B25DFB28-C8FF-47B8-B619-CDA94ED9AFFF",
              "versionEndExcluding": "9.8.4.10",
              "versionStartIncluding": "9.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8B7269E-E076-497D-8EBD-8B19BCB211FE",
              "versionEndExcluding": "9.10.1.30",
              "versionStartIncluding": "9.9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C0F64F2-0DFE-4904-85D6-ECD3D37E7385",
              "versionEndExcluding": "9.12.2.9",
              "versionStartIncluding": "9.12",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E6A8BB7-2000-4CA2-9DD7-89573CE4C73A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B091B9BA-D4CA-435B-8D66-602B45F0E0BD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08F0F160-DAD2-48D4-B7B2-4818B2526F35",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "977D597B-F6DE-4438-AB02-06BE64D71EBE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5520:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B387F62-6341-434D-903F-9B72E7F84ECB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB71EB29-0115-4307-A9F7-262394FD9FB0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5550:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6287D95-F564-44B7-A0F9-91396D7C2C4E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5535C936-391B-4619-AA03-B35265FC15D7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1E828B8-5ECC-4A09-B2AD-DEDC558713DE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16AE20C2-C77E-4E04-BF13-A48696E52426",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "885E5B33-1658-4B86-9B47-D89CA3FA2EF6",
              "versionEndExcluding": "6.3.0.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3EDD3A04-6832-4533-8CE6-6083720E8654",
              "versionEndExcluding": "6.4.0.6",
              "versionStartIncluding": "6.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the Internet Key Exchange version 1 (IKEv1) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to improper management of system memory. An attacker could exploit this vulnerability by sending malicious IKEv1 traffic to an affected device. A successful exploit could allow the attacker to cause a DoS condition on the affected device."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la funcionalidad Internet Key Exchange versi\u00f3n 1 (IKEv1) del Cisco Adaptive Security Appliance (ASA) Software y el Cisco Firepower Threat Defense (FTD) Software, podr\u00eda permitir a un atacante remoto no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS). La vulnerabilidad es debido a una administraci\u00f3n inapropiada de la memoria del sistema. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de tr\u00e1fico malicioso IKEv1 hacia un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir a un atacante causar una condici\u00f3n DoS sobre el dispositivo afectado."
    }
  ],
  "id": "CVE-2020-3303",
  "lastModified": "2024-11-21T05:30:46.210",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-05-06T17:15:13.137",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-dos-BqYFRJt9"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-dos-BqYFRJt9"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2022-05-03 04:15

Modified

2024-11-21 06:43

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

A vulnerability in the web services interface for remote access VPN features of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to improper input validation when parsing HTTPS requests. An attacker could exploit this vulnerability by sending a crafted HTTPS request to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asafdt-webvpn-dos-tzPSYern	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asafdt-webvpn-dos-tzPSYern	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	7.1.0
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "35AD28D3-1C08-44EF-9148-371C9E7912E5",
              "versionEndExcluding": "6.4.0.15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD7675E1-AE0A-4C69-915D-144597F1250E",
              "versionEndExcluding": "6.6.5.2",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "536C9927-B64A-4959-BE92-9F2665AEA811",
              "versionEndExcluding": "7.0.2",
              "versionStartIncluding": "7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D619BF54-1BA9-45D0-A876-92D7010088A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "66C2579F-1E8B-4FB1-AA40-B164F4F2BBED",
              "versionEndExcluding": "9.12.4.38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFE84A5D-FFD6-4A82-BDFA-367D29625300",
              "versionEndExcluding": "9.14.4",
              "versionStartIncluding": "9.13.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B120E68-DA48-4B87-A549-6BA7009C056D",
              "versionEndExcluding": "9.15.1.21",
              "versionStartIncluding": "9.15.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "99DD72E2-E389-453E-8A99-1B633C4E2AE3",
              "versionEndExcluding": "9.16.2.14",
              "versionStartIncluding": "9.16.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "573E61F7-8311-4095-BD75-8F3D3E2499E5",
              "versionEndExcluding": "9.17.1.7",
              "versionStartIncluding": "9.17.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the web services interface for remote access VPN features of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to improper input validation when parsing HTTPS requests. An attacker could exploit this vulnerability by sending a crafted HTTPS request to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la interfaz de servicios web para las funciones VPN de acceso remoto del software Cisco Adaptive Security Appliance (ASA) y el software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir a un atacante remoto no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Esta vulnerabilidad es debido a que no se comprueba la entrada cuando son analizadas las peticiones HTTPS. Un atacante podr\u00eda explotar esta vulnerabilidad  mediante el env\u00edo de una petici\u00f3n HTTPS dise\u00f1ada a un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar la recarga del dispositivo, resultando en una condici\u00f3n de DoS"
    }
  ],
  "id": "CVE-2022-20745",
  "lastModified": "2024-11-21T06:43:27.910",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-05-03T04:15:09.500",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asafdt-webvpn-dos-tzPSYern"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asafdt-webvpn-dos-tzPSYern"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-05-06 17:15

Modified

2024-11-21 05:30

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

A vulnerability in the Open Shortest Path First (OSPF) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper memory protection mechanisms while processing certain OSPF packets. An attacker could exploit this vulnerability by sending a series of malformed OSPF packets in a short period of time to an affected device. A successful exploit could allow the attacker to cause a reload of the affected device, resulting in a DoS condition for client traffic that is traversing the device.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-ospf-dos-RhMQY8qx	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-ospf-dos-RhMQY8qx	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	asa_5506-x	-
cisco	asa_5506h-x	-
cisco	asa_5506w-x	-
cisco	asa_5508-x	-
cisco	asa_5516-x	-
cisco	asa_5525-x	-
cisco	asa_5545-x	-
cisco	asa_5555-x	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "46DDBB75-7B47-4643-B21C-BBEE79219CF7",
              "versionEndExcluding": "6.2.3.16",
              "versionStartIncluding": "6.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D27DE97-510A-4761-8184-6940745B54E2",
              "versionEndExcluding": "6.3.0.6",
              "versionStartIncluding": "6.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "06741056-2BFD-4F88-917A-F581F813B69E",
              "versionEndExcluding": "6.4.0.9",
              "versionStartIncluding": "6.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3ED0E59C-146C-494F-AD46-F6FB43F9C575",
              "versionEndExcluding": "6.5.0.5",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0416549-80B2-43CC-8262-16E62E6E2C0B",
              "versionEndIncluding": "9.6.4.40",
              "versionStartIncluding": "9.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "82AB4456-2388-4589-8E2E-D33C86BE0732",
              "versionEndIncluding": "9.8.4.17",
              "versionStartIncluding": "9.8.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A72B81B-9E34-4678-9FF3-ABC10EF8507A",
              "versionEndIncluding": "9.9.2.66",
              "versionStartIncluding": "9.9.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E54459C-1CC6-439E-8098-114633208DF0",
              "versionEndIncluding": "9.10.1.37",
              "versionStartIncluding": "9.10.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD451334-9385-44E5-960C-69C1AE84F712",
              "versionEndIncluding": "9.12.3.7",
              "versionStartIncluding": "9.12.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF6D0DDB-426C-4E38-805B-0FCBF9A7AA71",
              "versionEndIncluding": "9.13.1.7",
              "versionStartIncluding": "9.13.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5506-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "763B801D-CA1E-4C56-8B06-3373EA307C7E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5506h-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "30AC6907-3091-409F-967D-64A82A0C5A8C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5506w-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D11AF728-8EB0-45EB-A7DD-F2D52B3BB7B8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5508-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "92AE506A-E710-465B-B795-470FDE0E0ECA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5516-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E07AF10-FFB2-4AC7-BBE7-199C3EFED81F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB71EB29-0115-4307-A9F7-262394FD9FB0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5545-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57179F60-E330-4FF0-9664-B1E4637FF210",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5535C936-391B-4619-AA03-B35265FC15D7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the Open Shortest Path First (OSPF) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper memory protection mechanisms while processing certain OSPF packets. An attacker could exploit this vulnerability by sending a series of malformed OSPF packets in a short period of time to an affected device. A successful exploit could allow the attacker to cause a reload of the affected device, resulting in a DoS condition for client traffic that is traversing the device."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la implementaci\u00f3n de Open Shortest Path First (OSPF) del Cisco Adaptive Security Appliance (ASA) Software y el Cisco Firepower Threat Defense (FTD) Software, podr\u00eda permitir a un atacante remoto no autenticado causar el reinicio de un dispositivo afectado, resultando en una condici\u00f3n de denegaci\u00f3n de servicio (DoS). La vulnerabilidad es debido a mecanismos de protecci\u00f3n de memoria inapropiados mientras se procesan determinados paquetes OSPF. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de una serie de paquetes OSPF malformados en un corta trama de tiempo hacia un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir a un atacante causar un reinicio del dispositivo afectado, resultando en una condici\u00f3n DoS para el tr\u00e1fico del cliente que atraviesa el dispositivo."
    }
  ],
  "id": "CVE-2020-3298",
  "lastModified": "2024-11-21T05:30:45.660",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-05-06T17:15:12.963",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-ospf-dos-RhMQY8qx"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-ospf-dos-RhMQY8qx"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-125"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-125"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2022-05-03 04:15

Modified

2024-11-21 06:43

Severity ?

5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Summary

A vulnerability in the local malware analysis process of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. This vulnerability is due to insufficient error handling in the local malware analysis process of an affected device. An attacker could exploit this vulnerability by sending a crafted file through the device. A successful exploit could allow the attacker to cause the local malware analysis process to crash, which could result in a DoS condition. Notes: Manual intervention may be required to recover from this situation. Malware cloud lookup and dynamic analysis will not be impacted.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-amp-local-dos-CUfwRJXT	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-amp-local-dos-CUfwRJXT	Vendor Advisory

Impacted products

	Vendor	Product	Version
	cisco	firepower_threat_defense	7.0.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBCA75A6-0A3E-4393-8884-9F3CE190641E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the local malware analysis process of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. This vulnerability is due to insufficient error handling in the local malware analysis process of an affected device. An attacker could exploit this vulnerability by sending a crafted file through the device. A successful exploit could allow the attacker to cause the local malware analysis process to crash, which could result in a DoS condition. Notes: Manual intervention may be required to recover from this situation. Malware cloud lookup and dynamic analysis will not be impacted."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el proceso de an\u00e1lisis local de malware del software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir a un atacante remoto no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en el dispositivo afectado. Esta vulnerabilidad es debido a una administraci\u00f3n de errores insuficiente en el proceso de an\u00e1lisis de malware local de un dispositivo afectado. Un atacante podr\u00eda explotar esta vulnerabilidad  mediante el env\u00edo de un archivo dise\u00f1ado a trav\u00e9s del dispositivo. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar un bloqueo del proceso de an\u00e1lisis de malware local, lo que podr\u00eda resultar en una condici\u00f3n de DoS. Notas: Puede ser necesaria la intervenci\u00f3n manual para recuperarse de esta situaci\u00f3n. La b\u00fasqueda en la nube de malware y el an\u00e1lisis din\u00e1mico no estar\u00e1n afectados"
    }
  ],
  "id": "CVE-2022-20748",
  "lastModified": "2024-11-21T06:43:28.290",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-05-03T04:15:09.627",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-amp-local-dos-CUfwRJXT"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-amp-local-dos-CUfwRJXT"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-664"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-755"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2021-10-27 19:15

Modified

2024-11-21 06:11

Severity ?

6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

Multiple vulnerabilities in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details section of this advisory.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-cmdinject-FmzsLN8	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-cmdinject-FmzsLN8	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_management_center_virtual_appliance	6.1.0
cisco	firepower_management_center_virtual_appliance	6.2.0
cisco	firepower_management_center_virtual_appliance	6.2.3
cisco	firepower_management_center_virtual_appliance	6.3.0
cisco	firepower_management_center_virtual_appliance	6.4.0
cisco	firepower_management_center_virtual_appliance	6.4.0.11
cisco	firepower_management_center_virtual_appliance	6.5.0
cisco	firepower_management_center_virtual_appliance	6.6.0
cisco	firepower_management_center_virtual_appliance	6.6.1
cisco	firepower_management_center_virtual_appliance	6.7.0
cisco	firepower_management_center_virtual_appliance	7.0.0
cisco	firepower_management_center_virtual_appliance	7.1.0
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	sourcefire_defense_center	6.1.0
cisco	sourcefire_defense_center	6.2.0
cisco	sourcefire_defense_center	6.2.3
cisco	sourcefire_defense_center	6.3.0
cisco	sourcefire_defense_center	6.4.0
cisco	sourcefire_defense_center	6.4.0.11
cisco	sourcefire_defense_center	6.5.0
cisco	sourcefire_defense_center	6.6.0
cisco	sourcefire_defense_center	6.6.1
cisco	sourcefire_defense_center	6.7.0
cisco	sourcefire_defense_center	7.0.0
cisco	sourcefire_defense_center	7.1.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A08538C5-6957-42B4-894B-1AF04FC904A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "01DFAA87-6DB1-419B-A2F4-F1FB3A7B8A18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F75D9CB4-406B-4FBF-BC7A-35C2CCEFD8B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C16F3BD-2ACD-44A0-9033-13CB59A50FE4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C0FC62F-65AD-4855-953A-DA5BBFC1B2E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.4.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E738F08-C30D-46E4-A92C-D406D72E1292",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "28629BA3-B1ED-409B-9FB1-E2159D95D975",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "49436378-0578-48F6-AE54-7C8D88574864",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B11AE299-AE40-42EB-9C0B-3865C932E766",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA792E5D-7270-4C23-A8D6-22EB00CB21A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CB38685-4255-4565-98AA-234B9DEEADE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CF689E1-22FF-467F-B5A7-59833D77971E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "17F461B5-E600-4C81-BA3C-1DBC90D4D438",
              "versionEndExcluding": "6.4.0.13",
              "versionStartIncluding": "6.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "37A74256-AF9A-473B-9DC7-A57618BA9F00",
              "versionEndExcluding": "6.6.5",
              "versionStartIncluding": "6.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "98DEDDAB-B8C5-4753-A208-94638E694FC1",
              "versionEndExcluding": "6.7.0.3",
              "versionStartIncluding": "6.7.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B2F537A-A488-45B6-AD4B-48B7064AE84C",
              "versionEndExcluding": "7.0.1",
              "versionStartIncluding": "7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "38E2B495-A0B6-4049-8C90-96CF62BC1BFC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "20741BF4-6F44-42DE-B05E-EDB4176CAD6B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E4A3574-53DC-4328-A229-87795AE4F7AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B273B25-634A-48FF-B290-4A332F84E0B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2EBC6544-6ADF-4F95-A969-A8D953D11B3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.4.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "37FBD21A-0D57-466F-B6F6-1D124A6D75D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "04DF03B7-9C70-4BEE-8AE4-6AA134322C0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4F47E43-116B-4176-9E79-0BA7CBA16869",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B02800C-6420-4758-89CF-66F47B4FCA19",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F41081E-06CF-4BA2-9072-E18D9032BEBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "52ED507A-5075-4444-A2D1-F5657453AD3F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5E9A6F5-8BC2-4FA5-9920-E980EFC5BCEE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple vulnerabilities in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details section of this advisory."
    },
    {
      "lang": "es",
      "value": "Varias vulnerabilidades en la CLI del software Cisco Firepower Threat Defense (FTD) podr\u00edan permitir a un atacante local autenticado ejecutar comandos arbitrarios con privilegios de root. Para conseguir m\u00e1s informaci\u00f3n sobre estas vulnerabilidades, consulte la secci\u00f3n Detalles de este aviso"
    }
  ],
  "id": "CVE-2021-34755",
  "lastModified": "2024-11-21T06:11:07.580",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.9,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-10-27T19:15:07.883",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-cmdinject-FmzsLN8"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-cmdinject-FmzsLN8"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2019-05-03 16:29

Modified

2024-11-26 16:09

Severity ?

6.0 (Medium) - CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
7.8 (High) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting commands into arguments for a specific command. A successful exploit could allow the attacker to execute commands with root privileges.

References

URL	Tags
psirt@cisco.com	http://www.securityfocus.com/bid/108156	Third Party Advisory, VDB Entry
psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-frpwr-cmd-inj	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/108156	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-frpwr-cmd-inj	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	6.0.0
cisco	firepower_threat_defense	6.0.1
cisco	firepower_threat_defense	6.1.0
cisco	firepower_threat_defense	6.2.0
cisco	firepower_threat_defense	6.2.1
cisco	firepower_threat_defense	6.2.2
cisco	firepower_threat_defense	6.2.3
cisco	secure_firewall_management_center	6.3.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1AC6A67-82EF-4D31-AFCB-499A0C6EC0F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "995667FD-35F1-49E5-96DB-2FDFF5E0B523",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "61FB47CF-2A6A-4121-BFF7-5862E163B8E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1DC52A8B-7DF4-47B2-9F49-627F59656E5E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD48BE40-C647-429A-81B6-59E125BBE415",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "42496A5B-1644-4088-BBCF-2ED810A5694B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D726F07-06F1-4B0A-B010-E607E0C2A280",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "134B9AFF-6FFF-4082-80CB-AD2ACBF832F9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting commands into arguments for a specific command. A successful exploit could allow the attacker to execute commands with root privileges."
    },
    {
      "lang": "es",
      "value": "\"Una vulnerabilidad en la CLI del software Firepower Threat Defense (FTD) de  Cisco  podr\u00eda permitir a un atacante local identificado ejecutar un ataque de inyecci\u00f3n de comando. La vulnerabilidad es debido a la insuficiente comprobaci\u00f3n de entrada. Un atacante podr\u00eda aprovechar esta vulnerabilidad al inyectar comandos dentro de argumentos para un comando espec\u00edfico. Una operaci\u00f3n \u00e9xito podr\u00eda permitir al atacante ejecutar comandos con privilegios root."
    }
  ],
  "id": "CVE-2019-1709",
  "lastModified": "2024-11-26T16:09:02.407",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.0,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.2,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-05-03T16:29:00.740",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/108156"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-frpwr-cmd-inj"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/108156"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-frpwr-cmd-inj"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-10-21 19:15

Modified

2024-11-21 05:31

Severity ?

5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Summary

A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access rule and access parts of the WebVPN portal that are supposed to be blocked. The vulnerability is due to insufficient validation of URLs when portal access rules are configured. An attacker could exploit this vulnerability by accessing certain URLs on the affected device.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-rule-bypass-P73ABNWQ	Patch, Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-rule-bypass-P73ABNWQ	Patch, Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9F6C9AD-0838-4CE7-BF34-3BDAA4909704",
              "versionEndExcluding": "6.3.0.6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "739E387B-4E43-4BD7-8799-F62791963508",
              "versionEndExcluding": "6.4.0.10",
              "versionStartIncluding": "6.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "38DCBF6C-AA34-4A5B-B2B1-57684DD5BB42",
              "versionEndExcluding": "6.5.0.5",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F0C6D76-9652-4EE6-9CA2-96BFBB469539",
              "versionEndExcluding": "6.6.1",
              "versionStartIncluding": "6.6.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BED6440-E4CE-49B0-B802-9976AF57DB9F",
              "versionEndExcluding": "9.6.4.45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "44AC63E3-7600-4A47-9980-994362223BE1",
              "versionEndExcluding": "9.8.4.26",
              "versionStartIncluding": "9.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "86B181C5-34C2-4BD5-B012-841B978A26C4",
              "versionEndExcluding": "9.9.2.80",
              "versionStartIncluding": "9.9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0854546-E8AC-41FC-9419-E3E31534D4FE",
              "versionEndExcluding": "9.10.1.44",
              "versionStartIncluding": "9.10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9B6C101-3EEF-430F-9191-7DDB3DDF40E8",
              "versionEndExcluding": "9.12.4.4",
              "versionStartIncluding": "9.12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F21E8FD7-6BBB-4D7B-B21A-D5D57630800A",
              "versionEndExcluding": "9.13.1.13",
              "versionStartIncluding": "9.13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F259571-5C8F-48C5-BCED-505F39741F8A",
              "versionEndExcluding": "9.14.1.19",
              "versionStartIncluding": "9.14",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access rule and access parts of the WebVPN portal that are supposed to be blocked. The vulnerability is due to insufficient validation of URLs when portal access rules are configured. An attacker could exploit this vulnerability by accessing certain URLs on the affected device."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la interfaz de servicios web de Cisco Adaptive Security Appliance (ASA) Software y Cisco Firepower Threat Defense (FTD) Software, podr\u00eda permitir a un atacante remoto no autenticado omitir una regla de acceso configurada y acceder a partes del portal WebVPN que se supone que est\u00e1n bloqueadas.\u0026#xa0;La vulnerabilidad es debido a una comprobaci\u00f3n insuficiente de las URL cuando se configuran las reglas de acceso al portal.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad al acceder a determinadas URL en el dispositivo afectado"
    }
  ],
  "id": "CVE-2020-3578",
  "lastModified": "2024-11-21T05:31:20.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 4.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 2.5,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-10-21T19:15:18.513",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-rule-bypass-P73ABNWQ"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-rule-bypass-P73ABNWQ"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-863"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-863"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2024-10-23 18:15

Modified

2024-11-05 15:03

Severity ?

9.3 (Critical) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
8.4 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

A vulnerability in Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 1000, 2100, 3100, and 4200 Series could allow an unauthenticated, local attacker to access an affected system using static credentials. This vulnerability is due to the presence of static accounts with hard-coded passwords on an affected system. An attacker could exploit this vulnerability by logging in to the CLI of an affected device with these credentials. A successful exploit could allow the attacker to access the affected system and retrieve sensitive information, perform limited troubleshooting actions, modify some configuration options, or render the device unable to boot to the operating system, requiring a reimage of the device.

References

▼	URL	Tags
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-statcred-dFC8tXT5	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	7.1.0
cisco	firepower_threat_defense	7.1.0.1
cisco	firepower_threat_defense	7.1.0.2
cisco	firepower_threat_defense	7.1.0.3
cisco	firepower_threat_defense	7.2.0
cisco	firepower_threat_defense	7.2.0.1
cisco	firepower_threat_defense	7.2.1
cisco	firepower_threat_defense	7.2.2
cisco	firepower_threat_defense	7.2.3
cisco	firepower_threat_defense	7.2.4
cisco	firepower_threat_defense	7.2.4.1
cisco	firepower_threat_defense	7.2.5
cisco	firepower_threat_defense	7.2.5.1
cisco	firepower_threat_defense	7.2.5.2
cisco	firepower_threat_defense	7.2.6
cisco	firepower_threat_defense	7.2.7
cisco	firepower_threat_defense	7.3.0
cisco	firepower_threat_defense	7.3.1
cisco	firepower_threat_defense	7.3.1.1
cisco	firepower_threat_defense	7.3.1.2
cisco	firepower_threat_defense	7.4.0
cisco	firepower_threat_defense	7.4.1
cisco	firepower_threat_defense	7.4.1.1
cisco	firepower_1000	-
cisco	firepower_1010	-
cisco	firepower_1020	-
cisco	firepower_1030	-
cisco	firepower_1040	-
cisco	firepower_1120	-
cisco	firepower_1140	-
cisco	firepower_1150	-
cisco	firepower_2100	-
cisco	firepower_2110	-
cisco	firepower_2120	-
cisco	firepower_2130	-
cisco	firepower_2140	-
cisco	firepower_3105	-
cisco	firepower_3110	-
cisco	firepower_3120	-
cisco	firepower_3130	-
cisco	firepower_3140	-
cisco	firepower_4215	-
cisco	firepower_4225	-
cisco	firepower_4245	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D619BF54-1BA9-45D0-A876-92D7010088A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "469EA365-DED5-4436-AAC2-5553529DE700",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D94F400-5A35-41F5-B37F-E9DA6F87ED8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5364CB94-BEA3-4E9A-A2F9-EE96A2D7F8AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FD5D12-CF1A-4990-99B3-1840EFBA5611",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCD2D11D-FF08-44E4-BF67-D8DD1E701FCD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F788D156-1F1F-4A08-848B-257BC4CCE000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "795ED164-7800-4D50-8E37-665BE30190D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B0664B8-1670-4F47-A01E-089D05A9618A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6826018-5620-4924-BE92-6A245378F610",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A49A07CF-12BA-481C-B5FF-754520080A8A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "F203C7D1-AA92-4367-B7A5-EBAE6B76EE6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0064C97F-1140-43AC-8229-C8CCC367DC4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9296D33-D59A-463D-9722-9D4C3F720E7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9F66CCA-0982-4107-BC5B-79D727479343",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "77B80698-1E76-4B13-AB83-A03FF8C785FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBC0C3DC-4761-488A-90A9-6EA45EE61526",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "62EE065B-F8B6-4125-8486-B2EE0566B27A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5245DEF8-64BE-47C9-AA3C-DF3F7F92A89F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5A52991-802D-46FB-A508-5616BA1CEB78",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3E08AAC-9C5E-4D18-817C-C466D1D6C4DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "724A3B6F-DDAB-4A2F-8430-9E1F352D755F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.4.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDBF14DD-0654-47F3-A698-020397A1EAA3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6F79864-CA70-4192-AC2C-E174DF3F25B2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FFE3880-4B85-4E23-9836-70875D5109F7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA8B5AF8-6A57-482A-9442-E857EE7E207B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1030:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9929280-2AAC-4B56-A42C-1F6EDE83988E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F29B6BC3-D716-4A3D-9679-B7BE81F719C8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "727A02E8-40A1-4DFE-A3A2-91D628D3044F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1140:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "19F6546E-28F4-40DC-97D6-E0E023FE939B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB3B0EC3-4654-4D90-9D41-7EC2AD1DDF99",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D23A26EF-5B43-437C-A962-4FC69D8A0FF4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "52D96810-5F79-4A83-B8CA-D015790FCF72",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FE2945-4975-4003-AE48-7E134E167A7F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2130:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCE7122A-5AA7-4ECD-B024-E27C9D0CFB7B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2140:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "976901BF-C52C-4F81-956A-711AF8A60140",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_3105:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B65E122-8B8C-4681-9CAE-C375292A26CC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_3110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "012CCE97-B6FE-45B8-9599-D64EE0F80B2A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_3120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6A73EAE-3C2E-4836-97EC-F644E219C0DD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_3130:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DCF7A7F-9564-4A8D-84FA-7DA25B4BF4B7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_3140:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "542C19EA-0FFE-4ADC-93BB-EEB6B0A8CAA9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4215:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2634F9A1-8CF7-4824-817A-F617DB48CFFF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4225:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F021E6A8-FA39-40BD-B570-D5C4F408521C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4245:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B303B6B7-B419-46F1-9291-E70AD1B863D7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 1000, 2100, 3100, and 4200 Series could allow an unauthenticated, local attacker to access an affected system using static credentials.\r\n\r This vulnerability is due to the presence of static accounts with hard-coded passwords on an affected system. An attacker could exploit this vulnerability by logging in to the CLI of an affected device with these credentials. A successful exploit could allow the attacker to access the affected system and retrieve sensitive information, perform limited troubleshooting actions, modify some configuration options, or render the device unable to boot to the operating system, requiring a reimage of the device."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el software Cisco Firepower Threat Defense (FTD) para Cisco Firepower 1000, 2100, 3100 y 4200 Series podr\u00eda permitir que un atacante local no autenticado acceda a un sistema afectado utilizando credenciales est\u00e1ticas. Esta vulnerabilidad se debe a la presencia de cuentas est\u00e1ticas con contrase\u00f1as codificadas en un sistema afectado. Un atacante podr\u00eda aprovechar esta vulnerabilidad iniciando sesi\u00f3n en la CLI de un dispositivo afectado con estas credenciales. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante acceder al sistema afectado y recuperar informaci\u00f3n confidencial, realizar acciones limitadas de resoluci\u00f3n de problemas, modificar algunas opciones de configuraci\u00f3n o hacer que el dispositivo no pueda iniciarse en el sistema operativo, lo que requiere una nueva imagen del dispositivo."
    }
  ],
  "id": "CVE-2024-20412",
  "lastModified": "2024-11-05T15:03:34.777",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 9.3,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.5,
        "impactScore": 6.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 8.4,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.5,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-10-23T18:15:09.430",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-statcred-dFC8tXT5"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-259"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-798"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2023-11-01 18:15

Modified

2024-11-21 07:40

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Summary

A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of HTTPS requests. An attacker could exploit this vulnerability by sending crafted HTTPS requests to an affected system. A successful exploit could allow the attacker to cause resource exhaustion, resulting in a DoS condition.

References

▼	URL	Tags
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-webvpn-dos-3GhZQBAS	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-webvpn-dos-3GhZQBAS	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance_software	9.8.1
cisco	adaptive_security_appliance_software	9.8.1.5
cisco	adaptive_security_appliance_software	9.8.1.7
cisco	adaptive_security_appliance_software	9.8.2
cisco	adaptive_security_appliance_software	9.8.2.8
cisco	adaptive_security_appliance_software	9.8.2.14
cisco	adaptive_security_appliance_software	9.8.2.15
cisco	adaptive_security_appliance_software	9.8.2.17
cisco	adaptive_security_appliance_software	9.8.2.20
cisco	adaptive_security_appliance_software	9.8.2.24
cisco	adaptive_security_appliance_software	9.8.2.26
cisco	adaptive_security_appliance_software	9.8.2.28
cisco	adaptive_security_appliance_software	9.8.2.33
cisco	adaptive_security_appliance_software	9.8.2.35
cisco	adaptive_security_appliance_software	9.8.2.38
cisco	adaptive_security_appliance_software	9.8.3
cisco	adaptive_security_appliance_software	9.8.3.8
cisco	adaptive_security_appliance_software	9.8.3.11
cisco	adaptive_security_appliance_software	9.8.3.14
cisco	adaptive_security_appliance_software	9.8.3.16
cisco	adaptive_security_appliance_software	9.8.3.18
cisco	adaptive_security_appliance_software	9.8.3.21
cisco	adaptive_security_appliance_software	9.8.3.26
cisco	adaptive_security_appliance_software	9.8.3.29
cisco	adaptive_security_appliance_software	9.8.4
cisco	adaptive_security_appliance_software	9.8.4.3
cisco	adaptive_security_appliance_software	9.8.4.7
cisco	adaptive_security_appliance_software	9.8.4.8
cisco	adaptive_security_appliance_software	9.8.4.10
cisco	adaptive_security_appliance_software	9.8.4.12
cisco	adaptive_security_appliance_software	9.8.4.15
cisco	adaptive_security_appliance_software	9.8.4.17
cisco	adaptive_security_appliance_software	9.8.4.20
cisco	adaptive_security_appliance_software	9.8.4.22
cisco	adaptive_security_appliance_software	9.8.4.25
cisco	adaptive_security_appliance_software	9.8.4.26
cisco	adaptive_security_appliance_software	9.8.4.29
cisco	adaptive_security_appliance_software	9.8.4.32
cisco	adaptive_security_appliance_software	9.8.4.33
cisco	adaptive_security_appliance_software	9.8.4.34
cisco	adaptive_security_appliance_software	9.8.4.35
cisco	adaptive_security_appliance_software	9.8.4.39
cisco	adaptive_security_appliance_software	9.8.4.40
cisco	adaptive_security_appliance_software	9.8.4.41
cisco	adaptive_security_appliance_software	9.8.4.43
cisco	adaptive_security_appliance_software	9.8.4.44
cisco	adaptive_security_appliance_software	9.8.4.45
cisco	adaptive_security_appliance_software	9.12.1
cisco	adaptive_security_appliance_software	9.12.1.2
cisco	adaptive_security_appliance_software	9.12.1.3
cisco	adaptive_security_appliance_software	9.12.2
cisco	adaptive_security_appliance_software	9.12.2.1
cisco	adaptive_security_appliance_software	9.12.2.4
cisco	adaptive_security_appliance_software	9.12.2.5
cisco	adaptive_security_appliance_software	9.12.2.9
cisco	adaptive_security_appliance_software	9.12.3
cisco	adaptive_security_appliance_software	9.12.3.2
cisco	adaptive_security_appliance_software	9.12.3.7
cisco	adaptive_security_appliance_software	9.12.3.9
cisco	adaptive_security_appliance_software	9.12.4
cisco	adaptive_security_appliance_software	9.12.4.4
cisco	adaptive_security_appliance_software	9.12.4.7
cisco	adaptive_security_appliance_software	9.12.4.8
cisco	adaptive_security_appliance_software	9.12.4.10
cisco	adaptive_security_appliance_software	9.12.4.13
cisco	adaptive_security_appliance_software	9.12.4.18
cisco	adaptive_security_appliance_software	9.12.4.24
cisco	adaptive_security_appliance_software	9.12.4.26
cisco	adaptive_security_appliance_software	9.12.4.29
cisco	adaptive_security_appliance_software	9.12.4.30
cisco	adaptive_security_appliance_software	9.12.4.35
cisco	adaptive_security_appliance_software	9.12.4.37
cisco	adaptive_security_appliance_software	9.12.4.38
cisco	adaptive_security_appliance_software	9.12.4.39
cisco	adaptive_security_appliance_software	9.12.4.40
cisco	adaptive_security_appliance_software	9.12.4.41
cisco	adaptive_security_appliance_software	9.14.1
cisco	adaptive_security_appliance_software	9.14.1.6
cisco	adaptive_security_appliance_software	9.14.1.10
cisco	adaptive_security_appliance_software	9.14.1.15
cisco	adaptive_security_appliance_software	9.14.1.19
cisco	adaptive_security_appliance_software	9.14.1.30
cisco	adaptive_security_appliance_software	9.14.2
cisco	adaptive_security_appliance_software	9.14.2.4
cisco	adaptive_security_appliance_software	9.14.2.8
cisco	adaptive_security_appliance_software	9.14.2.13
cisco	adaptive_security_appliance_software	9.14.2.15
cisco	adaptive_security_appliance_software	9.14.3
cisco	adaptive_security_appliance_software	9.14.3.1
cisco	adaptive_security_appliance_software	9.14.3.9
cisco	adaptive_security_appliance_software	9.14.3.11
cisco	adaptive_security_appliance_software	9.14.3.13
cisco	adaptive_security_appliance_software	9.14.3.15
cisco	adaptive_security_appliance_software	9.14.3.18
cisco	adaptive_security_appliance_software	9.14.4
cisco	adaptive_security_appliance_software	9.14.4.6
cisco	adaptive_security_appliance_software	9.14.4.7
cisco	adaptive_security_appliance_software	9.15.1
cisco	adaptive_security_appliance_software	9.15.1.7
cisco	adaptive_security_appliance_software	9.15.1.10
cisco	adaptive_security_appliance_software	9.15.1.15
cisco	adaptive_security_appliance_software	9.15.1.16
cisco	adaptive_security_appliance_software	9.15.1.17
cisco	adaptive_security_appliance_software	9.15.1.21
cisco	adaptive_security_appliance_software	9.16.1
cisco	adaptive_security_appliance_software	9.16.1.28
cisco	adaptive_security_appliance_software	9.16.2
cisco	adaptive_security_appliance_software	9.16.2.3
cisco	adaptive_security_appliance_software	9.16.2.7
cisco	adaptive_security_appliance_software	9.16.2.11
cisco	adaptive_security_appliance_software	9.16.2.13
cisco	adaptive_security_appliance_software	9.16.2.14
cisco	adaptive_security_appliance_software	9.16.3
cisco	adaptive_security_appliance_software	9.16.3.3
cisco	adaptive_security_appliance_software	9.16.3.14
cisco	adaptive_security_appliance_software	9.17.1
cisco	adaptive_security_appliance_software	9.17.1.7
cisco	adaptive_security_appliance_software	9.17.1.9
cisco	adaptive_security_appliance_software	9.18.1
cisco	firepower_threat_defense	6.2.3
cisco	firepower_threat_defense	6.2.3.0
cisco	firepower_threat_defense	6.2.3.1
cisco	firepower_threat_defense	6.2.3.2
cisco	firepower_threat_defense	6.2.3.3
cisco	firepower_threat_defense	6.2.3.4
cisco	firepower_threat_defense	6.2.3.5
cisco	firepower_threat_defense	6.2.3.6
cisco	firepower_threat_defense	6.2.3.7
cisco	firepower_threat_defense	6.2.3.8
cisco	firepower_threat_defense	6.2.3.9
cisco	firepower_threat_defense	6.2.3.10
cisco	firepower_threat_defense	6.2.3.11
cisco	firepower_threat_defense	6.2.3.12
cisco	firepower_threat_defense	6.2.3.13
cisco	firepower_threat_defense	6.2.3.14
cisco	firepower_threat_defense	6.2.3.15
cisco	firepower_threat_defense	6.2.3.16
cisco	firepower_threat_defense	6.2.3.17
cisco	firepower_threat_defense	6.2.3.18
cisco	firepower_threat_defense	6.4.0
cisco	firepower_threat_defense	6.4.0.1
cisco	firepower_threat_defense	6.4.0.2
cisco	firepower_threat_defense	6.4.0.3
cisco	firepower_threat_defense	6.4.0.4
cisco	firepower_threat_defense	6.4.0.5
cisco	firepower_threat_defense	6.4.0.6
cisco	firepower_threat_defense	6.4.0.7
cisco	firepower_threat_defense	6.4.0.8
cisco	firepower_threat_defense	6.4.0.9
cisco	firepower_threat_defense	6.4.0.10
cisco	firepower_threat_defense	6.4.0.11
cisco	firepower_threat_defense	6.4.0.12
cisco	firepower_threat_defense	6.4.0.13
cisco	firepower_threat_defense	6.4.0.14
cisco	firepower_threat_defense	6.4.0.15
cisco	firepower_threat_defense	6.6.0
cisco	firepower_threat_defense	6.6.0.1
cisco	firepower_threat_defense	6.6.1
cisco	firepower_threat_defense	6.6.3
cisco	firepower_threat_defense	6.6.4
cisco	firepower_threat_defense	6.6.5
cisco	firepower_threat_defense	6.6.5.1
cisco	firepower_threat_defense	6.6.5.2
cisco	firepower_threat_defense	6.7.0
cisco	firepower_threat_defense	6.7.0.1
cisco	firepower_threat_defense	6.7.0.2
cisco	firepower_threat_defense	6.7.0.3
cisco	firepower_threat_defense	7.0.0
cisco	firepower_threat_defense	7.0.0.1
cisco	firepower_threat_defense	7.0.1
cisco	firepower_threat_defense	7.0.1.1
cisco	firepower_threat_defense	7.0.2
cisco	firepower_threat_defense	7.0.2.1
cisco	firepower_threat_defense	7.0.3
cisco	firepower_threat_defense	7.1.0
cisco	firepower_threat_defense	7.1.0.1
cisco	firepower_threat_defense	7.1.0.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D482F818-0A8E-49D7-8E3E-0958019FA629",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E7BFB57-BC02-4930-A02F-83583E6A0FC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "026F1960-C879-4611-A60A-96311B63CCA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAF8B33E-0C95-467D-A865-0A234E69D0CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFF144F5-D933-4DE4-818C-001BD9E3958A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "00112ED3-FE7B-425B-9A28-1E5F2BC8BB01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDD491D5-FAAB-493F-91A6-D2F3B5F5970E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "1519F49D-588F-4B70-B38F-EF4F3E13FEAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "15354443-5EB7-4712-B2DE-61DB33830759",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "248D6B44-E134-4DEC-A947-636824E3FDFA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "0820A79C-F3EF-407F-9AC7-DCAB4CD39C89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D3E8805-85D2-4345-8076-039513209A31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "14BB907B-D75A-4F5E-B20D-5457A71A70EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "F118B803-4C55-436A-A136-0C1FEA49858F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.38:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A272121-408E-45F6-A2A1-0BA6EBC060A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "980CEA3B-5A81-4E8C-BEA3-DD31BE7DA2CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3910211-D4DB-4CA7-BBEA-DD8246FF10ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "C260BF30-7A33-4C70-9509-404856C93666",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF894850-39EC-4B57-BBFF-F1AB4F8389A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1FAFCF9-0ABE-483E-9604-329762BB7870",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "83DB4278-3126-4765-97C4-6C0A8C78DA78",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "174E631B-6099-47DE-8790-BBF4B7FDB8CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FE3538B-F612-4105-BFDE-A4B594482DCF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "3143B0FF-C855-485E-A908-E48974B1643C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "26DD9992-6D98-4E03-9599-ECF38A186FBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "24DCEAE6-355B-40AE-A7C8-AF744FCA8A86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "2097E81E-B422-4B93-AF09-F300A0E8AF71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "454DEA31-A607-4054-82D3-24A4FEB7358F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "57F0B213-8187-4465-84F1-FB8D92B36020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "E540771E-BA0B-42D1-8251-B576B0F142C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEC2A833-BECF-4000-A592-6113A84C2D20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "077F1416-924A-4D25-9CEE-3BD66A96A019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BDC8D92-D6E0-40EE-B190-D2B32C7DEB75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "23CD5619-E534-4F40-998D-39DC19FA0451",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5D0EB11-14B1-44B3-8D46-B9DD872F772C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FA399CF-12DB-42E0-A66F-14508B52A453",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B5A7608-E737-420E-9B5E-836600DAC701",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.32:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7EB6801-336D-4F41-ADE7-1C58C63C3F6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "8413DA41-02A5-4269-8C88-9DD5076AF91B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.34:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA00285F-6914-4749-8A47-FC4EDAFFF3C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "4AA4D367-32B9-4F54-8352-A959F61A1FDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "2259FF9E-0C8B-440F-B1AC-51BDE3F60E68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C522B55-904D-4C08-B73E-1457D877C0AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "4483056A-FBF3-4E00-81EB-1E97334EF240",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.43:*:*:*:*:*:*:*",
              "matchCriteriaId": "48677330-06AB-4C7F-B2AD-F7E465A9632A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.44:*:*:*:*:*:*:*",
              "matchCriteriaId": "7AEA80D2-5DB8-4334-9A88-7DDE395832C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.45:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB1C38A5-1028-4AD3-8CC7-A00091091E76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F002FD55-F881-450E-BC1B-8073E188F47E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA940C4F-13BB-465F-BB8D-CBD0109BF012",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B0434F5-9A50-4B57-9C5B-E09415D098C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE727035-06CB-4E37-A9D2-96BD54502120",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FE52B81-2CF8-48E5-A7BA-A163A25A669B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8E8D7C9-5272-40E6-869B-B33959F9F0CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE8D5D71-5C85-4644-8A84-F073549ADB50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "0790DDC2-7BA0-42DC-A157-754C0CBBE178",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "882394EA-70C8-4D86-9AEF-5D273D8E518C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "855AD3CC-F404-48C5-80D2-7F2765D16D72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "26B6BF72-9124-4213-B3C0-BD31B46E8C91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE8FBE89-8FDA-4B9B-BA1A-90FFD482A585",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2D33E8C-294A-4C43-8DB6-9DA9F61F0B3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4723B88-62BA-40E6-AA89-BAC02D6A036F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C698819-3C8E-4A16-8F52-42FF1E54C076",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D3CE74E-59E7-448A-8417-18F97C05C798",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "0986C171-0E75-4F6F-A9BD-276830104E5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "66A2777A-7831-4324-AEB2-5D93B5F6C04B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "37045680-9189-4B7F-A4F7-4E682FE20A09",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6C9F37B-CF3C-4861-A969-C7CF4946274A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A1DAF21-3FED-4691-9D4C-8FD8CEA7FB3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB938E58-4963-4A31-8836-88E958592B30",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E317897-EE97-44F3-96BB-E54228D72A7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EF7FAB2-158D-4C48-9246-E7AD3BF1D801",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.37:*:*:*:*:*:*:*",
              "matchCriteriaId": "056D43AE-ECDB-40D2-A196-18DDCD02629E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.38:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3E555F3-3580-4D71-8D8D-92FE72763D62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "93013503-8B9A-4160-AF7E-277958FA6E9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3B009FD-0F2B-4511-8EDF-C3E670623F89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "52579D8D-E855-42B3-B406-32DD1C39F721",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "52D83C3A-ED0B-42D5-A08A-97D27E189875",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "A649E319-D408-4AA2-8293-C9E37AF14BA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4187EFE-4D7E-4493-A6E0-24C98256CF79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "6730194F-5069-40AB-AE66-871D3992560C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E257F98-D1A0-4D28-9504-1749CC090D49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FF1A5FC-73BE-4218-86D9-2E81FA64EABD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E492943-6EC0-4E34-9DBC-DD1C2CF1CDCC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "589E46F3-8038-4B87-8C40-55C6268B82F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F3B73F6-139E-42DC-B895-DDD17B5A1138",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A2590E7-FE04-4B29-B36B-AABAA5F3B9AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E4FD5E3-7E82-4294-8B05-D2045D857029",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E998A4A-5346-4CFA-A617-FD1106C6B7A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "91265549-A16E-4A00-A031-4F1EB8D6881C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA3C316B-5485-4CDD-A1A1-6C0A9CB4719F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECE6D033-7B8B-4F61-B653-0C0EF13466EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "14441650-DAD5-4959-83DF-4D6F3D6A05FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B21ABC9-A64B-43E4-8951-1E6C0F427DBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "A48EC041-322F-422D-B95B-0FC07BDA2B6B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE0D50C0-DADB-4747-8649-8A5257111FE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEE2699F-353F-44CB-A778-981783DDC31F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D8E50BD-1FBD-483B-9C27-70E95C732E55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA0B9B73-A9E6-4924-9EAE-B57E534938FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "E06141A9-8C37-445A-B58A-45739AFE7D4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "7EDC09E5-51D3-4672-B910-B34A9CBD6128",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "71ED7A71-81CB-444C-A4ED-EA4A58D5E73C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "CAD13331-0EB8-4C8D-85CC-D96CA9F829AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "7137F22B-F993-4620-9378-9412DAEA9EF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "923A40E8-6456-4288-B9AB-DBF5F9C4246A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "13F57A86-6284-4269-823E-B30C57185D14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.1.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6560447-039C-40FA-A24D-C8994AC2743B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "378ED826-F5FE-40BA-9FC0-9C185A13518B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "130B6FD9-764D-4EF8-91AA-37E52AE9B3E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "225861CE-FFF8-4AFA-A07B-CB8D5BC9C361",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD08C4E8-3ADB-4048-9B3C-4F0385201523",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4875811-F209-49ED-B310-8377B2F87FF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "99C52C7B-B626-4A3C-A2EC-28A20E7FA95F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "08CCBF5E-257A-4A1F-8930-3643A9588838",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "782BC9ED-1395-472B-9F34-DED812AA5BFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "153449C0-B93F-49A2-8A6A-BE84305E8D2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "27ACBA2A-87A7-4836-A474-AFD7D22F820D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "C73E0B2E-BABF-4998-A1D7-4E803F9D78AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "59306ADF-FAA6-4970-ADFB-C5D9A5AEF1AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BA16A6D-2747-4DAC-A30A-166F1FD906FA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D726F07-06F1-4B0A-B010-E607E0C2A280",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5631D2C2-7AFC-4041-9831-EA1FA51969F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FAD2427-82A3-4E64-ADB5-FA4F40B568F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "08D5A647-AC21-40AC-8B3C-EE5D3EDA038A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BAE999A-5244-46CF-8C12-D68E789BDEE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6468D3D-C5A7-4FAE-B4B9-AD862CD11055",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6E4808D-592E-46A6-A83A-A46227D817B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AB45136-ACCD-4230-8975-0EBB30D5B375",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2C39AC1-1B96-4253-9FC8-4CC26D6261F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE9102C8-F211-4E50-967F-FD51C7FC904F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4933642-89E5-4909-AD3C-862CD3B77790",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9A6C776-79B3-47ED-B013-100B8F08E1C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "E504F28A-44CE-4B3E-9330-6A98728E3AEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEA0DD43-D206-4C1C-8B17-DA47F96B3BAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "1983172D-4F52-479F-BF14-A84B92D36864",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "4122D982-A57A-4249-A8DC-CE9FC6C98803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "96464380-F665-4266-B0AD-693E078C9F82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C230B8A-570D-4F58-83E1-AFA50B813EA4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD3F39CB-C4C2-4B13-94F0-9E44322314BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "59A71873-0EB2-418F-AE33-8474A1010FA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2DF0B07-8C2A-4341-8AFF-DE7E5E5B3A43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E6BD0EE-649E-4ED6-A09C-8364335DEF52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AE11554-FE3C-4C8B-8986-5D88E4967342",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1C11983-22A8-4859-A240-571A7815FF54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "24CD0B0A-2B91-45DD-9522-8D1D3850CC9B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7026F0E-72A7-4CDF-BADC-E34FE6FADC51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "63B85369-FBAE-456C-BC99-5418B043688A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "86434346-D5F0-49BA-803E-244C3266E361",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2FA7B3C-002D-4755-B323-CA24B770A5B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1CB7EBC-F3D5-4855-A8D8-BA5AB21FD719",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2A5530C-DF29-421B-9712-3454C1769446",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "41170977-FEEA-4B51-BF98-8493096CD691",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "B05791F9-0B31-4C4C-A9BA-9268CAA45FB2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D975CBA-7F01-4A4C-991B-9571410C4F07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6D7AF29-4E08-4BFD-AFE0-994309E66F08",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2EFA476-5021-4A00-859E-1643009D6156",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCD69468-8067-4A5D-B2B0-EC510D889AA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "20AE4051-FA3B-4F0B-BD3D-083A14269FF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "46A42D07-FF3E-41B4-BA39-3A5BDA4E0E61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3985EA37-2B77-45F2-ABA5-5CCC7B35CA2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "67FB5ABE-3C40-4C58-B91F-0621C2180FAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "53909FD6-EC74-4D2F-99DA-26E70400B53F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "55FE024D-0D43-40AD-9645-8C54ECF17824",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC411A8D-CD39-46F5-B8FC-6753E618FAEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "85F22403-B4EE-4303-9C94-915D3E0AC944",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "828E3DE1-B62E-4FEC-AAD3-EB0E452C9CBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "596EC5DD-D7F4-44C8-B4B5-E2DC142FC486",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C356E0E6-5B87-40CF-996E-6FFEDFD82A31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBCA75A6-0A3E-4393-8884-9F3CE190641E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F3C12D3-7662-46C5-9E88-D1BE6CF605E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "046B53A0-6BC1-461A-9C28-C534CE12C4BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA889E1-4E8F-4ECE-88AC-7A240D5CBF0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D1C767F-3E06-43B7-A0CC-D51D97A053EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "43A950B0-A7CA-4CE7-A393-A18C8C41B08E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7E221CB-BD0F-4AEE-8646-998B75647714",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D619BF54-1BA9-45D0-A876-92D7010088A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "469EA365-DED5-4436-AAC2-5553529DE700",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D94F400-5A35-41F5-B37F-E9DA6F87ED8E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of HTTPS requests. An attacker could exploit this vulnerability by sending crafted HTTPS requests to an affected system. A successful exploit could allow the attacker to cause resource exhaustion, resulting in a DoS condition."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la funci\u00f3n VPN de acceso remoto del software Cisco Adaptive Security Appliance (ASA) y el software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir que un atacante remoto no autenticado cause una condici\u00f3n de Denegaci\u00f3n de Servicio (DoS) en un dispositivo afectado. Esta vulnerabilidad se debe a un manejo inadecuado de las solicitudes HTTPS. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando solicitudes HTTPS manipuladas a un sistema afectado. Un exploit exitoso podr\u00eda permitir que el atacante provoque el agotamiento de los recursos, lo que resultar\u00eda en una condici\u00f3n DoS."
    }
  ],
  "id": "CVE-2023-20095",
  "lastModified": "2024-11-21T07:40:32.480",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-11-01T18:15:09.207",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-webvpn-dos-3GhZQBAS"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-webvpn-dos-3GhZQBAS"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-772"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2019-05-03 16:29

Modified

2024-11-21 04:37

Severity ?

6.8 (Medium) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

A vulnerability in the implementation of the Lightweight Directory Access Protocol (LDAP) feature in Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerabilities are due to the improper parsing of LDAP packets sent to an affected device. An attacker could exploit these vulnerabilities by sending a crafted LDAP packet, using Basic Encoding Rules (BER), to be processed by an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition.

References

URL	Tags
psirt@cisco.com	http://www.securityfocus.com/bid/108182
psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftds-ldapdos	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/108182
af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftds-ldapdos	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	asa_5505	-
cisco	asa_5510	-
cisco	asa_5512-x	-
cisco	asa_5515-x	-
cisco	asa_5520	-
cisco	asa_5525-x	-
cisco	asa_5540	-
cisco	asa_5545-x	-
cisco	asa_5550	-
cisco	asa_5555-x	-
cisco	asa_5580	-
cisco	asa_5585-x	-
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "259E2B41-3EC2-42D3-AAF1-4B855F9E28C3",
              "versionEndExcluding": "9.6.4.25",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C812C8D5-3159-434C-8B9F-8CB0A8767923",
              "versionEndExcluding": "9.8.4",
              "versionStartIncluding": "9.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABCD2AF8-97D4-45C6-B80E-D5FA9B719BD5",
              "versionEndExcluding": "9.9.2.50",
              "versionStartIncluding": "9.9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4C6B343-2D4D-4C7E-A59E-629773DD2E60",
              "versionEndExcluding": "9.10.1.17",
              "versionStartIncluding": "9.10",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E6A8BB7-2000-4CA2-9DD7-89573CE4C73A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B091B9BA-D4CA-435B-8D66-602B45F0E0BD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08F0F160-DAD2-48D4-B7B2-4818B2526F35",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "977D597B-F6DE-4438-AB02-06BE64D71EBE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5520:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B387F62-6341-434D-903F-9B72E7F84ECB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB71EB29-0115-4307-A9F7-262394FD9FB0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5540:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C5A524-E1D9-480F-B655-0680AA5BF720",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5545-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57179F60-E330-4FF0-9664-B1E4637FF210",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5550:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6287D95-F564-44B7-A0F9-91396D7C2C4E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5535C936-391B-4619-AA03-B35265FC15D7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1E828B8-5ECC-4A09-B2AD-DEDC558713DE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16AE20C2-C77E-4E04-BF13-A48696E52426",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "15251834-D900-42F9-AC0B-4167CE851116",
              "versionEndExcluding": "6.2.3.12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A16803C-579C-4992-B37E-7CEC17307659",
              "versionEndExcluding": "6.3.0.3",
              "versionStartIncluding": "6.3.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the implementation of the Lightweight Directory Access Protocol (LDAP) feature in Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerabilities are due to the improper parsing of LDAP packets sent to an affected device. An attacker could exploit these vulnerabilities by sending a crafted LDAP packet, using Basic Encoding Rules (BER), to be processed by an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la implementaci\u00f3n de la funci\u00f3n del Lightweight Directory Access Protocol (LDAP) en el software Cisco Adaptive Security Appliance (ASA) y en el software Firepower Threat Defense (FTD) podr\u00eda permitir que un atacante remoto no autenticado provoque la recarga de un dispositivo afectado, lo que resulta en una Condici\u00f3n de denegaci\u00f3n de servicio (DoS). Las vulnerabilidades se deben al an\u00e1lisis incorrecto de los paquetes LDAP enviados a un dispositivo afectado. Un atacante podr\u00eda explotar estas vulnerabilidades enviando un paquete LDAP creado, usando Reglas de codificaci\u00f3n b\u00e1sicas (BER), para ser procesado por un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir que el atacante haga que el dispositivo afectado se vuelva a cargar, lo que resulta en una condici\u00f3n DoS."
    }
  ],
  "id": "CVE-2019-1697",
  "lastModified": "2024-11-21T04:37:07.460",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-05-03T16:29:00.240",
  "references": [
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securityfocus.com/bid/108182"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftds-ldapdos"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/108182"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftds-ldapdos"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2024-10-23 17:15

Modified

2025-08-01 16:10

Severity ?

5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

Summary

A vulnerability in the AnyConnect firewall for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should have been denied to flow through an affected device. This vulnerability is due to a logic error in populating group ACLs when an AnyConnect client establishes a new session toward an affected device. An attacker could exploit this vulnerability by establishing an AnyConnect connection to the affected device. A successful exploit could allow the attacker to bypass configured ACL rules.

References

URL	Tags
psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-acl-bypass-VvnLNKqf	Vendor Advisory
psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-M446vbEO	Broken Link
psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance_software	9.8.1
cisco	adaptive_security_appliance_software	9.8.1.5
cisco	adaptive_security_appliance_software	9.8.1.7
cisco	adaptive_security_appliance_software	9.8.2
cisco	adaptive_security_appliance_software	9.8.2.8
cisco	adaptive_security_appliance_software	9.8.2.14
cisco	adaptive_security_appliance_software	9.8.2.15
cisco	adaptive_security_appliance_software	9.8.2.17
cisco	adaptive_security_appliance_software	9.8.2.20
cisco	adaptive_security_appliance_software	9.8.2.24
cisco	adaptive_security_appliance_software	9.8.2.26
cisco	adaptive_security_appliance_software	9.8.2.28
cisco	adaptive_security_appliance_software	9.8.2.33
cisco	adaptive_security_appliance_software	9.8.2.35
cisco	adaptive_security_appliance_software	9.8.2.38
cisco	adaptive_security_appliance_software	9.8.2.45
cisco	adaptive_security_appliance_software	9.8.3
cisco	adaptive_security_appliance_software	9.8.3.8
cisco	adaptive_security_appliance_software	9.8.3.11
cisco	adaptive_security_appliance_software	9.8.3.14
cisco	adaptive_security_appliance_software	9.8.3.16
cisco	adaptive_security_appliance_software	9.8.3.18
cisco	adaptive_security_appliance_software	9.8.3.21
cisco	adaptive_security_appliance_software	9.8.3.26
cisco	adaptive_security_appliance_software	9.8.3.29
cisco	adaptive_security_appliance_software	9.8.4
cisco	adaptive_security_appliance_software	9.8.4.3
cisco	adaptive_security_appliance_software	9.8.4.7
cisco	adaptive_security_appliance_software	9.8.4.8
cisco	adaptive_security_appliance_software	9.8.4.10
cisco	adaptive_security_appliance_software	9.8.4.12
cisco	adaptive_security_appliance_software	9.8.4.15
cisco	adaptive_security_appliance_software	9.8.4.17
cisco	adaptive_security_appliance_software	9.8.4.20
cisco	adaptive_security_appliance_software	9.8.4.22
cisco	adaptive_security_appliance_software	9.8.4.25
cisco	adaptive_security_appliance_software	9.8.4.26
cisco	adaptive_security_appliance_software	9.8.4.29
cisco	adaptive_security_appliance_software	9.8.4.32
cisco	adaptive_security_appliance_software	9.8.4.33
cisco	adaptive_security_appliance_software	9.8.4.34
cisco	adaptive_security_appliance_software	9.8.4.35
cisco	adaptive_security_appliance_software	9.8.4.39
cisco	adaptive_security_appliance_software	9.8.4.40
cisco	adaptive_security_appliance_software	9.8.4.41
cisco	adaptive_security_appliance_software	9.8.4.43
cisco	adaptive_security_appliance_software	9.8.4.44
cisco	adaptive_security_appliance_software	9.8.4.45
cisco	adaptive_security_appliance_software	9.8.4.46
cisco	adaptive_security_appliance_software	9.8.4.48
cisco	adaptive_security_appliance_software	9.12.1
cisco	adaptive_security_appliance_software	9.12.1.2
cisco	adaptive_security_appliance_software	9.12.1.3
cisco	adaptive_security_appliance_software	9.12.2
cisco	adaptive_security_appliance_software	9.12.2.1
cisco	adaptive_security_appliance_software	9.12.2.4
cisco	adaptive_security_appliance_software	9.12.2.5
cisco	adaptive_security_appliance_software	9.12.2.9
cisco	adaptive_security_appliance_software	9.12.3
cisco	adaptive_security_appliance_software	9.12.3.2
cisco	adaptive_security_appliance_software	9.12.3.7
cisco	adaptive_security_appliance_software	9.12.3.9
cisco	adaptive_security_appliance_software	9.12.3.12
cisco	adaptive_security_appliance_software	9.12.4
cisco	adaptive_security_appliance_software	9.12.4.2
cisco	adaptive_security_appliance_software	9.12.4.4
cisco	adaptive_security_appliance_software	9.12.4.7
cisco	adaptive_security_appliance_software	9.12.4.8
cisco	adaptive_security_appliance_software	9.12.4.10
cisco	adaptive_security_appliance_software	9.12.4.13
cisco	adaptive_security_appliance_software	9.12.4.18
cisco	adaptive_security_appliance_software	9.12.4.24
cisco	adaptive_security_appliance_software	9.12.4.26
cisco	adaptive_security_appliance_software	9.12.4.29
cisco	adaptive_security_appliance_software	9.12.4.30
cisco	adaptive_security_appliance_software	9.12.4.35
cisco	adaptive_security_appliance_software	9.12.4.37
cisco	adaptive_security_appliance_software	9.12.4.38
cisco	adaptive_security_appliance_software	9.12.4.39
cisco	adaptive_security_appliance_software	9.12.4.40
cisco	adaptive_security_appliance_software	9.12.4.41
cisco	adaptive_security_appliance_software	9.12.4.47
cisco	adaptive_security_appliance_software	9.12.4.48
cisco	adaptive_security_appliance_software	9.12.4.50
cisco	adaptive_security_appliance_software	9.12.4.52
cisco	adaptive_security_appliance_software	9.12.4.54
cisco	adaptive_security_appliance_software	9.12.4.55
cisco	adaptive_security_appliance_software	9.12.4.56
cisco	adaptive_security_appliance_software	9.12.4.58
cisco	adaptive_security_appliance_software	9.12.4.62
cisco	adaptive_security_appliance_software	9.12.4.65
cisco	adaptive_security_appliance_software	9.12.4.67
cisco	adaptive_security_appliance_software	9.14.1
cisco	adaptive_security_appliance_software	9.14.1.6
cisco	adaptive_security_appliance_software	9.14.1.10
cisco	adaptive_security_appliance_software	9.14.1.15
cisco	adaptive_security_appliance_software	9.14.1.19
cisco	adaptive_security_appliance_software	9.14.1.30
cisco	adaptive_security_appliance_software	9.14.2
cisco	adaptive_security_appliance_software	9.14.2.4
cisco	adaptive_security_appliance_software	9.14.2.8
cisco	adaptive_security_appliance_software	9.14.2.13
cisco	adaptive_security_appliance_software	9.14.2.15
cisco	adaptive_security_appliance_software	9.14.3
cisco	adaptive_security_appliance_software	9.14.3.1
cisco	adaptive_security_appliance_software	9.14.3.9
cisco	adaptive_security_appliance_software	9.14.3.11
cisco	adaptive_security_appliance_software	9.14.3.13
cisco	adaptive_security_appliance_software	9.14.3.15
cisco	adaptive_security_appliance_software	9.14.3.18
cisco	adaptive_security_appliance_software	9.14.4
cisco	adaptive_security_appliance_software	9.14.4.6
cisco	adaptive_security_appliance_software	9.14.4.7
cisco	adaptive_security_appliance_software	9.14.4.12
cisco	adaptive_security_appliance_software	9.14.4.13
cisco	adaptive_security_appliance_software	9.14.4.14
cisco	adaptive_security_appliance_software	9.14.4.15
cisco	adaptive_security_appliance_software	9.14.4.17
cisco	adaptive_security_appliance_software	9.14.4.22
cisco	adaptive_security_appliance_software	9.14.4.23
cisco	adaptive_security_appliance_software	9.14.4.24
cisco	adaptive_security_appliance_software	9.15.1
cisco	adaptive_security_appliance_software	9.15.1.1
cisco	adaptive_security_appliance_software	9.15.1.7
cisco	adaptive_security_appliance_software	9.15.1.10
cisco	adaptive_security_appliance_software	9.15.1.15
cisco	adaptive_security_appliance_software	9.15.1.16
cisco	adaptive_security_appliance_software	9.15.1.17
cisco	adaptive_security_appliance_software	9.15.1.21
cisco	adaptive_security_appliance_software	9.16.1
cisco	adaptive_security_appliance_software	9.16.1.28
cisco	adaptive_security_appliance_software	9.16.2
cisco	adaptive_security_appliance_software	9.16.2.3
cisco	adaptive_security_appliance_software	9.16.2.7
cisco	adaptive_security_appliance_software	9.16.2.11
cisco	adaptive_security_appliance_software	9.16.2.13
cisco	adaptive_security_appliance_software	9.16.2.14
cisco	adaptive_security_appliance_software	9.16.3
cisco	adaptive_security_appliance_software	9.16.3.3
cisco	adaptive_security_appliance_software	9.16.3.14
cisco	adaptive_security_appliance_software	9.16.3.15
cisco	adaptive_security_appliance_software	9.16.3.19
cisco	adaptive_security_appliance_software	9.16.3.23
cisco	adaptive_security_appliance_software	9.16.4
cisco	adaptive_security_appliance_software	9.16.4.9
cisco	adaptive_security_appliance_software	9.16.4.14
cisco	adaptive_security_appliance_software	9.16.4.18
cisco	adaptive_security_appliance_software	9.16.4.19
cisco	adaptive_security_appliance_software	9.16.4.27
cisco	adaptive_security_appliance_software	9.16.4.38
cisco	adaptive_security_appliance_software	9.16.4.39
cisco	adaptive_security_appliance_software	9.16.4.42
cisco	adaptive_security_appliance_software	9.16.4.48
cisco	adaptive_security_appliance_software	9.16.4.55
cisco	adaptive_security_appliance_software	9.17.1
cisco	adaptive_security_appliance_software	9.17.1.7
cisco	adaptive_security_appliance_software	9.17.1.9
cisco	adaptive_security_appliance_software	9.17.1.10
cisco	adaptive_security_appliance_software	9.17.1.11
cisco	adaptive_security_appliance_software	9.17.1.13
cisco	adaptive_security_appliance_software	9.17.1.15
cisco	adaptive_security_appliance_software	9.17.1.20
cisco	adaptive_security_appliance_software	9.17.1.30
cisco	adaptive_security_appliance_software	9.17.1.33
cisco	adaptive_security_appliance_software	9.17.1.39
cisco	adaptive_security_appliance_software	9.18.1
cisco	adaptive_security_appliance_software	9.18.1.3
cisco	adaptive_security_appliance_software	9.18.2
cisco	adaptive_security_appliance_software	9.18.2.5
cisco	adaptive_security_appliance_software	9.18.2.7
cisco	adaptive_security_appliance_software	9.18.2.8
cisco	adaptive_security_appliance_software	9.18.3
cisco	adaptive_security_appliance_software	9.18.3.39
cisco	adaptive_security_appliance_software	9.18.3.46
cisco	adaptive_security_appliance_software	9.18.3.53
cisco	adaptive_security_appliance_software	9.19.1
cisco	adaptive_security_appliance_software	9.19.1.5
cisco	adaptive_security_appliance_software	9.19.1.9
cisco	adaptive_security_appliance_software	9.19.1.12
cisco	firepower_threat_defense	6.2.3
cisco	firepower_threat_defense	6.2.3.1
cisco	firepower_threat_defense	6.2.3.2
cisco	firepower_threat_defense	6.2.3.3
cisco	firepower_threat_defense	6.2.3.4
cisco	firepower_threat_defense	6.2.3.5
cisco	firepower_threat_defense	6.2.3.6
cisco	firepower_threat_defense	6.2.3.7
cisco	firepower_threat_defense	6.2.3.8
cisco	firepower_threat_defense	6.2.3.9
cisco	firepower_threat_defense	6.2.3.10
cisco	firepower_threat_defense	6.2.3.11
cisco	firepower_threat_defense	6.2.3.12
cisco	firepower_threat_defense	6.2.3.13
cisco	firepower_threat_defense	6.2.3.14
cisco	firepower_threat_defense	6.2.3.15
cisco	firepower_threat_defense	6.2.3.16
cisco	firepower_threat_defense	6.2.3.17
cisco	firepower_threat_defense	6.2.3.18
cisco	firepower_threat_defense	6.4.0
cisco	firepower_threat_defense	6.4.0.1
cisco	firepower_threat_defense	6.4.0.2
cisco	firepower_threat_defense	6.4.0.3
cisco	firepower_threat_defense	6.4.0.4
cisco	firepower_threat_defense	6.4.0.5
cisco	firepower_threat_defense	6.4.0.6
cisco	firepower_threat_defense	6.4.0.7
cisco	firepower_threat_defense	6.4.0.8
cisco	firepower_threat_defense	6.4.0.9
cisco	firepower_threat_defense	6.4.0.10
cisco	firepower_threat_defense	6.4.0.11
cisco	firepower_threat_defense	6.4.0.12
cisco	firepower_threat_defense	6.4.0.13
cisco	firepower_threat_defense	6.4.0.14
cisco	firepower_threat_defense	6.4.0.15
cisco	firepower_threat_defense	6.4.0.16
cisco	firepower_threat_defense	6.4.0.17
cisco	firepower_threat_defense	6.4.0.18
cisco	firepower_threat_defense	6.6.0
cisco	firepower_threat_defense	6.6.0.1
cisco	firepower_threat_defense	6.6.1
cisco	firepower_threat_defense	6.6.3
cisco	firepower_threat_defense	6.6.4
cisco	firepower_threat_defense	6.6.5
cisco	firepower_threat_defense	6.6.5.1
cisco	firepower_threat_defense	6.6.5.2
cisco	firepower_threat_defense	6.6.7
cisco	firepower_threat_defense	6.6.7.1
cisco	firepower_threat_defense	6.6.7.2
cisco	firepower_threat_defense	6.7.0
cisco	firepower_threat_defense	6.7.0.1
cisco	firepower_threat_defense	6.7.0.2
cisco	firepower_threat_defense	6.7.0.3
cisco	firepower_threat_defense	7.0.0
cisco	firepower_threat_defense	7.0.0.1
cisco	firepower_threat_defense	7.0.1
cisco	firepower_threat_defense	7.0.1.1
cisco	firepower_threat_defense	7.0.2
cisco	firepower_threat_defense	7.0.2.1
cisco	firepower_threat_defense	7.0.3
cisco	firepower_threat_defense	7.0.4
cisco	firepower_threat_defense	7.0.5
cisco	firepower_threat_defense	7.0.6
cisco	firepower_threat_defense	7.0.6.1
cisco	firepower_threat_defense	7.1.0
cisco	firepower_threat_defense	7.1.0.1
cisco	firepower_threat_defense	7.1.0.2
cisco	firepower_threat_defense	7.1.0.3
cisco	firepower_threat_defense	7.2.0
cisco	firepower_threat_defense	7.2.0.1
cisco	firepower_threat_defense	7.2.1
cisco	firepower_threat_defense	7.2.2
cisco	firepower_threat_defense	7.2.3
cisco	firepower_threat_defense	7.2.4
cisco	firepower_threat_defense	7.2.4.1
cisco	firepower_threat_defense	7.2.5
cisco	firepower_threat_defense	7.3.0
cisco	firepower_threat_defense	7.3.1
cisco	firepower_threat_defense	7.3.1.1
cisco	firepower_threat_defense	7.3.1.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D482F818-0A8E-49D7-8E3E-0958019FA629",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E7BFB57-BC02-4930-A02F-83583E6A0FC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "026F1960-C879-4611-A60A-96311B63CCA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAF8B33E-0C95-467D-A865-0A234E69D0CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFF144F5-D933-4DE4-818C-001BD9E3958A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "00112ED3-FE7B-425B-9A28-1E5F2BC8BB01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDD491D5-FAAB-493F-91A6-D2F3B5F5970E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "1519F49D-588F-4B70-B38F-EF4F3E13FEAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "15354443-5EB7-4712-B2DE-61DB33830759",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "248D6B44-E134-4DEC-A947-636824E3FDFA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "0820A79C-F3EF-407F-9AC7-DCAB4CD39C89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D3E8805-85D2-4345-8076-039513209A31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "14BB907B-D75A-4F5E-B20D-5457A71A70EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "F118B803-4C55-436A-A136-0C1FEA49858F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.38:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A272121-408E-45F6-A2A1-0BA6EBC060A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.45:*:*:*:*:*:*:*",
              "matchCriteriaId": "61C3A433-0792-434E-AC90-A84B346499D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "980CEA3B-5A81-4E8C-BEA3-DD31BE7DA2CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3910211-D4DB-4CA7-BBEA-DD8246FF10ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "C260BF30-7A33-4C70-9509-404856C93666",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF894850-39EC-4B57-BBFF-F1AB4F8389A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1FAFCF9-0ABE-483E-9604-329762BB7870",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "83DB4278-3126-4765-97C4-6C0A8C78DA78",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "174E631B-6099-47DE-8790-BBF4B7FDB8CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FE3538B-F612-4105-BFDE-A4B594482DCF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "3143B0FF-C855-485E-A908-E48974B1643C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "26DD9992-6D98-4E03-9599-ECF38A186FBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "24DCEAE6-355B-40AE-A7C8-AF744FCA8A86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "2097E81E-B422-4B93-AF09-F300A0E8AF71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "454DEA31-A607-4054-82D3-24A4FEB7358F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "57F0B213-8187-4465-84F1-FB8D92B36020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "E540771E-BA0B-42D1-8251-B576B0F142C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEC2A833-BECF-4000-A592-6113A84C2D20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "077F1416-924A-4D25-9CEE-3BD66A96A019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BDC8D92-D6E0-40EE-B190-D2B32C7DEB75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "23CD5619-E534-4F40-998D-39DC19FA0451",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5D0EB11-14B1-44B3-8D46-B9DD872F772C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FA399CF-12DB-42E0-A66F-14508B52A453",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B5A7608-E737-420E-9B5E-836600DAC701",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.32:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7EB6801-336D-4F41-ADE7-1C58C63C3F6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "8413DA41-02A5-4269-8C88-9DD5076AF91B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.34:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA00285F-6914-4749-8A47-FC4EDAFFF3C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "4AA4D367-32B9-4F54-8352-A959F61A1FDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "2259FF9E-0C8B-440F-B1AC-51BDE3F60E68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C522B55-904D-4C08-B73E-1457D877C0AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "4483056A-FBF3-4E00-81EB-1E97334EF240",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.43:*:*:*:*:*:*:*",
              "matchCriteriaId": "48677330-06AB-4C7F-B2AD-F7E465A9632A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.44:*:*:*:*:*:*:*",
              "matchCriteriaId": "7AEA80D2-5DB8-4334-9A88-7DDE395832C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.45:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB1C38A5-1028-4AD3-8CC7-A00091091E76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.46:*:*:*:*:*:*:*",
              "matchCriteriaId": "848147B2-C49A-43F6-9069-FC8885BDFDA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.48:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6FEF0DA-741E-4361-8143-068EB47D6520",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F002FD55-F881-450E-BC1B-8073E188F47E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA940C4F-13BB-465F-BB8D-CBD0109BF012",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B0434F5-9A50-4B57-9C5B-E09415D098C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE727035-06CB-4E37-A9D2-96BD54502120",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FE52B81-2CF8-48E5-A7BA-A163A25A669B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8E8D7C9-5272-40E6-869B-B33959F9F0CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE8D5D71-5C85-4644-8A84-F073549ADB50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "0790DDC2-7BA0-42DC-A157-754C0CBBE178",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "882394EA-70C8-4D86-9AEF-5D273D8E518C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "855AD3CC-F404-48C5-80D2-7F2765D16D72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "26B6BF72-9124-4213-B3C0-BD31B46E8C91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE8FBE89-8FDA-4B9B-BA1A-90FFD482A585",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "149C3872-8DA9-48DD-ADD0-2E84C1A76A40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2D33E8C-294A-4C43-8DB6-9DA9F61F0B3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E23ACB0-DF8B-4672-A819-4DCD3104CE4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4723B88-62BA-40E6-AA89-BAC02D6A036F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C698819-3C8E-4A16-8F52-42FF1E54C076",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D3CE74E-59E7-448A-8417-18F97C05C798",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "0986C171-0E75-4F6F-A9BD-276830104E5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "66A2777A-7831-4324-AEB2-5D93B5F6C04B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "37045680-9189-4B7F-A4F7-4E682FE20A09",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6C9F37B-CF3C-4861-A969-C7CF4946274A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A1DAF21-3FED-4691-9D4C-8FD8CEA7FB3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB938E58-4963-4A31-8836-88E958592B30",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E317897-EE97-44F3-96BB-E54228D72A7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EF7FAB2-158D-4C48-9246-E7AD3BF1D801",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.37:*:*:*:*:*:*:*",
              "matchCriteriaId": "056D43AE-ECDB-40D2-A196-18DDCD02629E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.38:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3E555F3-3580-4D71-8D8D-92FE72763D62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "93013503-8B9A-4160-AF7E-277958FA6E9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3B009FD-0F2B-4511-8EDF-C3E670623F89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "52579D8D-E855-42B3-B406-32DD1C39F721",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.47:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7E44FC6-12A2-4F76-A095-28F3804B619F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.48:*:*:*:*:*:*:*",
              "matchCriteriaId": "42917E5E-E362-4B40-B2B2-3C77BA35641C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.50:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF317FA3-EBF3-49BB-A9E6-0D4295FA3F60",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.52:*:*:*:*:*:*:*",
              "matchCriteriaId": "F98B1683-914F-43D3-AE1C-311D3A90BE8C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.54:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8D24656-CAB1-4A98-A440-482927FEDD16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.55:*:*:*:*:*:*:*",
              "matchCriteriaId": "E504557C-DA5D-4D0F-A813-4CE7D5109F15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.56:*:*:*:*:*:*:*",
              "matchCriteriaId": "04D2A067-C717-4921-BBF5-3EFBE02736EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.58:*:*:*:*:*:*:*",
              "matchCriteriaId": "36DDEC5B-4BEA-499C-9F34-BB3D39B7A963",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.62:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4E44C37-0F6F-440B-BA26-FB6D0B179E44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.65:*:*:*:*:*:*:*",
              "matchCriteriaId": "6AEE0050-34DC-49CB-B859-8ED500FD79A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.67:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A47E5C5-E058-4B4C-A258-6DF7CE0EA92B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "52D83C3A-ED0B-42D5-A08A-97D27E189875",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "A649E319-D408-4AA2-8293-C9E37AF14BA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4187EFE-4D7E-4493-A6E0-24C98256CF79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "6730194F-5069-40AB-AE66-871D3992560C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E257F98-D1A0-4D28-9504-1749CC090D49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FF1A5FC-73BE-4218-86D9-2E81FA64EABD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E492943-6EC0-4E34-9DBC-DD1C2CF1CDCC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "589E46F3-8038-4B87-8C40-55C6268B82F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F3B73F6-139E-42DC-B895-DDD17B5A1138",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A2590E7-FE04-4B29-B36B-AABAA5F3B9AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E4FD5E3-7E82-4294-8B05-D2045D857029",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E998A4A-5346-4CFA-A617-FD1106C6B7A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "91265549-A16E-4A00-A031-4F1EB8D6881C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA3C316B-5485-4CDD-A1A1-6C0A9CB4719F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECE6D033-7B8B-4F61-B653-0C0EF13466EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "14441650-DAD5-4959-83DF-4D6F3D6A05FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B21ABC9-A64B-43E4-8951-1E6C0F427DBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "A48EC041-322F-422D-B95B-0FC07BDA2B6B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE0D50C0-DADB-4747-8649-8A5257111FE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEE2699F-353F-44CB-A778-981783DDC31F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D8E50BD-1FBD-483B-9C27-70E95C732E55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "F46E5E4F-787C-4C05-B1E7-C39BB9125D16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6A29312-38E7-456B-94DD-4D7329691114",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "27F7BB31-C733-4C32-BF0F-33B5AF020156",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC313568-33A6-435B-98FF-8A7091D9C451",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F85710A-28CE-4913-8523-356461908FBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6069950-016B-419A-B754-D58956CB6D14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A2F3FEC-624F-47C5-B056-836861BB038A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C4B1136-66B6-42BA-BC17-86E7DCE1CF29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA0B9B73-A9E6-4924-9EAE-B57E534938FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "012812C4-EFF8-465F-A771-134BEB617CC9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "E06141A9-8C37-445A-B58A-45739AFE7D4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "7EDC09E5-51D3-4672-B910-B34A9CBD6128",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "71ED7A71-81CB-444C-A4ED-EA4A58D5E73C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "CAD13331-0EB8-4C8D-85CC-D96CA9F829AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "7137F22B-F993-4620-9378-9412DAEA9EF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "923A40E8-6456-4288-B9AB-DBF5F9C4246A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "13F57A86-6284-4269-823E-B30C57185D14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.1.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6560447-039C-40FA-A24D-C8994AC2743B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "378ED826-F5FE-40BA-9FC0-9C185A13518B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "130B6FD9-764D-4EF8-91AA-37E52AE9B3E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "225861CE-FFF8-4AFA-A07B-CB8D5BC9C361",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD08C4E8-3ADB-4048-9B3C-4F0385201523",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4875811-F209-49ED-B310-8377B2F87FF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "99C52C7B-B626-4A3C-A2EC-28A20E7FA95F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "08CCBF5E-257A-4A1F-8930-3643A9588838",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "782BC9ED-1395-472B-9F34-DED812AA5BFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "153449C0-B93F-49A2-8A6A-BE84305E8D2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "853A002C-839A-4372-8485-750A86E9F6E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "C62BB5D6-CE75-4C83-82DC-4148EF8CB1F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "D32F1365-EAF8-4570-B2FF-45E47E8586F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFD07F9B-6BB3-4423-8DBE-4E89A6478E65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "34FE4F28-B704-4325-AE8A-C790163FEE71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "E832BC0C-8439-4779-9064-C2D93F231031",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA99DF94-D031-4375-9A16-306606FE28F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC149D03-5609-46E6-A1B3-F4D91F282B49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.27:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5D7FC6F-1370-4272-97E5-226C2ED1D335",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.38:*:*:*:*:*:*:*",
              "matchCriteriaId": "164D5774-D51B-47C6-AD32-ED6B84E78BBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "24A810C8-1BB5-4589-84AB-C357C1937201",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.42:*:*:*:*:*:*:*",
              "matchCriteriaId": "F22D8D65-2E88-4557-BF85-1E3ABD4CCAE8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.48:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF62C9AF-70F5-4A12-9B0A-F32551FB2C40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.55:*:*:*:*:*:*:*",
              "matchCriteriaId": "A04EB4FB-0C9F-441E-B02A-6B22F195348F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "27ACBA2A-87A7-4836-A474-AFD7D22F820D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "C73E0B2E-BABF-4998-A1D7-4E803F9D78AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "59306ADF-FAA6-4970-ADFB-C5D9A5AEF1AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "959107AC-E9EC-467C-901B-A3164E3762E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F944F8F-0255-42BE-BD44-D21EC9F0FFC4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F39C535-5A41-47CE-A9CF-B360998D4BF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9CEAEFC-7B82-41F9-A09D-C86A3A60A4FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "40FAC31D-19C0-4BA0-A019-C7E7A0BA0B5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "6CAAFE0F-416F-4BCA-BA37-30EAEADA8AFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E1E8552-58F0-491E-B7D7-E89527872FC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "9347D71D-1F50-4F85-9F6D-E11D79BD26E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BA16A6D-2747-4DAC-A30A-166F1FD906FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "289F9874-FC01-4809-9BDA-1AF583FB60B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "74EDFC67-E4EE-4D2C-BF9F-5881C987C662",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "826869BE-4874-4BBA-9392-14851560BA10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF52D477-3045-45D1-9FD3-12F396266463",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "88E310BF-F1F6-4124-A875-81967B9B531E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B330F8F-F0DA-472C-A932-AD1D232C7DB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BF59DAA-268C-4FCF-A0AA-7967128AEBC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.46:*:*:*:*:*:*:*",
              "matchCriteriaId": "140ED95D-173C-4ADB-A2E6-97F0D595D1AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.53:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC9B00E1-3E50-4356-B6D9-F84BCD552402",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEE52F59-AABA-4069-A909-64AD5DFD2B18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "20D7966E-B02B-48C8-BF96-723DD6C25314",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA618249-E76F-4104-9326-C9F2DC8DE3D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C925E1F-6BD9-4CD1-8AC4-4263A9094786",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D726F07-06F1-4B0A-B010-E607E0C2A280",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FAD2427-82A3-4E64-ADB5-FA4F40B568F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "08D5A647-AC21-40AC-8B3C-EE5D3EDA038A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BAE999A-5244-46CF-8C12-D68E789BDEE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6468D3D-C5A7-4FAE-B4B9-AD862CD11055",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6E4808D-592E-46A6-A83A-A46227D817B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AB45136-ACCD-4230-8975-0EBB30D5B375",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2C39AC1-1B96-4253-9FC8-4CC26D6261F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE9102C8-F211-4E50-967F-FD51C7FC904F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4933642-89E5-4909-AD3C-862CD3B77790",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9A6C776-79B3-47ED-B013-100B8F08E1C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "E504F28A-44CE-4B3E-9330-6A98728E3AEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEA0DD43-D206-4C1C-8B17-DA47F96B3BAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "1983172D-4F52-479F-BF14-A84B92D36864",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "4122D982-A57A-4249-A8DC-CE9FC6C98803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "96464380-F665-4266-B0AD-693E078C9F82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C230B8A-570D-4F58-83E1-AFA50B813EA4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD3F39CB-C4C2-4B13-94F0-9E44322314BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "59A71873-0EB2-418F-AE33-8474A1010FA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2DF0B07-8C2A-4341-8AFF-DE7E5E5B3A43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E6BD0EE-649E-4ED6-A09C-8364335DEF52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AE11554-FE3C-4C8B-8986-5D88E4967342",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1C11983-22A8-4859-A240-571A7815FF54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "24CD0B0A-2B91-45DD-9522-8D1D3850CC9B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7026F0E-72A7-4CDF-BADC-E34FE6FADC51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "63B85369-FBAE-456C-BC99-5418B043688A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "86434346-D5F0-49BA-803E-244C3266E361",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2FA7B3C-002D-4755-B323-CA24B770A5B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1CB7EBC-F3D5-4855-A8D8-BA5AB21FD719",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2A5530C-DF29-421B-9712-3454C1769446",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "41170977-FEEA-4B51-BF98-8493096CD691",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "B05791F9-0B31-4C4C-A9BA-9268CAA45FB2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D975CBA-7F01-4A4C-991B-9571410C4F07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6D7AF29-4E08-4BFD-AFE0-994309E66F08",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2EFA476-5021-4A00-859E-1643009D6156",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6E3A5DC-A237-46E4-A4E5-F135482F984A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "B166867E-E51B-46E3-A6E2-B10E67364058",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "1CE51492-8C9B-459E-9F80-64F426009905",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCD69468-8067-4A5D-B2B0-EC510D889AA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "20AE4051-FA3B-4F0B-BD3D-083A14269FF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "46A42D07-FF3E-41B4-BA39-3A5BDA4E0E61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3985EA37-2B77-45F2-ABA5-5CCC7B35CA2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "67FB5ABE-3C40-4C58-B91F-0621C2180FAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "53909FD6-EC74-4D2F-99DA-26E70400B53F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "55FE024D-0D43-40AD-9645-8C54ECF17824",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC411A8D-CD39-46F5-B8FC-6753E618FAEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "D46E2E00-BA86-4002-B67B-2C1A6C1AAAE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "91AD8BA2-EB8D-4D8B-B707-AF5C2A831998",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FA95508-0A28-4D4A-81A7-5CDD1F5DA46C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "85F22403-B4EE-4303-9C94-915D3E0AC944",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "828E3DE1-B62E-4FEC-AAD3-EB0E452C9CBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "596EC5DD-D7F4-44C8-B4B5-E2DC142FC486",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C356E0E6-5B87-40CF-996E-6FFEDFD82A31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBCA75A6-0A3E-4393-8884-9F3CE190641E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F3C12D3-7662-46C5-9E88-D1BE6CF605E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "046B53A0-6BC1-461A-9C28-C534CE12C4BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA889E1-4E8F-4ECE-88AC-7A240D5CBF0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D1C767F-3E06-43B7-A0CC-D51D97A053EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "43A950B0-A7CA-4CE7-A393-A18C8C41B08E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7E221CB-BD0F-4AEE-8646-998B75647714",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "225382DE-2919-48F4-9CC0-DE685EAAFDF4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBA2DFE7-F478-46EC-9832-4B2C738FC879",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "39FE5927-2421-4CBE-97EA-6AED892DA1C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8BF2227-3C50-4FD1-98DB-21196E75D1DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D619BF54-1BA9-45D0-A876-92D7010088A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "469EA365-DED5-4436-AAC2-5553529DE700",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D94F400-5A35-41F5-B37F-E9DA6F87ED8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5364CB94-BEA3-4E9A-A2F9-EE96A2D7F8AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FD5D12-CF1A-4990-99B3-1840EFBA5611",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCD2D11D-FF08-44E4-BF67-D8DD1E701FCD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F788D156-1F1F-4A08-848B-257BC4CCE000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "795ED164-7800-4D50-8E37-665BE30190D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B0664B8-1670-4F47-A01E-089D05A9618A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6826018-5620-4924-BE92-6A245378F610",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A49A07CF-12BA-481C-B5FF-754520080A8A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "F203C7D1-AA92-4367-B7A5-EBAE6B76EE6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBC0C3DC-4761-488A-90A9-6EA45EE61526",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "62EE065B-F8B6-4125-8486-B2EE0566B27A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5245DEF8-64BE-47C9-AA3C-DF3F7F92A89F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5A52991-802D-46FB-A508-5616BA1CEB78",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the AnyConnect firewall for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should have been denied to flow through an affected device. This vulnerability is due to a logic error in populating group ACLs when an AnyConnect client establishes a new session toward an affected device. An attacker could exploit this vulnerability by establishing an AnyConnect connection to the affected device. A successful exploit could allow the attacker to bypass configured ACL rules."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el firewall AnyConnect para el software Cisco Adaptive Security Appliance (ASA) y el software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir que un atacante remoto no autenticado omita una lista de control de acceso (ACL) configurada y permita que el tr\u00e1fico que deber\u00eda haber sido denegado fluya a trav\u00e9s de un dispositivo afectado. Esta vulnerabilidad se debe a un error l\u00f3gico en el llenado de las ACL de grupo cuando un cliente AnyConnect establece una nueva sesi\u00f3n hacia un dispositivo afectado. Un atacante podr\u00eda aprovechar esta vulnerabilidad estableciendo una conexi\u00f3n AnyConnect con el dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante omitir las reglas de ACL configuradas."
    }
  ],
  "id": "CVE-2024-20297",
  "lastModified": "2025-08-01T16:10:09.737",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-10-23T17:15:15.437",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-acl-bypass-VvnLNKqf"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Broken Link"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-M446vbEO"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-290"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2017-02-03 07:59

Modified

2025-04-20 01:37

Severity ?

5.3 (Medium) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Summary

A vulnerability in CLI command processing in the Cisco Firepower 4100 Series Next-Generation Firewall and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to inject arbitrary shell commands that are executed by the device. More Information: CSCvb61343. Known Affected Releases: 2.0(1.68). Known Fixed Releases: 2.0(1.118) 2.1(1.47) 92.1(1.1646) 92.1(1.1763) 92.2(1.101).

References

URL	Tags
psirt@cisco.com	http://www.securityfocus.com/bid/95943	Third Party Advisory, VDB Entry
psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-fpw	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/95943	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-fpw	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	5.3.0
cisco	firepower_threat_defense	5.4.0
cisco	firepower_threat_defense	6.0.0
cisco	firepower_threat_defense	6.0.1
cisco	firepower_threat_defense	6.1.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:5.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0DB13378-A7CB-4EBB-B3FD-57F7F37965ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:5.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D850EEF9-1967-4CE5-A30C-50180849BCAD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1AC6A67-82EF-4D31-AFCB-499A0C6EC0F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "995667FD-35F1-49E5-96DB-2FDFF5E0B523",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "61FB47CF-2A6A-4121-BFF7-5862E163B8E5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in CLI command processing in the Cisco Firepower 4100 Series Next-Generation Firewall and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to inject arbitrary shell commands that are executed by the device. More Information: CSCvb61343. Known Affected Releases: 2.0(1.68). Known Fixed Releases: 2.0(1.118) 2.1(1.47) 92.1(1.1646) 92.1(1.1763) 92.2(1.101)."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el procesamiento de comandos CLI en el Firewall de pr\u00f3xima generaci\u00f3n Cisco Firepower 4100 y en el dispositivo de seguridad Cisco Firepower 9300 podr\u00eda permitir a un atacante autenticado y local inyectar comandos shell arbitrarios ejecutados por el dispositivo. M\u00e1s informaci\u00f3n: CSCvb61343. Lanzamientos Afectados Conocidos: 2.0 (1.68). Lanzamientos Reparados Conocidos: 2,0 (1,118) 2,1 (1,47) 92,1 (1,1646) 92,1 (1,1763) 92,2 (1,101)."
    }
  ],
  "id": "CVE-2017-3806",
  "lastModified": "2025-04-20T01:37:25.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.6,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "LOW",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
          "version": "3.0"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 3.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-02-03T07:59:00.657",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/95943"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-fpw"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/95943"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-fpw"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2022-11-15 21:15

Modified

2024-11-21 06:43

Severity ?

6.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Summary

A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software and Cisco FXOS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as root. This vulnerability is due to improper input validation for specific CLI commands. An attacker could exploit this vulnerability by injecting operating system commands into a legitimate command. A successful exploit could allow the attacker to escape the restricted command prompt and execute arbitrary commands on the underlying operating system. To successfully exploit this vulnerability, an attacker would need valid Administrator credentials.

References

▼	URL	Tags
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-fxos-cmd-inj-Q9bLNsrK
	af854a3a-2127-422b-91ae-364da2661108	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-fxos-cmd-inj-Q9bLNsrK

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	6.2.1
cisco	firepower_threat_defense	6.6.0
cisco	firepower_threat_defense	6.6.0.1
cisco	firepower_threat_defense	6.6.1
cisco	firepower_threat_defense	6.6.3
cisco	firepower_threat_defense	6.6.4
cisco	firepower_threat_defense	6.6.5
cisco	firepower_threat_defense	6.6.5.1
cisco	firepower_threat_defense	6.6.5.2
cisco	firepower_threat_defense	6.6.7
cisco	firepower_threat_defense	7.1.0.0
cisco	firepower_threat_defense	7.1.0.1
cisco	firepower_threat_defense	7.1.0.2
cisco	firepower_threat_defense	7.2.0
cisco	firepower_threat_defense	7.2.0.1
cisco	firepower_extensible_operating_system	1.1.1.147
cisco	firepower_extensible_operating_system	1.1.1.160
cisco	firepower_extensible_operating_system	1.1.2.51
cisco	firepower_extensible_operating_system	1.1.2.178
cisco	firepower_extensible_operating_system	1.1.3.84
cisco	firepower_extensible_operating_system	1.1.3.86
cisco	firepower_extensible_operating_system	1.1.3.97
cisco	firepower_extensible_operating_system	1.1.4.95
cisco	firepower_extensible_operating_system	1.1.4.117
cisco	firepower_extensible_operating_system	1.1.4.140
cisco	firepower_extensible_operating_system	1.1.4.169
cisco	firepower_extensible_operating_system	1.1.4.175
cisco	firepower_extensible_operating_system	1.1.4.178
cisco	firepower_extensible_operating_system	1.1.4.179
cisco	firepower_extensible_operating_system	2.0.1.37
cisco	firepower_extensible_operating_system	2.0.1.68
cisco	firepower_extensible_operating_system	2.0.1.86
cisco	firepower_extensible_operating_system	2.0.1.135
cisco	firepower_extensible_operating_system	2.0.1.141
cisco	firepower_extensible_operating_system	2.0.1.144
cisco	firepower_extensible_operating_system	2.0.1.148
cisco	firepower_extensible_operating_system	2.0.1.149
cisco	firepower_extensible_operating_system	2.0.1.153
cisco	firepower_extensible_operating_system	2.0.1.159
cisco	firepower_extensible_operating_system	2.0.1.188
cisco	firepower_extensible_operating_system	2.0.1.201
cisco	firepower_extensible_operating_system	2.0.1.203
cisco	firepower_extensible_operating_system	2.0.1.204
cisco	firepower_extensible_operating_system	2.0.1.206
cisco	firepower_extensible_operating_system	2.1.1.64
cisco	firepower_extensible_operating_system	2.1.1.73
cisco	firepower_extensible_operating_system	2.1.1.77
cisco	firepower_extensible_operating_system	2.1.1.83
cisco	firepower_extensible_operating_system	2.1.1.85
cisco	firepower_extensible_operating_system	2.1.1.86
cisco	firepower_extensible_operating_system	2.1.1.97
cisco	firepower_extensible_operating_system	2.1.1.106
cisco	firepower_extensible_operating_system	2.1.1.107
cisco	firepower_extensible_operating_system	2.1.1.113
cisco	firepower_extensible_operating_system	2.1.1.115
cisco	firepower_extensible_operating_system	2.1.1.116
cisco	firepower_extensible_operating_system	2.2.1.63
cisco	firepower_extensible_operating_system	2.2.1.66
cisco	firepower_extensible_operating_system	2.2.1.70
cisco	firepower_extensible_operating_system	2.2.2.17
cisco	firepower_extensible_operating_system	2.2.2.19
cisco	firepower_extensible_operating_system	2.2.2.24
cisco	firepower_extensible_operating_system	2.2.2.26
cisco	firepower_extensible_operating_system	2.2.2.28
cisco	firepower_extensible_operating_system	2.2.2.54
cisco	firepower_extensible_operating_system	2.2.2.60
cisco	firepower_extensible_operating_system	2.2.2.71
cisco	firepower_extensible_operating_system	2.2.2.83
cisco	firepower_extensible_operating_system	2.2.2.86
cisco	firepower_extensible_operating_system	2.2.2.91
cisco	firepower_extensible_operating_system	2.2.2.97
cisco	firepower_extensible_operating_system	2.2.2.101
cisco	firepower_extensible_operating_system	2.2.2.137
cisco	firepower_extensible_operating_system	2.2.2.148
cisco	firepower_extensible_operating_system	2.2.2.149
cisco	firepower_extensible_operating_system	2.3.1.56
cisco	firepower_extensible_operating_system	2.3.1.58
cisco	firepower_extensible_operating_system	2.3.1.66
cisco	firepower_extensible_operating_system	2.3.1.73
cisco	firepower_extensible_operating_system	2.3.1.75
cisco	firepower_extensible_operating_system	2.3.1.88
cisco	firepower_extensible_operating_system	2.3.1.91
cisco	firepower_extensible_operating_system	2.3.1.93
cisco	firepower_extensible_operating_system	2.3.1.99
cisco	firepower_extensible_operating_system	2.3.1.110
cisco	firepower_extensible_operating_system	2.3.1.111
cisco	firepower_extensible_operating_system	2.3.1.130
cisco	firepower_extensible_operating_system	2.3.1.144
cisco	firepower_extensible_operating_system	2.3.1.145
cisco	firepower_extensible_operating_system	2.3.1.155
cisco	firepower_extensible_operating_system	2.3.1.166
cisco	firepower_extensible_operating_system	2.3.1.173
cisco	firepower_extensible_operating_system	2.3.1.179
cisco	firepower_extensible_operating_system	2.3.1.180
cisco	firepower_extensible_operating_system	2.3.1.190
cisco	firepower_extensible_operating_system	2.3.1.215
cisco	firepower_extensible_operating_system	2.3.1.216
cisco	firepower_extensible_operating_system	2.3.1.219
cisco	firepower_extensible_operating_system	2.4.1.101
cisco	firepower_extensible_operating_system	2.4.1.214
cisco	firepower_extensible_operating_system	2.4.1.222
cisco	firepower_extensible_operating_system	2.4.1.234
cisco	firepower_extensible_operating_system	2.4.1.238
cisco	firepower_extensible_operating_system	2.4.1.244
cisco	firepower_extensible_operating_system	2.4.1.249
cisco	firepower_extensible_operating_system	2.4.1.252
cisco	firepower_extensible_operating_system	2.4.1.266
cisco	firepower_extensible_operating_system	2.4.1.268
cisco	firepower_extensible_operating_system	2.4.1.273
cisco	firepower_extensible_operating_system	2.6.1.131
cisco	firepower_extensible_operating_system	2.6.1.157
cisco	firepower_extensible_operating_system	2.6.1.166
cisco	firepower_extensible_operating_system	2.6.1.169
cisco	firepower_extensible_operating_system	2.6.1.174
cisco	firepower_extensible_operating_system	2.6.1.187
cisco	firepower_extensible_operating_system	2.6.1.192
cisco	firepower_extensible_operating_system	2.6.1.204
cisco	firepower_extensible_operating_system	2.6.1.214
cisco	firepower_extensible_operating_system	2.6.1.224
cisco	firepower_extensible_operating_system	2.6.1.229
cisco	firepower_extensible_operating_system	2.6.1.230
cisco	firepower_extensible_operating_system	2.6.1.238
cisco	firepower_extensible_operating_system	2.6.1.239
cisco	firepower_extensible_operating_system	2.6.1.254
cisco	firepower_extensible_operating_system	2.7.1.92
cisco	firepower_extensible_operating_system	2.7.1.98
cisco	firepower_extensible_operating_system	2.7.1.106
cisco	firepower_extensible_operating_system	2.7.1.122
cisco	firepower_extensible_operating_system	2.7.1.131
cisco	firepower_extensible_operating_system	2.7.1.143
cisco	firepower_extensible_operating_system	2.8.1.105
cisco	firepower_extensible_operating_system	2.8.1.125
cisco	firepower_extensible_operating_system	2.8.1.139
cisco	firepower_extensible_operating_system	2.8.1.143
cisco	firepower_extensible_operating_system	2.8.1.152
cisco	firepower_extensible_operating_system	2.8.1.162
cisco	firepower_extensible_operating_system	2.8.1.164
cisco	firepower_extensible_operating_system	2.8.1.172
cisco	firepower_extensible_operating_system	2.9.1.131
cisco	firepower_extensible_operating_system	2.9.1.135
cisco	firepower_extensible_operating_system	2.9.1.143
cisco	firepower_extensible_operating_system	2.9.1.150
cisco	firepower_extensible_operating_system	2.9.1.158
cisco	firepower_extensible_operating_system	2.10.1.159
cisco	firepower_extensible_operating_system	2.10.1.166
cisco	firepower_extensible_operating_system	2.10.1.179
cisco	firepower_extensible_operating_system	2.11.1.154

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "64116F5B-671C-46DB-A78D-AB14AAF946FD",
              "versionEndIncluding": "6.1.0.7",
              "versionStartIncluding": "6.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD237542-FED6-4013-AD9F-18891954FE05",
              "versionEndIncluding": "6.2.0.6",
              "versionStartIncluding": "6.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F74A25A-601D-470D-BA43-EA68ADD266C6",
              "versionEndIncluding": "6.2.2.5",
              "versionStartIncluding": "6.2.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D58D7217-F6F5-4B58-B59C-E5C8781C87A9",
              "versionEndIncluding": "6.2.3.18",
              "versionStartIncluding": "6.2.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDE0C110-518D-4E51-BCEB-F4E9FC448278",
              "versionEndIncluding": "6.3.0.5",
              "versionStartIncluding": "6.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "874E0E13-4A9E-4296-BEE6-F5B1077411A0",
              "versionEndIncluding": "6.4.0.15",
              "versionStartIncluding": "6.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "171E1C5D-68C5-4BBC-AE18-D1518A1B7277",
              "versionEndIncluding": "6.5.0.5",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1110632C-526F-4025-A7BE-0CF9F37E5F9E",
              "versionEndIncluding": "6.7.0.3",
              "versionStartIncluding": "6.7.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7583A28-F0B2-4D55-9900-46F5ABC34FC7",
              "versionEndIncluding": "7.0.4",
              "versionStartIncluding": "7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD48BE40-C647-429A-81B6-59E125BBE415",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCD69468-8067-4A5D-B2B0-EC510D889AA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "20AE4051-FA3B-4F0B-BD3D-083A14269FF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "46A42D07-FF3E-41B4-BA39-3A5BDA4E0E61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3985EA37-2B77-45F2-ABA5-5CCC7B35CA2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "67FB5ABE-3C40-4C58-B91F-0621C2180FAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "53909FD6-EC74-4D2F-99DA-26E70400B53F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "55FE024D-0D43-40AD-9645-8C54ECF17824",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC411A8D-CD39-46F5-B8FC-6753E618FAEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "D46E2E00-BA86-4002-B67B-2C1A6C1AAAE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7533780-0DF9-41BE-8455-F60676785689",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "469EA365-DED5-4436-AAC2-5553529DE700",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D94F400-5A35-41F5-B37F-E9DA6F87ED8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FD5D12-CF1A-4990-99B3-1840EFBA5611",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCD2D11D-FF08-44E4-BF67-D8DD1E701FCD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:1.1.1.147:*:*:*:*:*:*:*",
              "matchCriteriaId": "692BC68E-3DA1-4051-9666-D8EB93DE2F57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:1.1.1.160:*:*:*:*:*:*:*",
              "matchCriteriaId": "216CE64E-F6FF-4055-A669-76DBE924FAB8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:1.1.2.51:*:*:*:*:*:*:*",
              "matchCriteriaId": "29A992ED-6BFB-4E69-BDD9-073AF28955D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:1.1.2.178:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5422DB6-276A-4F81-B6E8-A7DD7EC06F7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:1.1.3.84:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF385472-8958-4572-9C06-77888EAD3240",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:1.1.3.86:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF6EB910-347F-4202-B686-FF1FF4329C5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:1.1.3.97:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCD71B01-CB90-4324-B999-92C04F07965E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:1.1.4.95:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D59E252-C3CE-4E1B-B0A8-67FEF39852DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:1.1.4.117:*:*:*:*:*:*:*",
              "matchCriteriaId": "3DC71A3C-5BB7-400A-AFFA-2685D9A040EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:1.1.4.140:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5D6B98C-B4DA-4F61-86F5-6A55AB76BC33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:1.1.4.169:*:*:*:*:*:*:*",
              "matchCriteriaId": "705E66C1-745C-4294-9537-AC377DFD8A5E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:1.1.4.175:*:*:*:*:*:*:*",
              "matchCriteriaId": "D03E9D04-C6ED-42D2-B116-87352C073BCC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:1.1.4.178:*:*:*:*:*:*:*",
              "matchCriteriaId": "68E91F2F-7187-4F02-B27B-C884BF84C290",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:1.1.4.179:*:*:*:*:*:*:*",
              "matchCriteriaId": "08303B28-8CB7-4595-ABA2-22BFDCA89D74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.0.1.37:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFECF278-2C23-47BC-910E-CF9827093FAD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.0.1.68:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D876AC3-6F11-4DC2-90D7-1FAE57969101",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.0.1.86:*:*:*:*:*:*:*",
              "matchCriteriaId": "F03E04FF-2F8C-4968-BBE1-F9EE091782A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.0.1.135:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E825E1F-ED74-404C-9A31-0646E4B6DD45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.0.1.141:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1BAD132-FAE1-4384-88F0-C95595799F85",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.0.1.144:*:*:*:*:*:*:*",
              "matchCriteriaId": "1CADC79E-D90A-44CD-878C-CD7565CE4A97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.0.1.148:*:*:*:*:*:*:*",
              "matchCriteriaId": "26017E54-8F96-4B07-B7FA-224BBD41030A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.0.1.149:*:*:*:*:*:*:*",
              "matchCriteriaId": "1CA61D30-CAE7-4991-8AF6-9549366096DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.0.1.153:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5E5A325-1CE5-4D32-B459-28BEEFCFF6AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.0.1.159:*:*:*:*:*:*:*",
              "matchCriteriaId": "7503694B-0445-41F4-9ADB-2EB30178340D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.0.1.188:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C2F2960-C1A4-460B-9175-FDCBF2550E3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.0.1.201:*:*:*:*:*:*:*",
              "matchCriteriaId": "418B3D3E-BBEB-4C1C-9F4D-B9D3B438A5F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.0.1.203:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E6D9EDA-CB9B-4581-B27C-53FE0B07CEB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.0.1.204:*:*:*:*:*:*:*",
              "matchCriteriaId": "6CBF6CDA-619D-4379-95DD-A67A86E872C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.0.1.206:*:*:*:*:*:*:*",
              "matchCriteriaId": "32BF73AB-600C-4E56-8FD9-808ED8E4F34C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.1.1.64:*:*:*:*:*:*:*",
              "matchCriteriaId": "E34CEFC4-F64E-4DE0-A4A7-1DC91AE5CD96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.1.1.73:*:*:*:*:*:*:*",
              "matchCriteriaId": "591B7097-74C4-4D44-8315-BB4790817CC4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.1.1.77:*:*:*:*:*:*:*",
              "matchCriteriaId": "26A50E83-5030-4579-929C-DC85F882C340",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.1.1.83:*:*:*:*:*:*:*",
              "matchCriteriaId": "6CA7F024-8D67-497D-B751-EA001ECD9868",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.1.1.85:*:*:*:*:*:*:*",
              "matchCriteriaId": "40C572C9-BE65-4AD8-B7DA-DBE2AEF9FF0C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.1.1.86:*:*:*:*:*:*:*",
              "matchCriteriaId": "90667744-B50F-4BA4-9F12-52186D3815D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.1.1.97:*:*:*:*:*:*:*",
              "matchCriteriaId": "193C75DD-B187-42B0-97DF-0607A3CB0BCD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.1.1.106:*:*:*:*:*:*:*",
              "matchCriteriaId": "C31B3CDC-4BAC-4035-AB28-77C2BC479CA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.1.1.107:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BE06F1C-F52A-4E9B-A26A-5E1812662FC0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.1.1.113:*:*:*:*:*:*:*",
              "matchCriteriaId": "52947D46-D359-4F8A-8ED3-A591EE24FE01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.1.1.115:*:*:*:*:*:*:*",
              "matchCriteriaId": "9EEB8B0C-50D2-478A-A13A-5E68D0A7109A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.1.1.116:*:*:*:*:*:*:*",
              "matchCriteriaId": "51462C1E-1240-43B7-9515-6F9D9D3151A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.2.1.63:*:*:*:*:*:*:*",
              "matchCriteriaId": "F91E1B6C-EB41-4DC4-91EB-1720E91B4F9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.2.1.66:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EBE7861-6B3C-453B-83A9-7C4BBA304500",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.2.1.70:*:*:*:*:*:*:*",
              "matchCriteriaId": "48BFC104-4AF9-4D65-9E7F-D4598A1AA5FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.2.2.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2443793-9716-4578-9CEA-89198B78B443",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.2.2.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "A293674A-53A1-4106-89E9-632962C84160",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.2.2.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "600DEA78-F101-498C-9517-58449A119C64",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.2.2.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D6AEBB8-1531-426B-906B-04936F738491",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.2.2.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "86DDEB8F-BE20-4A57-923F-E028DF827C13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.2.2.54:*:*:*:*:*:*:*",
              "matchCriteriaId": "73BA961D-C759-40B9-A116-782E2C795D87",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.2.2.60:*:*:*:*:*:*:*",
              "matchCriteriaId": "8BAB169D-25DE-40B0-9CE5-0450C2099CE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.2.2.71:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C8493B6-0738-474D-90A4-26A3209F162D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.2.2.83:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB2D4B10-8F59-4C86-86D8-3BDBE9D305C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.2.2.86:*:*:*:*:*:*:*",
              "matchCriteriaId": "957CFF62-9081-40F9-AC79-87D28286E95E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.2.2.91:*:*:*:*:*:*:*",
              "matchCriteriaId": "D000A6F0-1466-4197-A0D3-C97ABA28AD9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.2.2.97:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FDB9B15-6B51-4F94-BBE1-0F843D2BCFDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.2.2.101:*:*:*:*:*:*:*",
              "matchCriteriaId": "B32C0A02-7206-444E-AF36-BF1CF74E3B1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.2.2.137:*:*:*:*:*:*:*",
              "matchCriteriaId": "79333797-D58E-4A48-97BC-6FC7C549535E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.2.2.148:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCBE0776-B4FF-4887-8F1E-69BAFF0E06F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.2.2.149:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C510880-CEDB-4EE4-8CCC-723289B93260",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.3.1.56:*:*:*:*:*:*:*",
              "matchCriteriaId": "71DAD6D7-191B-4695-846E-374527CD3BC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.3.1.58:*:*:*:*:*:*:*",
              "matchCriteriaId": "9865003E-7FF2-47A4-9218-EF982083BB50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.3.1.66:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B2EC8E8-C033-4D6C-9F86-92D869707B4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.3.1.73:*:*:*:*:*:*:*",
              "matchCriteriaId": "95F0CD7A-DCFF-4FFC-9400-C943E8D26DC8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.3.1.75:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE7B80AA-C6CB-4AB2-8097-A8299A9BC1BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.3.1.88:*:*:*:*:*:*:*",
              "matchCriteriaId": "50D761FD-5ED7-4D66-88C5-E2FEBFCAD2D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.3.1.91:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D9E9A54-C266-40B5-A67D-5C3B4472CE39",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.3.1.93:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FBECB29-DE08-488E-A66E-B11C07DAEC2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.3.1.99:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C994C3C-4BA4-435A-9E35-C2B9FD602692",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.3.1.110:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0B98A28-A530-4244-9F45-C67A99383A1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.3.1.111:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F689F91-04A5-4D4B-8407-03984F02161C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.3.1.130:*:*:*:*:*:*:*",
              "matchCriteriaId": "2095A601-DF01-4E41-9A6C-E145CE1C3694",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.3.1.144:*:*:*:*:*:*:*",
              "matchCriteriaId": "0814A727-ED4D-457E-86CC-1840A44D2B5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.3.1.145:*:*:*:*:*:*:*",
              "matchCriteriaId": "24544F3F-BAF3-41BF-83A0-0DCCE13BD15A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.3.1.155:*:*:*:*:*:*:*",
              "matchCriteriaId": "B07BC424-6E8C-4874-B5CF-62EBD60115AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.3.1.166:*:*:*:*:*:*:*",
              "matchCriteriaId": "C91FCF2F-5EAA-45E7-846C-CACEB1044D1F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.3.1.173:*:*:*:*:*:*:*",
              "matchCriteriaId": "B879AF2E-D881-48C5-96EB-9965E06CF5E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.3.1.179:*:*:*:*:*:*:*",
              "matchCriteriaId": "38607798-8A66-4AC5-A7A9-4D763C5EB587",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.3.1.180:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B5BBF21-3F50-47DB-9586-075018830070",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.3.1.190:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAE88488-F094-4F68-A4B2-0F79B0B71F12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.3.1.215:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A6FF44C-0601-4F43-A93E-59675D218135",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.3.1.216:*:*:*:*:*:*:*",
              "matchCriteriaId": "005EDD09-809E-4486-99C9-4806FC3EC0CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.3.1.219:*:*:*:*:*:*:*",
              "matchCriteriaId": "884CCD45-9ECE-41A5-91B2-7E0F2B52D983",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.4.1.101:*:*:*:*:*:*:*",
              "matchCriteriaId": "4864B691-DD41-4A9D-B742-1C3A2AB940B5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.4.1.214:*:*:*:*:*:*:*",
              "matchCriteriaId": "86ABF834-8B73-4B84-9FDE-94CC257CE4E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.4.1.222:*:*:*:*:*:*:*",
              "matchCriteriaId": "A352CE03-D054-4FB4-BF91-5A6A09C1DB97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.4.1.234:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F5704D1-30DB-47E3-B629-7BC0C51C521D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.4.1.238:*:*:*:*:*:*:*",
              "matchCriteriaId": "33D85E57-B435-4630-A627-28358E47B9BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.4.1.244:*:*:*:*:*:*:*",
              "matchCriteriaId": "F67046B3-E6E2-48CA-9C79-247681539E9E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.4.1.249:*:*:*:*:*:*:*",
              "matchCriteriaId": "FDF01B70-CC4E-458C-BEEB-8EFAF42D583C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.4.1.252:*:*:*:*:*:*:*",
              "matchCriteriaId": "D013230C-2E5E-4540-9063-7200E978BDD9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.4.1.266:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C194058-A62D-4060-B071-72C044523E08",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.4.1.268:*:*:*:*:*:*:*",
              "matchCriteriaId": "C81D76B8-0B31-4E22-9896-68BB25E67CBA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.4.1.273:*:*:*:*:*:*:*",
              "matchCriteriaId": "1CA7B0C6-B54C-4C2E-A7ED-DB2A69AF3214",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.6.1.131:*:*:*:*:*:*:*",
              "matchCriteriaId": "74CC121E-4723-4F45-9856-DBCB136CB71D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.6.1.157:*:*:*:*:*:*:*",
              "matchCriteriaId": "8739189D-2241-4FA5-8203-0932377A2706",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.6.1.166:*:*:*:*:*:*:*",
              "matchCriteriaId": "91DE79E4-210C-4772-AB9E-2CCE2A194892",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.6.1.169:*:*:*:*:*:*:*",
              "matchCriteriaId": "970B679D-6321-49EA-AABE-1219BEC1AFAD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.6.1.174:*:*:*:*:*:*:*",
              "matchCriteriaId": "64D8028D-8E1B-4572-AC46-FF2E0F23FD0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.6.1.187:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D83A778-190F-4AB1-B46C-533DF4EDF8D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.6.1.192:*:*:*:*:*:*:*",
              "matchCriteriaId": "60D1A473-98FF-4F78-AB76-E3D78611F516",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.6.1.204:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF401D27-D130-4696-949B-99D897233BDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.6.1.214:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC650D78-D0E7-4573-A23E-F5241580D5B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.6.1.224:*:*:*:*:*:*:*",
              "matchCriteriaId": "B58B645A-05D0-41D7-888E-9B2440A7AE33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.6.1.229:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7AB272E-1725-4B27-83DC-D0E24F530344",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.6.1.230:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0842C78-7B30-4C57-B69B-D5006EADF049",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.6.1.238:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BD1344C-1EDE-4327-A717-9170E2B88560",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.6.1.239:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2C7B300-1283-4F69-8D3F-AC864651A674",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.6.1.254:*:*:*:*:*:*:*",
              "matchCriteriaId": "090C7325-46EB-400E-8E0E-792E2651F8DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.7.1.92:*:*:*:*:*:*:*",
              "matchCriteriaId": "3845FD9B-571B-4900-8311-4AFF333EDC4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.7.1.98:*:*:*:*:*:*:*",
              "matchCriteriaId": "604190F2-CFB7-4C8E-95E4-8C2E824BDBD7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.7.1.106:*:*:*:*:*:*:*",
              "matchCriteriaId": "74EE8C32-7165-4561-8968-4101F8820784",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.7.1.122:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBAB77C9-DBB9-451C-A86F-6E78ED61231A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.7.1.131:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4EE01B2-8323-45B9-B84A-7D95B788EB30",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.7.1.143:*:*:*:*:*:*:*",
              "matchCriteriaId": "065CCFF4-6544-4DDA-8058-F3301EFFF7B5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.8.1.105:*:*:*:*:*:*:*",
              "matchCriteriaId": "E09810C6-B6DC-478C-99EA-5B793BBA923C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.8.1.125:*:*:*:*:*:*:*",
              "matchCriteriaId": "1999CFBE-9FDB-4B38-8A81-A9735F40470C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.8.1.139:*:*:*:*:*:*:*",
              "matchCriteriaId": "81DA2928-FE71-4F55-A66B-9C5E9D8C3652",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.8.1.143:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D05EBF1-676E-464D-B116-3E167105CF1F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.8.1.152:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D4C165B-8558-4824-8E04-6FEC2D09676C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.8.1.162:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBE8B612-4563-444A-AF8D-AECC49F4427C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.8.1.164:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9700595-0CCD-4D13-89F3-30030682036D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.8.1.172:*:*:*:*:*:*:*",
              "matchCriteriaId": "657A259B-8C1C-46FD-9F5A-5D305BF30B44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.9.1.131:*:*:*:*:*:*:*",
              "matchCriteriaId": "F64F4E33-0358-4458-B803-E41DAC4BA483",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.9.1.135:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D8FEAE7-147B-47FC-AA7C-AD52A30BACBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.9.1.143:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC1C1B97-CA97-4BE9-96D7-05526D7DFC1D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.9.1.150:*:*:*:*:*:*:*",
              "matchCriteriaId": "77A5BC7F-C0B8-4464-A1FC-C6BDB79EDF88",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.9.1.158:*:*:*:*:*:*:*",
              "matchCriteriaId": "70FB9B85-F1DF-421E-9854-40F2E5827169",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.10.1.159:*:*:*:*:*:*:*",
              "matchCriteriaId": "96B4087F-C81D-4130-98E7-18E79E45F62F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.10.1.166:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEB4B31E-54B0-4CD1-9857-6ED8E8AAA5AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.10.1.179:*:*:*:*:*:*:*",
              "matchCriteriaId": "60423450-D762-470D-907E-F561BA5F872D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.11.1.154:*:*:*:*:*:*:*",
              "matchCriteriaId": "00C57D17-05E9-4017-A975-6AC6223ED862",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software and Cisco FXOS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as root.\r\n\r This vulnerability is due to improper input validation for specific CLI commands. An attacker could exploit this vulnerability by injecting operating system commands into a legitimate command. A successful exploit could allow the attacker to escape the restricted command prompt and execute arbitrary commands on the underlying operating system. To successfully exploit this vulnerability, an attacker would need valid Administrator credentials."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la CLI del software Cisco Firepower Threat Defense (FTD) y el software Cisco FXOS podr\u00eda permitir que un atacante local autenticado ejecute comandos arbitrarios en el Sistema Operativo subyacente como root. Esta vulnerabilidad se debe a una validaci\u00f3n de entrada incorrecta para comandos CLI espec\u00edficos. Un atacante podr\u00eda aprovechar esta vulnerabilidad inyectando comandos del Sistema Operativo en un comando leg\u00edtimo. Un exploit exitoso podr\u00eda permitir al atacante eludir el s\u00edmbolo del sistema restringido y ejecutar comandos arbitrarios en el Sistema Operativo subyacente. Para explotar con \u00e9xito esta vulnerabilidad, un atacante necesitar\u00eda credenciales de administrador v\u00e1lidas."
    }
  ],
  "id": "CVE-2022-20934",
  "lastModified": "2024-11-21T06:43:51.273",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "NONE",
          "baseScore": 6.0,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.2,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-11-15T21:15:33.600",
  "references": [
    {
      "source": "psirt@cisco.com",
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-fxos-cmd-inj-Q9bLNsrK"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-fxos-cmd-inj-Q9bLNsrK"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-77"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2019-08-08 08:15

Modified

2024-11-26 16:09

Severity ?

5.8 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Summary

A vulnerability in the Secure Sockets Layer (SSL)/Transport Layer Security (TLS) protocol inspection engine of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the configured file policies on an affected system. The vulnerability is due to errors when handling specific SSL/TLS messages. An attacker could exploit this vulnerability by sending crafted HTTP packets that would flow through an affected system. A successful exploit could allow the attacker to bypass the configured file policies and deliver a malicious payload to the protected network.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190807-ftd-bypass	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190807-ftd-bypass	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	secure_firewall_management_center	6.3.0
cisco	secure_firewall_management_center	6.4.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A0828FF-48F8-41FF-BCB9-DFA93B0E72A5",
              "versionEndExcluding": "6.4.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "134B9AFF-6FFF-4082-80CB-AD2ACBF832F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "52651664-CA65-4812-8226-E104E1BE7864",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the Secure Sockets Layer (SSL)/Transport Layer Security (TLS) protocol inspection engine of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the configured file policies on an affected system. The vulnerability is due to errors when handling specific SSL/TLS messages. An attacker could exploit this vulnerability by sending crafted HTTP packets that would flow through an affected system. A successful exploit could allow the attacker to bypass the configured file policies and deliver a malicious payload to the protected network."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el motor de inspecci\u00f3n del protocolo Secure Sockets Layer (SSL)/Transport Layer Security (TLS) del software Firepower Threat Defense (FTD) de Cisco,  podr\u00eda permitir a un atacante remoto no autenticado omitir las pol\u00edticas de archivo configuradas en un sistema afectado. La vulnerabilidad es debido a errores cuando se manejan mensajes SSL/TLS espec\u00edficos. Un atacante podr\u00eda explotar esta vulnerabilidad enviando paquetes HTTP dise\u00f1ados que fluir\u00edan por medio de un sistema afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante omitir las pol\u00edticas de archivos configuradas y entregar una carga maliciosa a la red protegida."
    }
  ],
  "id": "CVE-2019-1970",
  "lastModified": "2024-11-26T16:09:02.407",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-08-08T08:15:12.960",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190807-ftd-bypass"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190807-ftd-bypass"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-693"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-693"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2022-05-03 04:15

Modified

2024-11-21 06:43

Severity ?

8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

A vulnerability in the web services interface for remote access VPN features of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, but unprivileged, remote attacker to elevate privileges to level 15. This vulnerability is due to improper separation of authentication and authorization scopes. An attacker could exploit this vulnerability by sending crafted HTTPS messages to the web services interface of an affected device. A successful exploit could allow the attacker to gain privilege level 15 access to the web management interface of the device. This includes privilege level 15 access to the device using management tools like the Cisco Adaptive Security Device Manager (ASDM) or the Cisco Security Manager (CSM). Note: With Cisco FTD Software, the impact is lower than the CVSS score suggests because the affected web management interface allows for read access only.

References

URL	Tags
psirt@cisco.com	https://github.com/orangecertcc/security-research/security/advisories/GHSA-gq88-gqmj-7v24	Exploit, Third Party Advisory
psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-mgmt-privesc-BMFMUvye	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/orangecertcc/security-research/security/advisories/GHSA-gq88-gqmj-7v24	Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-mgmt-privesc-BMFMUvye	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	7.1.0
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "35AD28D3-1C08-44EF-9148-371C9E7912E5",
              "versionEndExcluding": "6.4.0.15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD7675E1-AE0A-4C69-915D-144597F1250E",
              "versionEndExcluding": "6.6.5.2",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "22E1337C-A0EE-467D-A06E-FBE1541DDFD2",
              "versionEndExcluding": "7.0.2",
              "versionStartIncluding": "6.7.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D619BF54-1BA9-45D0-A876-92D7010088A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "66C2579F-1E8B-4FB1-AA40-B164F4F2BBED",
              "versionEndExcluding": "9.12.4.38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFE84A5D-FFD6-4A82-BDFA-367D29625300",
              "versionEndExcluding": "9.14.4",
              "versionStartIncluding": "9.13.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B120E68-DA48-4B87-A549-6BA7009C056D",
              "versionEndExcluding": "9.15.1.21",
              "versionStartIncluding": "9.15.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "99DD72E2-E389-453E-8A99-1B633C4E2AE3",
              "versionEndExcluding": "9.16.2.14",
              "versionStartIncluding": "9.16.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "573E61F7-8311-4095-BD75-8F3D3E2499E5",
              "versionEndExcluding": "9.17.1.7",
              "versionStartIncluding": "9.17.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the web services interface for remote access VPN features of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, but unprivileged, remote attacker to elevate privileges to level 15. This vulnerability is due to improper separation of authentication and authorization scopes. An attacker could exploit this vulnerability by sending crafted HTTPS messages to the web services interface of an affected device. A successful exploit could allow the attacker to gain privilege level 15 access to the web management interface of the device. This includes privilege level 15 access to the device using management tools like the Cisco Adaptive Security Device Manager (ASDM) or the Cisco Security Manager (CSM). Note: With Cisco FTD Software, the impact is lower than the CVSS score suggests because the affected web management interface allows for read access only."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la interfaz de servicios web para las funciones de VPN de acceso remoto del software Cisco Adaptive Security Appliance (ASA) y del software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir a un atacante remoto autenticado, pero no privilegiado, elevar \u00e9stos al nivel 15. Esta vulnerabilidad es debido a una separaci\u00f3n inapropiada de los \u00e1mbitos de autenticaci\u00f3n y autorizaci\u00f3n. Un atacante podr\u00eda explotar esta vulnerabilidad  mediante el env\u00edo de mensajes HTTPS dise\u00f1ados a la interfaz de servicios web de un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante conseguir acceso de nivel de privilegio 15 a la interfaz de administraci\u00f3n web del dispositivo. Esto incluye el acceso de nivel de privilegio 15 al dispositivo usando herramientas de administraci\u00f3n como el Cisco Adaptive Security Device Manager (ASDM) o el Cisco Security Manager (CSM). Nota: Con el software FTD de Cisco, el impacto es menor de lo que sugiere la puntuaci\u00f3n CVSS porque la interfaz de administraci\u00f3n web afectada s\u00f3lo permite el acceso de lectura"
    }
  ],
  "id": "CVE-2022-20759",
  "lastModified": "2024-11-21T06:43:29.757",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 8.5,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 6.8,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-05-03T04:15:09.827",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://github.com/orangecertcc/security-research/security/advisories/GHSA-gq88-gqmj-7v24"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-mgmt-privesc-BMFMUvye"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://github.com/orangecertcc/security-research/security/advisories/GHSA-gq88-gqmj-7v24"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-mgmt-privesc-BMFMUvye"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-266"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-269"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2019-05-03 15:29

Modified

2024-11-21 04:37

Severity ?

6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Summary

A vulnerability in the WebVPN service of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper management of authenticated sessions in the WebVPN portal. An attacker could exploit this vulnerability by authenticating with valid credentials and accessing a specific URL in the WebVPN portal. A successful exploit could allow the attacker to cause the device to reload, resulting in a temporary DoS condition.

References

URL	Tags
psirt@cisco.com	http://www.securityfocus.com/bid/108157	Third Party Advisory, VDB Entry
psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftd-dos	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/108157	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftd-dos	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	asa_5505	-
cisco	asa_5510	-
cisco	asa_5512-x	-
cisco	asa_5515-x	-
cisco	asa_5520	-
cisco	asa_5525-x	-
cisco	asa_5540	-
cisco	asa_5545-x	-
cisco	asa_5550	-
cisco	asa_5555-x	-
cisco	asa_5580	-
cisco	asa_5585-x	-
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "79F0345E-5661-4119-8620-8A1F42E97128",
              "versionEndExcluding": "9.4.4.34",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7789E32-76B1-4D16-A556-B6B5A8CDB5A0",
              "versionEndExcluding": "9.6.4.25",
              "versionStartIncluding": "9.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C812C8D5-3159-434C-8B9F-8CB0A8767923",
              "versionEndExcluding": "9.8.4",
              "versionStartIncluding": "9.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABCD2AF8-97D4-45C6-B80E-D5FA9B719BD5",
              "versionEndExcluding": "9.9.2.50",
              "versionStartIncluding": "9.9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4C6B343-2D4D-4C7E-A59E-629773DD2E60",
              "versionEndExcluding": "9.10.1.17",
              "versionStartIncluding": "9.10",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E6A8BB7-2000-4CA2-9DD7-89573CE4C73A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B091B9BA-D4CA-435B-8D66-602B45F0E0BD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08F0F160-DAD2-48D4-B7B2-4818B2526F35",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "977D597B-F6DE-4438-AB02-06BE64D71EBE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5520:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B387F62-6341-434D-903F-9B72E7F84ECB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB71EB29-0115-4307-A9F7-262394FD9FB0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5540:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C5A524-E1D9-480F-B655-0680AA5BF720",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5545-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57179F60-E330-4FF0-9664-B1E4637FF210",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5550:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6287D95-F564-44B7-A0F9-91396D7C2C4E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5535C936-391B-4619-AA03-B35265FC15D7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1E828B8-5ECC-4A09-B2AD-DEDC558713DE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16AE20C2-C77E-4E04-BF13-A48696E52426",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8F292C5-67ED-4F18-B6C4-5873BB771C3D",
              "versionEndExcluding": "6.2.3.12",
              "versionStartIncluding": "6.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A16803C-579C-4992-B37E-7CEC17307659",
              "versionEndExcluding": "6.3.0.3",
              "versionStartIncluding": "6.3.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the WebVPN service of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper management of authenticated sessions in the WebVPN portal. An attacker could exploit this vulnerability by authenticating with valid credentials and accessing a specific URL in the WebVPN portal. A successful exploit could allow the attacker to cause the device to reload, resulting in a temporary DoS condition."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el servicio WebVPN del software Cisco Adaptive Security Appliance (ASA) y del software Cisco Firepower Threat Defense (FTD) pod\u00eda permitir a un atacante remoto, no autenticado, causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado. La vulnerabilidad es debida una incorrecta gesti\u00f3n de las sesiones autenticadas en el portal WebVPN. Un atacante podr\u00eda explotar esta vulnerabilidad autentic\u00e1ndose con unas credenciales v\u00e1lidas y accediendo a una URL espec\u00edfica en el portal WebVPN. Una explotaci\u00f3n exitosa podr\u00eda permitir a un atacante causar reinicios en el dispositivo, resultando una condici\u00f3n de DoS temporal."
    }
  ],
  "id": "CVE-2019-1693",
  "lastModified": "2024-11-21T04:37:06.883",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 6.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.7,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.1,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-05-03T15:29:00.977",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/108157"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftd-dos"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/108157"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftd-dos"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2022-08-10 17:15

Modified

2024-11-21 06:43

Severity ?

7.4 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Summary

A vulnerability in the handling of RSA keys on devices running Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to retrieve an RSA private key. This vulnerability is due to a logic error when the RSA key is stored in memory on a hardware platform that performs hardware-based cryptography. An attacker could exploit this vulnerability by using a Lenstra side-channel attack against the targeted device. A successful exploit could allow the attacker to retrieve the RSA private key. The following conditions may be observed on an affected device: This vulnerability will apply to approximately 5 percent of the RSA keys on a device that is running a vulnerable release of Cisco ASA Software or Cisco FTD Software; not all RSA keys are expected to be affected due to mathematical calculations applied to the RSA key. The RSA key could be valid but have specific characteristics that make it vulnerable to the potential leak of the RSA private key. If an attacker obtains the RSA private key, they could use the key to impersonate a device that is running Cisco ASA Software or Cisco FTD Software or to decrypt the device traffic. See the Indicators of Compromise section for more information on the detection of this type of RSA key. The RSA key could be malformed and invalid. A malformed RSA key is not functional, and a TLS client connection to a device that is running Cisco ASA Software or Cisco FTD Software that uses the malformed RSA key will result in a TLS signature failure, which means a vulnerable software release created an invalid RSA signature that failed verification. If an attacker obtains the RSA private key, they could use the key to impersonate a device that is running Cisco ASA Software or Cisco FTD Software or to decrypt the device traffic.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-rsa-key-leak-Ms7UEfZz	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-rsa-key-leak-Ms7UEfZz	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	asa_5506-x	-
cisco	asa_5506h-x	-
cisco	asa_5506w-x	-
cisco	asa_5508-x	-
cisco	asa_5516-x	-
cisco	firepower_1000	-
cisco	firepower_1010	-
cisco	firepower_1020	-
cisco	firepower_1030	-
cisco	firepower_1040	-
cisco	firepower_1120	-
cisco	firepower_1140	-
cisco	firepower_1150	-
cisco	firepower_2100	-
cisco	firepower_2110	-
cisco	firepower_2120	-
cisco	firepower_2130	-
cisco	firepower_2140	-
cisco	firepower_4100	-
cisco	firepower_4110	-
cisco	firepower_4112	-
cisco	firepower_4115	-
cisco	firepower_4120	-
cisco	firepower_4125	-
cisco	firepower_4140	-
cisco	firepower_4145	-
cisco	firepower_4150	-
cisco	firepower_9300	-
cisco	secure_firewall_3110	-
cisco	secure_firewall_3120	-
cisco	secure_firewall_3130	-
cisco	secure_firewall_3140	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "107E5744-F632-406D-AAE9-C04BF910D042",
              "versionEndExcluding": "9.16.3.19",
              "versionStartIncluding": "9.16.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "299D4D24-6DF2-47DE-8DDD-71F8796A037A",
              "versionEndExcluding": "9.17.1.13",
              "versionStartIncluding": "9.17.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC4CE962-515C-42EF-A209-1B82330D2049",
              "versionEndExcluding": "9.18.2",
              "versionStartIncluding": "9.18.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8E887FA-6D5C-4AAB-BFBF-4239C1822BDF",
              "versionEndExcluding": "7.0.4",
              "versionStartIncluding": "7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "526BB5E8-D3CB-468B-B55A-C1FB032EB45A",
              "versionEndExcluding": "7.2.0.1",
              "versionStartIncluding": "7.1.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5506-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "763B801D-CA1E-4C56-8B06-3373EA307C7E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5506h-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "30AC6907-3091-409F-967D-64A82A0C5A8C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5506w-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D11AF728-8EB0-45EB-A7DD-F2D52B3BB7B8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5508-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "92AE506A-E710-465B-B795-470FDE0E0ECA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5516-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E07AF10-FFB2-4AC7-BBE7-199C3EFED81F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6F79864-CA70-4192-AC2C-E174DF3F25B2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FFE3880-4B85-4E23-9836-70875D5109F7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA8B5AF8-6A57-482A-9442-E857EE7E207B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1030:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9929280-2AAC-4B56-A42C-1F6EDE83988E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F29B6BC3-D716-4A3D-9679-B7BE81F719C8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "727A02E8-40A1-4DFE-A3A2-91D628D3044F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1140:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "19F6546E-28F4-40DC-97D6-E0E023FE939B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB3B0EC3-4654-4D90-9D41-7EC2AD1DDF99",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D23A26EF-5B43-437C-A962-4FC69D8A0FF4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "52D96810-5F79-4A83-B8CA-D015790FCF72",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FE2945-4975-4003-AE48-7E134E167A7F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2130:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCE7122A-5AA7-4ECD-B024-E27C9D0CFB7B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2140:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "976901BF-C52C-4F81-956A-711AF8A60140",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E9552E6-0B9B-4B32-BE79-90D4E3887A7B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "957D64EB-D60E-4775-B9A8-B21CA48ED3B1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A694AD51-9008-4AE6-8240-98B17AB527EE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "38AE6DC0-2B03-4D36-9856-42530312CC46",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71DCEF22-ED20-4330-8502-EC2DD4C9838F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3DB2822B-B752-4CD9-A178-934957E306B4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "81F4868A-6D62-479C-9C19-F9AABDBB6B24",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "65378F3A-777C-4AE2-87FB-1E7402F9EA1B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "07DAFDDA-718B-4B69-A524-B0CEB80FE960",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:secure_firewall_3110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "87403E0F-659C-4C5B-863D-0274D2828A9A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:secure_firewall_3120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "73D24C57-2311-48E9-879E-124472E98F6F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:secure_firewall_3130:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE02D38A-5354-47E6-A46F-06D53F14F5A8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:secure_firewall_3140:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F191A423-DB18-4F3A-9D31-C3DD8F185C88",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the handling of RSA keys on devices running Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to retrieve an RSA private key. This vulnerability is due to a logic error when the RSA key is stored in memory on a hardware platform that performs hardware-based cryptography. An attacker could exploit this vulnerability by using a Lenstra side-channel attack against the targeted device. A successful exploit could allow the attacker to retrieve the RSA private key. The following conditions may be observed on an affected device: This vulnerability will apply to approximately 5 percent of the RSA keys on a device that is running a vulnerable release of Cisco ASA Software or Cisco FTD Software; not all RSA keys are expected to be affected due to mathematical calculations applied to the RSA key. The RSA key could be valid but have specific characteristics that make it vulnerable to the potential leak of the RSA private key. If an attacker obtains the RSA private key, they could use the key to impersonate a device that is running Cisco ASA Software or Cisco FTD Software or to decrypt the device traffic. See the Indicators of Compromise section for more information on the detection of this type of RSA key. The RSA key could be malformed and invalid. A malformed RSA key is not functional, and a TLS client connection to a device that is running Cisco ASA Software or Cisco FTD Software that uses the malformed RSA key will result in a TLS signature failure, which means a vulnerable software release created an invalid RSA signature that failed verification. If an attacker obtains the RSA private key, they could use the key to impersonate a device that is running Cisco ASA Software or Cisco FTD Software or to decrypt the device traffic."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el manejo de las claves RSA en los dispositivos que ejecutan el software Cisco Adaptive Security Appliance (ASA) y el software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir a un atacante remoto no autenticado recuperar una clave privada RSA. Esta vulnerabilidad es debido a un error l\u00f3gico cuando la clave RSA es almacenada en la memoria de una plataforma de hardware que lleva a cabo criptograf\u00eda basada en hardware. Un atacante podr\u00eda explotar esta vulnerabilidad al usar un ataque de canal lateral Lenstra contra el dispositivo objetivo. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante recuperar la clave privada RSA. Las siguientes condiciones pueden observarse en un dispositivo afectado: Esta vulnerabilidad ser\u00e1 aplicada a aproximadamente el 5 por ciento de las claves RSA en un dispositivo que est\u00e9 ejecutando una versi\u00f3n vulnerable del software Cisco ASA o del software Cisco FTD; no es esperado que todas las claves RSA sean afectadas debido a c\u00e1lculos matem\u00e1ticos aplicados a la clave RSA. La clave RSA podr\u00eda ser v\u00e1lida pero tener caracter\u00edsticas espec\u00edficas que la hacen vulnerable a una posible filtraci\u00f3n de la clave privada RSA. Si un atacante obtiene la clave privada RSA, podr\u00eda usarla para hacerse pasar por un dispositivo que est\u00e9 ejecutando el software Cisco ASA o el software Cisco FTD o para descifrar el tr\u00e1fico del dispositivo. Consulte la secci\u00f3n Indicadores de compromiso para obtener m\u00e1s informaci\u00f3n sobre la detecci\u00f3n de este tipo de clave RSA. La clave RSA podr\u00eda estar malformada y no ser v\u00e1lida. Una clave RSA malformada no es funcional, y una conexi\u00f3n de cliente TLS a un dispositivo que ejecuta el software Cisco ASA o el software Cisco FTD que usa la clave RSA malformada resultar\u00e1 en un fallo de la firma TLS, lo que significa que una versi\u00f3n de software vulnerable cre\u00f3 una firma RSA no v\u00e1lida que fall\u00f3 en la verificaci\u00f3n. Si un atacante obtiene la clave privada RSA, podr\u00eda usarla para hacerse pasar por un dispositivo que est\u00e9 ejecutando el software Cisco ASA o el software Cisco FTD o para descifrar el tr\u00e1fico del dispositivo"
    }
  ],
  "id": "CVE-2022-20866",
  "lastModified": "2024-11-21T06:43:42.867",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.4,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 5.2,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-08-10T17:15:08.487",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-rsa-key-leak-Ms7UEfZz"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-rsa-key-leak-Ms7UEfZz"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-203"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-203"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2021-01-13 22:15

Modified

2024-11-26 16:09

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Summary

Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect handling of an HTTP range header. An attacker could exploit this vulnerability by sending crafted HTTP packets through an affected device. A successful exploit could allow the attacker to bypass configured file policy for HTTP packets and deliver a malicious payload.

References

URL	Tags
psirt@cisco.com	https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html
psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-filepolbypass-67DEwMe2	Vendor Advisory
psirt@cisco.com	https://www.debian.org/security/2023/dsa-5354
af854a3a-2127-422b-91ae-364da2661108	https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html
af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-filepolbypass-67DEwMe2	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.debian.org/security/2023/dsa-5354

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	secure_firewall_management_center	2.9.14.0
cisco	secure_firewall_management_center	2.9.15
cisco	secure_firewall_management_center	2.9.16
cisco	ios_xe	*
cisco	1100-4p_integrated_services_router	-
cisco	1100-8p_integrated_services_router	-
cisco	1101-4p_integrated_services_router	-
cisco	1109-2p_integrated_services_router	-
cisco	1109-4p_integrated_services_router	-
cisco	1111x-8p_integrated_services_router	-
cisco	4221_integrated_services_router	-
cisco	4321_integrated_services_router	-
cisco	4331_integrated_services_router	-
cisco	4351_integrated_services_router	-
cisco	4431_integrated_services_router	-
cisco	4451-x_integrated_services_router	-
cisco	4461_integrated_services_router	-
cisco	csr_1000v	-
cisco	isa_3000	-
snort	snort	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB1B5DAC-CE54-43E4-89F6-6DFD7A65C8EA",
              "versionEndExcluding": "6.7.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:2.9.14.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2986D5BD-1936-41BD-A992-7672C019F27E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:2.9.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "42493B4F-0CF2-45F0-B72D-36F0597CC274",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:2.9.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "06F2E7D8-BB95-480D-AE3E-F9B97C3A5379",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "72B91784-38A9-4A2A-AA92-8AB558924BBD",
              "versionEndExcluding": "17.4.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:1100-4p_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2D2305B-B69E-4F74-A44E-07B3205CE9F7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1100-8p_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "26DD41B3-1D1D-44D3-BA8E-5A66AFEE77E6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1101-4p_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AAD4397-6DCF-493A-BD61-3A890F6F3AB2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1109-2p_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F2F0A8E-97F6-41AC-BE67-4B2D60F9D36B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1109-4p_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB9229F3-7BCE-46C4-9879-D57B5BAAE44E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1111x-8p_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5A606FE-E6F1-43F9-B1CD-D9DF35FC3573",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4221_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C8AED7C-DDA3-4C29-BB95-6518C02C551A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4321_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9421DBEF-AE42-4234-B49F-FCC34B804D7F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4331_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5419CB9F-241F-4431-914F-2659BE27BEA5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4351_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DE02DBE-EAD5-4F37-8AB7-DF46A605A0E2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4431_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5720462A-BE6B-4E84-A1A1-01E80BBA86AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4451-x_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "818CEFA6-208C-43C3-8E43-474A93ADCF21",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4461_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8B60888-6E2B-494E-AC65-83337661EE7D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:csr_1000v:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF8B0B49-2C99-410B-B011-5B821C5992FB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:isa_3000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9510E97A-FD78-43C6-85BC-223001ACA264",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:snort:snort:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "715F9721-D26C-4086-873F-837D0FCAF1A5",
              "versionEndExcluding": "2.9.17",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect handling of an HTTP range header. An attacker could exploit this vulnerability by sending crafted HTTP packets through an affected device. A successful exploit could allow the attacker to bypass configured file policy for HTTP packets and deliver a malicious payload."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples productos de Cisco est\u00e1n afectados por una vulnerabilidad en el motor de detecci\u00f3n de Snort que podr\u00eda permitir a un atacante remoto no autenticado omita una pol\u00edtica de archivos configurada para HTTP.\u0026#xa0;La vulnerabilidad es debido al manejo incorrecto de un encabezado de rango HTTP.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de paquetes HTTP dise\u00f1ados a trav\u00e9s de un dispositivo afectado.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante omitir la pol\u00edtica de archivos configurada para paquetes HTTP y entregar una carga \u00fatil maliciosa."
    }
  ],
  "id": "CVE-2021-1223",
  "lastModified": "2024-11-26T16:09:02.407",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-01-13T22:15:20.317",
  "references": [
    {
      "source": "psirt@cisco.com",
      "url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-filepolbypass-67DEwMe2"
    },
    {
      "source": "psirt@cisco.com",
      "url": "https://www.debian.org/security/2023/dsa-5354"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-filepolbypass-67DEwMe2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.debian.org/security/2023/dsa-5354"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-693"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2021-10-27 19:15

Modified

2024-11-21 06:11

Severity ?

5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Summary

A vulnerability in the Simple Network Management Protocol version 3 (SNMPv3) access control functionality of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to query SNMP data. This vulnerability is due to ineffective access control. An attacker could exploit this vulnerability by sending an SNMPv3 query to an affected device from a host that is not permitted by the SNMPv3 access control list. A successful exploit could allow the attacker to send an SNMP query to an affected device and retrieve information from the device. The attacker would need valid credentials to perform the SNMP query.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-snmpaccess-M6yOweq3	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-snmpaccess-M6yOweq3	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	*
cisco	asa_5512-x_firmware	009.014\(001\)
cisco	asa_5512-x_firmware	099.015\(001.033\)
cisco	asa_5512-x_firmware	099.016\(001.216\)
cisco	asa_5512-x	-
cisco	asa_5505_firmware	009.014\(001\)
cisco	asa_5505_firmware	099.015\(001.033\)
cisco	asa_5505_firmware	099.016\(001.216\)
cisco	asa_5505	-
cisco	asa_5515-x_firmware	009.014\(001\)
cisco	asa_5515-x_firmware	099.015\(001.033\)
cisco	asa_5515-x_firmware	099.016\(001.216\)
cisco	asa_5515-x	-
cisco	asa_5525-x_firmware	009.014\(001\)
cisco	asa_5525-x_firmware	099.015\(001.033\)
cisco	asa_5525-x_firmware	099.016\(001.216\)
cisco	asa_5525-x	-
cisco	asa_5545-x_firmware	009.014\(001\)
cisco	asa_5545-x_firmware	099.015\(001.033\)
cisco	asa_5545-x_firmware	099.016\(001.216\)
cisco	asa_5545-x	-
cisco	asa_5555-x_firmware	009.014\(001\)
cisco	asa_5555-x_firmware	099.015\(001.033\)
cisco	asa_5555-x_firmware	099.016\(001.216\)
cisco	asa_5555-x	-
cisco	asa_5580_firmware	009.014\(001\)
cisco	asa_5580_firmware	099.015\(001.033\)
cisco	asa_5580_firmware	099.016\(001.216\)
cisco	asa_5580	-
cisco	asa_5585-x_firmware	009.014\(001\)
cisco	asa_5585-x_firmware	099.015\(001.033\)
cisco	asa_5585-x_firmware	099.016\(001.216\)
cisco	asa_5585-x	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "17F461B5-E600-4C81-BA3C-1DBC90D4D438",
              "versionEndExcluding": "6.4.0.13",
              "versionStartIncluding": "6.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "18589C74-19D2-44F0-AF26-68910E26655D",
              "versionEndExcluding": "6.6.5",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "599292E2-4F97-462D-93E0-7CCAEA7C5ED8",
              "versionEndExcluding": "6.7.0.1",
              "versionStartIncluding": "6.7.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD445D8E-B7EE-4E9C-9C09-7B43F9803C61",
              "versionEndExcluding": "9.14.2.4",
              "versionStartIncluding": "9.14.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E757EF32-C843-4CBD-BB5B-37B95D654DA0",
              "versionEndExcluding": "9.15.1.7",
              "versionStartIncluding": "9.15.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5512-x_firmware:009.014\\(001\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "93DC4984-D57D-41EE-AF97-542B2182F94B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5512-x_firmware:099.015\\(001.033\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "0F6A9937-D820-44CB-AFDC-B2AEE4AD9FF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5512-x_firmware:099.016\\(001.216\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "EE50B561-6622-47A2-9FD7-DAAB1EDFD7B4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08F0F160-DAD2-48D4-B7B2-4818B2526F35",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5505_firmware:009.014\\(001\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "1D36FBFA-7472-4B9B-B4B3-39DC1D9723C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5505_firmware:099.015\\(001.033\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "AFAB31A6-829E-4B81-8EBA-01D75C657AEB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5505_firmware:099.016\\(001.216\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "597300F3-CBB8-49C9-B986-97811729247C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E6A8BB7-2000-4CA2-9DD7-89573CE4C73A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5515-x_firmware:009.014\\(001\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "A370D41C-9F5B-4640-B579-685148482004",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5515-x_firmware:099.015\\(001.033\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "D1B4A1F2-F41A-4909-B95E-BFE239F080E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5515-x_firmware:099.016\\(001.216\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "E93BD873-53C3-4A99-B7B5-9222653DB003",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "977D597B-F6DE-4438-AB02-06BE64D71EBE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5525-x_firmware:009.014\\(001\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "03D64251-356E-4EEF-AB33-F6F78B1AA3CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5525-x_firmware:099.015\\(001.033\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "3F3BF9F1-DEE2-4603-B7AA-B447202C5B2C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5525-x_firmware:099.016\\(001.216\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "DB4AB255-E7BD-486D-ACED-8E53C9BF2AC2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB71EB29-0115-4307-A9F7-262394FD9FB0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5545-x_firmware:009.014\\(001\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "9DC3B61C-CD0E-4A66-8903-D8659716FDCD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5545-x_firmware:099.015\\(001.033\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "50440DFC-715F-4D99-B2DC-463D0A0EF781",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5545-x_firmware:099.016\\(001.216\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "CA51E7C8-F369-4FE7-B047-0314838F927F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5545-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57179F60-E330-4FF0-9664-B1E4637FF210",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5555-x_firmware:009.014\\(001\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "606F7A31-5C85-44F3-A132-0B162BA5370E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5555-x_firmware:099.015\\(001.033\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "CC66553A-5F9A-46A7-8D52-527954C26C74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5555-x_firmware:099.016\\(001.216\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "746C3042-0145-47C6-9C64-80CBF86E0E46",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5535C936-391B-4619-AA03-B35265FC15D7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5580_firmware:009.014\\(001\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "EF909D44-8737-41B0-ABEB-A360541DFAC0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5580_firmware:099.015\\(001.033\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "740FED35-145D-4D9B-8B71-619D39C01235",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5580_firmware:099.016\\(001.216\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "5D6701C3-E5BF-469A-83D7-85675B607C35",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1E828B8-5ECC-4A09-B2AD-DEDC558713DE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_5585-x_firmware:009.014\\(001\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "C803E2D7-B1F8-40BB-853D-39FE048CEB47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5585-x_firmware:099.015\\(001.033\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "AADA1E0D-A7C7-4FF4-B64A-78EBC4F60B86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_5585-x_firmware:099.016\\(001.216\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "AEC32C2A-352B-4844-9276-1C27E0381107",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16AE20C2-C77E-4E04-BF13-A48696E52426",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the Simple Network Management Protocol version 3 (SNMPv3) access control functionality of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to query SNMP data. This vulnerability is due to ineffective access control. An attacker could exploit this vulnerability by sending an SNMPv3 query to an affected device from a host that is not permitted by the SNMPv3 access control list. A successful exploit could allow the attacker to send an SNMP query to an affected device and retrieve information from the device. The attacker would need valid credentials to perform the SNMP query."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la funcionalidad access control functionality del Protocolo simple de Administraci\u00f3n de Redes versi\u00f3n 3 (SNMPv3) del software Cisco Adaptive Security Appliance (ASA) y del software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir a un atacante remoto no autenticado consultar datos SNMP. Esta vulnerabilidad es debido a un control de acceso no eficaz. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de una consulta SNMPv3 a un dispositivo afectado desde un host que no est\u00e1 permitido por la lista de control de acceso SNMPv3. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante enviar una consulta SNMP a un dispositivo afectado y recuperar informaci\u00f3n del dispositivo. El atacante necesitar\u00eda credenciales v\u00e1lidas para llevar a cabo la consulta SNMP"
    }
  ],
  "id": "CVE-2021-34794",
  "lastModified": "2024-11-21T06:11:13.217",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-10-27T19:15:08.613",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-snmpaccess-M6yOweq3"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-snmpaccess-M6yOweq3"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-284"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2022-11-15 21:15

Modified

2024-11-21 06:43

Severity ?

5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Summary

A vulnerability in the TLS handler of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to gain access to sensitive information. This vulnerability is due to improper implementation of countermeasures against a Bleichenbacher attack on a device that uses SSL decryption policies. An attacker could exploit this vulnerability by sending crafted TLS messages to an affected device, which would act as an oracle and allow the attacker to carry out a chosen-ciphertext attack. A successful exploit could allow the attacker to perform cryptanalytic operations that may allow decryption of previously captured TLS sessions to the affected device.

References

▼	URL	Tags
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tls-bb-rCgtmY2
	af854a3a-2127-422b-91ae-364da2661108	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tls-bb-rCgtmY2

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	6.6.0
cisco	firepower_threat_defense	6.6.0.1
cisco	firepower_threat_defense	6.6.1
cisco	firepower_threat_defense	6.6.3
cisco	firepower_threat_defense	6.6.4
cisco	firepower_threat_defense	6.6.5
cisco	firepower_threat_defense	6.6.5.1
cisco	firepower_threat_defense	6.6.5.2
cisco	firepower_threat_defense	7.1.0.0
cisco	firepower_threat_defense	7.1.0.1
cisco	firepower_threat_defense	7.1.0.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D58D7217-F6F5-4B58-B59C-E5C8781C87A9",
              "versionEndIncluding": "6.2.3.18",
              "versionStartIncluding": "6.2.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDE0C110-518D-4E51-BCEB-F4E9FC448278",
              "versionEndIncluding": "6.3.0.5",
              "versionStartIncluding": "6.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3D91A5E-EAB7-4E45-A2CE-09BAD45414D4",
              "versionEndIncluding": "6.4.0.14",
              "versionStartIncluding": "6.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "171E1C5D-68C5-4BBC-AE18-D1518A1B7277",
              "versionEndIncluding": "6.5.0.5",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1110632C-526F-4025-A7BE-0CF9F37E5F9E",
              "versionEndIncluding": "6.7.0.3",
              "versionStartIncluding": "6.7.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "89DFD86B-768D-4301-92DB-B73C14255123",
              "versionEndIncluding": "7.0.3",
              "versionStartIncluding": "7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCD69468-8067-4A5D-B2B0-EC510D889AA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "20AE4051-FA3B-4F0B-BD3D-083A14269FF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "46A42D07-FF3E-41B4-BA39-3A5BDA4E0E61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3985EA37-2B77-45F2-ABA5-5CCC7B35CA2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "67FB5ABE-3C40-4C58-B91F-0621C2180FAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "53909FD6-EC74-4D2F-99DA-26E70400B53F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "55FE024D-0D43-40AD-9645-8C54ECF17824",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC411A8D-CD39-46F5-B8FC-6753E618FAEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7533780-0DF9-41BE-8455-F60676785689",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "469EA365-DED5-4436-AAC2-5553529DE700",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D94F400-5A35-41F5-B37F-E9DA6F87ED8E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the TLS handler of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to gain access to sensitive information.\r\n\r This vulnerability is due to improper implementation of countermeasures against a Bleichenbacher attack on a device that uses SSL decryption policies. An attacker could exploit this vulnerability by sending crafted TLS messages to an affected device, which would act as an oracle and allow the attacker to carry out a chosen-ciphertext attack. A successful exploit could allow the attacker to perform cryptanalytic operations that may allow decryption of previously captured TLS sessions to the affected device."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el controlador TLS del software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir que un atacante remoto no autenticado obtenga acceso a informaci\u00f3n confidencial. Esta vulnerabilidad se debe a la implementaci\u00f3n inadecuada de contramedidas contra un ataque Bleichenbacher en un dispositivo que utiliza pol\u00edticas de descifrado SSL. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando mensajes TLS manipulados a un dispositivo afectado, lo que actuar\u00eda como un or\u00e1culo y permitir\u00eda al atacante llevar a cabo un ataque de texto cifrado elegido. Un exploit exitoso podr\u00eda permitir al atacante realizar operaciones criptoanal\u00edticas que podr\u00edan permitir el descifrado de sesiones TLS previamente capturadas en el dispositivo afectado."
    }
  ],
  "id": "CVE-2022-20940",
  "lastModified": "2024-11-21T06:43:51.993",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-11-15T21:15:34.650",
  "references": [
    {
      "source": "psirt@cisco.com",
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tls-bb-rCgtmY2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tls-bb-rCgtmY2"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-203"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-203"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2021-10-27 19:15

Modified

2024-11-21 06:11

Severity ?

4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

Summary

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an attacker to execute a cross-site scripting (XSS) attack or an open redirect attack. For more information about these vulnerabilities, see the Details section of this advisory.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-openredir-TVPMWJyg	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-openredir-TVPMWJyg	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_management_center_virtual_appliance	6.1.0
cisco	firepower_management_center_virtual_appliance	6.2.0
cisco	firepower_management_center_virtual_appliance	6.2.3
cisco	firepower_management_center_virtual_appliance	6.3.0
cisco	firepower_management_center_virtual_appliance	6.4.0
cisco	firepower_management_center_virtual_appliance	6.5.0
cisco	firepower_management_center_virtual_appliance	6.6.0
cisco	firepower_management_center_virtual_appliance	6.6.1
cisco	firepower_management_center_virtual_appliance	6.7.0
cisco	firepower_management_center_virtual_appliance	7.0.0
cisco	firepower_management_center_virtual_appliance	7.1.0
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	sourcefire_defense_center	6.1.0
cisco	sourcefire_defense_center	6.2.0
cisco	sourcefire_defense_center	6.2.3
cisco	sourcefire_defense_center	6.3.0
cisco	sourcefire_defense_center	6.4.0
cisco	sourcefire_defense_center	6.5.0
cisco	sourcefire_defense_center	6.6.0
cisco	sourcefire_defense_center	6.6.1
cisco	sourcefire_defense_center	6.7.0
cisco	sourcefire_defense_center	7.0.0
cisco	sourcefire_defense_center	7.1.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A08538C5-6957-42B4-894B-1AF04FC904A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "01DFAA87-6DB1-419B-A2F4-F1FB3A7B8A18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F75D9CB4-406B-4FBF-BC7A-35C2CCEFD8B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C16F3BD-2ACD-44A0-9033-13CB59A50FE4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C0FC62F-65AD-4855-953A-DA5BBFC1B2E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "28629BA3-B1ED-409B-9FB1-E2159D95D975",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "49436378-0578-48F6-AE54-7C8D88574864",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B11AE299-AE40-42EB-9C0B-3865C932E766",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA792E5D-7270-4C23-A8D6-22EB00CB21A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CB38685-4255-4565-98AA-234B9DEEADE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CF689E1-22FF-467F-B5A7-59833D77971E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5429F29E-BEE8-4989-B5F3-A9BABBF64D31",
              "versionEndExcluding": "6.4.0.13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "18589C74-19D2-44F0-AF26-68910E26655D",
              "versionEndExcluding": "6.6.5",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "98DEDDAB-B8C5-4753-A208-94638E694FC1",
              "versionEndExcluding": "6.7.0.3",
              "versionStartIncluding": "6.7.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "38E2B495-A0B6-4049-8C90-96CF62BC1BFC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "20741BF4-6F44-42DE-B05E-EDB4176CAD6B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E4A3574-53DC-4328-A229-87795AE4F7AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B273B25-634A-48FF-B290-4A332F84E0B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2EBC6544-6ADF-4F95-A969-A8D953D11B3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "04DF03B7-9C70-4BEE-8AE4-6AA134322C0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4F47E43-116B-4176-9E79-0BA7CBA16869",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B02800C-6420-4758-89CF-66F47B4FCA19",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F41081E-06CF-4BA2-9072-E18D9032BEBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "52ED507A-5075-4444-A2D1-F5657453AD3F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5E9A6F5-8BC2-4FA5-9920-E980EFC5BCEE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an attacker to execute a cross-site scripting (XSS) attack or an open redirect attack. For more information about these vulnerabilities, see the Details section of this advisory."
    },
    {
      "lang": "es",
      "value": "Varias vulnerabilidades en la interfaz de administraci\u00f3n basada en la web del software Cisco Firepower Management Center (FMC) podr\u00edan permitir a un atacante ejecutar un ataque de tipo cross-site scripting (XSS) o un ataque de redireccionamiento abierto. Para conseguir m\u00e1s informaci\u00f3n sobre estas vulnerabilidades, consulte la secci\u00f3n Detalles de este aviso"
    }
  ],
  "id": "CVE-2021-34763",
  "lastModified": "2024-11-21T06:11:08.737",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "NONE",
          "baseScore": 3.5,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 6.8,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "HIGH",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.7,
        "impactScore": 2.7,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "HIGH",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.7,
        "impactScore": 2.7,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-10-27T19:15:08.120",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-openredir-TVPMWJyg"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-openredir-TVPMWJyg"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-601"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2019-05-03 15:29

Modified

2024-11-26 16:09

Severity ?

7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.4 (High) - CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Summary

Multiple vulnerabilities in the Server Message Block (SMB) Protocol preprocessor detection engine for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent or remote attacker to cause a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory.

References

URL	Tags
psirt@cisco.com	http://www.securityfocus.com/bid/108171
psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-frpwr-smb-snort	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/108171
af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-frpwr-smb-snort	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	secure_firewall_management_center	2.9.8
cisco	secure_firewall_management_center	2.9.9
cisco	secure_firewall_management_center	2.9.10
cisco	secure_firewall_management_center	2.9.11
cisco	secure_firewall_management_center	2.9.12
cisco	secure_firewall_management_center	2.9.13
cisco	firepower_threat_defense	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:2.9.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D53BAE0-F5FA-4FD9-9F13-21B3DDCA2ED3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:2.9.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "40CC4B82-5F54-49E3-921B-AB1A66D264A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:2.9.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "6DB04A5E-4DEA-48F8-9819-3232C5CEB9DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:2.9.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FEAF14A-431F-43A0-9E7E-1B8039D5B954",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:2.9.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "8532C989-889B-4DEE-8687-6C67F173E50D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:2.9.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A0E77B1-0B0C-47A6-B906-7BBA3CF8C890",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "73A0B57C-1076-4382-BADE-9EB2E18FAB9C",
              "versionEndExcluding": "6.2.3.12",
              "versionStartIncluding": "6.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple vulnerabilities in the Server Message Block (SMB) Protocol preprocessor detection engine for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent or remote attacker to cause a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades en el motor de detecci\u00f3n del preprocesador del Protocolo Server Message Block (SMB) para el software Firepower Threat Defense (FTD) Cisco, podr\u00edan permitir a un atacante no identificado, adyacente o remoto, causar una condici\u00f3n de Denegaci\u00f3n de Servicio (DoS). Para m\u00e1s informaci\u00f3n sobre estas vulnerabilidades, consulte la secci\u00f3n Detalles de este aviso."
    }
  ],
  "id": "CVE-2019-1696",
  "lastModified": "2024-11-26T16:09:02.407",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "ADJACENT_NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 3.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 6.5,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.4,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 4.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-05-03T15:29:01.167",
  "references": [
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securityfocus.com/bid/108171"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-frpwr-smb-snort"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/108171"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-frpwr-smb-snort"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2024-04-24 19:15

Modified

2025-07-30 19:25

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Summary

A vulnerability in the management and VPN web servers for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to incomplete error checking when parsing an HTTP header. An attacker could exploit this vulnerability by sending a crafted HTTP request to a targeted web server on a device. A successful exploit could allow the attacker to cause a DoS condition when the device reloads.

References

URL	Tags
psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-websrvs-dos-X8gNucD2	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-websrvs-dos-X8gNucD2	Vendor Advisory
134c704f-9b21-4f2e-91b3-4a467353bcc0	https://blog.talosintelligence.com/arcanedoor-new-espionage-focused-campaign-found-targeting-perimeter-network-devices/	Exploit, Third Party Advisory

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance_software	9.8.1
cisco	adaptive_security_appliance_software	9.8.1.5
cisco	adaptive_security_appliance_software	9.8.1.7
cisco	adaptive_security_appliance_software	9.8.2
cisco	adaptive_security_appliance_software	9.8.2.8
cisco	adaptive_security_appliance_software	9.8.2.14
cisco	adaptive_security_appliance_software	9.8.2.15
cisco	adaptive_security_appliance_software	9.8.2.17
cisco	adaptive_security_appliance_software	9.8.2.20
cisco	adaptive_security_appliance_software	9.8.2.24
cisco	adaptive_security_appliance_software	9.8.2.26
cisco	adaptive_security_appliance_software	9.8.2.28
cisco	adaptive_security_appliance_software	9.8.2.33
cisco	adaptive_security_appliance_software	9.8.2.35
cisco	adaptive_security_appliance_software	9.8.2.38
cisco	adaptive_security_appliance_software	9.8.3
cisco	adaptive_security_appliance_software	9.8.3.8
cisco	adaptive_security_appliance_software	9.8.3.11
cisco	adaptive_security_appliance_software	9.8.3.14
cisco	adaptive_security_appliance_software	9.8.3.16
cisco	adaptive_security_appliance_software	9.8.3.18
cisco	adaptive_security_appliance_software	9.8.3.21
cisco	adaptive_security_appliance_software	9.8.3.26
cisco	adaptive_security_appliance_software	9.8.3.29
cisco	adaptive_security_appliance_software	9.8.4
cisco	adaptive_security_appliance_software	9.8.4.3
cisco	adaptive_security_appliance_software	9.8.4.7
cisco	adaptive_security_appliance_software	9.8.4.8
cisco	adaptive_security_appliance_software	9.8.4.10
cisco	adaptive_security_appliance_software	9.8.4.12
cisco	adaptive_security_appliance_software	9.8.4.15
cisco	adaptive_security_appliance_software	9.8.4.17
cisco	adaptive_security_appliance_software	9.8.4.20
cisco	adaptive_security_appliance_software	9.8.4.22
cisco	adaptive_security_appliance_software	9.8.4.25
cisco	adaptive_security_appliance_software	9.8.4.26
cisco	adaptive_security_appliance_software	9.8.4.29
cisco	adaptive_security_appliance_software	9.8.4.32
cisco	adaptive_security_appliance_software	9.8.4.33
cisco	adaptive_security_appliance_software	9.8.4.34
cisco	adaptive_security_appliance_software	9.8.4.35
cisco	adaptive_security_appliance_software	9.8.4.39
cisco	adaptive_security_appliance_software	9.8.4.40
cisco	adaptive_security_appliance_software	9.8.4.41
cisco	adaptive_security_appliance_software	9.8.4.43
cisco	adaptive_security_appliance_software	9.8.4.44
cisco	adaptive_security_appliance_software	9.8.4.45
cisco	adaptive_security_appliance_software	9.8.4.46
cisco	adaptive_security_appliance_software	9.8.4.48
cisco	adaptive_security_appliance_software	9.12.1
cisco	adaptive_security_appliance_software	9.12.1.2
cisco	adaptive_security_appliance_software	9.12.1.3
cisco	adaptive_security_appliance_software	9.12.2
cisco	adaptive_security_appliance_software	9.12.2.1
cisco	adaptive_security_appliance_software	9.12.2.4
cisco	adaptive_security_appliance_software	9.12.2.5
cisco	adaptive_security_appliance_software	9.12.2.9
cisco	adaptive_security_appliance_software	9.12.3
cisco	adaptive_security_appliance_software	9.12.3.2
cisco	adaptive_security_appliance_software	9.12.3.7
cisco	adaptive_security_appliance_software	9.12.3.9
cisco	adaptive_security_appliance_software	9.12.3.12
cisco	adaptive_security_appliance_software	9.12.4
cisco	adaptive_security_appliance_software	9.12.4.2
cisco	adaptive_security_appliance_software	9.12.4.4
cisco	adaptive_security_appliance_software	9.12.4.7
cisco	adaptive_security_appliance_software	9.12.4.8
cisco	adaptive_security_appliance_software	9.12.4.10
cisco	adaptive_security_appliance_software	9.12.4.13
cisco	adaptive_security_appliance_software	9.12.4.18
cisco	adaptive_security_appliance_software	9.12.4.24
cisco	adaptive_security_appliance_software	9.12.4.26
cisco	adaptive_security_appliance_software	9.12.4.29
cisco	adaptive_security_appliance_software	9.12.4.30
cisco	adaptive_security_appliance_software	9.12.4.35
cisco	adaptive_security_appliance_software	9.12.4.37
cisco	adaptive_security_appliance_software	9.12.4.38
cisco	adaptive_security_appliance_software	9.12.4.39
cisco	adaptive_security_appliance_software	9.12.4.40
cisco	adaptive_security_appliance_software	9.12.4.41
cisco	adaptive_security_appliance_software	9.12.4.47
cisco	adaptive_security_appliance_software	9.12.4.48
cisco	adaptive_security_appliance_software	9.12.4.50
cisco	adaptive_security_appliance_software	9.12.4.52
cisco	adaptive_security_appliance_software	9.12.4.54
cisco	adaptive_security_appliance_software	9.12.4.55
cisco	adaptive_security_appliance_software	9.12.4.56
cisco	adaptive_security_appliance_software	9.12.4.58
cisco	adaptive_security_appliance_software	9.12.4.62
cisco	adaptive_security_appliance_software	9.12.4.65
cisco	adaptive_security_appliance_software	9.14.1
cisco	adaptive_security_appliance_software	9.14.1.6
cisco	adaptive_security_appliance_software	9.14.1.10
cisco	adaptive_security_appliance_software	9.14.1.15
cisco	adaptive_security_appliance_software	9.14.1.19
cisco	adaptive_security_appliance_software	9.14.1.30
cisco	adaptive_security_appliance_software	9.14.2
cisco	adaptive_security_appliance_software	9.14.2.4
cisco	adaptive_security_appliance_software	9.14.2.8
cisco	adaptive_security_appliance_software	9.14.2.13
cisco	adaptive_security_appliance_software	9.14.2.15
cisco	adaptive_security_appliance_software	9.14.3
cisco	adaptive_security_appliance_software	9.14.3.1
cisco	adaptive_security_appliance_software	9.14.3.9
cisco	adaptive_security_appliance_software	9.14.3.11
cisco	adaptive_security_appliance_software	9.14.3.13
cisco	adaptive_security_appliance_software	9.14.3.15
cisco	adaptive_security_appliance_software	9.14.3.18
cisco	adaptive_security_appliance_software	9.14.4
cisco	adaptive_security_appliance_software	9.14.4.6
cisco	adaptive_security_appliance_software	9.14.4.7
cisco	adaptive_security_appliance_software	9.14.4.12
cisco	adaptive_security_appliance_software	9.14.4.13
cisco	adaptive_security_appliance_software	9.14.4.14
cisco	adaptive_security_appliance_software	9.14.4.15
cisco	adaptive_security_appliance_software	9.14.4.17
cisco	adaptive_security_appliance_software	9.14.4.22
cisco	adaptive_security_appliance_software	9.14.4.23
cisco	adaptive_security_appliance_software	9.15.1
cisco	adaptive_security_appliance_software	9.15.1.1
cisco	adaptive_security_appliance_software	9.15.1.7
cisco	adaptive_security_appliance_software	9.15.1.10
cisco	adaptive_security_appliance_software	9.15.1.15
cisco	adaptive_security_appliance_software	9.15.1.16
cisco	adaptive_security_appliance_software	9.15.1.17
cisco	adaptive_security_appliance_software	9.15.1.21
cisco	adaptive_security_appliance_software	9.16.1
cisco	adaptive_security_appliance_software	9.16.1.28
cisco	adaptive_security_appliance_software	9.16.2
cisco	adaptive_security_appliance_software	9.16.2.3
cisco	adaptive_security_appliance_software	9.16.2.7
cisco	adaptive_security_appliance_software	9.16.2.11
cisco	adaptive_security_appliance_software	9.16.2.13
cisco	adaptive_security_appliance_software	9.16.2.14
cisco	adaptive_security_appliance_software	9.16.3
cisco	adaptive_security_appliance_software	9.16.3.3
cisco	adaptive_security_appliance_software	9.16.3.14
cisco	adaptive_security_appliance_software	9.16.3.15
cisco	adaptive_security_appliance_software	9.16.3.19
cisco	adaptive_security_appliance_software	9.16.3.23
cisco	adaptive_security_appliance_software	9.16.4
cisco	adaptive_security_appliance_software	9.16.4.9
cisco	adaptive_security_appliance_software	9.16.4.14
cisco	adaptive_security_appliance_software	9.16.4.18
cisco	adaptive_security_appliance_software	9.16.4.19
cisco	adaptive_security_appliance_software	9.16.4.27
cisco	adaptive_security_appliance_software	9.16.4.38
cisco	adaptive_security_appliance_software	9.16.4.39
cisco	adaptive_security_appliance_software	9.16.4.42
cisco	adaptive_security_appliance_software	9.16.4.48
cisco	adaptive_security_appliance_software	9.16.4.55
cisco	adaptive_security_appliance_software	9.17.1
cisco	adaptive_security_appliance_software	9.17.1.7
cisco	adaptive_security_appliance_software	9.17.1.9
cisco	adaptive_security_appliance_software	9.17.1.10
cisco	adaptive_security_appliance_software	9.17.1.11
cisco	adaptive_security_appliance_software	9.17.1.13
cisco	adaptive_security_appliance_software	9.17.1.15
cisco	adaptive_security_appliance_software	9.17.1.20
cisco	adaptive_security_appliance_software	9.17.1.30
cisco	adaptive_security_appliance_software	9.17.1.33
cisco	adaptive_security_appliance_software	9.18.1
cisco	adaptive_security_appliance_software	9.18.1.3
cisco	adaptive_security_appliance_software	9.18.2
cisco	adaptive_security_appliance_software	9.18.2.5
cisco	adaptive_security_appliance_software	9.18.2.7
cisco	adaptive_security_appliance_software	9.18.2.8
cisco	adaptive_security_appliance_software	9.18.3
cisco	adaptive_security_appliance_software	9.18.3.39
cisco	adaptive_security_appliance_software	9.18.3.46
cisco	adaptive_security_appliance_software	9.18.3.53
cisco	adaptive_security_appliance_software	9.18.3.55
cisco	adaptive_security_appliance_software	9.18.3.56
cisco	adaptive_security_appliance_software	9.18.4
cisco	adaptive_security_appliance_software	9.18.4.5
cisco	adaptive_security_appliance_software	9.18.4.8
cisco	adaptive_security_appliance_software	9.19.1
cisco	adaptive_security_appliance_software	9.19.1.5
cisco	adaptive_security_appliance_software	9.19.1.9
cisco	adaptive_security_appliance_software	9.19.1.12
cisco	adaptive_security_appliance_software	9.19.1.18
cisco	adaptive_security_appliance_software	9.19.1.22
cisco	adaptive_security_appliance_software	9.19.1.24
cisco	adaptive_security_appliance_software	9.19.1.27
cisco	adaptive_security_appliance_software	9.20.1
cisco	adaptive_security_appliance_software	9.20.1.5
cisco	adaptive_security_appliance_software	9.20.2
cisco	firepower_threat_defense	6.2.3
cisco	firepower_threat_defense	6.2.3.1
cisco	firepower_threat_defense	6.2.3.2
cisco	firepower_threat_defense	6.2.3.3
cisco	firepower_threat_defense	6.2.3.4
cisco	firepower_threat_defense	6.2.3.5
cisco	firepower_threat_defense	6.2.3.6
cisco	firepower_threat_defense	6.2.3.7
cisco	firepower_threat_defense	6.2.3.8
cisco	firepower_threat_defense	6.2.3.9
cisco	firepower_threat_defense	6.2.3.10
cisco	firepower_threat_defense	6.2.3.11
cisco	firepower_threat_defense	6.2.3.12
cisco	firepower_threat_defense	6.2.3.13
cisco	firepower_threat_defense	6.2.3.14
cisco	firepower_threat_defense	6.2.3.15
cisco	firepower_threat_defense	6.2.3.16
cisco	firepower_threat_defense	6.2.3.17
cisco	firepower_threat_defense	6.2.3.18
cisco	firepower_threat_defense	6.4.0
cisco	firepower_threat_defense	6.4.0.1
cisco	firepower_threat_defense	6.4.0.2
cisco	firepower_threat_defense	6.4.0.3
cisco	firepower_threat_defense	6.4.0.4
cisco	firepower_threat_defense	6.4.0.5
cisco	firepower_threat_defense	6.4.0.6
cisco	firepower_threat_defense	6.4.0.7
cisco	firepower_threat_defense	6.4.0.8
cisco	firepower_threat_defense	6.4.0.9
cisco	firepower_threat_defense	6.4.0.10
cisco	firepower_threat_defense	6.4.0.11
cisco	firepower_threat_defense	6.4.0.12
cisco	firepower_threat_defense	6.4.0.13
cisco	firepower_threat_defense	6.4.0.14
cisco	firepower_threat_defense	6.4.0.15
cisco	firepower_threat_defense	6.4.0.16
cisco	firepower_threat_defense	6.4.0.17
cisco	firepower_threat_defense	6.6.0
cisco	firepower_threat_defense	6.6.0.1
cisco	firepower_threat_defense	6.6.1
cisco	firepower_threat_defense	6.6.3
cisco	firepower_threat_defense	6.6.4
cisco	firepower_threat_defense	6.6.5
cisco	firepower_threat_defense	6.6.5.1
cisco	firepower_threat_defense	6.6.5.2
cisco	firepower_threat_defense	6.6.7
cisco	firepower_threat_defense	6.6.7.1
cisco	firepower_threat_defense	6.7.0
cisco	firepower_threat_defense	6.7.0.1
cisco	firepower_threat_defense	6.7.0.2
cisco	firepower_threat_defense	6.7.0.3
cisco	firepower_threat_defense	7.0.0
cisco	firepower_threat_defense	7.0.0.1
cisco	firepower_threat_defense	7.0.1
cisco	firepower_threat_defense	7.0.1.1
cisco	firepower_threat_defense	7.0.2
cisco	firepower_threat_defense	7.0.2.1
cisco	firepower_threat_defense	7.0.3
cisco	firepower_threat_defense	7.0.4
cisco	firepower_threat_defense	7.0.5
cisco	firepower_threat_defense	7.0.6
cisco	firepower_threat_defense	7.0.6.1
cisco	firepower_threat_defense	7.1.0
cisco	firepower_threat_defense	7.1.0.1
cisco	firepower_threat_defense	7.1.0.2
cisco	firepower_threat_defense	7.1.0.3
cisco	firepower_threat_defense	7.2.0
cisco	firepower_threat_defense	7.2.0.1
cisco	firepower_threat_defense	7.2.1
cisco	firepower_threat_defense	7.2.2
cisco	firepower_threat_defense	7.2.3
cisco	firepower_threat_defense	7.2.4
cisco	firepower_threat_defense	7.2.4.1
cisco	firepower_threat_defense	7.2.5
cisco	firepower_threat_defense	7.2.5.1
cisco	firepower_threat_defense	7.3.0
cisco	firepower_threat_defense	7.3.1
cisco	firepower_threat_defense	7.3.1.1
cisco	firepower_threat_defense	7.4.0
cisco	firepower_threat_defense	7.4.1

JSON

To clipboard

{
  "cisaActionDue": "2024-05-01",
  "cisaExploitAdd": "2024-04-24",
  "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
  "cisaVulnerabilityName": "Cisco ASA and FTD Denial of Service Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D482F818-0A8E-49D7-8E3E-0958019FA629",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E7BFB57-BC02-4930-A02F-83583E6A0FC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "026F1960-C879-4611-A60A-96311B63CCA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAF8B33E-0C95-467D-A865-0A234E69D0CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFF144F5-D933-4DE4-818C-001BD9E3958A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "00112ED3-FE7B-425B-9A28-1E5F2BC8BB01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDD491D5-FAAB-493F-91A6-D2F3B5F5970E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "1519F49D-588F-4B70-B38F-EF4F3E13FEAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "15354443-5EB7-4712-B2DE-61DB33830759",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "248D6B44-E134-4DEC-A947-636824E3FDFA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "0820A79C-F3EF-407F-9AC7-DCAB4CD39C89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D3E8805-85D2-4345-8076-039513209A31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "14BB907B-D75A-4F5E-B20D-5457A71A70EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "F118B803-4C55-436A-A136-0C1FEA49858F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.38:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A272121-408E-45F6-A2A1-0BA6EBC060A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "980CEA3B-5A81-4E8C-BEA3-DD31BE7DA2CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3910211-D4DB-4CA7-BBEA-DD8246FF10ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "C260BF30-7A33-4C70-9509-404856C93666",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF894850-39EC-4B57-BBFF-F1AB4F8389A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1FAFCF9-0ABE-483E-9604-329762BB7870",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "83DB4278-3126-4765-97C4-6C0A8C78DA78",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "174E631B-6099-47DE-8790-BBF4B7FDB8CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FE3538B-F612-4105-BFDE-A4B594482DCF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "3143B0FF-C855-485E-A908-E48974B1643C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "26DD9992-6D98-4E03-9599-ECF38A186FBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "24DCEAE6-355B-40AE-A7C8-AF744FCA8A86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "2097E81E-B422-4B93-AF09-F300A0E8AF71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "454DEA31-A607-4054-82D3-24A4FEB7358F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "57F0B213-8187-4465-84F1-FB8D92B36020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "E540771E-BA0B-42D1-8251-B576B0F142C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEC2A833-BECF-4000-A592-6113A84C2D20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "077F1416-924A-4D25-9CEE-3BD66A96A019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BDC8D92-D6E0-40EE-B190-D2B32C7DEB75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "23CD5619-E534-4F40-998D-39DC19FA0451",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5D0EB11-14B1-44B3-8D46-B9DD872F772C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FA399CF-12DB-42E0-A66F-14508B52A453",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B5A7608-E737-420E-9B5E-836600DAC701",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.32:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7EB6801-336D-4F41-ADE7-1C58C63C3F6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "8413DA41-02A5-4269-8C88-9DD5076AF91B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.34:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA00285F-6914-4749-8A47-FC4EDAFFF3C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "4AA4D367-32B9-4F54-8352-A959F61A1FDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "2259FF9E-0C8B-440F-B1AC-51BDE3F60E68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C522B55-904D-4C08-B73E-1457D877C0AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "4483056A-FBF3-4E00-81EB-1E97334EF240",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.43:*:*:*:*:*:*:*",
              "matchCriteriaId": "48677330-06AB-4C7F-B2AD-F7E465A9632A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.44:*:*:*:*:*:*:*",
              "matchCriteriaId": "7AEA80D2-5DB8-4334-9A88-7DDE395832C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.45:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB1C38A5-1028-4AD3-8CC7-A00091091E76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.46:*:*:*:*:*:*:*",
              "matchCriteriaId": "848147B2-C49A-43F6-9069-FC8885BDFDA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.48:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6FEF0DA-741E-4361-8143-068EB47D6520",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F002FD55-F881-450E-BC1B-8073E188F47E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA940C4F-13BB-465F-BB8D-CBD0109BF012",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B0434F5-9A50-4B57-9C5B-E09415D098C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE727035-06CB-4E37-A9D2-96BD54502120",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FE52B81-2CF8-48E5-A7BA-A163A25A669B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8E8D7C9-5272-40E6-869B-B33959F9F0CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE8D5D71-5C85-4644-8A84-F073549ADB50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "0790DDC2-7BA0-42DC-A157-754C0CBBE178",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "882394EA-70C8-4D86-9AEF-5D273D8E518C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "855AD3CC-F404-48C5-80D2-7F2765D16D72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "26B6BF72-9124-4213-B3C0-BD31B46E8C91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE8FBE89-8FDA-4B9B-BA1A-90FFD482A585",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "149C3872-8DA9-48DD-ADD0-2E84C1A76A40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2D33E8C-294A-4C43-8DB6-9DA9F61F0B3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E23ACB0-DF8B-4672-A819-4DCD3104CE4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4723B88-62BA-40E6-AA89-BAC02D6A036F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C698819-3C8E-4A16-8F52-42FF1E54C076",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D3CE74E-59E7-448A-8417-18F97C05C798",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "0986C171-0E75-4F6F-A9BD-276830104E5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "66A2777A-7831-4324-AEB2-5D93B5F6C04B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "37045680-9189-4B7F-A4F7-4E682FE20A09",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6C9F37B-CF3C-4861-A969-C7CF4946274A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A1DAF21-3FED-4691-9D4C-8FD8CEA7FB3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB938E58-4963-4A31-8836-88E958592B30",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E317897-EE97-44F3-96BB-E54228D72A7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EF7FAB2-158D-4C48-9246-E7AD3BF1D801",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.37:*:*:*:*:*:*:*",
              "matchCriteriaId": "056D43AE-ECDB-40D2-A196-18DDCD02629E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.38:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3E555F3-3580-4D71-8D8D-92FE72763D62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "93013503-8B9A-4160-AF7E-277958FA6E9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3B009FD-0F2B-4511-8EDF-C3E670623F89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "52579D8D-E855-42B3-B406-32DD1C39F721",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.47:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7E44FC6-12A2-4F76-A095-28F3804B619F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.48:*:*:*:*:*:*:*",
              "matchCriteriaId": "42917E5E-E362-4B40-B2B2-3C77BA35641C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.50:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF317FA3-EBF3-49BB-A9E6-0D4295FA3F60",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.52:*:*:*:*:*:*:*",
              "matchCriteriaId": "F98B1683-914F-43D3-AE1C-311D3A90BE8C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.54:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8D24656-CAB1-4A98-A440-482927FEDD16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.55:*:*:*:*:*:*:*",
              "matchCriteriaId": "E504557C-DA5D-4D0F-A813-4CE7D5109F15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.56:*:*:*:*:*:*:*",
              "matchCriteriaId": "04D2A067-C717-4921-BBF5-3EFBE02736EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.58:*:*:*:*:*:*:*",
              "matchCriteriaId": "36DDEC5B-4BEA-499C-9F34-BB3D39B7A963",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.62:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4E44C37-0F6F-440B-BA26-FB6D0B179E44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.65:*:*:*:*:*:*:*",
              "matchCriteriaId": "6AEE0050-34DC-49CB-B859-8ED500FD79A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "52D83C3A-ED0B-42D5-A08A-97D27E189875",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "A649E319-D408-4AA2-8293-C9E37AF14BA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4187EFE-4D7E-4493-A6E0-24C98256CF79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "6730194F-5069-40AB-AE66-871D3992560C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E257F98-D1A0-4D28-9504-1749CC090D49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FF1A5FC-73BE-4218-86D9-2E81FA64EABD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E492943-6EC0-4E34-9DBC-DD1C2CF1CDCC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "589E46F3-8038-4B87-8C40-55C6268B82F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F3B73F6-139E-42DC-B895-DDD17B5A1138",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A2590E7-FE04-4B29-B36B-AABAA5F3B9AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E4FD5E3-7E82-4294-8B05-D2045D857029",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E998A4A-5346-4CFA-A617-FD1106C6B7A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "91265549-A16E-4A00-A031-4F1EB8D6881C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA3C316B-5485-4CDD-A1A1-6C0A9CB4719F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECE6D033-7B8B-4F61-B653-0C0EF13466EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "14441650-DAD5-4959-83DF-4D6F3D6A05FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B21ABC9-A64B-43E4-8951-1E6C0F427DBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "A48EC041-322F-422D-B95B-0FC07BDA2B6B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE0D50C0-DADB-4747-8649-8A5257111FE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEE2699F-353F-44CB-A778-981783DDC31F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D8E50BD-1FBD-483B-9C27-70E95C732E55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "F46E5E4F-787C-4C05-B1E7-C39BB9125D16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6A29312-38E7-456B-94DD-4D7329691114",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "27F7BB31-C733-4C32-BF0F-33B5AF020156",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC313568-33A6-435B-98FF-8A7091D9C451",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F85710A-28CE-4913-8523-356461908FBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6069950-016B-419A-B754-D58956CB6D14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A2F3FEC-624F-47C5-B056-836861BB038A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA0B9B73-A9E6-4924-9EAE-B57E534938FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "012812C4-EFF8-465F-A771-134BEB617CC9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "E06141A9-8C37-445A-B58A-45739AFE7D4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "7EDC09E5-51D3-4672-B910-B34A9CBD6128",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "71ED7A71-81CB-444C-A4ED-EA4A58D5E73C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "CAD13331-0EB8-4C8D-85CC-D96CA9F829AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "7137F22B-F993-4620-9378-9412DAEA9EF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "923A40E8-6456-4288-B9AB-DBF5F9C4246A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "13F57A86-6284-4269-823E-B30C57185D14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.1.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6560447-039C-40FA-A24D-C8994AC2743B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "378ED826-F5FE-40BA-9FC0-9C185A13518B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "130B6FD9-764D-4EF8-91AA-37E52AE9B3E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "225861CE-FFF8-4AFA-A07B-CB8D5BC9C361",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD08C4E8-3ADB-4048-9B3C-4F0385201523",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4875811-F209-49ED-B310-8377B2F87FF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "99C52C7B-B626-4A3C-A2EC-28A20E7FA95F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "08CCBF5E-257A-4A1F-8930-3643A9588838",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "782BC9ED-1395-472B-9F34-DED812AA5BFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "153449C0-B93F-49A2-8A6A-BE84305E8D2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "853A002C-839A-4372-8485-750A86E9F6E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "C62BB5D6-CE75-4C83-82DC-4148EF8CB1F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "D32F1365-EAF8-4570-B2FF-45E47E8586F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFD07F9B-6BB3-4423-8DBE-4E89A6478E65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "34FE4F28-B704-4325-AE8A-C790163FEE71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "E832BC0C-8439-4779-9064-C2D93F231031",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA99DF94-D031-4375-9A16-306606FE28F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC149D03-5609-46E6-A1B3-F4D91F282B49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.27:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5D7FC6F-1370-4272-97E5-226C2ED1D335",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.38:*:*:*:*:*:*:*",
              "matchCriteriaId": "164D5774-D51B-47C6-AD32-ED6B84E78BBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "24A810C8-1BB5-4589-84AB-C357C1937201",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.42:*:*:*:*:*:*:*",
              "matchCriteriaId": "F22D8D65-2E88-4557-BF85-1E3ABD4CCAE8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.48:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF62C9AF-70F5-4A12-9B0A-F32551FB2C40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.55:*:*:*:*:*:*:*",
              "matchCriteriaId": "A04EB4FB-0C9F-441E-B02A-6B22F195348F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "27ACBA2A-87A7-4836-A474-AFD7D22F820D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "C73E0B2E-BABF-4998-A1D7-4E803F9D78AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "59306ADF-FAA6-4970-ADFB-C5D9A5AEF1AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "959107AC-E9EC-467C-901B-A3164E3762E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F944F8F-0255-42BE-BD44-D21EC9F0FFC4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F39C535-5A41-47CE-A9CF-B360998D4BF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9CEAEFC-7B82-41F9-A09D-C86A3A60A4FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "40FAC31D-19C0-4BA0-A019-C7E7A0BA0B5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "6CAAFE0F-416F-4BCA-BA37-30EAEADA8AFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E1E8552-58F0-491E-B7D7-E89527872FC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BA16A6D-2747-4DAC-A30A-166F1FD906FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "289F9874-FC01-4809-9BDA-1AF583FB60B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "74EDFC67-E4EE-4D2C-BF9F-5881C987C662",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "826869BE-4874-4BBA-9392-14851560BA10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF52D477-3045-45D1-9FD3-12F396266463",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "88E310BF-F1F6-4124-A875-81967B9B531E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B330F8F-F0DA-472C-A932-AD1D232C7DB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BF59DAA-268C-4FCF-A0AA-7967128AEBC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.46:*:*:*:*:*:*:*",
              "matchCriteriaId": "140ED95D-173C-4ADB-A2E6-97F0D595D1AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.53:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC9B00E1-3E50-4356-B6D9-F84BCD552402",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.55:*:*:*:*:*:*:*",
              "matchCriteriaId": "552319A9-01F7-47BA-83B3-B2DD648AA07E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.56:*:*:*:*:*:*:*",
              "matchCriteriaId": "4914603C-4B1B-48F1-826C-DB803BD21F87",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AE21762-3085-4AFC-B1DE-A4562CDAC509",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "852C3478-7529-4002-8540-ABA4D556DEFC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "23B8A815-5D58-4952-936E-D47B83637BEB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEE52F59-AABA-4069-A909-64AD5DFD2B18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "20D7966E-B02B-48C8-BF96-723DD6C25314",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA618249-E76F-4104-9326-C9F2DC8DE3D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C925E1F-6BD9-4CD1-8AC4-4263A9094786",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5EE76D9-6D18-4823-B6B0-E1394A4D140C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F635946-586D-4DE2-927B-300CE569C596",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "459C11B9-ABA1-472A-8CDA-9C7B4E48E943",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.27:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA060112-E2D8-4EC5-8400-D8D189A119B5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B25468E3-03F9-4C2A-B82A-F87F4FCD57E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EC6F412-4A30-4E9A-B8DF-C4BF80E5C4B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA47E8EA-29F2-40F3-826E-E7295FFAD8C1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D726F07-06F1-4B0A-B010-E607E0C2A280",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FAD2427-82A3-4E64-ADB5-FA4F40B568F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "08D5A647-AC21-40AC-8B3C-EE5D3EDA038A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BAE999A-5244-46CF-8C12-D68E789BDEE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6468D3D-C5A7-4FAE-B4B9-AD862CD11055",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6E4808D-592E-46A6-A83A-A46227D817B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AB45136-ACCD-4230-8975-0EBB30D5B375",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2C39AC1-1B96-4253-9FC8-4CC26D6261F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE9102C8-F211-4E50-967F-FD51C7FC904F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4933642-89E5-4909-AD3C-862CD3B77790",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9A6C776-79B3-47ED-B013-100B8F08E1C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "E504F28A-44CE-4B3E-9330-6A98728E3AEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEA0DD43-D206-4C1C-8B17-DA47F96B3BAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "1983172D-4F52-479F-BF14-A84B92D36864",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "4122D982-A57A-4249-A8DC-CE9FC6C98803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "96464380-F665-4266-B0AD-693E078C9F82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C230B8A-570D-4F58-83E1-AFA50B813EA4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD3F39CB-C4C2-4B13-94F0-9E44322314BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "59A71873-0EB2-418F-AE33-8474A1010FA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2DF0B07-8C2A-4341-8AFF-DE7E5E5B3A43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E6BD0EE-649E-4ED6-A09C-8364335DEF52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AE11554-FE3C-4C8B-8986-5D88E4967342",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1C11983-22A8-4859-A240-571A7815FF54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "24CD0B0A-2B91-45DD-9522-8D1D3850CC9B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7026F0E-72A7-4CDF-BADC-E34FE6FADC51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "63B85369-FBAE-456C-BC99-5418B043688A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "86434346-D5F0-49BA-803E-244C3266E361",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2FA7B3C-002D-4755-B323-CA24B770A5B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1CB7EBC-F3D5-4855-A8D8-BA5AB21FD719",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2A5530C-DF29-421B-9712-3454C1769446",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "41170977-FEEA-4B51-BF98-8493096CD691",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "B05791F9-0B31-4C4C-A9BA-9268CAA45FB2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D975CBA-7F01-4A4C-991B-9571410C4F07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6D7AF29-4E08-4BFD-AFE0-994309E66F08",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2EFA476-5021-4A00-859E-1643009D6156",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6E3A5DC-A237-46E4-A4E5-F135482F984A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "B166867E-E51B-46E3-A6E2-B10E67364058",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCD69468-8067-4A5D-B2B0-EC510D889AA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "20AE4051-FA3B-4F0B-BD3D-083A14269FF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "46A42D07-FF3E-41B4-BA39-3A5BDA4E0E61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3985EA37-2B77-45F2-ABA5-5CCC7B35CA2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "67FB5ABE-3C40-4C58-B91F-0621C2180FAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "53909FD6-EC74-4D2F-99DA-26E70400B53F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "55FE024D-0D43-40AD-9645-8C54ECF17824",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC411A8D-CD39-46F5-B8FC-6753E618FAEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "D46E2E00-BA86-4002-B67B-2C1A6C1AAAE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "91AD8BA2-EB8D-4D8B-B707-AF5C2A831998",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "85F22403-B4EE-4303-9C94-915D3E0AC944",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "828E3DE1-B62E-4FEC-AAD3-EB0E452C9CBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "596EC5DD-D7F4-44C8-B4B5-E2DC142FC486",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C356E0E6-5B87-40CF-996E-6FFEDFD82A31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBCA75A6-0A3E-4393-8884-9F3CE190641E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F3C12D3-7662-46C5-9E88-D1BE6CF605E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "046B53A0-6BC1-461A-9C28-C534CE12C4BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA889E1-4E8F-4ECE-88AC-7A240D5CBF0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D1C767F-3E06-43B7-A0CC-D51D97A053EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "43A950B0-A7CA-4CE7-A393-A18C8C41B08E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7E221CB-BD0F-4AEE-8646-998B75647714",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "225382DE-2919-48F4-9CC0-DE685EAAFDF4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBA2DFE7-F478-46EC-9832-4B2C738FC879",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "39FE5927-2421-4CBE-97EA-6AED892DA1C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8BF2227-3C50-4FD1-98DB-21196E75D1DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D619BF54-1BA9-45D0-A876-92D7010088A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "469EA365-DED5-4436-AAC2-5553529DE700",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D94F400-5A35-41F5-B37F-E9DA6F87ED8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5364CB94-BEA3-4E9A-A2F9-EE96A2D7F8AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FD5D12-CF1A-4990-99B3-1840EFBA5611",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCD2D11D-FF08-44E4-BF67-D8DD1E701FCD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F788D156-1F1F-4A08-848B-257BC4CCE000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "795ED164-7800-4D50-8E37-665BE30190D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B0664B8-1670-4F47-A01E-089D05A9618A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6826018-5620-4924-BE92-6A245378F610",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A49A07CF-12BA-481C-B5FF-754520080A8A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "F203C7D1-AA92-4367-B7A5-EBAE6B76EE6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0064C97F-1140-43AC-8229-C8CCC367DC4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBC0C3DC-4761-488A-90A9-6EA45EE61526",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "62EE065B-F8B6-4125-8486-B2EE0566B27A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5245DEF8-64BE-47C9-AA3C-DF3F7F92A89F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3E08AAC-9C5E-4D18-817C-C466D1D6C4DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "724A3B6F-DDAB-4A2F-8430-9E1F352D755F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the management and VPN web servers for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition.\r\n\r This vulnerability is due to incomplete error checking when parsing an HTTP header. An attacker could exploit this vulnerability by sending a crafted HTTP request to a targeted web server on a device. A successful exploit could allow the attacker to cause a DoS condition when the device reloads."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en los servidores web de administraci\u00f3n y VPN para el software Cisco Adaptive Security Appliance (ASA) y el software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir que un atacante remoto no autenticado provoque que el dispositivo se recargue inesperadamente, lo que resultar\u00eda en una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Esta vulnerabilidad se debe a una comprobaci\u00f3n de errores incompleta al analizar un encabezado HTTP. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una solicitud HTTP dise\u00f1ada a un servidor web espec\u00edfico en un dispositivo. Un exploit exitoso podr\u00eda permitir al atacante provocar una condici\u00f3n DoS cuando el dispositivo se recarga."
    }
  ],
  "id": "CVE-2024-20353",
  "lastModified": "2025-07-30T19:25:41.740",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-04-24T19:15:46.723",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-websrvs-dos-X8gNucD2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-websrvs-dos-X8gNucD2"
    },
    {
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://blog.talosintelligence.com/arcanedoor-new-espionage-focused-campaign-found-targeting-perimeter-network-devices/"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-835"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-835"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-10-21 19:15

Modified

2024-11-21 05:30

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Summary

A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to access hidden commands. The vulnerability is due to the presence of undocumented configuration commands. An attacker could exploit this vulnerability by performing specific steps that make the hidden commands accessible. A successful exploit could allow the attacker to make configuration changes to various sections of an affected device that should not be exposed to CLI access.

References

▼	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-hidcmd-pFDeWVBd	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-hidcmd-pFDeWVBd	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*
cisco	firepower_threat_defense	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB4FADF7-A3CD-44B4-85DF-75F28369B459",
              "versionEndExcluding": "6.3.0.6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "53C69C8B-5A19-4613-8861-683CF21806B7",
              "versionEndExcluding": "6.4.0.10",
              "versionStartIncluding": "6.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3ED0E59C-146C-494F-AD46-F6FB43F9C575",
              "versionEndExcluding": "6.5.0.5",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "754010DE-2C33-4BA1-9567-90C46309B664",
              "versionEndExcluding": "6.6.1",
              "versionStartIncluding": "6.6.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to access hidden commands. The vulnerability is due to the presence of undocumented configuration commands. An attacker could exploit this vulnerability by performing specific steps that make the hidden commands accessible. A successful exploit could allow the attacker to make configuration changes to various sections of an affected device that should not be exposed to CLI access."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la CLI de Cisco Firepower Threat Defense (FTD) Software, podr\u00eda permitir a un atacante local autenticado acceder a comandos ocultos.\u0026#xa0;La vulnerabilidad es debido a una presencia de comandos de configuraci\u00f3n no documentados.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad al llevar a cabo pasos espec\u00edficos que hagan accesibles los comandos ocultos.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir a un atacante realizar cambios de configuraci\u00f3n en m\u00faltiples secciones de un dispositivo afectado que no deber\u00eda estar expuesto al acceso de la CLI"
    }
  ],
  "id": "CVE-2020-3352",
  "lastModified": "2024-11-21T05:30:51.623",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 1.9,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 3.4,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "LOW",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
          "version": "3.0"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 3.4,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "NONE",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-10-21T19:15:15.810",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-hidcmd-pFDeWVBd"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-hidcmd-pFDeWVBd"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-912"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2019-12698 (GCVE-0-2019-12698)

Vulnerability from cvelistv5

Published

2019-10-02 19:06

Modified

2024-11-19 18:53

Severity ?

5.3 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CWE

CWE-400

Summary

A vulnerability in the WebVPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause increased CPU utilization on an affected device. The vulnerability is due to excessive processing load for a specific WebVPN HTTP page request. An attacker could exploit this vulnerability by sending multiple WebVPN HTTP page load requests for a specific URL. A successful exploit could allow the attacker to increase CPU load on the device, resulting in a denial of service (DoS) condition, which could cause traffic to be delayed through the device.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-ftd-dos	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Adaptive Security Appliance (ASA) Software	Version: unspecified < n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T23:24:39.216Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20191002 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software WebVPN CPU Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-ftd-dos"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2019-12698",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-19T17:22:43.649754Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-19T18:53:53.687Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "n/a",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2019-10-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the WebVPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause increased CPU utilization on an affected device. The vulnerability is due to excessive processing load for a specific WebVPN HTTP page request. An attacker could exploit this vulnerability by sending multiple WebVPN HTTP page load requests for a specific URL. A successful exploit could allow the attacker to increase CPU load on the device, resulting in a denial of service (DoS) condition, which could cause traffic to be delayed through the device."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-10-02T19:06:48",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20191002 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software WebVPN CPU Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-ftd-dos"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20191002-asa-ftd-dos",
        "defect": [
          [
            "CSCvp76944"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software WebVPN CPU Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2019-10-02T16:00:00-0700",
          "ID": "CVE-2019-12698",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software WebVPN CPU Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the WebVPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause increased CPU utilization on an affected device. The vulnerability is due to excessive processing load for a specific WebVPN HTTP page request. An attacker could exploit this vulnerability by sending multiple WebVPN HTTP page load requests for a specific URL. A successful exploit could allow the attacker to increase CPU load on the device, resulting in a denial of service (DoS) condition, which could cause traffic to be delayed through the device."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "5.3",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-400"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20191002 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software WebVPN CPU Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-ftd-dos"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20191002-asa-ftd-dos",
          "defect": [
            [
              "CSCvp76944"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2019-12698",
    "datePublished": "2019-10-02T19:06:48.792162Z",
    "dateReserved": "2019-06-04T00:00:00",
    "dateUpdated": "2024-11-19T18:53:53.687Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-20745 (GCVE-0-2022-20745)

Vulnerability from cvelistv5

Published

2022-05-03 03:15

Modified

2024-11-06 16:21

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-20

Summary

A vulnerability in the web services interface for remote access VPN features of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to improper input validation when parsing HTTPS requests. An attacker could exploit this vulnerability by sending a crafted HTTPS request to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asafdt-webvpn-dos-tzPSYern	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Adaptive Security Appliance (ASA) Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T02:24:49.432Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20220427 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Interface Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asafdt-webvpn-dos-tzPSYern"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-20745",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-06T16:01:39.307772Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-06T16:21:20.590Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2022-04-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the web services interface for remote access VPN features of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to improper input validation when parsing HTTPS requests. An attacker could exploit this vulnerability by sending a crafted HTTPS request to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-05-03T03:15:12",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20220427 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Interface Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asafdt-webvpn-dos-tzPSYern"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asafdt-webvpn-dos-tzPSYern",
        "defect": [
          [
            "CSCvz70595"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Interface Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2022-04-27T16:00:00",
          "ID": "CVE-2022-20745",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Interface Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the web services interface for remote access VPN features of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to improper input validation when parsing HTTPS requests. An attacker could exploit this vulnerability by sending a crafted HTTPS request to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.6",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20220427 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Interface Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asafdt-webvpn-dos-tzPSYern"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-asafdt-webvpn-dos-tzPSYern",
          "defect": [
            [
              "CSCvz70595"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2022-20745",
    "datePublished": "2022-05-03T03:15:12.400441Z",
    "dateReserved": "2021-11-02T00:00:00",
    "dateUpdated": "2024-11-06T16:21:20.590Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-3306 (GCVE-0-2020-3306)

Vulnerability from cvelistv5

Published

2020-05-06 16:42

Modified

2024-11-15 17:22

Severity ?

6.8 (Medium) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-400

Summary

A vulnerability in the DHCP module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. The vulnerability is due to incorrect processing of certain DHCP packets. An attacker could exploit this vulnerability by sending a crafted DHCP packet to the affected device. A successful exploit could allow the attacker to cause a DoS condition on the affected device.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dos-qk8cTGLz	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Adaptive Security Appliance (ASA) Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T07:30:57.724Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20200506 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software DHCP Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dos-qk8cTGLz"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-3306",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-15T16:28:32.330739Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-15T17:22:34.105Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2020-05-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the DHCP module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. The vulnerability is due to incorrect processing of certain DHCP packets. An attacker could exploit this vulnerability by sending a crafted DHCP packet to the affected device. A successful exploit could allow the attacker to cause a DoS condition on the affected device."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-05-06T16:42:29",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20200506 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software DHCP Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dos-qk8cTGLz"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asaftd-dos-qk8cTGLz",
        "defect": [
          [
            "CSCvq41939"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software DHCP Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2020-05-06T16:00:00-0700",
          "ID": "CVE-2020-3306",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software DHCP Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the DHCP module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. The vulnerability is due to incorrect processing of certain DHCP packets. An attacker could exploit this vulnerability by sending a crafted DHCP packet to the affected device. A successful exploit could allow the attacker to cause a DoS condition on the affected device."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "6.8",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-400"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20200506 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software DHCP Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dos-qk8cTGLz"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-asaftd-dos-qk8cTGLz",
          "defect": [
            [
              "CSCvq41939"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2020-3306",
    "datePublished": "2020-05-06T16:42:30.062823Z",
    "dateReserved": "2019-12-12T00:00:00",
    "dateUpdated": "2024-11-15T17:22:34.105Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-1476 (GCVE-0-2021-1476)

Vulnerability from cvelistv5

Published

2021-04-29 17:30

Modified

2024-11-08 23:23

Severity ?

6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-78

Summary

A vulnerability in the CLI of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system (OS) of an affected device. The vulnerability is due to insufficient input validation of commands that are supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input for specific commands. A successful exploit could allow the attacker to execute commands on the underlying OS with root privileges. To exploit this vulnerability, an attacker must have valid administrator-level credentials.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-cmd-inj-SELprvG	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Adaptive Security Appliance (ASA) Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T16:11:17.683Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20210428 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Command Injection Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-cmd-inj-SELprvG"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-1476",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-08T20:18:36.240053Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-08T23:23:34.923Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2021-04-28T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the CLI of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system (OS) of an affected device. The vulnerability is due to insufficient input validation of commands that are supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input for specific commands. A successful exploit could allow the attacker to execute commands on the underlying OS with root privileges. To exploit this vulnerability, an attacker must have valid administrator-level credentials."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "CWE-78",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-04-29T17:30:55",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20210428 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Command Injection Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-cmd-inj-SELprvG"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asa-ftd-cmd-inj-SELprvG",
        "defect": [
          [
            "CSCvx05381"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Command Injection Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2021-04-28T16:00:00",
          "ID": "CVE-2021-1476",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Command Injection Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the CLI of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system (OS) of an affected device. The vulnerability is due to insufficient input validation of commands that are supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input for specific commands. A successful exploit could allow the attacker to execute commands on the underlying OS with root privileges. To exploit this vulnerability, an attacker must have valid administrator-level credentials."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "6.7",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-78"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20210428 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Command Injection Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-cmd-inj-SELprvG"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-asa-ftd-cmd-inj-SELprvG",
          "defect": [
            [
              "CSCvx05381"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2021-1476",
    "datePublished": "2021-04-29T17:30:55.729681Z",
    "dateReserved": "2020-11-13T00:00:00",
    "dateUpdated": "2024-11-08T23:23:34.923Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-20127 (GCVE-0-2025-20127)

Vulnerability from cvelistv5

Published

2025-08-14 16:28

Modified

2025-09-03 17:39

Severity ?

7.7 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-404 - Improper Resource Shutdown or Release

Summary

A vulnerability in the TLS 1.3 implementation for a specific cipher for Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software for Cisco Firepower 3100 and 4200 Series devices could allow an authenticated, remote attacker to consume resources that are associated with incoming TLS 1.3 connections, which eventually could cause the device to stop accepting any new SSL/TLS or VPN requests. This vulnerability is due to the implementation of the TLS 1.3 Cipher TLS_CHACHA20_POLY1305_SHA256. An attacker could exploit this vulnerability by sending a large number of TLS 1.3 connections with the specific TLS 1.3 Cipher TLS_CHACHA20_POLY1305_SHA256. A successful exploit could allow the attacker to cause a denial of service (DoS) condition where no new incoming encrypted connections are accepted. The device must be reloaded to clear this condition. Note: These incoming TLS 1.3 connections include both data traffic and user-management traffic. After the device is in the vulnerable state, no new encrypted connections can be accepted.

References

▼	URL	Tags
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-3100_4200_tlsdos-2yNSCd54

Impacted products

Vendor

Product

Version

▼

Cisco

Cisco Adaptive Security Appliance (ASA) Software

Version: 9.20.1
Version: 9.20.1.5
Version: 9.20.2
Version: 9.20.2.10
Version: 9.20.2.21
Version: 9.20.2.22
Version: 9.20.3
Version: 9.22.1.1
Version: 9.20.3.4
Version: 9.20.3.7

Cisco

Cisco Firepower Threat Defense Software

Version: 7.4.0
Version: 7.4.1
Version: 7.4.1.1
Version: 7.4.2
Version: 7.6.0
Version: 7.4.2.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-20127",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-08-14T18:41:43.684080Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-08-14T19:21:36.390Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "9.20.1"
            },
            {
              "status": "affected",
              "version": "9.20.1.5"
            },
            {
              "status": "affected",
              "version": "9.20.2"
            },
            {
              "status": "affected",
              "version": "9.20.2.10"
            },
            {
              "status": "affected",
              "version": "9.20.2.21"
            },
            {
              "status": "affected",
              "version": "9.20.2.22"
            },
            {
              "status": "affected",
              "version": "9.20.3"
            },
            {
              "status": "affected",
              "version": "9.22.1.1"
            },
            {
              "status": "affected",
              "version": "9.20.3.4"
            },
            {
              "status": "affected",
              "version": "9.20.3.7"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "7.4.0"
            },
            {
              "status": "affected",
              "version": "7.4.1"
            },
            {
              "status": "affected",
              "version": "7.4.1.1"
            },
            {
              "status": "affected",
              "version": "7.4.2"
            },
            {
              "status": "affected",
              "version": "7.6.0"
            },
            {
              "status": "affected",
              "version": "7.4.2.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the TLS 1.3 implementation for a specific cipher for Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software for Cisco Firepower 3100 and 4200 Series devices could allow an authenticated, remote attacker to consume resources that are associated with incoming TLS 1.3 connections, which eventually could cause the device to stop accepting any new SSL/TLS or VPN requests.\r\n\r\nThis vulnerability is due to the implementation of the TLS 1.3 Cipher TLS_CHACHA20_POLY1305_SHA256. An attacker could exploit this vulnerability by sending a large number of TLS 1.3 connections with the specific TLS 1.3 Cipher TLS_CHACHA20_POLY1305_SHA256. A successful exploit could allow the attacker to cause a denial of service (DoS) condition where no new incoming encrypted connections are accepted. The device must be reloaded to clear this condition.\r\nNote: These incoming TLS 1.3 connections include both data traffic and user-management traffic. After the device is in the vulnerable state, no new encrypted connections can be accepted."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-404",
              "description": "Improper Resource Shutdown or Release",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-09-03T17:39:26.506Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-3100_4200_tlsdos-2yNSCd54",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-3100_4200_tlsdos-2yNSCd54"
        }
      ],
      "source": {
        "advisory": "cisco-sa-3100_4200_tlsdos-2yNSCd54",
        "defects": [
          "CSCwm91176"
        ],
        "discovery": "EXTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software for Firepower 3100 and 4200 Series TLS Cipher Denial of Service Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2025-20127",
    "datePublished": "2025-08-14T16:28:07.785Z",
    "dateReserved": "2024-10-10T19:15:13.212Z",
    "dateUpdated": "2025-09-03T17:39:26.506Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-3179 (GCVE-0-2020-3179)

Vulnerability from cvelistv5

Published

2020-05-06 16:35

Modified

2024-11-15 17:27

Severity ?

8.6 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-415

Summary

A vulnerability in the generic routing encapsulation (GRE) tunnel decapsulation feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a memory handling error when GRE over IPv6 traffic is processed. An attacker could exploit this vulnerability by sending crafted GRE over IPv6 packets with either IPv4 or IPv6 payload through an affected device. A successful exploit could allow the attacker to cause the device to crash, resulting in a DoS condition.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-2-sS2h7aWe	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Threat Defense Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T07:24:00.727Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20200506 Cisco Firepower Threat Defense Software Generic Routing Encapsulation Tunnel IPv6 Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-2-sS2h7aWe"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-3179",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-15T16:21:50.066835Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-15T17:27:47.225Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2020-05-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the generic routing encapsulation (GRE) tunnel decapsulation feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a memory handling error when GRE over IPv6 traffic is processed. An attacker could exploit this vulnerability by sending crafted GRE over IPv6 packets with either IPv4 or IPv6 payload through an affected device. A successful exploit could allow the attacker to cause the device to crash, resulting in a DoS condition."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-415",
              "description": "CWE-415",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-05-06T16:35:20",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20200506 Cisco Firepower Threat Defense Software Generic Routing Encapsulation Tunnel IPv6 Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-2-sS2h7aWe"
        }
      ],
      "source": {
        "advisory": "cisco-sa-ftd-dos-2-sS2h7aWe",
        "defect": [
          [
            "CSCvq78828"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Firepower Threat Defense Software Generic Routing Encapsulation Tunnel IPv6 Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2020-05-06T16:00:00-0700",
          "ID": "CVE-2020-3179",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Firepower Threat Defense Software Generic Routing Encapsulation Tunnel IPv6 Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Firepower Threat Defense Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the generic routing encapsulation (GRE) tunnel decapsulation feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a memory handling error when GRE over IPv6 traffic is processed. An attacker could exploit this vulnerability by sending crafted GRE over IPv6 packets with either IPv4 or IPv6 payload through an affected device. A successful exploit could allow the attacker to cause the device to crash, resulting in a DoS condition."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.6",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-415"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20200506 Cisco Firepower Threat Defense Software Generic Routing Encapsulation Tunnel IPv6 Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-2-sS2h7aWe"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-ftd-dos-2-sS2h7aWe",
          "defect": [
            [
              "CSCvq78828"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2020-3179",
    "datePublished": "2020-05-06T16:35:21.006399Z",
    "dateReserved": "2019-12-12T00:00:00",
    "dateUpdated": "2024-11-15T17:27:47.225Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2018-15399 (GCVE-0-2018-15399)

Vulnerability from cvelistv5

Published

2018-10-05 14:00

Modified

2024-11-26 14:32

Severity ?

CWE

CWE-400

Summary

A vulnerability in the TCP syslog module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to exhaust the 1550-byte buffers on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to a missing boundary check in an internal function. An attacker could exploit this vulnerability by establishing a man-in-the-middle position between an affected device and its configured TCP syslog server and then maliciously modifying the TCP header in segments that are sent from the syslog server to the affected device. A successful exploit could allow the attacker to exhaust buffer on the affected device and cause all TCP-based features to stop functioning, resulting in a DoS condition. The affected TCP-based features include AnyConnect SSL VPN, clientless SSL VPN, and management connections such as Secure Shell (SSH), Telnet, and HTTPS.

References

▼	URL	Tags
	http://www.securitytracker.com/id/1041785	vdb-entry, x_refsource_SECTRACK
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-asa-syslog-dos	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Adaptive Security Appliance (ASA) Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T09:54:02.914Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1041785",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1041785"
          },
          {
            "name": "20181003 Cisco Adaptive Security Appliance TCP Syslog Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-asa-syslog-dos"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2018-15399",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-25T18:48:05.630951Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-26T14:32:47.519Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-10-03T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the TCP syslog module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to exhaust the 1550-byte buffers on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to a missing boundary check in an internal function. An attacker could exploit this vulnerability by establishing a man-in-the-middle position between an affected device and its configured TCP syslog server and then maliciously modifying the TCP header in segments that are sent from the syslog server to the affected device. A successful exploit could allow the attacker to exhaust buffer on the affected device and cause all TCP-based features to stop functioning, resulting in a DoS condition. The affected TCP-based features include AnyConnect SSL VPN, clientless SSL VPN, and management connections such as Secure Shell (SSH), Telnet, and HTTPS."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-07T09:57:02",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "1041785",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1041785"
        },
        {
          "name": "20181003 Cisco Adaptive Security Appliance TCP Syslog Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-asa-syslog-dos"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20181003-asa-syslog-dos",
        "defect": [
          [
            "CSCvh73829"
          ]
        ],
        "discovery": "UNKNOWN"
      },
      "title": "Cisco Adaptive Security Appliance TCP Syslog Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2018-10-03T16:00:00-0500",
          "ID": "CVE-2018-15399",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance TCP Syslog Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the TCP syslog module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to exhaust the 1550-byte buffers on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to a missing boundary check in an internal function. An attacker could exploit this vulnerability by establishing a man-in-the-middle position between an affected device and its configured TCP syslog server and then maliciously modifying the TCP header in segments that are sent from the syslog server to the affected device. A successful exploit could allow the attacker to exhaust buffer on the affected device and cause all TCP-based features to stop functioning, resulting in a DoS condition. The affected TCP-based features include AnyConnect SSL VPN, clientless SSL VPN, and management connections such as Secure Shell (SSH), Telnet, and HTTPS."
            }
          ]
        },
        "impact": {
          "cvss": {
            "baseScore": "6.8",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-400"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1041785",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1041785"
            },
            {
              "name": "20181003 Cisco Adaptive Security Appliance TCP Syslog Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-asa-syslog-dos"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20181003-asa-syslog-dos",
          "defect": [
            [
              "CSCvh73829"
            ]
          ],
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2018-15399",
    "datePublished": "2018-10-05T14:00:00Z",
    "dateReserved": "2018-08-17T00:00:00",
    "dateUpdated": "2024-11-26T14:32:47.519Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-1493 (GCVE-0-2021-1493)

Vulnerability from cvelistv5

Published

2021-04-29 17:31

Modified

2024-11-08 23:22

Severity ?

8.5 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:H

CWE

CWE-120

Summary

A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause a buffer overflow on an affected system. The vulnerability is due to insufficient boundary checks for specific data that is provided to the web services interface of an affected system. An attacker could exploit this vulnerability by sending a malicious HTTP request. A successful exploit could allow the attacker to cause a buffer overflow condition on the affected system, which could disclose data fragments or cause the device to reload, resulting in a denial of service (DoS) condition.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-memc-dos-fncTyYKG	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Adaptive Security Appliance (ASA) Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T16:11:17.385Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20210428 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Buffer Overflow Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-memc-dos-fncTyYKG"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-1493",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-08T20:44:27.540120Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-08T23:22:48.496Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2021-04-28T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause a buffer overflow on an affected system. The vulnerability is due to insufficient boundary checks for specific data that is provided to the web services interface of an affected system. An attacker could exploit this vulnerability by sending a malicious HTTP request. A successful exploit could allow the attacker to cause a buffer overflow condition on the affected system, which could disclose data fragments or cause the device to reload, resulting in a denial of service (DoS) condition."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-120",
              "description": "CWE-120",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-04-29T17:31:14",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20210428 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Buffer Overflow Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-memc-dos-fncTyYKG"
        }
      ],
      "source": {
        "advisory": "cisco-sa-memc-dos-fncTyYKG",
        "defect": [
          [
            "CSCvw52609"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Buffer Overflow Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2021-04-28T16:00:00",
          "ID": "CVE-2021-1493",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Buffer Overflow Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause a buffer overflow on an affected system. The vulnerability is due to insufficient boundary checks for specific data that is provided to the web services interface of an affected system. An attacker could exploit this vulnerability by sending a malicious HTTP request. A successful exploit could allow the attacker to cause a buffer overflow condition on the affected system, which could disclose data fragments or cause the device to reload, resulting in a denial of service (DoS) condition."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.5",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-120"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20210428 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Buffer Overflow Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-memc-dos-fncTyYKG"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-memc-dos-fncTyYKG",
          "defect": [
            [
              "CSCvw52609"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2021-1493",
    "datePublished": "2021-04-29T17:31:14.652623Z",
    "dateReserved": "2020-11-13T00:00:00",
    "dateUpdated": "2024-11-08T23:22:48.496Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-3577 (GCVE-0-2020-3577)

Vulnerability from cvelistv5

Published

2020-10-21 18:40

Modified

2024-11-13 17:47

Severity ?

7.4 (High) - CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-20

Summary

A vulnerability in the ingress packet processing path of Cisco Firepower Threat Defense (FTD) Software for interfaces that are configured either as Inline Pair or in Passive mode could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. The vulnerability is due to insufficient validation when Ethernet frames are processed. An attacker could exploit this vulnerability by sending malicious Ethernet frames through an affected device. A successful exploit could allow the attacker do either of the following: Fill the /ngfw partition on the device: A full /ngfw partition could result in administrators being unable to log in to the device (including logging in through the console port) or the device being unable to boot up correctly. Note: Manual intervention is required to recover from this situation. Customers are advised to contact the Cisco Technical Assistance Center (TAC) to help recover a device in this condition. Cause a process crash: The process crash would cause the device to reload. No manual intervention is necessary to recover the device after the reload.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-inline-dos-nXqUyEqM	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Threat Defense Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T07:37:55.494Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20201021 Cisco Firepower Threat Defense Software Inline Pair/Passive Mode Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-inline-dos-nXqUyEqM"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-3577",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-13T17:22:45.733720Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-13T17:47:10.596Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2020-10-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the ingress packet processing path of Cisco Firepower Threat Defense (FTD) Software for interfaces that are configured either as Inline Pair or in Passive mode could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. The vulnerability is due to insufficient validation when Ethernet frames are processed. An attacker could exploit this vulnerability by sending malicious Ethernet frames through an affected device. A successful exploit could allow the attacker do either of the following: Fill the /ngfw partition on the device: A full /ngfw partition could result in administrators being unable to log in to the device (including logging in through the console port) or the device being unable to boot up correctly. Note: Manual intervention is required to recover from this situation. Customers are advised to contact the Cisco Technical Assistance Center (TAC) to help recover a device in this condition. Cause a process crash: The process crash would cause the device to reload. No manual intervention is necessary to recover the device after the reload."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-21T18:40:36",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20201021 Cisco Firepower Threat Defense Software Inline Pair/Passive Mode Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-inline-dos-nXqUyEqM"
        }
      ],
      "source": {
        "advisory": "cisco-sa-ftd-inline-dos-nXqUyEqM",
        "defect": [
          [
            "CSCvt02409"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Firepower Threat Defense Software Inline Pair/Passive Mode Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2020-10-21T16:00:00",
          "ID": "CVE-2020-3577",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Firepower Threat Defense Software Inline Pair/Passive Mode Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Firepower Threat Defense Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the ingress packet processing path of Cisco Firepower Threat Defense (FTD) Software for interfaces that are configured either as Inline Pair or in Passive mode could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. The vulnerability is due to insufficient validation when Ethernet frames are processed. An attacker could exploit this vulnerability by sending malicious Ethernet frames through an affected device. A successful exploit could allow the attacker do either of the following: Fill the /ngfw partition on the device: A full /ngfw partition could result in administrators being unable to log in to the device (including logging in through the console port) or the device being unable to boot up correctly. Note: Manual intervention is required to recover from this situation. Customers are advised to contact the Cisco Technical Assistance Center (TAC) to help recover a device in this condition. Cause a process crash: The process crash would cause the device to reload. No manual intervention is necessary to recover the device after the reload."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "7.4",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20201021 Cisco Firepower Threat Defense Software Inline Pair/Passive Mode Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-inline-dos-nXqUyEqM"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-ftd-inline-dos-nXqUyEqM",
          "defect": [
            [
              "CSCvt02409"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2020-3577",
    "datePublished": "2020-10-21T18:40:36.727925Z",
    "dateReserved": "2019-12-12T00:00:00",
    "dateUpdated": "2024-11-13T17:47:10.596Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-20402 (GCVE-0-2024-20402)

Vulnerability from cvelistv5

Published

2024-10-23 17:35

Modified

2024-10-24 16:16

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-788 - Access of Memory Location After End of Buffer

Summary

A vulnerability in the SSL VPN feature for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to a logic error in memory management when the device is handling SSL VPN connections. An attacker could exploit this vulnerability by sending crafted SSL/TLS packets to the SSL VPN server of the affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

References

▼	URL	Tags
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-webvpn-dos-hOnB9pH4

Impacted products

Vendor

Product

Version

▼

Cisco

Cisco Adaptive Security Appliance (ASA) Software

Version: 9.8.1
Version: 9.8.1.5
Version: 9.8.1.7
Version: 9.8.2
Version: 9.8.2.8
Version: 9.8.2.14
Version: 9.8.2.15
Version: 9.8.2.17
Version: 9.8.2.20
Version: 9.8.2.24
Version: 9.8.2.26
Version: 9.8.2.28
Version: 9.8.2.33
Version: 9.8.2.35
Version: 9.8.2.38
Version: 9.8.3.8
Version: 9.8.3.11
Version: 9.8.3.14
Version: 9.8.3.16
Version: 9.8.3.18
Version: 9.8.3.21
Version: 9.8.3
Version: 9.8.3.26
Version: 9.8.3.29
Version: 9.8.4
Version: 9.8.4.3
Version: 9.8.4.7
Version: 9.8.4.8
Version: 9.8.4.10
Version: 9.8.4.12
Version: 9.8.4.15
Version: 9.8.4.17
Version: 9.8.2.45
Version: 9.8.4.25
Version: 9.8.4.20
Version: 9.8.4.22
Version: 9.8.4.26
Version: 9.8.4.29
Version: 9.8.4.32
Version: 9.8.4.33
Version: 9.8.4.34
Version: 9.8.4.35
Version: 9.8.4.39
Version: 9.8.4.40
Version: 9.8.4.41
Version: 9.8.4.43
Version: 9.8.4.44
Version: 9.8.4.45
Version: 9.8.4.46
Version: 9.8.4.48
Version: 9.12.1
Version: 9.12.1.2
Version: 9.12.1.3
Version: 9.12.2
Version: 9.12.2.4
Version: 9.12.2.5
Version: 9.12.2.9
Version: 9.12.3
Version: 9.12.3.2
Version: 9.12.3.7
Version: 9.12.4
Version: 9.12.3.12
Version: 9.12.3.9
Version: 9.12.2.1
Version: 9.12.4.2
Version: 9.12.4.4
Version: 9.12.4.7
Version: 9.12.4.10
Version: 9.12.4.13
Version: 9.12.4.8
Version: 9.12.4.18
Version: 9.12.4.24
Version: 9.12.4.26
Version: 9.12.4.29
Version: 9.12.4.30
Version: 9.12.4.35
Version: 9.12.4.37
Version: 9.12.4.38
Version: 9.12.4.39
Version: 9.12.4.40
Version: 9.12.4.41
Version: 9.12.4.47
Version: 9.12.4.48
Version: 9.12.4.50
Version: 9.12.4.52
Version: 9.12.4.54
Version: 9.12.4.55
Version: 9.12.4.56
Version: 9.12.4.58
Version: 9.12.4.62
Version: 9.12.4.65
Version: 9.12.4.67
Version: 9.14.1
Version: 9.14.1.10
Version: 9.14.1.6
Version: 9.14.1.15
Version: 9.14.1.19
Version: 9.14.1.30
Version: 9.14.2
Version: 9.14.2.4
Version: 9.14.2.8
Version: 9.14.2.13
Version: 9.14.2.15
Version: 9.14.3
Version: 9.14.3.1
Version: 9.14.3.9
Version: 9.14.3.11
Version: 9.14.3.13
Version: 9.14.3.18
Version: 9.14.3.15
Version: 9.14.4
Version: 9.14.4.6
Version: 9.14.4.7
Version: 9.14.4.12
Version: 9.14.4.13
Version: 9.14.4.14
Version: 9.14.4.15
Version: 9.14.4.17
Version: 9.14.4.22
Version: 9.14.4.23
Version: 9.14.4.24
Version: 9.15.1
Version: 9.15.1.7
Version: 9.15.1.10
Version: 9.15.1.15
Version: 9.15.1.16
Version: 9.15.1.17
Version: 9.15.1.1
Version: 9.15.1.21
Version: 9.16.1
Version: 9.16.1.28
Version: 9.16.2
Version: 9.16.2.3
Version: 9.16.2.7
Version: 9.16.2.11
Version: 9.16.2.13
Version: 9.16.2.14
Version: 9.16.3
Version: 9.16.3.3
Version: 9.16.3.14
Version: 9.16.3.15
Version: 9.16.3.19
Version: 9.16.3.23
Version: 9.16.4
Version: 9.16.4.9
Version: 9.16.4.14
Version: 9.16.4.18
Version: 9.16.4.19
Version: 9.16.4.27
Version: 9.16.4.38
Version: 9.16.4.39
Version: 9.16.4.42
Version: 9.16.4.48
Version: 9.16.4.55
Version: 9.16.4.57
Version: 9.16.4.61
Version: 9.17.1
Version: 9.17.1.7
Version: 9.17.1.9
Version: 9.17.1.10
Version: 9.17.1.11
Version: 9.17.1.13
Version: 9.17.1.15
Version: 9.17.1.20
Version: 9.17.1.30
Version: 9.17.1.33
Version: 9.17.1.39
Version: 9.18.1
Version: 9.18.1.3
Version: 9.18.2
Version: 9.18.2.5
Version: 9.18.2.7
Version: 9.18.2.8
Version: 9.18.3
Version: 9.18.3.39
Version: 9.18.3.46
Version: 9.18.3.53
Version: 9.18.3.55
Version: 9.18.3.56
Version: 9.18.4
Version: 9.18.4.5
Version: 9.18.4.8
Version: 9.18.4.22
Version: 9.18.4.24
Version: 9.18.4.29
Version: 9.19.1
Version: 9.19.1.5
Version: 9.19.1.9
Version: 9.19.1.12
Version: 9.19.1.18
Version: 9.19.1.22
Version: 9.19.1.24
Version: 9.19.1.27
Version: 9.19.1.28
Version: 9.19.1.31

Cisco

Cisco Firepower Threat Defense Software

Version: 6.2.3
Version: 6.2.3.1
Version: 6.2.3.2
Version: 6.2.3.3
Version: 6.2.3.4
Version: 6.2.3.5
Version: 6.2.3.6
Version: 6.2.3.7
Version: 6.2.3.8
Version: 6.2.3.10
Version: 6.2.3.11
Version: 6.2.3.9
Version: 6.2.3.12
Version: 6.2.3.13
Version: 6.2.3.14
Version: 6.2.3.15
Version: 6.2.3.16
Version: 6.2.3.17
Version: 6.2.3.18
Version: 6.6.0
Version: 6.6.0.1
Version: 6.6.1
Version: 6.6.3
Version: 6.6.4
Version: 6.6.5
Version: 6.6.5.1
Version: 6.6.5.2
Version: 6.6.7
Version: 6.6.7.1
Version: 6.6.7.2
Version: 6.4.0
Version: 6.4.0.1
Version: 6.4.0.3
Version: 6.4.0.2
Version: 6.4.0.4
Version: 6.4.0.5
Version: 6.4.0.6
Version: 6.4.0.7
Version: 6.4.0.8
Version: 6.4.0.9
Version: 6.4.0.10
Version: 6.4.0.11
Version: 6.4.0.12
Version: 6.4.0.13
Version: 6.4.0.14
Version: 6.4.0.15
Version: 6.4.0.16
Version: 6.4.0.17
Version: 6.4.0.18
Version: 6.7.0
Version: 6.7.0.1
Version: 6.7.0.2
Version: 6.7.0.3
Version: 7.0.0
Version: 7.0.0.1
Version: 7.0.1
Version: 7.0.1.1
Version: 7.0.2
Version: 7.0.2.1
Version: 7.0.3
Version: 7.0.4
Version: 7.0.5
Version: 7.0.6
Version: 7.0.6.1
Version: 7.0.6.2
Version: 7.1.0
Version: 7.1.0.1
Version: 7.1.0.2
Version: 7.1.0.3
Version: 7.2.0
Version: 7.2.0.1
Version: 7.2.1
Version: 7.2.2
Version: 7.2.3
Version: 7.2.4
Version: 7.2.4.1
Version: 7.2.5
Version: 7.2.5.1
Version: 7.2.6
Version: 7.2.7
Version: 7.2.5.2
Version: 7.2.8
Version: 7.2.8.1
Version: 7.3.0
Version: 7.3.1
Version: 7.3.1.1
Version: 7.3.1.2

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:h:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "adaptive_security_appliance",
            "vendor": "cisco",
            "versions": [
              {
                "lessThanOrEqual": "9.8.4.48",
                "status": "affected",
                "version": "9.8.1",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "9.12.4.67",
                "status": "affected",
                "version": "9.12.1",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "9.14.4.24",
                "status": "affected",
                "version": "9.14.1",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "9.15.1.21",
                "status": "affected",
                "version": "9.15.1",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "9.16.4.61",
                "status": "affected",
                "version": "9.16.1",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "9.17.1.39",
                "status": "affected",
                "version": "9.17.1",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "9.18.4.29",
                "status": "affected",
                "version": "9.18.1",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "9.19.1.31",
                "status": "affected",
                "version": "9.19.1",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:firepower_threat_defense_software:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "firepower_threat_defense_software",
            "vendor": "cisco",
            "versions": [
              {
                "lessThanOrEqual": "6.2.3.18",
                "status": "affected",
                "version": "6.2.3",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "6.4.0.18",
                "status": "affected",
                "version": "6.4.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "6.6.7.2",
                "status": "affected",
                "version": "6.6.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "6.7.0.3",
                "status": "affected",
                "version": "6.7.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "7.0.6.2",
                "status": "affected",
                "version": "7.0.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "7.1.0.3",
                "status": "affected",
                "version": "7.1.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "7.2.8.1",
                "status": "affected",
                "version": "7.2.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "7.3.1.2",
                "status": "affected",
                "version": "7.3.0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-20402",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-23T18:42:40.849857Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-24T16:16:53.323Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "9.8.1"
            },
            {
              "status": "affected",
              "version": "9.8.1.5"
            },
            {
              "status": "affected",
              "version": "9.8.1.7"
            },
            {
              "status": "affected",
              "version": "9.8.2"
            },
            {
              "status": "affected",
              "version": "9.8.2.8"
            },
            {
              "status": "affected",
              "version": "9.8.2.14"
            },
            {
              "status": "affected",
              "version": "9.8.2.15"
            },
            {
              "status": "affected",
              "version": "9.8.2.17"
            },
            {
              "status": "affected",
              "version": "9.8.2.20"
            },
            {
              "status": "affected",
              "version": "9.8.2.24"
            },
            {
              "status": "affected",
              "version": "9.8.2.26"
            },
            {
              "status": "affected",
              "version": "9.8.2.28"
            },
            {
              "status": "affected",
              "version": "9.8.2.33"
            },
            {
              "status": "affected",
              "version": "9.8.2.35"
            },
            {
              "status": "affected",
              "version": "9.8.2.38"
            },
            {
              "status": "affected",
              "version": "9.8.3.8"
            },
            {
              "status": "affected",
              "version": "9.8.3.11"
            },
            {
              "status": "affected",
              "version": "9.8.3.14"
            },
            {
              "status": "affected",
              "version": "9.8.3.16"
            },
            {
              "status": "affected",
              "version": "9.8.3.18"
            },
            {
              "status": "affected",
              "version": "9.8.3.21"
            },
            {
              "status": "affected",
              "version": "9.8.3"
            },
            {
              "status": "affected",
              "version": "9.8.3.26"
            },
            {
              "status": "affected",
              "version": "9.8.3.29"
            },
            {
              "status": "affected",
              "version": "9.8.4"
            },
            {
              "status": "affected",
              "version": "9.8.4.3"
            },
            {
              "status": "affected",
              "version": "9.8.4.7"
            },
            {
              "status": "affected",
              "version": "9.8.4.8"
            },
            {
              "status": "affected",
              "version": "9.8.4.10"
            },
            {
              "status": "affected",
              "version": "9.8.4.12"
            },
            {
              "status": "affected",
              "version": "9.8.4.15"
            },
            {
              "status": "affected",
              "version": "9.8.4.17"
            },
            {
              "status": "affected",
              "version": "9.8.2.45"
            },
            {
              "status": "affected",
              "version": "9.8.4.25"
            },
            {
              "status": "affected",
              "version": "9.8.4.20"
            },
            {
              "status": "affected",
              "version": "9.8.4.22"
            },
            {
              "status": "affected",
              "version": "9.8.4.26"
            },
            {
              "status": "affected",
              "version": "9.8.4.29"
            },
            {
              "status": "affected",
              "version": "9.8.4.32"
            },
            {
              "status": "affected",
              "version": "9.8.4.33"
            },
            {
              "status": "affected",
              "version": "9.8.4.34"
            },
            {
              "status": "affected",
              "version": "9.8.4.35"
            },
            {
              "status": "affected",
              "version": "9.8.4.39"
            },
            {
              "status": "affected",
              "version": "9.8.4.40"
            },
            {
              "status": "affected",
              "version": "9.8.4.41"
            },
            {
              "status": "affected",
              "version": "9.8.4.43"
            },
            {
              "status": "affected",
              "version": "9.8.4.44"
            },
            {
              "status": "affected",
              "version": "9.8.4.45"
            },
            {
              "status": "affected",
              "version": "9.8.4.46"
            },
            {
              "status": "affected",
              "version": "9.8.4.48"
            },
            {
              "status": "affected",
              "version": "9.12.1"
            },
            {
              "status": "affected",
              "version": "9.12.1.2"
            },
            {
              "status": "affected",
              "version": "9.12.1.3"
            },
            {
              "status": "affected",
              "version": "9.12.2"
            },
            {
              "status": "affected",
              "version": "9.12.2.4"
            },
            {
              "status": "affected",
              "version": "9.12.2.5"
            },
            {
              "status": "affected",
              "version": "9.12.2.9"
            },
            {
              "status": "affected",
              "version": "9.12.3"
            },
            {
              "status": "affected",
              "version": "9.12.3.2"
            },
            {
              "status": "affected",
              "version": "9.12.3.7"
            },
            {
              "status": "affected",
              "version": "9.12.4"
            },
            {
              "status": "affected",
              "version": "9.12.3.12"
            },
            {
              "status": "affected",
              "version": "9.12.3.9"
            },
            {
              "status": "affected",
              "version": "9.12.2.1"
            },
            {
              "status": "affected",
              "version": "9.12.4.2"
            },
            {
              "status": "affected",
              "version": "9.12.4.4"
            },
            {
              "status": "affected",
              "version": "9.12.4.7"
            },
            {
              "status": "affected",
              "version": "9.12.4.10"
            },
            {
              "status": "affected",
              "version": "9.12.4.13"
            },
            {
              "status": "affected",
              "version": "9.12.4.8"
            },
            {
              "status": "affected",
              "version": "9.12.4.18"
            },
            {
              "status": "affected",
              "version": "9.12.4.24"
            },
            {
              "status": "affected",
              "version": "9.12.4.26"
            },
            {
              "status": "affected",
              "version": "9.12.4.29"
            },
            {
              "status": "affected",
              "version": "9.12.4.30"
            },
            {
              "status": "affected",
              "version": "9.12.4.35"
            },
            {
              "status": "affected",
              "version": "9.12.4.37"
            },
            {
              "status": "affected",
              "version": "9.12.4.38"
            },
            {
              "status": "affected",
              "version": "9.12.4.39"
            },
            {
              "status": "affected",
              "version": "9.12.4.40"
            },
            {
              "status": "affected",
              "version": "9.12.4.41"
            },
            {
              "status": "affected",
              "version": "9.12.4.47"
            },
            {
              "status": "affected",
              "version": "9.12.4.48"
            },
            {
              "status": "affected",
              "version": "9.12.4.50"
            },
            {
              "status": "affected",
              "version": "9.12.4.52"
            },
            {
              "status": "affected",
              "version": "9.12.4.54"
            },
            {
              "status": "affected",
              "version": "9.12.4.55"
            },
            {
              "status": "affected",
              "version": "9.12.4.56"
            },
            {
              "status": "affected",
              "version": "9.12.4.58"
            },
            {
              "status": "affected",
              "version": "9.12.4.62"
            },
            {
              "status": "affected",
              "version": "9.12.4.65"
            },
            {
              "status": "affected",
              "version": "9.12.4.67"
            },
            {
              "status": "affected",
              "version": "9.14.1"
            },
            {
              "status": "affected",
              "version": "9.14.1.10"
            },
            {
              "status": "affected",
              "version": "9.14.1.6"
            },
            {
              "status": "affected",
              "version": "9.14.1.15"
            },
            {
              "status": "affected",
              "version": "9.14.1.19"
            },
            {
              "status": "affected",
              "version": "9.14.1.30"
            },
            {
              "status": "affected",
              "version": "9.14.2"
            },
            {
              "status": "affected",
              "version": "9.14.2.4"
            },
            {
              "status": "affected",
              "version": "9.14.2.8"
            },
            {
              "status": "affected",
              "version": "9.14.2.13"
            },
            {
              "status": "affected",
              "version": "9.14.2.15"
            },
            {
              "status": "affected",
              "version": "9.14.3"
            },
            {
              "status": "affected",
              "version": "9.14.3.1"
            },
            {
              "status": "affected",
              "version": "9.14.3.9"
            },
            {
              "status": "affected",
              "version": "9.14.3.11"
            },
            {
              "status": "affected",
              "version": "9.14.3.13"
            },
            {
              "status": "affected",
              "version": "9.14.3.18"
            },
            {
              "status": "affected",
              "version": "9.14.3.15"
            },
            {
              "status": "affected",
              "version": "9.14.4"
            },
            {
              "status": "affected",
              "version": "9.14.4.6"
            },
            {
              "status": "affected",
              "version": "9.14.4.7"
            },
            {
              "status": "affected",
              "version": "9.14.4.12"
            },
            {
              "status": "affected",
              "version": "9.14.4.13"
            },
            {
              "status": "affected",
              "version": "9.14.4.14"
            },
            {
              "status": "affected",
              "version": "9.14.4.15"
            },
            {
              "status": "affected",
              "version": "9.14.4.17"
            },
            {
              "status": "affected",
              "version": "9.14.4.22"
            },
            {
              "status": "affected",
              "version": "9.14.4.23"
            },
            {
              "status": "affected",
              "version": "9.14.4.24"
            },
            {
              "status": "affected",
              "version": "9.15.1"
            },
            {
              "status": "affected",
              "version": "9.15.1.7"
            },
            {
              "status": "affected",
              "version": "9.15.1.10"
            },
            {
              "status": "affected",
              "version": "9.15.1.15"
            },
            {
              "status": "affected",
              "version": "9.15.1.16"
            },
            {
              "status": "affected",
              "version": "9.15.1.17"
            },
            {
              "status": "affected",
              "version": "9.15.1.1"
            },
            {
              "status": "affected",
              "version": "9.15.1.21"
            },
            {
              "status": "affected",
              "version": "9.16.1"
            },
            {
              "status": "affected",
              "version": "9.16.1.28"
            },
            {
              "status": "affected",
              "version": "9.16.2"
            },
            {
              "status": "affected",
              "version": "9.16.2.3"
            },
            {
              "status": "affected",
              "version": "9.16.2.7"
            },
            {
              "status": "affected",
              "version": "9.16.2.11"
            },
            {
              "status": "affected",
              "version": "9.16.2.13"
            },
            {
              "status": "affected",
              "version": "9.16.2.14"
            },
            {
              "status": "affected",
              "version": "9.16.3"
            },
            {
              "status": "affected",
              "version": "9.16.3.3"
            },
            {
              "status": "affected",
              "version": "9.16.3.14"
            },
            {
              "status": "affected",
              "version": "9.16.3.15"
            },
            {
              "status": "affected",
              "version": "9.16.3.19"
            },
            {
              "status": "affected",
              "version": "9.16.3.23"
            },
            {
              "status": "affected",
              "version": "9.16.4"
            },
            {
              "status": "affected",
              "version": "9.16.4.9"
            },
            {
              "status": "affected",
              "version": "9.16.4.14"
            },
            {
              "status": "affected",
              "version": "9.16.4.18"
            },
            {
              "status": "affected",
              "version": "9.16.4.19"
            },
            {
              "status": "affected",
              "version": "9.16.4.27"
            },
            {
              "status": "affected",
              "version": "9.16.4.38"
            },
            {
              "status": "affected",
              "version": "9.16.4.39"
            },
            {
              "status": "affected",
              "version": "9.16.4.42"
            },
            {
              "status": "affected",
              "version": "9.16.4.48"
            },
            {
              "status": "affected",
              "version": "9.16.4.55"
            },
            {
              "status": "affected",
              "version": "9.16.4.57"
            },
            {
              "status": "affected",
              "version": "9.16.4.61"
            },
            {
              "status": "affected",
              "version": "9.17.1"
            },
            {
              "status": "affected",
              "version": "9.17.1.7"
            },
            {
              "status": "affected",
              "version": "9.17.1.9"
            },
            {
              "status": "affected",
              "version": "9.17.1.10"
            },
            {
              "status": "affected",
              "version": "9.17.1.11"
            },
            {
              "status": "affected",
              "version": "9.17.1.13"
            },
            {
              "status": "affected",
              "version": "9.17.1.15"
            },
            {
              "status": "affected",
              "version": "9.17.1.20"
            },
            {
              "status": "affected",
              "version": "9.17.1.30"
            },
            {
              "status": "affected",
              "version": "9.17.1.33"
            },
            {
              "status": "affected",
              "version": "9.17.1.39"
            },
            {
              "status": "affected",
              "version": "9.18.1"
            },
            {
              "status": "affected",
              "version": "9.18.1.3"
            },
            {
              "status": "affected",
              "version": "9.18.2"
            },
            {
              "status": "affected",
              "version": "9.18.2.5"
            },
            {
              "status": "affected",
              "version": "9.18.2.7"
            },
            {
              "status": "affected",
              "version": "9.18.2.8"
            },
            {
              "status": "affected",
              "version": "9.18.3"
            },
            {
              "status": "affected",
              "version": "9.18.3.39"
            },
            {
              "status": "affected",
              "version": "9.18.3.46"
            },
            {
              "status": "affected",
              "version": "9.18.3.53"
            },
            {
              "status": "affected",
              "version": "9.18.3.55"
            },
            {
              "status": "affected",
              "version": "9.18.3.56"
            },
            {
              "status": "affected",
              "version": "9.18.4"
            },
            {
              "status": "affected",
              "version": "9.18.4.5"
            },
            {
              "status": "affected",
              "version": "9.18.4.8"
            },
            {
              "status": "affected",
              "version": "9.18.4.22"
            },
            {
              "status": "affected",
              "version": "9.18.4.24"
            },
            {
              "status": "affected",
              "version": "9.18.4.29"
            },
            {
              "status": "affected",
              "version": "9.19.1"
            },
            {
              "status": "affected",
              "version": "9.19.1.5"
            },
            {
              "status": "affected",
              "version": "9.19.1.9"
            },
            {
              "status": "affected",
              "version": "9.19.1.12"
            },
            {
              "status": "affected",
              "version": "9.19.1.18"
            },
            {
              "status": "affected",
              "version": "9.19.1.22"
            },
            {
              "status": "affected",
              "version": "9.19.1.24"
            },
            {
              "status": "affected",
              "version": "9.19.1.27"
            },
            {
              "status": "affected",
              "version": "9.19.1.28"
            },
            {
              "status": "affected",
              "version": "9.19.1.31"
            }
          ]
        },
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "6.2.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.1"
            },
            {
              "status": "affected",
              "version": "6.2.3.2"
            },
            {
              "status": "affected",
              "version": "6.2.3.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.4"
            },
            {
              "status": "affected",
              "version": "6.2.3.5"
            },
            {
              "status": "affected",
              "version": "6.2.3.6"
            },
            {
              "status": "affected",
              "version": "6.2.3.7"
            },
            {
              "status": "affected",
              "version": "6.2.3.8"
            },
            {
              "status": "affected",
              "version": "6.2.3.10"
            },
            {
              "status": "affected",
              "version": "6.2.3.11"
            },
            {
              "status": "affected",
              "version": "6.2.3.9"
            },
            {
              "status": "affected",
              "version": "6.2.3.12"
            },
            {
              "status": "affected",
              "version": "6.2.3.13"
            },
            {
              "status": "affected",
              "version": "6.2.3.14"
            },
            {
              "status": "affected",
              "version": "6.2.3.15"
            },
            {
              "status": "affected",
              "version": "6.2.3.16"
            },
            {
              "status": "affected",
              "version": "6.2.3.17"
            },
            {
              "status": "affected",
              "version": "6.2.3.18"
            },
            {
              "status": "affected",
              "version": "6.6.0"
            },
            {
              "status": "affected",
              "version": "6.6.0.1"
            },
            {
              "status": "affected",
              "version": "6.6.1"
            },
            {
              "status": "affected",
              "version": "6.6.3"
            },
            {
              "status": "affected",
              "version": "6.6.4"
            },
            {
              "status": "affected",
              "version": "6.6.5"
            },
            {
              "status": "affected",
              "version": "6.6.5.1"
            },
            {
              "status": "affected",
              "version": "6.6.5.2"
            },
            {
              "status": "affected",
              "version": "6.6.7"
            },
            {
              "status": "affected",
              "version": "6.6.7.1"
            },
            {
              "status": "affected",
              "version": "6.6.7.2"
            },
            {
              "status": "affected",
              "version": "6.4.0"
            },
            {
              "status": "affected",
              "version": "6.4.0.1"
            },
            {
              "status": "affected",
              "version": "6.4.0.3"
            },
            {
              "status": "affected",
              "version": "6.4.0.2"
            },
            {
              "status": "affected",
              "version": "6.4.0.4"
            },
            {
              "status": "affected",
              "version": "6.4.0.5"
            },
            {
              "status": "affected",
              "version": "6.4.0.6"
            },
            {
              "status": "affected",
              "version": "6.4.0.7"
            },
            {
              "status": "affected",
              "version": "6.4.0.8"
            },
            {
              "status": "affected",
              "version": "6.4.0.9"
            },
            {
              "status": "affected",
              "version": "6.4.0.10"
            },
            {
              "status": "affected",
              "version": "6.4.0.11"
            },
            {
              "status": "affected",
              "version": "6.4.0.12"
            },
            {
              "status": "affected",
              "version": "6.4.0.13"
            },
            {
              "status": "affected",
              "version": "6.4.0.14"
            },
            {
              "status": "affected",
              "version": "6.4.0.15"
            },
            {
              "status": "affected",
              "version": "6.4.0.16"
            },
            {
              "status": "affected",
              "version": "6.4.0.17"
            },
            {
              "status": "affected",
              "version": "6.4.0.18"
            },
            {
              "status": "affected",
              "version": "6.7.0"
            },
            {
              "status": "affected",
              "version": "6.7.0.1"
            },
            {
              "status": "affected",
              "version": "6.7.0.2"
            },
            {
              "status": "affected",
              "version": "6.7.0.3"
            },
            {
              "status": "affected",
              "version": "7.0.0"
            },
            {
              "status": "affected",
              "version": "7.0.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1.1"
            },
            {
              "status": "affected",
              "version": "7.0.2"
            },
            {
              "status": "affected",
              "version": "7.0.2.1"
            },
            {
              "status": "affected",
              "version": "7.0.3"
            },
            {
              "status": "affected",
              "version": "7.0.4"
            },
            {
              "status": "affected",
              "version": "7.0.5"
            },
            {
              "status": "affected",
              "version": "7.0.6"
            },
            {
              "status": "affected",
              "version": "7.0.6.1"
            },
            {
              "status": "affected",
              "version": "7.0.6.2"
            },
            {
              "status": "affected",
              "version": "7.1.0"
            },
            {
              "status": "affected",
              "version": "7.1.0.1"
            },
            {
              "status": "affected",
              "version": "7.1.0.2"
            },
            {
              "status": "affected",
              "version": "7.1.0.3"
            },
            {
              "status": "affected",
              "version": "7.2.0"
            },
            {
              "status": "affected",
              "version": "7.2.0.1"
            },
            {
              "status": "affected",
              "version": "7.2.1"
            },
            {
              "status": "affected",
              "version": "7.2.2"
            },
            {
              "status": "affected",
              "version": "7.2.3"
            },
            {
              "status": "affected",
              "version": "7.2.4"
            },
            {
              "status": "affected",
              "version": "7.2.4.1"
            },
            {
              "status": "affected",
              "version": "7.2.5"
            },
            {
              "status": "affected",
              "version": "7.2.5.1"
            },
            {
              "status": "affected",
              "version": "7.2.6"
            },
            {
              "status": "affected",
              "version": "7.2.7"
            },
            {
              "status": "affected",
              "version": "7.2.5.2"
            },
            {
              "status": "affected",
              "version": "7.2.8"
            },
            {
              "status": "affected",
              "version": "7.2.8.1"
            },
            {
              "status": "affected",
              "version": "7.3.0"
            },
            {
              "status": "affected",
              "version": "7.3.1"
            },
            {
              "status": "affected",
              "version": "7.3.1.1"
            },
            {
              "status": "affected",
              "version": "7.3.1.2"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the SSL VPN feature for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition.\r\n\r This vulnerability is due to a logic error in memory management when the device is handling SSL VPN connections. An attacker could exploit this vulnerability by sending crafted SSL/TLS packets to the SSL VPN server of the affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-788",
              "description": "Access of Memory Location After End of Buffer",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-23T17:35:43.314Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-asaftd-webvpn-dos-hOnB9pH4",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-webvpn-dos-hOnB9pH4"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asaftd-webvpn-dos-hOnB9pH4",
        "defects": [
          "CSCwb00494",
          "CSCwj82247"
        ],
        "discovery": "INTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2024-20402",
    "datePublished": "2024-10-23T17:35:43.314Z",
    "dateReserved": "2023-11-08T15:08:07.660Z",
    "dateUpdated": "2024-10-24T16:16:53.323Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2018-15388 (GCVE-0-2018-15388)

Vulnerability from cvelistv5

Published

2019-05-03 14:30

Modified

2024-11-19 19:10

Severity ?

8.6 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-400

Summary

A vulnerability in the WebVPN login process of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause increased CPU utilization on an affected device. The vulnerability is due to excessive processing load for existing WebVPN login operations. An attacker could exploit this vulnerability by sending multiple WebVPN login requests to the device. A successful exploit could allow the attacker to increase CPU load on the device, resulting in a denial of service (DoS) condition.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-sd-cpu-dos	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Adaptive Security Appliance (ASA) Software	Version: unspecified < 9.4.4.34 Version: unspecified < 9.6.4.25 Version: unspecified < 9.8.4 Version: unspecified < 9.9.2.50

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T09:54:02.601Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20190501 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software WebVPN Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-sd-cpu-dos"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2018-15388",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-19T17:24:36.740224Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-19T19:10:11.904Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "9.4.4.34",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "9.6.4.25",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "9.8.4",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "9.9.2.50",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2019-05-01T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the WebVPN login process of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause increased CPU utilization on an affected device. The vulnerability is due to excessive processing load for existing WebVPN login operations. An attacker could exploit this vulnerability by sending multiple WebVPN login requests to the device. A successful exploit could allow the attacker to increase CPU load on the device, resulting in a denial of service (DoS) condition."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-05-03T14:30:13",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20190501 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software WebVPN Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-sd-cpu-dos"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20190501-sd-cpu-dos",
        "defect": [
          [
            "CSCvj33780"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software WebVPN Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2019-05-01T16:00:00-0700",
          "ID": "CVE-2018-15388",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software WebVPN Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "9.4.4.34"
                          },
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "9.6.4.25"
                          },
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "9.8.4"
                          },
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "9.9.2.50"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the WebVPN login process of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause increased CPU utilization on an affected device. The vulnerability is due to excessive processing load for existing WebVPN login operations. An attacker could exploit this vulnerability by sending multiple WebVPN login requests to the device. A successful exploit could allow the attacker to increase CPU load on the device, resulting in a denial of service (DoS) condition."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.6",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-400"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20190501 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software WebVPN Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-sd-cpu-dos"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20190501-sd-cpu-dos",
          "defect": [
            [
              "CSCvj33780"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2018-15388",
    "datePublished": "2019-05-03T14:30:13.092336Z",
    "dateReserved": "2018-08-17T00:00:00",
    "dateUpdated": "2024-11-19T19:10:11.904Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-20177 (GCVE-0-2023-20177)

Vulnerability from cvelistv5

Published

2023-11-01 16:41

Modified

2024-08-02 09:05

Severity ?

4.0 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:L

CWE

CWE-244 - Improper Clearing of Heap Memory Before Release ('Heap Inspection')

Summary

A vulnerability in the SSL file policy implementation of Cisco Firepower Threat Defense (FTD) Software that occurs when the SSL/TLS connection is configured with a URL Category and the Snort 3 detection engine could allow an unauthenticated, remote attacker to cause the Snort 3 detection engine to unexpectedly restart. This vulnerability exists because a logic error occurs when a Snort 3 detection engine inspects an SSL/TLS connection that has either a URL Category configured on the SSL file policy or a URL Category configured on an access control policy with TLS server identity discovery enabled. Under specific, time-based constraints, an attacker could exploit this vulnerability by sending a crafted SSL/TLS connection through an affected device. A successful exploit could allow the attacker to trigger an unexpected reload of the Snort 3 detection engine, resulting in either a bypass or denial of service (DoS) condition, depending on device configuration. The Snort 3 detection engine will restart automatically. No manual intervention is required.

References

▼	URL	Tags
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sa-ftd-snort3-urldos-OccFQTeX

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Threat Defense Software	Version: 7.0.0 Version: 7.0.0.1 Version: 7.0.1 Version: 7.0.1.1 Version: 7.0.2 Version: 7.0.2.1 Version: 7.0.3 Version: 7.0.4 Version: 7.0.5 Version: 7.1.0 Version: 7.1.0.1 Version: 7.1.0.2 Version: 7.1.0.3 Version: 7.2.0 Version: 7.2.0.1 Version: 7.2.1 Version: 7.2.2 Version: 7.2.3 Version: 7.3.0 Version: 7.3.1 Version: 7.3.1.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T09:05:35.348Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "cisco-sa-sa-ftd-snort3-urldos-OccFQTeX",
            "tags": [
              "x_transferred"
            ],
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sa-ftd-snort3-urldos-OccFQTeX"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "7.0.0"
            },
            {
              "status": "affected",
              "version": "7.0.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1.1"
            },
            {
              "status": "affected",
              "version": "7.0.2"
            },
            {
              "status": "affected",
              "version": "7.0.2.1"
            },
            {
              "status": "affected",
              "version": "7.0.3"
            },
            {
              "status": "affected",
              "version": "7.0.4"
            },
            {
              "status": "affected",
              "version": "7.0.5"
            },
            {
              "status": "affected",
              "version": "7.1.0"
            },
            {
              "status": "affected",
              "version": "7.1.0.1"
            },
            {
              "status": "affected",
              "version": "7.1.0.2"
            },
            {
              "status": "affected",
              "version": "7.1.0.3"
            },
            {
              "status": "affected",
              "version": "7.2.0"
            },
            {
              "status": "affected",
              "version": "7.2.0.1"
            },
            {
              "status": "affected",
              "version": "7.2.1"
            },
            {
              "status": "affected",
              "version": "7.2.2"
            },
            {
              "status": "affected",
              "version": "7.2.3"
            },
            {
              "status": "affected",
              "version": "7.3.0"
            },
            {
              "status": "affected",
              "version": "7.3.1"
            },
            {
              "status": "affected",
              "version": "7.3.1.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the SSL file policy implementation of Cisco Firepower Threat Defense (FTD) Software that occurs when the SSL/TLS connection is configured with a URL Category and the Snort 3 detection engine could allow an unauthenticated, remote attacker to cause the Snort 3 detection engine to unexpectedly restart. This vulnerability exists because a logic error occurs when a Snort 3 detection engine inspects an SSL/TLS connection that has either a URL Category configured on the SSL file policy or a URL Category configured on an access control policy with TLS server identity discovery enabled. Under specific, time-based constraints, an attacker could exploit this vulnerability by sending a crafted SSL/TLS connection through an affected device. A successful exploit could allow the attacker to trigger an unexpected reload of the Snort 3 detection engine, resulting in either a bypass or denial of service (DoS) condition, depending on device configuration. The Snort 3 detection engine will restart automatically. No manual intervention is required."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-244",
              "description": "Improper Clearing of Heap Memory Before Release (\u0027Heap Inspection\u0027)",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-25T16:57:50.305Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-sa-ftd-snort3-urldos-OccFQTeX",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sa-ftd-snort3-urldos-OccFQTeX"
        }
      ],
      "source": {
        "advisory": "cisco-sa-sa-ftd-snort3-urldos-OccFQTeX",
        "defects": [
          "CSCwe87591"
        ],
        "discovery": "EXTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2023-20177",
    "datePublished": "2023-11-01T16:41:37.495Z",
    "dateReserved": "2022-10-27T18:47:50.363Z",
    "dateUpdated": "2024-08-02T09:05:35.348Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-20261 (GCVE-0-2024-20261)

Vulnerability from cvelistv5

Published

2024-05-22 16:53

Modified

2024-11-07 17:00

Severity ?

5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

CWE

CWE-284 - Improper Access Control

Summary

A vulnerability in the file policy feature that is used to inspect encrypted archive files of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured file policy to block an encrypted archive file. This vulnerability exists because of a logic error when a specific class of encrypted archive files is inspected. An attacker could exploit this vulnerability by sending a crafted, encrypted archive file through the affected device. A successful exploit could allow the attacker to send an encrypted archive file, which could contain malware and should have been blocked and dropped at the Cisco FTD device.

References

▼	URL	Tags
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-archive-bypass-z4wQjwcN

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Threat Defense Software	Version: 6.2.3 Version: 6.2.3.1 Version: 6.2.3.2 Version: 6.2.3.3 Version: 6.2.3.4 Version: 6.2.3.5 Version: 6.2.3.6 Version: 6.2.3.7 Version: 6.2.3.8 Version: 6.2.3.10 Version: 6.2.3.11 Version: 6.2.3.9 Version: 6.2.3.12 Version: 6.2.3.13 Version: 6.2.3.14 Version: 6.2.3.15 Version: 6.2.3.16 Version: 6.2.3.17 Version: 6.2.3.18 Version: 6.6.0 Version: 6.6.0.1 Version: 6.6.1 Version: 6.6.3 Version: 6.6.4 Version: 6.6.5 Version: 6.6.5.1 Version: 6.6.5.2 Version: 6.6.7 Version: 6.6.7.1 Version: 6.6.7.2 Version: 6.4.0 Version: 6.4.0.1 Version: 6.4.0.3 Version: 6.4.0.2 Version: 6.4.0.4 Version: 6.4.0.5 Version: 6.4.0.6 Version: 6.4.0.7 Version: 6.4.0.8 Version: 6.4.0.9 Version: 6.4.0.10 Version: 6.4.0.11 Version: 6.4.0.12 Version: 6.4.0.13 Version: 6.4.0.14 Version: 6.4.0.15 Version: 6.4.0.16 Version: 6.7.0 Version: 6.7.0.1 Version: 6.7.0.2 Version: 6.7.0.3 Version: 7.0.0 Version: 7.0.0.1 Version: 7.0.1 Version: 7.0.1.1 Version: 7.0.2 Version: 7.0.2.1 Version: 7.0.3 Version: 7.0.4 Version: 7.0.5 Version: 7.1.0 Version: 7.1.0.1 Version: 7.1.0.3 Version: 7.2.0 Version: 7.2.0.1 Version: 7.2.1 Version: 7.2.2 Version: 7.2.3 Version: 7.2.4 Version: 7.3.0 Version: 7.3.1 Version: 7.3.1.1 Version: 7.3.1.2

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:h:cisco:firepower_management_center:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "firepower_management_center",
            "vendor": "cisco",
            "versions": [
              {
                "status": "affected",
                "version": "6.2.3"
              },
              {
                "status": "affected",
                "version": "6.2.3.1"
              },
              {
                "status": "affected",
                "version": "6.2.3.2"
              },
              {
                "status": "affected",
                "version": "6.2.3.3"
              },
              {
                "status": "affected",
                "version": "6.2.3.4"
              },
              {
                "status": "affected",
                "version": "6.2.3.5"
              },
              {
                "status": "affected",
                "version": "6.2.3.6"
              },
              {
                "status": "affected",
                "version": "6.2.3.7"
              },
              {
                "status": "affected",
                "version": "6.2.3.8"
              },
              {
                "status": "affected",
                "version": "6.2.3.10"
              },
              {
                "status": "affected",
                "version": "6.2.3.11"
              },
              {
                "status": "affected",
                "version": "6.2.3.9"
              },
              {
                "status": "affected",
                "version": "6.2.3.12"
              },
              {
                "status": "affected",
                "version": "6.2.3.13"
              },
              {
                "status": "affected",
                "version": "6.2.3.14"
              },
              {
                "status": "affected",
                "version": "6.2.3.15"
              },
              {
                "status": "affected",
                "version": "6.2.3.16"
              },
              {
                "status": "affected",
                "version": "6.2.3.17"
              },
              {
                "status": "affected",
                "version": "6.2.3.18"
              },
              {
                "status": "affected",
                "version": "6.6.0"
              },
              {
                "status": "affected",
                "version": "6.6.0.1"
              },
              {
                "status": "affected",
                "version": "6.6.1"
              },
              {
                "status": "affected",
                "version": "6.6.3"
              },
              {
                "status": "affected",
                "version": "6.6.4"
              },
              {
                "status": "affected",
                "version": "6.6.5"
              },
              {
                "status": "affected",
                "version": "6.6.5.1"
              },
              {
                "status": "affected",
                "version": "6.6.5.2"
              },
              {
                "status": "affected",
                "version": "6.6.7"
              },
              {
                "status": "affected",
                "version": "6.6.7.1"
              },
              {
                "status": "affected",
                "version": "6.6.7.2"
              },
              {
                "status": "affected",
                "version": "6.4.0"
              },
              {
                "status": "affected",
                "version": "6.4.0.1"
              },
              {
                "status": "affected",
                "version": "6.4.0.3"
              },
              {
                "status": "affected",
                "version": "6.4.0.2"
              },
              {
                "status": "affected",
                "version": "6.4.0.4"
              },
              {
                "status": "affected",
                "version": "6.4.0.5"
              },
              {
                "status": "affected",
                "version": "6.4.0.6"
              },
              {
                "status": "affected",
                "version": "6.4.0.7"
              },
              {
                "status": "affected",
                "version": "6.4.0.8"
              },
              {
                "status": "affected",
                "version": "6.4.0.9"
              },
              {
                "status": "affected",
                "version": "6.4.0.10"
              },
              {
                "status": "affected",
                "version": "6.4.0.11"
              },
              {
                "status": "affected",
                "version": "6.4.0.12"
              },
              {
                "status": "affected",
                "version": "6.4.0.13"
              },
              {
                "status": "affected",
                "version": "6.4.0.14"
              },
              {
                "status": "affected",
                "version": "6.4.0.15"
              },
              {
                "status": "affected",
                "version": "6.4.0.16"
              },
              {
                "status": "affected",
                "version": "6.7.0"
              },
              {
                "status": "affected",
                "version": "6.7.0.1"
              },
              {
                "status": "affected",
                "version": "6.7.0.2"
              },
              {
                "status": "affected",
                "version": "6.7.0.3"
              },
              {
                "status": "affected",
                "version": "7.0.0"
              },
              {
                "status": "affected",
                "version": "7.0.0.1"
              },
              {
                "status": "affected",
                "version": "7.0.1"
              },
              {
                "status": "affected",
                "version": "7.0.1.1"
              },
              {
                "status": "affected",
                "version": "7.0.2"
              },
              {
                "status": "affected",
                "version": "7.0.2.1"
              },
              {
                "status": "affected",
                "version": "7.0.3"
              },
              {
                "status": "affected",
                "version": "7.0.4"
              },
              {
                "status": "affected",
                "version": "7.0.5"
              },
              {
                "status": "affected",
                "version": "7.1.0"
              },
              {
                "status": "affected",
                "version": "7.1.0.1"
              },
              {
                "status": "affected",
                "version": "7.1.0.3"
              },
              {
                "status": "affected",
                "version": "7.2.0"
              },
              {
                "status": "affected",
                "version": "7.2.0.1"
              },
              {
                "status": "affected",
                "version": "7.2.1"
              },
              {
                "status": "affected",
                "version": "7.2.2"
              },
              {
                "status": "affected",
                "version": "7.2.3"
              },
              {
                "status": "affected",
                "version": "7.2.4"
              },
              {
                "status": "affected",
                "version": "7.3.0"
              },
              {
                "status": "affected",
                "version": "7.3.1"
              },
              {
                "status": "affected",
                "version": "7.3.1.1"
              },
              {
                "status": "affected",
                "version": "7.3.1.2"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-20261",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-07T17:00:33.100298Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-07T17:00:50.909Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T21:52:31.751Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "cisco-sa-ftd-archive-bypass-z4wQjwcN",
            "tags": [
              "x_transferred"
            ],
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-archive-bypass-z4wQjwcN"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "6.2.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.1"
            },
            {
              "status": "affected",
              "version": "6.2.3.2"
            },
            {
              "status": "affected",
              "version": "6.2.3.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.4"
            },
            {
              "status": "affected",
              "version": "6.2.3.5"
            },
            {
              "status": "affected",
              "version": "6.2.3.6"
            },
            {
              "status": "affected",
              "version": "6.2.3.7"
            },
            {
              "status": "affected",
              "version": "6.2.3.8"
            },
            {
              "status": "affected",
              "version": "6.2.3.10"
            },
            {
              "status": "affected",
              "version": "6.2.3.11"
            },
            {
              "status": "affected",
              "version": "6.2.3.9"
            },
            {
              "status": "affected",
              "version": "6.2.3.12"
            },
            {
              "status": "affected",
              "version": "6.2.3.13"
            },
            {
              "status": "affected",
              "version": "6.2.3.14"
            },
            {
              "status": "affected",
              "version": "6.2.3.15"
            },
            {
              "status": "affected",
              "version": "6.2.3.16"
            },
            {
              "status": "affected",
              "version": "6.2.3.17"
            },
            {
              "status": "affected",
              "version": "6.2.3.18"
            },
            {
              "status": "affected",
              "version": "6.6.0"
            },
            {
              "status": "affected",
              "version": "6.6.0.1"
            },
            {
              "status": "affected",
              "version": "6.6.1"
            },
            {
              "status": "affected",
              "version": "6.6.3"
            },
            {
              "status": "affected",
              "version": "6.6.4"
            },
            {
              "status": "affected",
              "version": "6.6.5"
            },
            {
              "status": "affected",
              "version": "6.6.5.1"
            },
            {
              "status": "affected",
              "version": "6.6.5.2"
            },
            {
              "status": "affected",
              "version": "6.6.7"
            },
            {
              "status": "affected",
              "version": "6.6.7.1"
            },
            {
              "status": "affected",
              "version": "6.6.7.2"
            },
            {
              "status": "affected",
              "version": "6.4.0"
            },
            {
              "status": "affected",
              "version": "6.4.0.1"
            },
            {
              "status": "affected",
              "version": "6.4.0.3"
            },
            {
              "status": "affected",
              "version": "6.4.0.2"
            },
            {
              "status": "affected",
              "version": "6.4.0.4"
            },
            {
              "status": "affected",
              "version": "6.4.0.5"
            },
            {
              "status": "affected",
              "version": "6.4.0.6"
            },
            {
              "status": "affected",
              "version": "6.4.0.7"
            },
            {
              "status": "affected",
              "version": "6.4.0.8"
            },
            {
              "status": "affected",
              "version": "6.4.0.9"
            },
            {
              "status": "affected",
              "version": "6.4.0.10"
            },
            {
              "status": "affected",
              "version": "6.4.0.11"
            },
            {
              "status": "affected",
              "version": "6.4.0.12"
            },
            {
              "status": "affected",
              "version": "6.4.0.13"
            },
            {
              "status": "affected",
              "version": "6.4.0.14"
            },
            {
              "status": "affected",
              "version": "6.4.0.15"
            },
            {
              "status": "affected",
              "version": "6.4.0.16"
            },
            {
              "status": "affected",
              "version": "6.7.0"
            },
            {
              "status": "affected",
              "version": "6.7.0.1"
            },
            {
              "status": "affected",
              "version": "6.7.0.2"
            },
            {
              "status": "affected",
              "version": "6.7.0.3"
            },
            {
              "status": "affected",
              "version": "7.0.0"
            },
            {
              "status": "affected",
              "version": "7.0.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1.1"
            },
            {
              "status": "affected",
              "version": "7.0.2"
            },
            {
              "status": "affected",
              "version": "7.0.2.1"
            },
            {
              "status": "affected",
              "version": "7.0.3"
            },
            {
              "status": "affected",
              "version": "7.0.4"
            },
            {
              "status": "affected",
              "version": "7.0.5"
            },
            {
              "status": "affected",
              "version": "7.1.0"
            },
            {
              "status": "affected",
              "version": "7.1.0.1"
            },
            {
              "status": "affected",
              "version": "7.1.0.3"
            },
            {
              "status": "affected",
              "version": "7.2.0"
            },
            {
              "status": "affected",
              "version": "7.2.0.1"
            },
            {
              "status": "affected",
              "version": "7.2.1"
            },
            {
              "status": "affected",
              "version": "7.2.2"
            },
            {
              "status": "affected",
              "version": "7.2.3"
            },
            {
              "status": "affected",
              "version": "7.2.4"
            },
            {
              "status": "affected",
              "version": "7.3.0"
            },
            {
              "status": "affected",
              "version": "7.3.1"
            },
            {
              "status": "affected",
              "version": "7.3.1.1"
            },
            {
              "status": "affected",
              "version": "7.3.1.2"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the file policy feature that is used to inspect encrypted archive files of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured file policy to block an encrypted archive file. This vulnerability exists because of a logic error when a specific class of encrypted archive files is inspected. An attacker could exploit this vulnerability by sending a crafted, encrypted archive file through the affected device. A successful exploit could allow the attacker to send an encrypted archive file, which could contain malware and should have been blocked and dropped at the Cisco FTD device."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-284",
              "description": "Improper Access Control",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-05-22T16:53:27.346Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-ftd-archive-bypass-z4wQjwcN",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-archive-bypass-z4wQjwcN"
        }
      ],
      "source": {
        "advisory": "cisco-sa-ftd-archive-bypass-z4wQjwcN",
        "defects": [
          "CSCwf06818"
        ],
        "discovery": "EXTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2024-20261",
    "datePublished": "2024-05-22T16:53:27.346Z",
    "dateReserved": "2023-11-08T15:08:07.623Z",
    "dateUpdated": "2024-11-07T17:00:50.909Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-3582 (GCVE-0-2020-3582)

Vulnerability from cvelistv5

Published

2020-10-21 18:36

Modified

2024-11-13 17:20

Severity ?

6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CWE

CWE-79

Summary

Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the web services interface of an affected device. The vulnerabilities are due to insufficient validation of user-supplied input by the web services interface of an affected device. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive, browser-based information. Note: These vulnerabilities affect only specific AnyConnect and WebVPN configurations. For more information, see the Vulnerable Products section.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-xss-multiple-FCB3vPZe	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Adaptive Security Appliance (ASA) Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T07:37:55.741Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Interface Cross-Site Scripting Vulnerabilities",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-xss-multiple-FCB3vPZe"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-3582",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-13T17:20:50.332949Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-13T17:20:59.530Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2020-10-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the web services interface of an affected device. The vulnerabilities are due to insufficient validation of user-supplied input by the web services interface of an affected device. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive, browser-based information. Note: These vulnerabilities affect only specific AnyConnect and WebVPN configurations. For more information, see the Vulnerable Products section."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "CWE-79",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-21T18:36:53",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Interface Cross-Site Scripting Vulnerabilities",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-xss-multiple-FCB3vPZe"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asaftd-xss-multiple-FCB3vPZe",
        "defect": [
          [
            "CSCvu44910",
            "CSCvu75581",
            "CSCvu83309",
            "CSCvv13835"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Interface Cross-Site Scripting Vulnerabilities",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2020-10-21T16:00:00",
          "ID": "CVE-2020-3582",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Interface Cross-Site Scripting Vulnerabilities"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the web services interface of an affected device. The vulnerabilities are due to insufficient validation of user-supplied input by the web services interface of an affected device. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive, browser-based information. Note: These vulnerabilities affect only specific AnyConnect and WebVPN configurations. For more information, see the Vulnerable Products section."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "6.1",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-79"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Interface Cross-Site Scripting Vulnerabilities",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-xss-multiple-FCB3vPZe"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-asaftd-xss-multiple-FCB3vPZe",
          "defect": [
            [
              "CSCvu44910",
              "CSCvu75581",
              "CSCvu83309",
              "CSCvv13835"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2020-3582",
    "datePublished": "2020-10-21T18:36:53.268851Z",
    "dateReserved": "2019-12-12T00:00:00",
    "dateUpdated": "2024-11-13T17:20:59.530Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-3259 (GCVE-0-2020-3259)

Vulnerability from cvelistv5

Published

2020-05-06 16:41

Modified

2025-07-30 01:45

Severity ?

7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE

CWE-200

Summary

A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to retrieve memory contents on an affected device, which could lead to the disclosure of confidential information. The vulnerability is due to a buffer tracking issue when the software parses invalid URLs that are requested from the web services interface. An attacker could exploit this vulnerability by sending a crafted GET request to the web services interface. A successful exploit could allow the attacker to retrieve memory contents, which could lead to the disclosure of confidential information. Note: This vulnerability affects only specific AnyConnect and WebVPN configurations. For more information, see the Vulnerable Products section.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-info-disclose-9eJtycMB	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Adaptive Security Appliance (ASA) Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "firepower_threat_defense",
            "vendor": "cisco",
            "versions": [
              {
                "lessThan": "6.2.3.16",
                "status": "affected",
                "version": "6.2.3",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:firepower_threat_defense:6.3.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "firepower_threat_defense",
            "vendor": "cisco",
            "versions": [
              {
                "lessThan": "6.3.0.6",
                "status": "affected",
                "version": "6.3.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "firepower_threat_defense",
            "vendor": "cisco",
            "versions": [
              {
                "lessThan": "6.4.0.9",
                "status": "affected",
                "version": "6.4.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:firepower_threat_defense:6.5.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "firepower_threat_defense",
            "vendor": "cisco",
            "versions": [
              {
                "lessThan": "6.5.0.5",
                "status": "affected",
                "version": "6.5.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:adaptive_security_appliance_software:9.8:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "adaptive_security_appliance_software",
            "vendor": "cisco",
            "versions": [
              {
                "lessThan": "9.8.4.20",
                "status": "affected",
                "version": "9.8",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:adaptive_security_appliance_software:9.9:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "adaptive_security_appliance_software",
            "vendor": "cisco",
            "versions": [
              {
                "lessThan": "9.9.2..67",
                "status": "affected",
                "version": "9.9",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:adaptive_security_appliance_software:9.10:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "adaptive_security_appliance_software",
            "vendor": "cisco",
            "versions": [
              {
                "lessThan": "9.10.1.40",
                "status": "affected",
                "version": "9.10",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:adaptive_security_appliance_software:9.12:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "adaptive_security_appliance_software",
            "vendor": "cisco",
            "versions": [
              {
                "lessThan": "9.12.3.9",
                "status": "affected",
                "version": "9.12",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:adaptive_security_appliance_software:9.13:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "adaptive_security_appliance_software",
            "vendor": "cisco",
            "versions": [
              {
                "lessThan": "9.13.1.10",
                "status": "affected",
                "version": "9.13",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-3259",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-24T17:40:35.717209Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2024-02-15",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-3259"
              },
              "type": "kev"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-30T01:45:42.218Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2024-02-15T00:00:00+00:00",
            "value": "CVE-2020-3259 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T07:30:57.532Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20200506 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Information Disclosure Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-info-disclose-9eJtycMB"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2020-05-06T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to retrieve memory contents on an affected device, which could lead to the disclosure of confidential information. The vulnerability is due to a buffer tracking issue when the software parses invalid URLs that are requested from the web services interface. An attacker could exploit this vulnerability by sending a crafted GET request to the web services interface. A successful exploit could allow the attacker to retrieve memory contents, which could lead to the disclosure of confidential information. Note: This vulnerability affects only specific AnyConnect and WebVPN configurations. For more information, see the Vulnerable Products section."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-200",
              "description": "CWE-200",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-05-06T16:41:53.000Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20200506 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Information Disclosure Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-info-disclose-9eJtycMB"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asaftd-info-disclose-9eJtycMB",
        "defect": [
          [
            "CSCvt15163"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Information Disclosure Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2020-05-06T16:00:00-0700",
          "ID": "CVE-2020-3259",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Information Disclosure Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to retrieve memory contents on an affected device, which could lead to the disclosure of confidential information. The vulnerability is due to a buffer tracking issue when the software parses invalid URLs that are requested from the web services interface. An attacker could exploit this vulnerability by sending a crafted GET request to the web services interface. A successful exploit could allow the attacker to retrieve memory contents, which could lead to the disclosure of confidential information. Note: This vulnerability affects only specific AnyConnect and WebVPN configurations. For more information, see the Vulnerable Products section."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "7.5",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-200"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20200506 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Information Disclosure Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-info-disclose-9eJtycMB"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-asaftd-info-disclose-9eJtycMB",
          "defect": [
            [
              "CSCvt15163"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2020-3259",
    "datePublished": "2020-05-06T16:41:53.659Z",
    "dateReserved": "2019-12-12T00:00:00.000Z",
    "dateUpdated": "2025-07-30T01:45:42.218Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2018-0227 (GCVE-0-2018-0227)

Vulnerability from cvelistv5

Published

2018-04-19 20:00

Modified

2024-11-29 15:19

Severity ?

CWE

CWE-295

Summary

A vulnerability in the Secure Sockets Layer (SSL) Virtual Private Network (VPN) Client Certificate Authentication feature for Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to establish an SSL VPN connection and bypass certain SSL certificate verification steps. The vulnerability is due to incorrect verification of the SSL Client Certificate. An attacker could exploit this vulnerability by connecting to the ASA VPN without a proper private key and certificate pair. A successful exploit could allow the attacker to establish an SSL VPN connection to the ASA when the connection should have been rejected. This vulnerability affects Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) Software that is running on the following Cisco products: 3000 Series Industrial Security Appliances (ISA), ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliances (ASAv), Firepower 4110 Security Appliances, Firepower 9300 ASA Security Modules. Cisco Bug IDs: CSCvg40155.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa1	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1040723	vdb-entry, x_refsource_SECTRACK
	http://www.securityfocus.com/bid/104018	vdb-entry, x_refsource_BID
	https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	Cisco Adaptive Security Appliance	Version: Cisco Adaptive Security Appliance

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T03:21:13.918Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa1"
          },
          {
            "name": "1040723",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1040723"
          },
          {
            "name": "104018",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/104018"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2018-0227",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-29T14:44:36.598989Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-29T15:19:11.768Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Cisco Adaptive Security Appliance"
            }
          ]
        }
      ],
      "datePublic": "2018-04-19T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Secure Sockets Layer (SSL) Virtual Private Network (VPN) Client Certificate Authentication feature for Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to establish an SSL VPN connection and bypass certain SSL certificate verification steps. The vulnerability is due to incorrect verification of the SSL Client Certificate. An attacker could exploit this vulnerability by connecting to the ASA VPN without a proper private key and certificate pair. A successful exploit could allow the attacker to establish an SSL VPN connection to the ASA when the connection should have been rejected. This vulnerability affects Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) Software that is running on the following Cisco products: 3000 Series Industrial Security Appliances (ISA), ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliances (ASAv), Firepower 4110 Security Appliances, Firepower 9300 ASA Security Modules. Cisco Bug IDs: CSCvg40155."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-295",
              "description": "CWE-295",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-07-05T17:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa1"
        },
        {
          "name": "1040723",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1040723"
        },
        {
          "name": "104018",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/104018"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2018-0227",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Cisco Adaptive Security Appliance"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the Secure Sockets Layer (SSL) Virtual Private Network (VPN) Client Certificate Authentication feature for Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to establish an SSL VPN connection and bypass certain SSL certificate verification steps. The vulnerability is due to incorrect verification of the SSL Client Certificate. An attacker could exploit this vulnerability by connecting to the ASA VPN without a proper private key and certificate pair. A successful exploit could allow the attacker to establish an SSL VPN connection to the ASA when the connection should have been rejected. This vulnerability affects Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) Software that is running on the following Cisco products: 3000 Series Industrial Security Appliances (ISA), ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliances (ASAv), Firepower 4110 Security Appliances, Firepower 9300 ASA Security Modules. Cisco Bug IDs: CSCvg40155."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-295"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa1",
              "refsource": "CONFIRM",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa1"
            },
            {
              "name": "1040723",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1040723"
            },
            {
              "name": "104018",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/104018"
            },
            {
              "name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01",
              "refsource": "MISC",
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2018-0227",
    "datePublished": "2018-04-19T20:00:00",
    "dateReserved": "2017-11-27T00:00:00",
    "dateUpdated": "2024-11-29T15:19:11.768Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-3563 (GCVE-0-2020-3563)

Vulnerability from cvelistv5

Published

2020-10-21 18:41

Modified

2024-11-13 17:46

Severity ?

8.6 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-400

Summary

A vulnerability in the packet processing functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to inefficient memory management. An attacker could exploit this vulnerability by sending a large number of TCP packets to a specific port on an affected device. A successful exploit could allow the attacker to exhaust system memory, which could cause the device to reload unexpectedly. No manual intervention is needed to recover the device after it has reloaded.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tcp-dos-GDcZDqAf	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Threat Defense Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T07:37:54.980Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20201021 Cisco Firepower Threat Defense Software TCP Flood Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tcp-dos-GDcZDqAf"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-3563",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-13T17:12:12.620320Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-13T17:46:20.552Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2020-10-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the packet processing functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to inefficient memory management. An attacker could exploit this vulnerability by sending a large number of TCP packets to a specific port on an affected device. A successful exploit could allow the attacker to exhaust system memory, which could cause the device to reload unexpectedly. No manual intervention is needed to recover the device after it has reloaded."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-21T18:41:03",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20201021 Cisco Firepower Threat Defense Software TCP Flood Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tcp-dos-GDcZDqAf"
        }
      ],
      "source": {
        "advisory": "cisco-sa-ftd-tcp-dos-GDcZDqAf",
        "defect": [
          [
            "CSCvs56888"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Firepower Threat Defense Software TCP Flood Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2020-10-21T16:00:00",
          "ID": "CVE-2020-3563",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Firepower Threat Defense Software TCP Flood Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Firepower Threat Defense Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the packet processing functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to inefficient memory management. An attacker could exploit this vulnerability by sending a large number of TCP packets to a specific port on an affected device. A successful exploit could allow the attacker to exhaust system memory, which could cause the device to reload unexpectedly. No manual intervention is needed to recover the device after it has reloaded."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.6",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-400"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20201021 Cisco Firepower Threat Defense Software TCP Flood Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tcp-dos-GDcZDqAf"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-ftd-tcp-dos-GDcZDqAf",
          "defect": [
            [
              "CSCvs56888"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2020-3563",
    "datePublished": "2020-10-21T18:41:03.921917Z",
    "dateReserved": "2019-12-12T00:00:00",
    "dateUpdated": "2024-11-13T17:46:20.552Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-34764 (GCVE-0-2021-34764)

Vulnerability from cvelistv5

Published

2021-10-27 18:55

Modified

2024-11-07 21:44

Severity ?

4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

CWE

CWE-601

Summary

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an attacker to execute a cross-site scripting (XSS) attack or an open redirect attack. For more information about these vulnerabilities, see the Details section of this advisory.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-openredir-TVPMWJyg	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Management Center	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T00:19:48.194Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20211027 Cisco Firepower Management Center Software Cross-Site Scripting and Open Redirect Vulnerabilities",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-openredir-TVPMWJyg"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-34764",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-07T21:39:47.731617Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-07T21:44:08.882Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Management Center",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2021-10-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an attacker to execute a cross-site scripting (XSS) attack or an open redirect attack. For more information about these vulnerabilities, see the Details section of this advisory."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-601",
              "description": "CWE-601",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-27T18:55:46",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20211027 Cisco Firepower Management Center Software Cross-Site Scripting and Open Redirect Vulnerabilities",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-openredir-TVPMWJyg"
        }
      ],
      "source": {
        "advisory": "cisco-sa-fmc-xss-openredir-TVPMWJyg",
        "defect": [
          [
            "CSCvx32283",
            "CSCvx55664"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Firepower Management Center Software Cross-Site Scripting and Open Redirect Vulnerabilities",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2021-10-27T16:00:00",
          "ID": "CVE-2021-34764",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Firepower Management Center Software Cross-Site Scripting and Open Redirect Vulnerabilities"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Firepower Management Center",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an attacker to execute a cross-site scripting (XSS) attack or an open redirect attack. For more information about these vulnerabilities, see the Details section of this advisory."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "4.8",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-601"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20211027 Cisco Firepower Management Center Software Cross-Site Scripting and Open Redirect Vulnerabilities",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-openredir-TVPMWJyg"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-fmc-xss-openredir-TVPMWJyg",
          "defect": [
            [
              "CSCvx32283",
              "CSCvx55664"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2021-34764",
    "datePublished": "2021-10-27T18:55:46.901355Z",
    "dateReserved": "2021-06-15T00:00:00",
    "dateUpdated": "2024-11-07T21:44:08.882Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-20730 (GCVE-0-2022-20730)

Vulnerability from cvelistv5

Published

2022-05-03 03:16

Modified

2024-11-06 16:18

Severity ?

4.0 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N

CWE

CWE-241

Summary

A vulnerability in the Security Intelligence feed feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the Security Intelligence DNS feed. This vulnerability is due to incorrect feed update processing. An attacker could exploit this vulnerability by sending traffic through an affected device that should be blocked by the affected device. A successful exploit could allow the attacker to bypass device controls and successfully send traffic to devices that are expected to be protected by the affected device.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-sidns-bypass-3PzA5pO	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Threat Defense Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T02:24:49.664Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20220427 Cisco Firepower Threat Defense Software Security Intelligence DNS Feed Bypass Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-sidns-bypass-3PzA5pO"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-20730",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-06T15:58:38.935619Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-06T16:18:58.040Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2022-04-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Security Intelligence feed feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the Security Intelligence DNS feed. This vulnerability is due to incorrect feed update processing. An attacker could exploit this vulnerability by sending traffic through an affected device that should be blocked by the affected device. A successful exploit could allow the attacker to bypass device controls and successfully send traffic to devices that are expected to be protected by the affected device."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-241",
              "description": "CWE-241",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-05-03T03:16:17",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20220427 Cisco Firepower Threat Defense Software Security Intelligence DNS Feed Bypass Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-sidns-bypass-3PzA5pO"
        }
      ],
      "source": {
        "advisory": "cisco-sa-ftd-sidns-bypass-3PzA5pO",
        "defect": [
          [
            "CSCvz65181"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Firepower Threat Defense Software Security Intelligence DNS Feed Bypass Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2022-04-27T16:00:00",
          "ID": "CVE-2022-20730",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Firepower Threat Defense Software Security Intelligence DNS Feed Bypass Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Firepower Threat Defense Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the Security Intelligence feed feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the Security Intelligence DNS feed. This vulnerability is due to incorrect feed update processing. An attacker could exploit this vulnerability by sending traffic through an affected device that should be blocked by the affected device. A successful exploit could allow the attacker to bypass device controls and successfully send traffic to devices that are expected to be protected by the affected device."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "4.0",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-241"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20220427 Cisco Firepower Threat Defense Software Security Intelligence DNS Feed Bypass Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-sidns-bypass-3PzA5pO"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-ftd-sidns-bypass-3PzA5pO",
          "defect": [
            [
              "CSCvz65181"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2022-20730",
    "datePublished": "2022-05-03T03:16:18.055517Z",
    "dateReserved": "2021-11-02T00:00:00",
    "dateUpdated": "2024-11-06T16:18:58.040Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-20928 (GCVE-0-2022-20928)

Vulnerability from cvelistv5

Published

2022-11-10 17:36

Modified

2024-08-03 02:31

Severity ?

5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

CWE

CWE-863 - Incorrect Authorization

Summary

A vulnerability in the authentication and authorization flows for VPN connections in Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to establish a connection as a different user. This vulnerability is due to a flaw in the authorization verifications during the VPN authentication flow. An attacker could exploit this vulnerability by sending a crafted packet during a VPN authentication. The attacker must have valid credentials to establish a VPN connection. A successful exploit could allow the attacker to establish a VPN connection with access privileges from a different user.

References

▼	URL	Tags
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-vp-authz-N2GckjN6

Impacted products

Vendor

Product

Version

▼

Cisco

Cisco Adaptive Security Appliance (ASA) Software

Version: 9.8.1
Version: 9.8.1.5
Version: 9.8.1.7
Version: 9.8.2
Version: 9.8.2.8
Version: 9.8.2.14
Version: 9.8.2.15
Version: 9.8.2.17
Version: 9.8.2.20
Version: 9.8.2.24
Version: 9.8.2.26
Version: 9.8.2.28
Version: 9.8.2.33
Version: 9.8.2.35
Version: 9.8.2.38
Version: 9.8.3.8
Version: 9.8.3.11
Version: 9.8.3.14
Version: 9.8.3.16
Version: 9.8.3.18
Version: 9.8.3.21
Version: 9.8.3
Version: 9.8.3.26
Version: 9.8.3.29
Version: 9.8.4
Version: 9.8.4.3
Version: 9.8.4.7
Version: 9.8.4.8
Version: 9.8.4.10
Version: 9.8.4.12
Version: 9.8.4.15
Version: 9.8.4.17
Version: 9.8.4.25
Version: 9.8.4.20
Version: 9.8.4.22
Version: 9.8.4.26
Version: 9.8.4.29
Version: 9.8.4.32
Version: 9.8.4.33
Version: 9.8.4.34
Version: 9.8.4.35
Version: 9.8.4.39
Version: 9.8.4.40
Version: 9.8.4.41
Version: 9.8.4.43
Version: 9.8.4.44
Version: 9.8.4.45
Version: 9.12.1
Version: 9.12.1.2
Version: 9.12.1.3
Version: 9.12.2
Version: 9.12.2.4
Version: 9.12.2.5
Version: 9.12.2.9
Version: 9.12.3
Version: 9.12.3.2
Version: 9.12.3.7
Version: 9.12.4
Version: 9.12.3.12
Version: 9.12.3.9
Version: 9.12.2.1
Version: 9.12.4.2
Version: 9.12.4.4
Version: 9.12.4.7
Version: 9.12.4.10
Version: 9.12.4.13
Version: 9.12.4.8
Version: 9.12.4.18
Version: 9.12.4.24
Version: 9.12.4.26
Version: 9.12.4.29
Version: 9.12.4.30
Version: 9.12.4.35
Version: 9.12.4.37
Version: 9.12.4.38
Version: 9.12.4.39
Version: 9.14.1
Version: 9.14.1.10
Version: 9.14.1.6
Version: 9.14.1.15
Version: 9.14.1.19
Version: 9.14.1.30
Version: 9.14.2
Version: 9.14.2.4
Version: 9.14.2.8
Version: 9.14.2.13
Version: 9.14.2.15
Version: 9.14.3
Version: 9.14.3.1
Version: 9.14.3.9
Version: 9.14.3.11
Version: 9.14.3.13
Version: 9.14.3.18
Version: 9.14.3.15
Version: 9.14.4
Version: 9.14.4.6
Version: 9.15.1
Version: 9.15.1.7
Version: 9.15.1.10
Version: 9.15.1.15
Version: 9.15.1.16
Version: 9.15.1.17
Version: 9.15.1.1
Version: 9.15.1.21
Version: 9.16.1
Version: 9.16.1.28
Version: 9.16.2
Version: 9.16.2.3
Version: 9.16.2.7
Version: 9.16.2.11
Version: 9.16.2.13
Version: 9.16.2.14
Version: 9.17.1
Version: 9.17.1.7

	Cisco	Cisco Firepower Threat Defense Software	Version: 6.2.3 Version: 6.2.3.1 Version: 6.2.3.2 Version: 6.2.3.3 Version: 6.2.3.4 Version: 6.2.3.5 Version: 6.2.3.6 Version: 6.2.3.7 Version: 6.2.3.8 Version: 6.2.3.10 Version: 6.2.3.11 Version: 6.2.3.9 Version: 6.2.3.12 Version: 6.2.3.13 Version: 6.2.3.14 Version: 6.2.3.15 Version: 6.2.3.16 Version: 6.2.3.17 Version: 6.2.3.18 Version: 6.6.0 Version: 6.6.0.1 Version: 6.6.1 Version: 6.6.3 Version: 6.6.4 Version: 6.6.5 Version: 6.6.5.1 Version: 6.6.5.2 Version: 6.4.0 Version: 6.4.0.1 Version: 6.4.0.3 Version: 6.4.0.2 Version: 6.4.0.4 Version: 6.4.0.5 Version: 6.4.0.6 Version: 6.4.0.7 Version: 6.4.0.8 Version: 6.4.0.9 Version: 6.4.0.10 Version: 6.4.0.11 Version: 6.4.0.12 Version: 6.4.0.13 Version: 6.4.0.14 Version: 6.7.0 Version: 6.7.0.1 Version: 6.7.0.2 Version: 6.7.0.3 Version: 7.0.0 Version: 7.0.0.1 Version: 7.0.1 Version: 7.0.1.1 Version: 7.1.0 Version: 7.1.0.1 Version: 7.1.0.2
	Cisco	Cisco FirePOWER Services Software for ASA	Version: N/A

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T02:31:58.644Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "cisco-sa-asa-ftd-vp-authz-N2GckjN6",
            "tags": [
              "x_transferred"
            ],
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-vp-authz-N2GckjN6"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "9.8.1"
            },
            {
              "status": "affected",
              "version": "9.8.1.5"
            },
            {
              "status": "affected",
              "version": "9.8.1.7"
            },
            {
              "status": "affected",
              "version": "9.8.2"
            },
            {
              "status": "affected",
              "version": "9.8.2.8"
            },
            {
              "status": "affected",
              "version": "9.8.2.14"
            },
            {
              "status": "affected",
              "version": "9.8.2.15"
            },
            {
              "status": "affected",
              "version": "9.8.2.17"
            },
            {
              "status": "affected",
              "version": "9.8.2.20"
            },
            {
              "status": "affected",
              "version": "9.8.2.24"
            },
            {
              "status": "affected",
              "version": "9.8.2.26"
            },
            {
              "status": "affected",
              "version": "9.8.2.28"
            },
            {
              "status": "affected",
              "version": "9.8.2.33"
            },
            {
              "status": "affected",
              "version": "9.8.2.35"
            },
            {
              "status": "affected",
              "version": "9.8.2.38"
            },
            {
              "status": "affected",
              "version": "9.8.3.8"
            },
            {
              "status": "affected",
              "version": "9.8.3.11"
            },
            {
              "status": "affected",
              "version": "9.8.3.14"
            },
            {
              "status": "affected",
              "version": "9.8.3.16"
            },
            {
              "status": "affected",
              "version": "9.8.3.18"
            },
            {
              "status": "affected",
              "version": "9.8.3.21"
            },
            {
              "status": "affected",
              "version": "9.8.3"
            },
            {
              "status": "affected",
              "version": "9.8.3.26"
            },
            {
              "status": "affected",
              "version": "9.8.3.29"
            },
            {
              "status": "affected",
              "version": "9.8.4"
            },
            {
              "status": "affected",
              "version": "9.8.4.3"
            },
            {
              "status": "affected",
              "version": "9.8.4.7"
            },
            {
              "status": "affected",
              "version": "9.8.4.8"
            },
            {
              "status": "affected",
              "version": "9.8.4.10"
            },
            {
              "status": "affected",
              "version": "9.8.4.12"
            },
            {
              "status": "affected",
              "version": "9.8.4.15"
            },
            {
              "status": "affected",
              "version": "9.8.4.17"
            },
            {
              "status": "affected",
              "version": "9.8.4.25"
            },
            {
              "status": "affected",
              "version": "9.8.4.20"
            },
            {
              "status": "affected",
              "version": "9.8.4.22"
            },
            {
              "status": "affected",
              "version": "9.8.4.26"
            },
            {
              "status": "affected",
              "version": "9.8.4.29"
            },
            {
              "status": "affected",
              "version": "9.8.4.32"
            },
            {
              "status": "affected",
              "version": "9.8.4.33"
            },
            {
              "status": "affected",
              "version": "9.8.4.34"
            },
            {
              "status": "affected",
              "version": "9.8.4.35"
            },
            {
              "status": "affected",
              "version": "9.8.4.39"
            },
            {
              "status": "affected",
              "version": "9.8.4.40"
            },
            {
              "status": "affected",
              "version": "9.8.4.41"
            },
            {
              "status": "affected",
              "version": "9.8.4.43"
            },
            {
              "status": "affected",
              "version": "9.8.4.44"
            },
            {
              "status": "affected",
              "version": "9.8.4.45"
            },
            {
              "status": "affected",
              "version": "9.12.1"
            },
            {
              "status": "affected",
              "version": "9.12.1.2"
            },
            {
              "status": "affected",
              "version": "9.12.1.3"
            },
            {
              "status": "affected",
              "version": "9.12.2"
            },
            {
              "status": "affected",
              "version": "9.12.2.4"
            },
            {
              "status": "affected",
              "version": "9.12.2.5"
            },
            {
              "status": "affected",
              "version": "9.12.2.9"
            },
            {
              "status": "affected",
              "version": "9.12.3"
            },
            {
              "status": "affected",
              "version": "9.12.3.2"
            },
            {
              "status": "affected",
              "version": "9.12.3.7"
            },
            {
              "status": "affected",
              "version": "9.12.4"
            },
            {
              "status": "affected",
              "version": "9.12.3.12"
            },
            {
              "status": "affected",
              "version": "9.12.3.9"
            },
            {
              "status": "affected",
              "version": "9.12.2.1"
            },
            {
              "status": "affected",
              "version": "9.12.4.2"
            },
            {
              "status": "affected",
              "version": "9.12.4.4"
            },
            {
              "status": "affected",
              "version": "9.12.4.7"
            },
            {
              "status": "affected",
              "version": "9.12.4.10"
            },
            {
              "status": "affected",
              "version": "9.12.4.13"
            },
            {
              "status": "affected",
              "version": "9.12.4.8"
            },
            {
              "status": "affected",
              "version": "9.12.4.18"
            },
            {
              "status": "affected",
              "version": "9.12.4.24"
            },
            {
              "status": "affected",
              "version": "9.12.4.26"
            },
            {
              "status": "affected",
              "version": "9.12.4.29"
            },
            {
              "status": "affected",
              "version": "9.12.4.30"
            },
            {
              "status": "affected",
              "version": "9.12.4.35"
            },
            {
              "status": "affected",
              "version": "9.12.4.37"
            },
            {
              "status": "affected",
              "version": "9.12.4.38"
            },
            {
              "status": "affected",
              "version": "9.12.4.39"
            },
            {
              "status": "affected",
              "version": "9.14.1"
            },
            {
              "status": "affected",
              "version": "9.14.1.10"
            },
            {
              "status": "affected",
              "version": "9.14.1.6"
            },
            {
              "status": "affected",
              "version": "9.14.1.15"
            },
            {
              "status": "affected",
              "version": "9.14.1.19"
            },
            {
              "status": "affected",
              "version": "9.14.1.30"
            },
            {
              "status": "affected",
              "version": "9.14.2"
            },
            {
              "status": "affected",
              "version": "9.14.2.4"
            },
            {
              "status": "affected",
              "version": "9.14.2.8"
            },
            {
              "status": "affected",
              "version": "9.14.2.13"
            },
            {
              "status": "affected",
              "version": "9.14.2.15"
            },
            {
              "status": "affected",
              "version": "9.14.3"
            },
            {
              "status": "affected",
              "version": "9.14.3.1"
            },
            {
              "status": "affected",
              "version": "9.14.3.9"
            },
            {
              "status": "affected",
              "version": "9.14.3.11"
            },
            {
              "status": "affected",
              "version": "9.14.3.13"
            },
            {
              "status": "affected",
              "version": "9.14.3.18"
            },
            {
              "status": "affected",
              "version": "9.14.3.15"
            },
            {
              "status": "affected",
              "version": "9.14.4"
            },
            {
              "status": "affected",
              "version": "9.14.4.6"
            },
            {
              "status": "affected",
              "version": "9.15.1"
            },
            {
              "status": "affected",
              "version": "9.15.1.7"
            },
            {
              "status": "affected",
              "version": "9.15.1.10"
            },
            {
              "status": "affected",
              "version": "9.15.1.15"
            },
            {
              "status": "affected",
              "version": "9.15.1.16"
            },
            {
              "status": "affected",
              "version": "9.15.1.17"
            },
            {
              "status": "affected",
              "version": "9.15.1.1"
            },
            {
              "status": "affected",
              "version": "9.15.1.21"
            },
            {
              "status": "affected",
              "version": "9.16.1"
            },
            {
              "status": "affected",
              "version": "9.16.1.28"
            },
            {
              "status": "affected",
              "version": "9.16.2"
            },
            {
              "status": "affected",
              "version": "9.16.2.3"
            },
            {
              "status": "affected",
              "version": "9.16.2.7"
            },
            {
              "status": "affected",
              "version": "9.16.2.11"
            },
            {
              "status": "affected",
              "version": "9.16.2.13"
            },
            {
              "status": "affected",
              "version": "9.16.2.14"
            },
            {
              "status": "affected",
              "version": "9.17.1"
            },
            {
              "status": "affected",
              "version": "9.17.1.7"
            }
          ]
        },
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "6.2.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.1"
            },
            {
              "status": "affected",
              "version": "6.2.3.2"
            },
            {
              "status": "affected",
              "version": "6.2.3.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.4"
            },
            {
              "status": "affected",
              "version": "6.2.3.5"
            },
            {
              "status": "affected",
              "version": "6.2.3.6"
            },
            {
              "status": "affected",
              "version": "6.2.3.7"
            },
            {
              "status": "affected",
              "version": "6.2.3.8"
            },
            {
              "status": "affected",
              "version": "6.2.3.10"
            },
            {
              "status": "affected",
              "version": "6.2.3.11"
            },
            {
              "status": "affected",
              "version": "6.2.3.9"
            },
            {
              "status": "affected",
              "version": "6.2.3.12"
            },
            {
              "status": "affected",
              "version": "6.2.3.13"
            },
            {
              "status": "affected",
              "version": "6.2.3.14"
            },
            {
              "status": "affected",
              "version": "6.2.3.15"
            },
            {
              "status": "affected",
              "version": "6.2.3.16"
            },
            {
              "status": "affected",
              "version": "6.2.3.17"
            },
            {
              "status": "affected",
              "version": "6.2.3.18"
            },
            {
              "status": "affected",
              "version": "6.6.0"
            },
            {
              "status": "affected",
              "version": "6.6.0.1"
            },
            {
              "status": "affected",
              "version": "6.6.1"
            },
            {
              "status": "affected",
              "version": "6.6.3"
            },
            {
              "status": "affected",
              "version": "6.6.4"
            },
            {
              "status": "affected",
              "version": "6.6.5"
            },
            {
              "status": "affected",
              "version": "6.6.5.1"
            },
            {
              "status": "affected",
              "version": "6.6.5.2"
            },
            {
              "status": "affected",
              "version": "6.4.0"
            },
            {
              "status": "affected",
              "version": "6.4.0.1"
            },
            {
              "status": "affected",
              "version": "6.4.0.3"
            },
            {
              "status": "affected",
              "version": "6.4.0.2"
            },
            {
              "status": "affected",
              "version": "6.4.0.4"
            },
            {
              "status": "affected",
              "version": "6.4.0.5"
            },
            {
              "status": "affected",
              "version": "6.4.0.6"
            },
            {
              "status": "affected",
              "version": "6.4.0.7"
            },
            {
              "status": "affected",
              "version": "6.4.0.8"
            },
            {
              "status": "affected",
              "version": "6.4.0.9"
            },
            {
              "status": "affected",
              "version": "6.4.0.10"
            },
            {
              "status": "affected",
              "version": "6.4.0.11"
            },
            {
              "status": "affected",
              "version": "6.4.0.12"
            },
            {
              "status": "affected",
              "version": "6.4.0.13"
            },
            {
              "status": "affected",
              "version": "6.4.0.14"
            },
            {
              "status": "affected",
              "version": "6.7.0"
            },
            {
              "status": "affected",
              "version": "6.7.0.1"
            },
            {
              "status": "affected",
              "version": "6.7.0.2"
            },
            {
              "status": "affected",
              "version": "6.7.0.3"
            },
            {
              "status": "affected",
              "version": "7.0.0"
            },
            {
              "status": "affected",
              "version": "7.0.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1.1"
            },
            {
              "status": "affected",
              "version": "7.1.0"
            },
            {
              "status": "affected",
              "version": "7.1.0.1"
            },
            {
              "status": "affected",
              "version": "7.1.0.2"
            }
          ]
        },
        {
          "product": "Cisco FirePOWER Services Software for ASA",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "N/A"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the authentication and authorization flows for VPN connections in Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to establish a connection as a different user.\r\n\r This vulnerability is due to a flaw in the authorization verifications during the VPN authentication flow. An attacker could exploit this vulnerability by sending a crafted packet during a VPN authentication. The attacker must have valid credentials to establish a VPN connection. A successful exploit could allow the attacker to establish a VPN connection with access privileges from a different user."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-863",
              "description": "Incorrect Authorization",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-25T16:57:15.104Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-asa-ftd-vp-authz-N2GckjN6",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-vp-authz-N2GckjN6"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asa-ftd-vp-authz-N2GckjN6",
        "defects": [
          "CSCwa81795"
        ],
        "discovery": "EXTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2022-20928",
    "datePublished": "2022-11-10T17:36:54.157Z",
    "dateReserved": "2021-11-02T13:28:29.191Z",
    "dateUpdated": "2024-08-03T02:31:58.644Z",
    "requesterUserId": "4087f8c1-b21c-479b-99df-de23cb76b743",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-40116 (GCVE-0-2021-40116)

Vulnerability from cvelistv5

Published

2021-10-27 18:56

Modified

2024-11-07 21:45

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-241

Summary

Multiple Cisco products are affected by a vulnerability in Snort rules that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.The vulnerability is due to improper handling of the Block with Reset or Interactive Block with Reset actions if a rule is configured without proper constraints. An attacker could exploit this vulnerability by sending a crafted IP packet to the affected device. A successful exploit could allow the attacker to cause through traffic to be dropped. Note: Only products with Snort3 configured and either a rule with Block with Reset or Interactive Block with Reset actions configured are vulnerable. Products configured with Snort2 are not vulnerable.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-dos-RywH7ezM	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Threat Defense Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T02:27:31.552Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20211027 Multiple Cisco Products Snort Rule Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-dos-RywH7ezM"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-40116",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-07T21:44:24.760230Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-07T21:45:31.681Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2021-10-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple Cisco products are affected by a vulnerability in Snort rules that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.The vulnerability is due to improper handling of the Block with Reset or Interactive Block with Reset actions if a rule is configured without proper constraints. An attacker could exploit this vulnerability by sending a crafted IP packet to the affected device. A successful exploit could allow the attacker to cause through traffic to be dropped. Note: Only products with Snort3 configured and either a rule with Block with Reset or Interactive Block with Reset actions configured are vulnerable. Products configured with Snort2 are not vulnerable."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-241",
              "description": "CWE-241",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-27T18:56:42",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20211027 Multiple Cisco Products Snort Rule Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-dos-RywH7ezM"
        }
      ],
      "source": {
        "advisory": "cisco-sa-snort-dos-RywH7ezM",
        "defect": [
          [
            "CSCvy66065"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Multiple Cisco Products Snort Rule Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2021-10-27T16:00:00",
          "ID": "CVE-2021-40116",
          "STATE": "PUBLIC",
          "TITLE": "Multiple Cisco Products Snort Rule Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Firepower Threat Defense Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple Cisco products are affected by a vulnerability in Snort rules that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.The vulnerability is due to improper handling of the Block with Reset or Interactive Block with Reset actions if a rule is configured without proper constraints. An attacker could exploit this vulnerability by sending a crafted IP packet to the affected device. A successful exploit could allow the attacker to cause through traffic to be dropped. Note: Only products with Snort3 configured and either a rule with Block with Reset or Interactive Block with Reset actions configured are vulnerable. Products configured with Snort2 are not vulnerable."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.6",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-241"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20211027 Multiple Cisco Products Snort Rule Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-dos-RywH7ezM"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-snort-dos-RywH7ezM",
          "defect": [
            [
              "CSCvy66065"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2021-40116",
    "datePublished": "2021-10-27T18:56:42.934548Z",
    "dateReserved": "2021-08-25T00:00:00",
    "dateUpdated": "2024-11-07T21:45:31.681Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-20494 (GCVE-0-2024-20494)

Vulnerability from cvelistv5

Published

2024-10-23 17:53

Modified

2024-10-23 19:39

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-1287 - Improper Validation of Specified Type of Input

Summary

A vulnerability in the TLS cryptography functionality of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to improper data validation during the TLS 1.3 handshake. An attacker could exploit this vulnerability by sending a crafted TLS 1.3 packet to an affected system through a TLS 1.3-enabled listening socket. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. Note: This vulnerability can also impact the integrity of a device by causing VPN HostScan communication failures or file transfer failures when Cisco ASA Software is upgraded using Cisco Adaptive Security Device Manager (ASDM).

References

▼	URL	Tags
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-tls-CWY6zXB

Impacted products

Vendor

Product

Version

▼

Cisco

Cisco Adaptive Security Appliance (ASA) Software

Version: 9.19.1
Version: 9.19.1.5
Version: 9.19.1.9
Version: 9.19.1.12
Version: 9.19.1.18
Version: 9.19.1.22
Version: 9.19.1.24
Version: 9.19.1.27
Version: 9.19.1.28
Version: 9.19.1.31
Version: 9.20.1
Version: 9.20.1.5
Version: 9.20.2
Version: 9.20.2.10
Version: 9.20.2.21
Version: 9.20.2.22
Version: 9.20.3

Cisco

Cisco Firepower Threat Defense Software

Version: 7.3.0
Version: 7.3.1
Version: 7.3.1.1
Version: 7.3.1.2
Version: 7.4.0
Version: 7.4.1
Version: 7.4.1.1
Version: 7.4.2

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "adaptive_security_appliance_software",
            "vendor": "cisco",
            "versions": [
              {
                "status": "affected",
                "version": "9.19.1"
              },
              {
                "status": "affected",
                "version": "9.19.1.5"
              },
              {
                "status": "affected",
                "version": "9.19.1.9"
              },
              {
                "status": "affected",
                "version": "9.19.1.12"
              },
              {
                "status": "affected",
                "version": "9.19.1.18"
              },
              {
                "status": "affected",
                "version": "9.19.1.22"
              },
              {
                "status": "affected",
                "version": "9.19.1.24"
              },
              {
                "status": "affected",
                "version": "9.19.1.27"
              },
              {
                "status": "affected",
                "version": "9.19.1.28"
              },
              {
                "status": "affected",
                "version": "9.19.1.31"
              },
              {
                "status": "affected",
                "version": "9.20.1"
              },
              {
                "status": "affected",
                "version": "9.20.1.5"
              },
              {
                "status": "affected",
                "version": "9.20.2"
              },
              {
                "status": "affected",
                "version": "9.20.2.10"
              },
              {
                "status": "affected",
                "version": "9.20.2.21"
              },
              {
                "status": "affected",
                "version": "9.20.2.22"
              },
              {
                "status": "affected",
                "version": "9.20.3"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:firepower_threat_defense_software:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "firepower_threat_defense_software",
            "vendor": "cisco",
            "versions": [
              {
                "status": "affected",
                "version": "7.3.0"
              },
              {
                "status": "affected",
                "version": "7.3.1"
              },
              {
                "status": "affected",
                "version": "7.3.1.1"
              },
              {
                "status": "affected",
                "version": "7.3.1.2"
              },
              {
                "status": "affected",
                "version": "7.4.0"
              },
              {
                "status": "affected",
                "version": "7.4.1"
              },
              {
                "status": "affected",
                "version": "7.4.1.1"
              },
              {
                "status": "affected",
                "version": "7.4.2"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-20494",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-23T19:13:09.595545Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-23T19:39:04.608Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "9.19.1"
            },
            {
              "status": "affected",
              "version": "9.19.1.5"
            },
            {
              "status": "affected",
              "version": "9.19.1.9"
            },
            {
              "status": "affected",
              "version": "9.19.1.12"
            },
            {
              "status": "affected",
              "version": "9.19.1.18"
            },
            {
              "status": "affected",
              "version": "9.19.1.22"
            },
            {
              "status": "affected",
              "version": "9.19.1.24"
            },
            {
              "status": "affected",
              "version": "9.19.1.27"
            },
            {
              "status": "affected",
              "version": "9.19.1.28"
            },
            {
              "status": "affected",
              "version": "9.19.1.31"
            },
            {
              "status": "affected",
              "version": "9.20.1"
            },
            {
              "status": "affected",
              "version": "9.20.1.5"
            },
            {
              "status": "affected",
              "version": "9.20.2"
            },
            {
              "status": "affected",
              "version": "9.20.2.10"
            },
            {
              "status": "affected",
              "version": "9.20.2.21"
            },
            {
              "status": "affected",
              "version": "9.20.2.22"
            },
            {
              "status": "affected",
              "version": "9.20.3"
            }
          ]
        },
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "7.3.0"
            },
            {
              "status": "affected",
              "version": "7.3.1"
            },
            {
              "status": "affected",
              "version": "7.3.1.1"
            },
            {
              "status": "affected",
              "version": "7.3.1.2"
            },
            {
              "status": "affected",
              "version": "7.4.0"
            },
            {
              "status": "affected",
              "version": "7.4.1"
            },
            {
              "status": "affected",
              "version": "7.4.1.1"
            },
            {
              "status": "affected",
              "version": "7.4.2"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the TLS cryptography functionality of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition.\r\n\r This vulnerability is due to improper data validation during the TLS 1.3 handshake. An attacker could exploit this vulnerability by sending a crafted TLS 1.3 packet to an affected system through a TLS 1.3-enabled listening socket. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.\r\n\r Note: This vulnerability can also impact the integrity of a device by causing VPN HostScan communication failures or file transfer failures when Cisco ASA Software is upgraded using Cisco Adaptive Security Device Manager (ASDM)."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1287",
              "description": "Improper Validation of Specified Type of Input",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-23T17:53:00.574Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-asa-tls-CWY6zXB",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-tls-CWY6zXB"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asa-tls-CWY6zXB",
        "defects": [
          "CSCwj92223",
          "CSCwk74813"
        ],
        "discovery": "INTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2024-20494",
    "datePublished": "2024-10-23T17:53:00.574Z",
    "dateReserved": "2023-11-08T15:08:07.686Z",
    "dateUpdated": "2024-10-23T19:39:04.608Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-1691 (GCVE-0-2019-1691)

Vulnerability from cvelistv5

Published

2019-02-21 21:00

Modified

2024-11-19 19:16

Severity ?

5.8 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

CWE

CWE-20

Summary

A vulnerability in the detection engine of Cisco Firepower Threat Defense Software could allow an unauthenticated, remote attacker to cause the unexpected restart of the SNORT detection engine, resulting in a denial of service (DoS) condition. The vulnerability is due to the incomplete error handling of the SSL or TLS packet header during the connection establishment. An attacker could exploit this vulnerability by sending a crafted SSL or TLS packet during the connection handshake. An exploit could allow the attacker to cause the SNORT detection engine to unexpectedly restart, resulting in a partial DoS condition while the detection engine restarts. Versions prior to 6.2.3.4 are affected.

References

▼	URL	Tags
	http://www.securityfocus.com/bid/107099	vdb-entry, x_refsource_BID
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-fpwr-ssltls-dos	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Threat Defense Software	Version: unspecified < 6.2.3.4

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T18:28:41.097Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "107099",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/107099"
          },
          {
            "name": "20190220 Cisco Firepower Threat Defense Software SSL or TLS Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-fpwr-ssltls-dos"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2019-1691",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-19T17:25:23.525286Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-19T19:16:19.997Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "6.2.3.4",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2019-02-20T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the detection engine of Cisco Firepower Threat Defense Software could allow an unauthenticated, remote attacker to cause the unexpected restart of the SNORT detection engine, resulting in a denial of service (DoS) condition. The vulnerability is due to the incomplete error handling of the SSL or TLS packet header during the connection establishment. An attacker could exploit this vulnerability by sending a crafted SSL or TLS packet during the connection handshake. An exploit could allow the attacker to cause the SNORT detection engine to unexpectedly restart, resulting in a partial DoS condition while the detection engine restarts. Versions prior to 6.2.3.4 are affected."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-02-22T10:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "107099",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/107099"
        },
        {
          "name": "20190220 Cisco Firepower Threat Defense Software SSL or TLS Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-fpwr-ssltls-dos"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20190220-fpwr-ssltls-dos",
        "defect": [
          [
            "CSCvj97647"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Firepower Threat Defense Software SSL or TLS Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2019-02-20T16:00:00-0800",
          "ID": "CVE-2019-1691",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Firepower Threat Defense Software SSL or TLS Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Firepower Threat Defense Software",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "6.2.3.4"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the detection engine of Cisco Firepower Threat Defense Software could allow an unauthenticated, remote attacker to cause the unexpected restart of the SNORT detection engine, resulting in a denial of service (DoS) condition. The vulnerability is due to the incomplete error handling of the SSL or TLS packet header during the connection establishment. An attacker could exploit this vulnerability by sending a crafted SSL or TLS packet during the connection handshake. An exploit could allow the attacker to cause the SNORT detection engine to unexpectedly restart, resulting in a partial DoS condition while the detection engine restarts. Versions prior to 6.2.3.4 are affected."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "5.8",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "107099",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/107099"
            },
            {
              "name": "20190220 Cisco Firepower Threat Defense Software SSL or TLS Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-fpwr-ssltls-dos"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20190220-fpwr-ssltls-dos",
          "defect": [
            [
              "CSCvj97647"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2019-1691",
    "datePublished": "2019-02-21T21:00:00Z",
    "dateReserved": "2018-12-06T00:00:00",
    "dateUpdated": "2024-11-19T19:16:19.997Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-20333 (GCVE-0-2025-20333)

Vulnerability from cvelistv5

Published

2025-09-25 16:12

Modified

2025-09-26 03:55

Severity ?

9.9 (Critical) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

CWE

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Summary

A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to improper validation of user-supplied input in HTTP(S) requests. An attacker with valid VPN user credentials could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as root, possibly resulting in the complete compromise of the affected device.

References

▼	URL	Tags
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-webvpn-z5xP8EUB

Impacted products

Vendor

Product

Version

▼

Cisco

Cisco Adaptive Security Appliance (ASA) Software

Version: 9.8.1
Version: 9.8.1.5
Version: 9.8.1.7
Version: 9.8.2
Version: 9.8.2.8
Version: 9.8.2.14
Version: 9.8.2.15
Version: 9.8.2.17
Version: 9.8.2.20
Version: 9.8.2.24
Version: 9.8.2.26
Version: 9.8.2.28
Version: 9.8.2.33
Version: 9.8.2.35
Version: 9.8.2.38
Version: 9.8.3.8
Version: 9.8.3.11
Version: 9.8.3.14
Version: 9.8.3.16
Version: 9.8.3.18
Version: 9.8.3.21
Version: 9.8.3
Version: 9.8.3.26
Version: 9.8.3.29
Version: 9.8.4
Version: 9.8.4.3
Version: 9.8.4.7
Version: 9.8.4.8
Version: 9.8.4.10
Version: 9.8.4.12
Version: 9.8.4.15
Version: 9.8.4.17
Version: 9.8.2.45
Version: 9.8.4.25
Version: 9.8.4.20
Version: 9.8.4.22
Version: 9.8.4.26
Version: 9.8.4.29
Version: 9.8.4.32
Version: 9.8.4.33
Version: 9.8.4.34
Version: 9.8.4.35
Version: 9.8.4.39
Version: 9.8.4.40
Version: 9.8.4.41
Version: 9.8.4.43
Version: 9.8.4.44
Version: 9.8.4.45
Version: 9.8.4.46
Version: 9.8.4.48
Version: 9.12.1
Version: 9.12.1.2
Version: 9.12.1.3
Version: 9.12.2
Version: 9.12.2.4
Version: 9.12.2.5
Version: 9.12.2.9
Version: 9.12.3
Version: 9.12.3.2
Version: 9.12.3.7
Version: 9.12.4
Version: 9.12.3.12
Version: 9.12.3.9
Version: 9.12.2.1
Version: 9.12.4.2
Version: 9.12.4.4
Version: 9.12.4.7
Version: 9.12.4.10
Version: 9.12.4.13
Version: 9.12.4.8
Version: 9.12.4.18
Version: 9.12.4.24
Version: 9.12.4.26
Version: 9.12.4.29
Version: 9.12.4.30
Version: 9.12.4.35
Version: 9.12.4.37
Version: 9.12.4.38
Version: 9.12.4.39
Version: 9.12.4.40
Version: 9.12.4.41
Version: 9.12.4.47
Version: 9.12.4.48
Version: 9.12.4.50
Version: 9.12.4.52
Version: 9.12.4.54
Version: 9.12.4.55
Version: 9.12.4.56
Version: 9.12.4.58
Version: 9.12.4.62
Version: 9.12.4.65
Version: 9.12.4.67
Version: 9.14.1
Version: 9.14.1.10
Version: 9.14.1.6
Version: 9.14.1.15
Version: 9.14.1.19
Version: 9.14.1.30
Version: 9.14.2
Version: 9.14.2.4
Version: 9.14.2.8
Version: 9.14.2.13
Version: 9.14.2.15
Version: 9.14.3
Version: 9.14.3.1
Version: 9.14.3.9
Version: 9.14.3.11
Version: 9.14.3.13
Version: 9.14.3.18
Version: 9.14.3.15
Version: 9.14.4
Version: 9.14.4.6
Version: 9.14.4.7
Version: 9.14.4.12
Version: 9.14.4.13
Version: 9.14.4.14
Version: 9.14.4.15
Version: 9.14.4.17
Version: 9.14.4.22
Version: 9.14.4.23
Version: 9.14.4.24
Version: 9.16.1
Version: 9.16.1.28
Version: 9.16.2
Version: 9.16.2.3
Version: 9.16.2.7
Version: 9.16.2.11
Version: 9.16.2.13
Version: 9.16.2.14
Version: 9.16.3
Version: 9.16.3.3
Version: 9.16.3.14
Version: 9.16.3.15
Version: 9.16.3.19
Version: 9.16.3.23
Version: 9.16.4
Version: 9.16.4.9
Version: 9.16.4.14
Version: 9.16.4.18
Version: 9.16.4.19
Version: 9.16.4.27
Version: 9.16.4.38
Version: 9.16.4.39
Version: 9.16.4.42
Version: 9.16.4.48
Version: 9.16.4.55
Version: 9.16.4.57
Version: 9.16.4.61
Version: 9.16.4.62
Version: 9.16.4.67
Version: 9.16.4.70
Version: 9.16.4.71
Version: 9.16.4.76
Version: 9.16.4.82
Version: 9.16.4.84
Version: 9.17.1
Version: 9.17.1.7
Version: 9.17.1.9
Version: 9.17.1.10
Version: 9.17.1.11
Version: 9.17.1.13
Version: 9.17.1.15
Version: 9.17.1.20
Version: 9.17.1.30
Version: 9.17.1.33
Version: 9.17.1.39
Version: 9.18.1
Version: 9.18.1.3
Version: 9.18.2
Version: 9.18.2.5
Version: 9.18.2.7
Version: 9.18.2.8
Version: 9.18.3
Version: 9.18.3.39
Version: 9.18.3.46
Version: 9.18.3.53
Version: 9.18.3.55
Version: 9.18.3.56
Version: 9.18.4
Version: 9.18.4.5
Version: 9.18.4.8
Version: 9.18.4.22
Version: 9.18.4.24
Version: 9.18.4.29
Version: 9.18.4.34
Version: 9.18.4.40
Version: 9.19.1
Version: 9.19.1.5
Version: 9.19.1.9
Version: 9.19.1.12
Version: 9.19.1.18
Version: 9.19.1.22
Version: 9.19.1.24
Version: 9.19.1.27
Version: 9.19.1.28
Version: 9.19.1.31
Version: 9.20.1
Version: 9.20.1.5
Version: 9.20.2
Version: 9.20.2.10
Version: 9.20.2.21
Version: 9.20.2.22
Version: 9.20.3
Version: 9.20.3.4
Version: 9.22.1.1
Version: 9.22.1.2

Cisco

Cisco Firepower Threat Defense Software

Version: 6.2.3
Version: 6.2.3.1
Version: 6.2.3.2
Version: 6.2.3.3
Version: 6.2.3.4
Version: 6.2.3.5
Version: 6.2.3.6
Version: 6.2.3.7
Version: 6.2.3.8
Version: 6.2.3.10
Version: 6.2.3.11
Version: 6.2.3.9
Version: 6.2.3.12
Version: 6.2.3.13
Version: 6.2.3.14
Version: 6.2.3.15
Version: 6.2.3.16
Version: 6.2.3.17
Version: 6.2.3.18
Version: 6.6.0
Version: 6.6.0.1
Version: 6.6.1
Version: 6.6.3
Version: 6.6.4
Version: 6.6.5
Version: 6.6.5.1
Version: 6.6.5.2
Version: 6.6.7
Version: 6.6.7.1
Version: 6.6.7.2
Version: 6.4.0
Version: 6.4.0.1
Version: 6.4.0.3
Version: 6.4.0.2
Version: 6.4.0.4
Version: 6.4.0.5
Version: 6.4.0.6
Version: 6.4.0.7
Version: 6.4.0.8
Version: 6.4.0.9
Version: 6.4.0.10
Version: 6.4.0.11
Version: 6.4.0.12
Version: 6.4.0.13
Version: 6.4.0.14
Version: 6.4.0.15
Version: 6.4.0.16
Version: 6.4.0.17
Version: 6.4.0.18
Version: 7.0.0
Version: 7.0.0.1
Version: 7.0.1
Version: 7.0.1.1
Version: 7.0.2
Version: 7.0.2.1
Version: 7.0.3
Version: 7.0.4
Version: 7.0.5
Version: 7.0.6
Version: 7.0.6.1
Version: 7.0.6.2
Version: 7.0.6.3
Version: 7.0.7
Version: 7.0.8
Version: 7.1.0
Version: 7.1.0.1
Version: 7.1.0.2
Version: 7.1.0.3
Version: 7.2.0
Version: 7.2.0.1
Version: 7.2.1
Version: 7.2.2
Version: 7.2.3
Version: 7.2.4
Version: 7.2.4.1
Version: 7.2.5
Version: 7.2.5.1
Version: 7.2.6
Version: 7.2.7
Version: 7.2.5.2
Version: 7.2.8
Version: 7.2.8.1
Version: 7.3.0
Version: 7.3.1
Version: 7.3.1.1
Version: 7.3.1.2
Version: 7.4.0
Version: 7.4.1
Version: 7.4.1.1
Version: 7.4.2
Version: 7.4.2.1
Version: 7.4.2.2
Version: 7.4.2.3
Version: 7.6.0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-20333",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-09-25T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2025-09-25",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-20333"
              },
              "type": "kev"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-09-26T03:55:13.481Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "vendor-advisory"
            ],
            "url": "https://sec.cloudapps.cisco.com/security/center/resources/asa_ftd_continued_attacks"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2025-09-25T00:00:00+00:00",
            "value": "CVE-2025-20333 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "9.8.1"
            },
            {
              "status": "affected",
              "version": "9.8.1.5"
            },
            {
              "status": "affected",
              "version": "9.8.1.7"
            },
            {
              "status": "affected",
              "version": "9.8.2"
            },
            {
              "status": "affected",
              "version": "9.8.2.8"
            },
            {
              "status": "affected",
              "version": "9.8.2.14"
            },
            {
              "status": "affected",
              "version": "9.8.2.15"
            },
            {
              "status": "affected",
              "version": "9.8.2.17"
            },
            {
              "status": "affected",
              "version": "9.8.2.20"
            },
            {
              "status": "affected",
              "version": "9.8.2.24"
            },
            {
              "status": "affected",
              "version": "9.8.2.26"
            },
            {
              "status": "affected",
              "version": "9.8.2.28"
            },
            {
              "status": "affected",
              "version": "9.8.2.33"
            },
            {
              "status": "affected",
              "version": "9.8.2.35"
            },
            {
              "status": "affected",
              "version": "9.8.2.38"
            },
            {
              "status": "affected",
              "version": "9.8.3.8"
            },
            {
              "status": "affected",
              "version": "9.8.3.11"
            },
            {
              "status": "affected",
              "version": "9.8.3.14"
            },
            {
              "status": "affected",
              "version": "9.8.3.16"
            },
            {
              "status": "affected",
              "version": "9.8.3.18"
            },
            {
              "status": "affected",
              "version": "9.8.3.21"
            },
            {
              "status": "affected",
              "version": "9.8.3"
            },
            {
              "status": "affected",
              "version": "9.8.3.26"
            },
            {
              "status": "affected",
              "version": "9.8.3.29"
            },
            {
              "status": "affected",
              "version": "9.8.4"
            },
            {
              "status": "affected",
              "version": "9.8.4.3"
            },
            {
              "status": "affected",
              "version": "9.8.4.7"
            },
            {
              "status": "affected",
              "version": "9.8.4.8"
            },
            {
              "status": "affected",
              "version": "9.8.4.10"
            },
            {
              "status": "affected",
              "version": "9.8.4.12"
            },
            {
              "status": "affected",
              "version": "9.8.4.15"
            },
            {
              "status": "affected",
              "version": "9.8.4.17"
            },
            {
              "status": "affected",
              "version": "9.8.2.45"
            },
            {
              "status": "affected",
              "version": "9.8.4.25"
            },
            {
              "status": "affected",
              "version": "9.8.4.20"
            },
            {
              "status": "affected",
              "version": "9.8.4.22"
            },
            {
              "status": "affected",
              "version": "9.8.4.26"
            },
            {
              "status": "affected",
              "version": "9.8.4.29"
            },
            {
              "status": "affected",
              "version": "9.8.4.32"
            },
            {
              "status": "affected",
              "version": "9.8.4.33"
            },
            {
              "status": "affected",
              "version": "9.8.4.34"
            },
            {
              "status": "affected",
              "version": "9.8.4.35"
            },
            {
              "status": "affected",
              "version": "9.8.4.39"
            },
            {
              "status": "affected",
              "version": "9.8.4.40"
            },
            {
              "status": "affected",
              "version": "9.8.4.41"
            },
            {
              "status": "affected",
              "version": "9.8.4.43"
            },
            {
              "status": "affected",
              "version": "9.8.4.44"
            },
            {
              "status": "affected",
              "version": "9.8.4.45"
            },
            {
              "status": "affected",
              "version": "9.8.4.46"
            },
            {
              "status": "affected",
              "version": "9.8.4.48"
            },
            {
              "status": "affected",
              "version": "9.12.1"
            },
            {
              "status": "affected",
              "version": "9.12.1.2"
            },
            {
              "status": "affected",
              "version": "9.12.1.3"
            },
            {
              "status": "affected",
              "version": "9.12.2"
            },
            {
              "status": "affected",
              "version": "9.12.2.4"
            },
            {
              "status": "affected",
              "version": "9.12.2.5"
            },
            {
              "status": "affected",
              "version": "9.12.2.9"
            },
            {
              "status": "affected",
              "version": "9.12.3"
            },
            {
              "status": "affected",
              "version": "9.12.3.2"
            },
            {
              "status": "affected",
              "version": "9.12.3.7"
            },
            {
              "status": "affected",
              "version": "9.12.4"
            },
            {
              "status": "affected",
              "version": "9.12.3.12"
            },
            {
              "status": "affected",
              "version": "9.12.3.9"
            },
            {
              "status": "affected",
              "version": "9.12.2.1"
            },
            {
              "status": "affected",
              "version": "9.12.4.2"
            },
            {
              "status": "affected",
              "version": "9.12.4.4"
            },
            {
              "status": "affected",
              "version": "9.12.4.7"
            },
            {
              "status": "affected",
              "version": "9.12.4.10"
            },
            {
              "status": "affected",
              "version": "9.12.4.13"
            },
            {
              "status": "affected",
              "version": "9.12.4.8"
            },
            {
              "status": "affected",
              "version": "9.12.4.18"
            },
            {
              "status": "affected",
              "version": "9.12.4.24"
            },
            {
              "status": "affected",
              "version": "9.12.4.26"
            },
            {
              "status": "affected",
              "version": "9.12.4.29"
            },
            {
              "status": "affected",
              "version": "9.12.4.30"
            },
            {
              "status": "affected",
              "version": "9.12.4.35"
            },
            {
              "status": "affected",
              "version": "9.12.4.37"
            },
            {
              "status": "affected",
              "version": "9.12.4.38"
            },
            {
              "status": "affected",
              "version": "9.12.4.39"
            },
            {
              "status": "affected",
              "version": "9.12.4.40"
            },
            {
              "status": "affected",
              "version": "9.12.4.41"
            },
            {
              "status": "affected",
              "version": "9.12.4.47"
            },
            {
              "status": "affected",
              "version": "9.12.4.48"
            },
            {
              "status": "affected",
              "version": "9.12.4.50"
            },
            {
              "status": "affected",
              "version": "9.12.4.52"
            },
            {
              "status": "affected",
              "version": "9.12.4.54"
            },
            {
              "status": "affected",
              "version": "9.12.4.55"
            },
            {
              "status": "affected",
              "version": "9.12.4.56"
            },
            {
              "status": "affected",
              "version": "9.12.4.58"
            },
            {
              "status": "affected",
              "version": "9.12.4.62"
            },
            {
              "status": "affected",
              "version": "9.12.4.65"
            },
            {
              "status": "affected",
              "version": "9.12.4.67"
            },
            {
              "status": "affected",
              "version": "9.14.1"
            },
            {
              "status": "affected",
              "version": "9.14.1.10"
            },
            {
              "status": "affected",
              "version": "9.14.1.6"
            },
            {
              "status": "affected",
              "version": "9.14.1.15"
            },
            {
              "status": "affected",
              "version": "9.14.1.19"
            },
            {
              "status": "affected",
              "version": "9.14.1.30"
            },
            {
              "status": "affected",
              "version": "9.14.2"
            },
            {
              "status": "affected",
              "version": "9.14.2.4"
            },
            {
              "status": "affected",
              "version": "9.14.2.8"
            },
            {
              "status": "affected",
              "version": "9.14.2.13"
            },
            {
              "status": "affected",
              "version": "9.14.2.15"
            },
            {
              "status": "affected",
              "version": "9.14.3"
            },
            {
              "status": "affected",
              "version": "9.14.3.1"
            },
            {
              "status": "affected",
              "version": "9.14.3.9"
            },
            {
              "status": "affected",
              "version": "9.14.3.11"
            },
            {
              "status": "affected",
              "version": "9.14.3.13"
            },
            {
              "status": "affected",
              "version": "9.14.3.18"
            },
            {
              "status": "affected",
              "version": "9.14.3.15"
            },
            {
              "status": "affected",
              "version": "9.14.4"
            },
            {
              "status": "affected",
              "version": "9.14.4.6"
            },
            {
              "status": "affected",
              "version": "9.14.4.7"
            },
            {
              "status": "affected",
              "version": "9.14.4.12"
            },
            {
              "status": "affected",
              "version": "9.14.4.13"
            },
            {
              "status": "affected",
              "version": "9.14.4.14"
            },
            {
              "status": "affected",
              "version": "9.14.4.15"
            },
            {
              "status": "affected",
              "version": "9.14.4.17"
            },
            {
              "status": "affected",
              "version": "9.14.4.22"
            },
            {
              "status": "affected",
              "version": "9.14.4.23"
            },
            {
              "status": "affected",
              "version": "9.14.4.24"
            },
            {
              "status": "affected",
              "version": "9.16.1"
            },
            {
              "status": "affected",
              "version": "9.16.1.28"
            },
            {
              "status": "affected",
              "version": "9.16.2"
            },
            {
              "status": "affected",
              "version": "9.16.2.3"
            },
            {
              "status": "affected",
              "version": "9.16.2.7"
            },
            {
              "status": "affected",
              "version": "9.16.2.11"
            },
            {
              "status": "affected",
              "version": "9.16.2.13"
            },
            {
              "status": "affected",
              "version": "9.16.2.14"
            },
            {
              "status": "affected",
              "version": "9.16.3"
            },
            {
              "status": "affected",
              "version": "9.16.3.3"
            },
            {
              "status": "affected",
              "version": "9.16.3.14"
            },
            {
              "status": "affected",
              "version": "9.16.3.15"
            },
            {
              "status": "affected",
              "version": "9.16.3.19"
            },
            {
              "status": "affected",
              "version": "9.16.3.23"
            },
            {
              "status": "affected",
              "version": "9.16.4"
            },
            {
              "status": "affected",
              "version": "9.16.4.9"
            },
            {
              "status": "affected",
              "version": "9.16.4.14"
            },
            {
              "status": "affected",
              "version": "9.16.4.18"
            },
            {
              "status": "affected",
              "version": "9.16.4.19"
            },
            {
              "status": "affected",
              "version": "9.16.4.27"
            },
            {
              "status": "affected",
              "version": "9.16.4.38"
            },
            {
              "status": "affected",
              "version": "9.16.4.39"
            },
            {
              "status": "affected",
              "version": "9.16.4.42"
            },
            {
              "status": "affected",
              "version": "9.16.4.48"
            },
            {
              "status": "affected",
              "version": "9.16.4.55"
            },
            {
              "status": "affected",
              "version": "9.16.4.57"
            },
            {
              "status": "affected",
              "version": "9.16.4.61"
            },
            {
              "status": "affected",
              "version": "9.16.4.62"
            },
            {
              "status": "affected",
              "version": "9.16.4.67"
            },
            {
              "status": "affected",
              "version": "9.16.4.70"
            },
            {
              "status": "affected",
              "version": "9.16.4.71"
            },
            {
              "status": "affected",
              "version": "9.16.4.76"
            },
            {
              "status": "affected",
              "version": "9.16.4.82"
            },
            {
              "status": "affected",
              "version": "9.16.4.84"
            },
            {
              "status": "affected",
              "version": "9.17.1"
            },
            {
              "status": "affected",
              "version": "9.17.1.7"
            },
            {
              "status": "affected",
              "version": "9.17.1.9"
            },
            {
              "status": "affected",
              "version": "9.17.1.10"
            },
            {
              "status": "affected",
              "version": "9.17.1.11"
            },
            {
              "status": "affected",
              "version": "9.17.1.13"
            },
            {
              "status": "affected",
              "version": "9.17.1.15"
            },
            {
              "status": "affected",
              "version": "9.17.1.20"
            },
            {
              "status": "affected",
              "version": "9.17.1.30"
            },
            {
              "status": "affected",
              "version": "9.17.1.33"
            },
            {
              "status": "affected",
              "version": "9.17.1.39"
            },
            {
              "status": "affected",
              "version": "9.18.1"
            },
            {
              "status": "affected",
              "version": "9.18.1.3"
            },
            {
              "status": "affected",
              "version": "9.18.2"
            },
            {
              "status": "affected",
              "version": "9.18.2.5"
            },
            {
              "status": "affected",
              "version": "9.18.2.7"
            },
            {
              "status": "affected",
              "version": "9.18.2.8"
            },
            {
              "status": "affected",
              "version": "9.18.3"
            },
            {
              "status": "affected",
              "version": "9.18.3.39"
            },
            {
              "status": "affected",
              "version": "9.18.3.46"
            },
            {
              "status": "affected",
              "version": "9.18.3.53"
            },
            {
              "status": "affected",
              "version": "9.18.3.55"
            },
            {
              "status": "affected",
              "version": "9.18.3.56"
            },
            {
              "status": "affected",
              "version": "9.18.4"
            },
            {
              "status": "affected",
              "version": "9.18.4.5"
            },
            {
              "status": "affected",
              "version": "9.18.4.8"
            },
            {
              "status": "affected",
              "version": "9.18.4.22"
            },
            {
              "status": "affected",
              "version": "9.18.4.24"
            },
            {
              "status": "affected",
              "version": "9.18.4.29"
            },
            {
              "status": "affected",
              "version": "9.18.4.34"
            },
            {
              "status": "affected",
              "version": "9.18.4.40"
            },
            {
              "status": "affected",
              "version": "9.19.1"
            },
            {
              "status": "affected",
              "version": "9.19.1.5"
            },
            {
              "status": "affected",
              "version": "9.19.1.9"
            },
            {
              "status": "affected",
              "version": "9.19.1.12"
            },
            {
              "status": "affected",
              "version": "9.19.1.18"
            },
            {
              "status": "affected",
              "version": "9.19.1.22"
            },
            {
              "status": "affected",
              "version": "9.19.1.24"
            },
            {
              "status": "affected",
              "version": "9.19.1.27"
            },
            {
              "status": "affected",
              "version": "9.19.1.28"
            },
            {
              "status": "affected",
              "version": "9.19.1.31"
            },
            {
              "status": "affected",
              "version": "9.20.1"
            },
            {
              "status": "affected",
              "version": "9.20.1.5"
            },
            {
              "status": "affected",
              "version": "9.20.2"
            },
            {
              "status": "affected",
              "version": "9.20.2.10"
            },
            {
              "status": "affected",
              "version": "9.20.2.21"
            },
            {
              "status": "affected",
              "version": "9.20.2.22"
            },
            {
              "status": "affected",
              "version": "9.20.3"
            },
            {
              "status": "affected",
              "version": "9.20.3.4"
            },
            {
              "status": "affected",
              "version": "9.22.1.1"
            },
            {
              "status": "affected",
              "version": "9.22.1.2"
            }
          ]
        },
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "6.2.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.1"
            },
            {
              "status": "affected",
              "version": "6.2.3.2"
            },
            {
              "status": "affected",
              "version": "6.2.3.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.4"
            },
            {
              "status": "affected",
              "version": "6.2.3.5"
            },
            {
              "status": "affected",
              "version": "6.2.3.6"
            },
            {
              "status": "affected",
              "version": "6.2.3.7"
            },
            {
              "status": "affected",
              "version": "6.2.3.8"
            },
            {
              "status": "affected",
              "version": "6.2.3.10"
            },
            {
              "status": "affected",
              "version": "6.2.3.11"
            },
            {
              "status": "affected",
              "version": "6.2.3.9"
            },
            {
              "status": "affected",
              "version": "6.2.3.12"
            },
            {
              "status": "affected",
              "version": "6.2.3.13"
            },
            {
              "status": "affected",
              "version": "6.2.3.14"
            },
            {
              "status": "affected",
              "version": "6.2.3.15"
            },
            {
              "status": "affected",
              "version": "6.2.3.16"
            },
            {
              "status": "affected",
              "version": "6.2.3.17"
            },
            {
              "status": "affected",
              "version": "6.2.3.18"
            },
            {
              "status": "affected",
              "version": "6.6.0"
            },
            {
              "status": "affected",
              "version": "6.6.0.1"
            },
            {
              "status": "affected",
              "version": "6.6.1"
            },
            {
              "status": "affected",
              "version": "6.6.3"
            },
            {
              "status": "affected",
              "version": "6.6.4"
            },
            {
              "status": "affected",
              "version": "6.6.5"
            },
            {
              "status": "affected",
              "version": "6.6.5.1"
            },
            {
              "status": "affected",
              "version": "6.6.5.2"
            },
            {
              "status": "affected",
              "version": "6.6.7"
            },
            {
              "status": "affected",
              "version": "6.6.7.1"
            },
            {
              "status": "affected",
              "version": "6.6.7.2"
            },
            {
              "status": "affected",
              "version": "6.4.0"
            },
            {
              "status": "affected",
              "version": "6.4.0.1"
            },
            {
              "status": "affected",
              "version": "6.4.0.3"
            },
            {
              "status": "affected",
              "version": "6.4.0.2"
            },
            {
              "status": "affected",
              "version": "6.4.0.4"
            },
            {
              "status": "affected",
              "version": "6.4.0.5"
            },
            {
              "status": "affected",
              "version": "6.4.0.6"
            },
            {
              "status": "affected",
              "version": "6.4.0.7"
            },
            {
              "status": "affected",
              "version": "6.4.0.8"
            },
            {
              "status": "affected",
              "version": "6.4.0.9"
            },
            {
              "status": "affected",
              "version": "6.4.0.10"
            },
            {
              "status": "affected",
              "version": "6.4.0.11"
            },
            {
              "status": "affected",
              "version": "6.4.0.12"
            },
            {
              "status": "affected",
              "version": "6.4.0.13"
            },
            {
              "status": "affected",
              "version": "6.4.0.14"
            },
            {
              "status": "affected",
              "version": "6.4.0.15"
            },
            {
              "status": "affected",
              "version": "6.4.0.16"
            },
            {
              "status": "affected",
              "version": "6.4.0.17"
            },
            {
              "status": "affected",
              "version": "6.4.0.18"
            },
            {
              "status": "affected",
              "version": "7.0.0"
            },
            {
              "status": "affected",
              "version": "7.0.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1.1"
            },
            {
              "status": "affected",
              "version": "7.0.2"
            },
            {
              "status": "affected",
              "version": "7.0.2.1"
            },
            {
              "status": "affected",
              "version": "7.0.3"
            },
            {
              "status": "affected",
              "version": "7.0.4"
            },
            {
              "status": "affected",
              "version": "7.0.5"
            },
            {
              "status": "affected",
              "version": "7.0.6"
            },
            {
              "status": "affected",
              "version": "7.0.6.1"
            },
            {
              "status": "affected",
              "version": "7.0.6.2"
            },
            {
              "status": "affected",
              "version": "7.0.6.3"
            },
            {
              "status": "affected",
              "version": "7.0.7"
            },
            {
              "status": "affected",
              "version": "7.0.8"
            },
            {
              "status": "affected",
              "version": "7.1.0"
            },
            {
              "status": "affected",
              "version": "7.1.0.1"
            },
            {
              "status": "affected",
              "version": "7.1.0.2"
            },
            {
              "status": "affected",
              "version": "7.1.0.3"
            },
            {
              "status": "affected",
              "version": "7.2.0"
            },
            {
              "status": "affected",
              "version": "7.2.0.1"
            },
            {
              "status": "affected",
              "version": "7.2.1"
            },
            {
              "status": "affected",
              "version": "7.2.2"
            },
            {
              "status": "affected",
              "version": "7.2.3"
            },
            {
              "status": "affected",
              "version": "7.2.4"
            },
            {
              "status": "affected",
              "version": "7.2.4.1"
            },
            {
              "status": "affected",
              "version": "7.2.5"
            },
            {
              "status": "affected",
              "version": "7.2.5.1"
            },
            {
              "status": "affected",
              "version": "7.2.6"
            },
            {
              "status": "affected",
              "version": "7.2.7"
            },
            {
              "status": "affected",
              "version": "7.2.5.2"
            },
            {
              "status": "affected",
              "version": "7.2.8"
            },
            {
              "status": "affected",
              "version": "7.2.8.1"
            },
            {
              "status": "affected",
              "version": "7.3.0"
            },
            {
              "status": "affected",
              "version": "7.3.1"
            },
            {
              "status": "affected",
              "version": "7.3.1.1"
            },
            {
              "status": "affected",
              "version": "7.3.1.2"
            },
            {
              "status": "affected",
              "version": "7.4.0"
            },
            {
              "status": "affected",
              "version": "7.4.1"
            },
            {
              "status": "affected",
              "version": "7.4.1.1"
            },
            {
              "status": "affected",
              "version": "7.4.2"
            },
            {
              "status": "affected",
              "version": "7.4.2.1"
            },
            {
              "status": "affected",
              "version": "7.4.2.2"
            },
            {
              "status": "affected",
              "version": "7.4.2.3"
            },
            {
              "status": "affected",
              "version": "7.6.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, remote attacker to execute arbitrary code on an affected device.\r\n\r This vulnerability is due to improper validation of user-supplied input in HTTP(S) requests. An attacker with valid VPN user credentials could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as root, possibly resulting in the complete compromise of the affected device."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is aware of attempted exploitation of this vulnerability. Cisco continues to strongly recommend that customers upgrade to a fixed software release to remediate this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.9,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-120",
              "description": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-09-25T16:12:14.308Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-asaftd-webvpn-z5xP8EUB",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-webvpn-z5xP8EUB"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asaftd-webvpn-z5xP8EUB",
        "defects": [
          "CSCwq79831"
        ],
        "discovery": "EXTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2025-20333",
    "datePublished": "2025-09-25T16:12:14.308Z",
    "dateReserved": "2024-10-10T19:15:13.255Z",
    "dateUpdated": "2025-09-26T03:55:13.481Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2018-0138 (GCVE-0-2018-0138)

Vulnerability from cvelistv5

Published

2018-02-08 07:00

Modified

2024-12-02 21:08

Severity ?

CWE

CWE-693

Summary

A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass file policies that are configured to block files transmitted to an affected device via the BitTorrent protocol. The vulnerability exists because the affected software does not detect BitTorrent handshake messages correctly. An attacker could exploit this vulnerability by sending a crafted BitTorrent connection request to an affected device. A successful exploit could allow the attacker to bypass file policies that are configured to block files transmitted to the affected device via the BitTorrent protocol. Cisco Bug IDs: CSCve26946.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180207-fss	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/102978	vdb-entry, x_refsource_BID

Impacted products

	Vendor	Product	Version
	n/a	Cisco Firepower System Software	Version: Cisco Firepower System Software

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T03:14:16.801Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180207-fss"
          },
          {
            "name": "102978",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/102978"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2018-0138",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-12-02T19:11:22.486785Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-12-02T21:08:41.355Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower System Software",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Cisco Firepower System Software"
            }
          ]
        }
      ],
      "datePublic": "2018-02-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass file policies that are configured to block files transmitted to an affected device via the BitTorrent protocol. The vulnerability exists because the affected software does not detect BitTorrent handshake messages correctly. An attacker could exploit this vulnerability by sending a crafted BitTorrent connection request to an affected device. A successful exploit could allow the attacker to bypass file policies that are configured to block files transmitted to the affected device via the BitTorrent protocol. Cisco Bug IDs: CSCve26946."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-693",
              "description": "CWE-693",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-02-13T10:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180207-fss"
        },
        {
          "name": "102978",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/102978"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2018-0138",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Firepower System Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Cisco Firepower System Software"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass file policies that are configured to block files transmitted to an affected device via the BitTorrent protocol. The vulnerability exists because the affected software does not detect BitTorrent handshake messages correctly. An attacker could exploit this vulnerability by sending a crafted BitTorrent connection request to an affected device. A successful exploit could allow the attacker to bypass file policies that are configured to block files transmitted to the affected device via the BitTorrent protocol. Cisco Bug IDs: CSCve26946."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-693"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180207-fss",
              "refsource": "CONFIRM",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180207-fss"
            },
            {
              "name": "102978",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/102978"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2018-0138",
    "datePublished": "2018-02-08T07:00:00",
    "dateReserved": "2017-11-27T00:00:00",
    "dateUpdated": "2024-12-02T21:08:41.355Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-3298 (GCVE-0-2020-3298)

Vulnerability from cvelistv5

Published

2020-05-06 16:42

Modified

2024-11-15 17:23

Severity ?

8.6 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-125

Summary

A vulnerability in the Open Shortest Path First (OSPF) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper memory protection mechanisms while processing certain OSPF packets. An attacker could exploit this vulnerability by sending a series of malformed OSPF packets in a short period of time to an affected device. A successful exploit could allow the attacker to cause a reload of the affected device, resulting in a DoS condition for client traffic that is traversing the device.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-ospf-dos-RhMQY8qx	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Adaptive Security Appliance (ASA) Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T07:30:58.010Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20200506 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Malformed OSPF Packets Processing Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-ospf-dos-RhMQY8qx"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-3298",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-15T16:21:25.840936Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-15T17:23:34.705Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2020-05-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Open Shortest Path First (OSPF) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper memory protection mechanisms while processing certain OSPF packets. An attacker could exploit this vulnerability by sending a series of malformed OSPF packets in a short period of time to an affected device. A successful exploit could allow the attacker to cause a reload of the affected device, resulting in a DoS condition for client traffic that is traversing the device."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-125",
              "description": "CWE-125",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-05-06T16:42:07",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20200506 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Malformed OSPF Packets Processing Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-ospf-dos-RhMQY8qx"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asa-ftd-ospf-dos-RhMQY8qx",
        "defect": [
          [
            "CSCvs50459"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Malformed OSPF Packets Processing Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2020-05-06T16:00:00-0700",
          "ID": "CVE-2020-3298",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Malformed OSPF Packets Processing Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the Open Shortest Path First (OSPF) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper memory protection mechanisms while processing certain OSPF packets. An attacker could exploit this vulnerability by sending a series of malformed OSPF packets in a short period of time to an affected device. A successful exploit could allow the attacker to cause a reload of the affected device, resulting in a DoS condition for client traffic that is traversing the device."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.6",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-125"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20200506 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Malformed OSPF Packets Processing Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-ospf-dos-RhMQY8qx"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-asa-ftd-ospf-dos-RhMQY8qx",
          "defect": [
            [
              "CSCvs50459"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2020-3298",
    "datePublished": "2020-05-06T16:42:07.687592Z",
    "dateReserved": "2019-12-12T00:00:00",
    "dateUpdated": "2024-11-15T17:23:34.705Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-34792 (GCVE-0-2021-34792)

Vulnerability from cvelistv5

Published

2021-10-27 18:56

Modified

2024-11-07 21:45

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-400

Summary

A vulnerability in the memory management of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper resource management when connection rates are high. An attacker could exploit this vulnerability by opening a significant number of connections on an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-dos-Unk689XY	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Adaptive Security Appliance (ASA) Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T00:19:48.259Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20211027 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Resource Exhaustion Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-dos-Unk689XY"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-34792",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-07T21:44:29.230369Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-07T21:45:50.432Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2021-10-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the memory management of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper resource management when connection rates are high. An attacker could exploit this vulnerability by opening a significant number of connections on an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-27T18:56:20",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20211027 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Resource Exhaustion Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-dos-Unk689XY"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asa-ftd-dos-Unk689XY",
        "defect": [
          [
            "CSCvx79526"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Resource Exhaustion Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2021-10-27T16:00:00",
          "ID": "CVE-2021-34792",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Resource Exhaustion Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the memory management of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper resource management when connection rates are high. An attacker could exploit this vulnerability by opening a significant number of connections on an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.6",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-400"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20211027 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Resource Exhaustion Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-dos-Unk689XY"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-asa-ftd-dos-Unk689XY",
          "defect": [
            [
              "CSCvx79526"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2021-34792",
    "datePublished": "2021-10-27T18:56:20.784206Z",
    "dateReserved": "2021-06-15T00:00:00",
    "dateUpdated": "2024-11-07T21:45:50.432Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-1970 (GCVE-0-2019-1970)

Vulnerability from cvelistv5

Published

2019-08-08 07:35

Modified

2024-11-19 19:01

Severity ?

5.8 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

CWE

CWE-693

Summary

A vulnerability in the Secure Sockets Layer (SSL)/Transport Layer Security (TLS) protocol inspection engine of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the configured file policies on an affected system. The vulnerability is due to errors when handling specific SSL/TLS messages. An attacker could exploit this vulnerability by sending crafted HTTP packets that would flow through an affected system. A successful exploit could allow the attacker to bypass the configured file policies and deliver a malicious payload to the protected network.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190807-ftd-bypass	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Threat Defense Software	Version: unspecified < n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T18:35:52.019Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20190807 Cisco Firepower Threat Defense Software File Policy Bypass Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190807-ftd-bypass"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2019-1970",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-19T17:23:28.922474Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-19T19:01:15.342Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "n/a",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2019-08-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Secure Sockets Layer (SSL)/Transport Layer Security (TLS) protocol inspection engine of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the configured file policies on an affected system. The vulnerability is due to errors when handling specific SSL/TLS messages. An attacker could exploit this vulnerability by sending crafted HTTP packets that would flow through an affected system. A successful exploit could allow the attacker to bypass the configured file policies and deliver a malicious payload to the protected network."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-693",
              "description": "CWE-693",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-08-08T07:35:27",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20190807 Cisco Firepower Threat Defense Software File Policy Bypass Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190807-ftd-bypass"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20190807-ftd-bypass",
        "defect": [
          [
            "CSCvo11350"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Firepower Threat Defense Software File Policy Bypass Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2019-08-07T16:00:00-0700",
          "ID": "CVE-2019-1970",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Firepower Threat Defense Software File Policy Bypass Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Firepower Threat Defense Software",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the Secure Sockets Layer (SSL)/Transport Layer Security (TLS) protocol inspection engine of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the configured file policies on an affected system. The vulnerability is due to errors when handling specific SSL/TLS messages. An attacker could exploit this vulnerability by sending crafted HTTP packets that would flow through an affected system. A successful exploit could allow the attacker to bypass the configured file policies and deliver a malicious payload to the protected network."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "5.8",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-693"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20190807 Cisco Firepower Threat Defense Software File Policy Bypass Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190807-ftd-bypass"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20190807-ftd-bypass",
          "defect": [
            [
              "CSCvo11350"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2019-1970",
    "datePublished": "2019-08-08T07:35:27.076771Z",
    "dateReserved": "2018-12-06T00:00:00",
    "dateUpdated": "2024-11-19T19:01:15.342Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-34763 (GCVE-0-2021-34763)

Vulnerability from cvelistv5

Published

2021-10-27 18:55

Modified

2024-11-07 21:44

Severity ?

4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

CWE

CWE-601

Summary

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an attacker to execute a cross-site scripting (XSS) attack or an open redirect attack. For more information about these vulnerabilities, see the Details section of this advisory.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-openredir-TVPMWJyg	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Management Center	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T00:19:48.143Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20211027 Cisco Firepower Management Center Software Cross-Site Scripting and Open Redirect Vulnerabilities",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-openredir-TVPMWJyg"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-34763",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-07T21:39:49.032063Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-07T21:44:15.836Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Management Center",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2021-10-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an attacker to execute a cross-site scripting (XSS) attack or an open redirect attack. For more information about these vulnerabilities, see the Details section of this advisory."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-601",
              "description": "CWE-601",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-27T18:55:41",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20211027 Cisco Firepower Management Center Software Cross-Site Scripting and Open Redirect Vulnerabilities",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-openredir-TVPMWJyg"
        }
      ],
      "source": {
        "advisory": "cisco-sa-fmc-xss-openredir-TVPMWJyg",
        "defect": [
          [
            "CSCvx32283",
            "CSCvx55664"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Firepower Management Center Software Cross-Site Scripting and Open Redirect Vulnerabilities",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2021-10-27T16:00:00",
          "ID": "CVE-2021-34763",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Firepower Management Center Software Cross-Site Scripting and Open Redirect Vulnerabilities"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Firepower Management Center",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an attacker to execute a cross-site scripting (XSS) attack or an open redirect attack. For more information about these vulnerabilities, see the Details section of this advisory."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "4.8",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-601"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20211027 Cisco Firepower Management Center Software Cross-Site Scripting and Open Redirect Vulnerabilities",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-openredir-TVPMWJyg"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-fmc-xss-openredir-TVPMWJyg",
          "defect": [
            [
              "CSCvx32283",
              "CSCvx55664"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2021-34763",
    "datePublished": "2021-10-27T18:55:41.533802Z",
    "dateReserved": "2021-06-15T00:00:00",
    "dateUpdated": "2024-11-07T21:44:15.836Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-12676 (GCVE-0-2019-12676)

Vulnerability from cvelistv5

Published

2019-10-02 19:06

Modified

2024-11-21 19:12

Severity ?

7.4 (High) - CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-20

Summary

A vulnerability in the Open Shortest Path First (OSPF) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability exists because the affected software improperly parses certain options in OSPF link-state advertisement (LSA) type 11 packets. An attacker could exploit this vulnerability by sending a crafted LSA type 11 OSPF packet to an affected device. A successful exploit could allow the attacker to cause a reload of the affected device, resulting in a DoS condition for client traffic that is traversing the device.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-ospf-lsa-dos	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Adaptive Security Appliance (ASA) Software	Version: unspecified < n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T23:24:39.354Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20191002 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software OSPF LSA Processing Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-ospf-lsa-dos"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2019-12676",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-21T18:56:47.710714Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-21T19:12:54.499Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "n/a",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2019-10-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Open Shortest Path First (OSPF) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability exists because the affected software improperly parses certain options in OSPF link-state advertisement (LSA) type 11 packets. An attacker could exploit this vulnerability by sending a crafted LSA type 11 OSPF packet to an affected device. A successful exploit could allow the attacker to cause a reload of the affected device, resulting in a DoS condition for client traffic that is traversing the device."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-10-02T19:06:39",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20191002 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software OSPF LSA Processing Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-ospf-lsa-dos"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20191002-asa-ospf-lsa-dos",
        "defect": [
          [
            "CSCvp49790"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software OSPF LSA Processing Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2019-10-02T16:00:00-0700",
          "ID": "CVE-2019-12676",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software OSPF LSA Processing Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the Open Shortest Path First (OSPF) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability exists because the affected software improperly parses certain options in OSPF link-state advertisement (LSA) type 11 packets. An attacker could exploit this vulnerability by sending a crafted LSA type 11 OSPF packet to an affected device. A successful exploit could allow the attacker to cause a reload of the affected device, resulting in a DoS condition for client traffic that is traversing the device."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "7.4",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20191002 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software OSPF LSA Processing Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-ospf-lsa-dos"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20191002-asa-ospf-lsa-dos",
          "defect": [
            [
              "CSCvp49790"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2019-12676",
    "datePublished": "2019-10-02T19:06:39.129038Z",
    "dateReserved": "2019-06-04T00:00:00",
    "dateUpdated": "2024-11-21T19:12:54.499Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-20269 (GCVE-0-2023-20269)

Vulnerability from cvelistv5

Published

2023-09-06 17:09

Modified

2025-07-30 01:37

Severity ?

5.0 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N

CWE

CWE-288 - Authentication Bypass Using an Alternate Path or Channel

Summary

A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a brute force attack in an attempt to identify valid username and password combinations or an authenticated, remote attacker to establish a clientless SSL VPN session with an unauthorized user. This vulnerability is due to improper separation of authentication, authorization, and accounting (AAA) between the remote access VPN feature and the HTTPS management and site-to-site VPN features. An attacker could exploit this vulnerability by specifying a default connection profile/tunnel group while conducting a brute force attack or while establishing a clientless SSL VPN session using valid credentials. A successful exploit could allow the attacker to achieve one or both of the following: Identify valid credentials that could then be used to establish an unauthorized remote access VPN session. Establish a clientless SSL VPN session (only when running Cisco ASA Software Release 9.16 or earlier). Notes: Establishing a client-based remote access VPN tunnel is not possible as these default connection profiles/tunnel groups do not and cannot have an IP address pool configured. This vulnerability does not allow an attacker to bypass authentication. To successfully establish a remote access VPN session, valid credentials are required, including a valid second factor if multi-factor authentication (MFA) is configured. Cisco will release software updates that address this vulnerability. There are workarounds that address this vulnerability.

References

▼	URL	Tags
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ravpn-auth-8LyfCkeC

Impacted products

Vendor

Product

Version

▼

Cisco

Cisco Adaptive Security Appliance (ASA) Software

Version: 9.8.1
Version: 9.8.1.5
Version: 9.8.1.7
Version: 9.8.2
Version: 9.8.2.8
Version: 9.8.2.14
Version: 9.8.2.15
Version: 9.8.2.17
Version: 9.8.2.20
Version: 9.8.2.24
Version: 9.8.2.26
Version: 9.8.2.28
Version: 9.8.2.33
Version: 9.8.2.35
Version: 9.8.2.38
Version: 9.8.3.8
Version: 9.8.3.11
Version: 9.8.3.14
Version: 9.8.3.16
Version: 9.8.3.18
Version: 9.8.3.21
Version: 9.8.3
Version: 9.8.3.26
Version: 9.8.3.29
Version: 9.8.4
Version: 9.8.4.3
Version: 9.8.4.7
Version: 9.8.4.8
Version: 9.8.4.10
Version: 9.8.4.12
Version: 9.8.4.15
Version: 9.8.4.17
Version: 9.8.4.25
Version: 9.8.4.20
Version: 9.8.4.22
Version: 9.8.4.26
Version: 9.8.4.29
Version: 9.8.4.32
Version: 9.8.4.33
Version: 9.8.4.34
Version: 9.8.4.35
Version: 9.8.4.39
Version: 9.8.4.40
Version: 9.8.4.41
Version: 9.8.4.43
Version: 9.8.4.44
Version: 9.8.4.45
Version: 9.8.4.46
Version: 9.8.4.48
Version: 9.12.1
Version: 9.12.1.2
Version: 9.12.1.3
Version: 9.12.2
Version: 9.12.2.4
Version: 9.12.2.5
Version: 9.12.2.9
Version: 9.12.3
Version: 9.12.3.2
Version: 9.12.3.7
Version: 9.12.4
Version: 9.12.3.12
Version: 9.12.3.9
Version: 9.12.2.1
Version: 9.12.4.2
Version: 9.12.4.4
Version: 9.12.4.7
Version: 9.12.4.10
Version: 9.12.4.13
Version: 9.12.4.8
Version: 9.12.4.18
Version: 9.12.4.24
Version: 9.12.4.26
Version: 9.12.4.29
Version: 9.12.4.30
Version: 9.12.4.35
Version: 9.12.4.37
Version: 9.12.4.38
Version: 9.12.4.39
Version: 9.12.4.40
Version: 9.12.4.41
Version: 9.12.4.47
Version: 9.12.4.48
Version: 9.12.4.50
Version: 9.12.4.52
Version: 9.12.4.54
Version: 9.12.4.55
Version: 9.12.4.56
Version: 9.12.4.58
Version: 9.14.1
Version: 9.14.1.10
Version: 9.14.1.6
Version: 9.14.1.15
Version: 9.14.1.19
Version: 9.14.1.30
Version: 9.14.2
Version: 9.14.2.4
Version: 9.14.2.8
Version: 9.14.2.13
Version: 9.14.2.15
Version: 9.14.3
Version: 9.14.3.1
Version: 9.14.3.9
Version: 9.14.3.11
Version: 9.14.3.13
Version: 9.14.3.18
Version: 9.14.3.15
Version: 9.14.4
Version: 9.14.4.6
Version: 9.14.4.7
Version: 9.14.4.12
Version: 9.14.4.13
Version: 9.14.4.14
Version: 9.14.4.15
Version: 9.14.4.17
Version: 9.14.4.22
Version: 9.14.4.23
Version: 9.15.1
Version: 9.15.1.7
Version: 9.15.1.10
Version: 9.15.1.15
Version: 9.15.1.16
Version: 9.15.1.17
Version: 9.15.1.1
Version: 9.15.1.21
Version: 9.16.1
Version: 9.16.1.28
Version: 9.16.2
Version: 9.16.2.3
Version: 9.16.2.7
Version: 9.16.2.11
Version: 9.16.2.13
Version: 9.16.2.14
Version: 9.16.3
Version: 9.16.3.3
Version: 9.16.3.14
Version: 9.16.3.15
Version: 9.16.3.19
Version: 9.16.3.23
Version: 9.16.4
Version: 9.16.4.9
Version: 9.16.4.14
Version: 9.16.4.18
Version: 9.16.4.19
Version: 9.16.4.27
Version: 9.16.4.38
Version: 9.17.1
Version: 9.17.1.7
Version: 9.17.1.9
Version: 9.17.1.10
Version: 9.17.1.11
Version: 9.17.1.13
Version: 9.17.1.15
Version: 9.17.1.20
Version: 9.17.1.30
Version: 9.18.1
Version: 9.18.1.3
Version: 9.18.2
Version: 9.18.2.5
Version: 9.18.2.7
Version: 9.18.2.8
Version: 9.18.3
Version: 9.18.3.39
Version: 9.18.3.46
Version: 9.18.3.53
Version: 9.18.3.55
Version: 9.19.1
Version: 9.19.1.5
Version: 9.19.1.9
Version: 9.19.1.12
Version: 9.19.1.18

Cisco

Cisco Firepower Threat Defense Software

Version: 6.2.3
Version: 6.2.3.1
Version: 6.2.3.2
Version: 6.2.3.3
Version: 6.2.3.4
Version: 6.2.3.5
Version: 6.2.3.6
Version: 6.2.3.7
Version: 6.2.3.8
Version: 6.2.3.10
Version: 6.2.3.11
Version: 6.2.3.9
Version: 6.2.3.12
Version: 6.2.3.13
Version: 6.2.3.14
Version: 6.2.3.15
Version: 6.2.3.16
Version: 6.2.3.17
Version: 6.2.3.18
Version: 6.6.0
Version: 6.6.0.1
Version: 6.6.1
Version: 6.6.3
Version: 6.6.4
Version: 6.6.5
Version: 6.6.5.1
Version: 6.6.5.2
Version: 6.6.7
Version: 6.6.7.1
Version: 6.4.0
Version: 6.4.0.1
Version: 6.4.0.3
Version: 6.4.0.2
Version: 6.4.0.4
Version: 6.4.0.5
Version: 6.4.0.6
Version: 6.4.0.7
Version: 6.4.0.8
Version: 6.4.0.9
Version: 6.4.0.10
Version: 6.4.0.11
Version: 6.4.0.12
Version: 6.4.0.13
Version: 6.4.0.14
Version: 6.4.0.15
Version: 6.4.0.16
Version: 6.7.0
Version: 6.7.0.1
Version: 6.7.0.2
Version: 6.7.0.3
Version: 7.0.0
Version: 7.0.0.1
Version: 7.0.1
Version: 7.0.1.1
Version: 7.0.2
Version: 7.0.2.1
Version: 7.0.3
Version: 7.0.4
Version: 7.0.5
Version: 7.0.6
Version: 7.1.0
Version: 7.1.0.1
Version: 7.1.0.2
Version: 7.1.0.3
Version: 7.2.0
Version: 7.2.0.1
Version: 7.2.1
Version: 7.2.2
Version: 7.2.3
Version: 7.2.4
Version: 7.2.4.1
Version: 7.2.5
Version: 7.3.0
Version: 7.3.1
Version: 7.3.1.1
Version: 7.4.0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T09:05:36.935Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "cisco-sa-asaftd-ravpn-auth-8LyfCkeC",
            "tags": [
              "x_transferred"
            ],
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ravpn-auth-8LyfCkeC"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-20269",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2023-11-15T16:35:58.673645Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2023-09-13",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-20269"
              },
              "type": "kev"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-30T01:37:18.751Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2023-09-13T00:00:00+00:00",
            "value": "CVE-2023-20269 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "9.8.1"
            },
            {
              "status": "affected",
              "version": "9.8.1.5"
            },
            {
              "status": "affected",
              "version": "9.8.1.7"
            },
            {
              "status": "affected",
              "version": "9.8.2"
            },
            {
              "status": "affected",
              "version": "9.8.2.8"
            },
            {
              "status": "affected",
              "version": "9.8.2.14"
            },
            {
              "status": "affected",
              "version": "9.8.2.15"
            },
            {
              "status": "affected",
              "version": "9.8.2.17"
            },
            {
              "status": "affected",
              "version": "9.8.2.20"
            },
            {
              "status": "affected",
              "version": "9.8.2.24"
            },
            {
              "status": "affected",
              "version": "9.8.2.26"
            },
            {
              "status": "affected",
              "version": "9.8.2.28"
            },
            {
              "status": "affected",
              "version": "9.8.2.33"
            },
            {
              "status": "affected",
              "version": "9.8.2.35"
            },
            {
              "status": "affected",
              "version": "9.8.2.38"
            },
            {
              "status": "affected",
              "version": "9.8.3.8"
            },
            {
              "status": "affected",
              "version": "9.8.3.11"
            },
            {
              "status": "affected",
              "version": "9.8.3.14"
            },
            {
              "status": "affected",
              "version": "9.8.3.16"
            },
            {
              "status": "affected",
              "version": "9.8.3.18"
            },
            {
              "status": "affected",
              "version": "9.8.3.21"
            },
            {
              "status": "affected",
              "version": "9.8.3"
            },
            {
              "status": "affected",
              "version": "9.8.3.26"
            },
            {
              "status": "affected",
              "version": "9.8.3.29"
            },
            {
              "status": "affected",
              "version": "9.8.4"
            },
            {
              "status": "affected",
              "version": "9.8.4.3"
            },
            {
              "status": "affected",
              "version": "9.8.4.7"
            },
            {
              "status": "affected",
              "version": "9.8.4.8"
            },
            {
              "status": "affected",
              "version": "9.8.4.10"
            },
            {
              "status": "affected",
              "version": "9.8.4.12"
            },
            {
              "status": "affected",
              "version": "9.8.4.15"
            },
            {
              "status": "affected",
              "version": "9.8.4.17"
            },
            {
              "status": "affected",
              "version": "9.8.4.25"
            },
            {
              "status": "affected",
              "version": "9.8.4.20"
            },
            {
              "status": "affected",
              "version": "9.8.4.22"
            },
            {
              "status": "affected",
              "version": "9.8.4.26"
            },
            {
              "status": "affected",
              "version": "9.8.4.29"
            },
            {
              "status": "affected",
              "version": "9.8.4.32"
            },
            {
              "status": "affected",
              "version": "9.8.4.33"
            },
            {
              "status": "affected",
              "version": "9.8.4.34"
            },
            {
              "status": "affected",
              "version": "9.8.4.35"
            },
            {
              "status": "affected",
              "version": "9.8.4.39"
            },
            {
              "status": "affected",
              "version": "9.8.4.40"
            },
            {
              "status": "affected",
              "version": "9.8.4.41"
            },
            {
              "status": "affected",
              "version": "9.8.4.43"
            },
            {
              "status": "affected",
              "version": "9.8.4.44"
            },
            {
              "status": "affected",
              "version": "9.8.4.45"
            },
            {
              "status": "affected",
              "version": "9.8.4.46"
            },
            {
              "status": "affected",
              "version": "9.8.4.48"
            },
            {
              "status": "affected",
              "version": "9.12.1"
            },
            {
              "status": "affected",
              "version": "9.12.1.2"
            },
            {
              "status": "affected",
              "version": "9.12.1.3"
            },
            {
              "status": "affected",
              "version": "9.12.2"
            },
            {
              "status": "affected",
              "version": "9.12.2.4"
            },
            {
              "status": "affected",
              "version": "9.12.2.5"
            },
            {
              "status": "affected",
              "version": "9.12.2.9"
            },
            {
              "status": "affected",
              "version": "9.12.3"
            },
            {
              "status": "affected",
              "version": "9.12.3.2"
            },
            {
              "status": "affected",
              "version": "9.12.3.7"
            },
            {
              "status": "affected",
              "version": "9.12.4"
            },
            {
              "status": "affected",
              "version": "9.12.3.12"
            },
            {
              "status": "affected",
              "version": "9.12.3.9"
            },
            {
              "status": "affected",
              "version": "9.12.2.1"
            },
            {
              "status": "affected",
              "version": "9.12.4.2"
            },
            {
              "status": "affected",
              "version": "9.12.4.4"
            },
            {
              "status": "affected",
              "version": "9.12.4.7"
            },
            {
              "status": "affected",
              "version": "9.12.4.10"
            },
            {
              "status": "affected",
              "version": "9.12.4.13"
            },
            {
              "status": "affected",
              "version": "9.12.4.8"
            },
            {
              "status": "affected",
              "version": "9.12.4.18"
            },
            {
              "status": "affected",
              "version": "9.12.4.24"
            },
            {
              "status": "affected",
              "version": "9.12.4.26"
            },
            {
              "status": "affected",
              "version": "9.12.4.29"
            },
            {
              "status": "affected",
              "version": "9.12.4.30"
            },
            {
              "status": "affected",
              "version": "9.12.4.35"
            },
            {
              "status": "affected",
              "version": "9.12.4.37"
            },
            {
              "status": "affected",
              "version": "9.12.4.38"
            },
            {
              "status": "affected",
              "version": "9.12.4.39"
            },
            {
              "status": "affected",
              "version": "9.12.4.40"
            },
            {
              "status": "affected",
              "version": "9.12.4.41"
            },
            {
              "status": "affected",
              "version": "9.12.4.47"
            },
            {
              "status": "affected",
              "version": "9.12.4.48"
            },
            {
              "status": "affected",
              "version": "9.12.4.50"
            },
            {
              "status": "affected",
              "version": "9.12.4.52"
            },
            {
              "status": "affected",
              "version": "9.12.4.54"
            },
            {
              "status": "affected",
              "version": "9.12.4.55"
            },
            {
              "status": "affected",
              "version": "9.12.4.56"
            },
            {
              "status": "affected",
              "version": "9.12.4.58"
            },
            {
              "status": "affected",
              "version": "9.14.1"
            },
            {
              "status": "affected",
              "version": "9.14.1.10"
            },
            {
              "status": "affected",
              "version": "9.14.1.6"
            },
            {
              "status": "affected",
              "version": "9.14.1.15"
            },
            {
              "status": "affected",
              "version": "9.14.1.19"
            },
            {
              "status": "affected",
              "version": "9.14.1.30"
            },
            {
              "status": "affected",
              "version": "9.14.2"
            },
            {
              "status": "affected",
              "version": "9.14.2.4"
            },
            {
              "status": "affected",
              "version": "9.14.2.8"
            },
            {
              "status": "affected",
              "version": "9.14.2.13"
            },
            {
              "status": "affected",
              "version": "9.14.2.15"
            },
            {
              "status": "affected",
              "version": "9.14.3"
            },
            {
              "status": "affected",
              "version": "9.14.3.1"
            },
            {
              "status": "affected",
              "version": "9.14.3.9"
            },
            {
              "status": "affected",
              "version": "9.14.3.11"
            },
            {
              "status": "affected",
              "version": "9.14.3.13"
            },
            {
              "status": "affected",
              "version": "9.14.3.18"
            },
            {
              "status": "affected",
              "version": "9.14.3.15"
            },
            {
              "status": "affected",
              "version": "9.14.4"
            },
            {
              "status": "affected",
              "version": "9.14.4.6"
            },
            {
              "status": "affected",
              "version": "9.14.4.7"
            },
            {
              "status": "affected",
              "version": "9.14.4.12"
            },
            {
              "status": "affected",
              "version": "9.14.4.13"
            },
            {
              "status": "affected",
              "version": "9.14.4.14"
            },
            {
              "status": "affected",
              "version": "9.14.4.15"
            },
            {
              "status": "affected",
              "version": "9.14.4.17"
            },
            {
              "status": "affected",
              "version": "9.14.4.22"
            },
            {
              "status": "affected",
              "version": "9.14.4.23"
            },
            {
              "status": "affected",
              "version": "9.15.1"
            },
            {
              "status": "affected",
              "version": "9.15.1.7"
            },
            {
              "status": "affected",
              "version": "9.15.1.10"
            },
            {
              "status": "affected",
              "version": "9.15.1.15"
            },
            {
              "status": "affected",
              "version": "9.15.1.16"
            },
            {
              "status": "affected",
              "version": "9.15.1.17"
            },
            {
              "status": "affected",
              "version": "9.15.1.1"
            },
            {
              "status": "affected",
              "version": "9.15.1.21"
            },
            {
              "status": "affected",
              "version": "9.16.1"
            },
            {
              "status": "affected",
              "version": "9.16.1.28"
            },
            {
              "status": "affected",
              "version": "9.16.2"
            },
            {
              "status": "affected",
              "version": "9.16.2.3"
            },
            {
              "status": "affected",
              "version": "9.16.2.7"
            },
            {
              "status": "affected",
              "version": "9.16.2.11"
            },
            {
              "status": "affected",
              "version": "9.16.2.13"
            },
            {
              "status": "affected",
              "version": "9.16.2.14"
            },
            {
              "status": "affected",
              "version": "9.16.3"
            },
            {
              "status": "affected",
              "version": "9.16.3.3"
            },
            {
              "status": "affected",
              "version": "9.16.3.14"
            },
            {
              "status": "affected",
              "version": "9.16.3.15"
            },
            {
              "status": "affected",
              "version": "9.16.3.19"
            },
            {
              "status": "affected",
              "version": "9.16.3.23"
            },
            {
              "status": "affected",
              "version": "9.16.4"
            },
            {
              "status": "affected",
              "version": "9.16.4.9"
            },
            {
              "status": "affected",
              "version": "9.16.4.14"
            },
            {
              "status": "affected",
              "version": "9.16.4.18"
            },
            {
              "status": "affected",
              "version": "9.16.4.19"
            },
            {
              "status": "affected",
              "version": "9.16.4.27"
            },
            {
              "status": "affected",
              "version": "9.16.4.38"
            },
            {
              "status": "affected",
              "version": "9.17.1"
            },
            {
              "status": "affected",
              "version": "9.17.1.7"
            },
            {
              "status": "affected",
              "version": "9.17.1.9"
            },
            {
              "status": "affected",
              "version": "9.17.1.10"
            },
            {
              "status": "affected",
              "version": "9.17.1.11"
            },
            {
              "status": "affected",
              "version": "9.17.1.13"
            },
            {
              "status": "affected",
              "version": "9.17.1.15"
            },
            {
              "status": "affected",
              "version": "9.17.1.20"
            },
            {
              "status": "affected",
              "version": "9.17.1.30"
            },
            {
              "status": "affected",
              "version": "9.18.1"
            },
            {
              "status": "affected",
              "version": "9.18.1.3"
            },
            {
              "status": "affected",
              "version": "9.18.2"
            },
            {
              "status": "affected",
              "version": "9.18.2.5"
            },
            {
              "status": "affected",
              "version": "9.18.2.7"
            },
            {
              "status": "affected",
              "version": "9.18.2.8"
            },
            {
              "status": "affected",
              "version": "9.18.3"
            },
            {
              "status": "affected",
              "version": "9.18.3.39"
            },
            {
              "status": "affected",
              "version": "9.18.3.46"
            },
            {
              "status": "affected",
              "version": "9.18.3.53"
            },
            {
              "status": "affected",
              "version": "9.18.3.55"
            },
            {
              "status": "affected",
              "version": "9.19.1"
            },
            {
              "status": "affected",
              "version": "9.19.1.5"
            },
            {
              "status": "affected",
              "version": "9.19.1.9"
            },
            {
              "status": "affected",
              "version": "9.19.1.12"
            },
            {
              "status": "affected",
              "version": "9.19.1.18"
            }
          ]
        },
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "6.2.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.1"
            },
            {
              "status": "affected",
              "version": "6.2.3.2"
            },
            {
              "status": "affected",
              "version": "6.2.3.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.4"
            },
            {
              "status": "affected",
              "version": "6.2.3.5"
            },
            {
              "status": "affected",
              "version": "6.2.3.6"
            },
            {
              "status": "affected",
              "version": "6.2.3.7"
            },
            {
              "status": "affected",
              "version": "6.2.3.8"
            },
            {
              "status": "affected",
              "version": "6.2.3.10"
            },
            {
              "status": "affected",
              "version": "6.2.3.11"
            },
            {
              "status": "affected",
              "version": "6.2.3.9"
            },
            {
              "status": "affected",
              "version": "6.2.3.12"
            },
            {
              "status": "affected",
              "version": "6.2.3.13"
            },
            {
              "status": "affected",
              "version": "6.2.3.14"
            },
            {
              "status": "affected",
              "version": "6.2.3.15"
            },
            {
              "status": "affected",
              "version": "6.2.3.16"
            },
            {
              "status": "affected",
              "version": "6.2.3.17"
            },
            {
              "status": "affected",
              "version": "6.2.3.18"
            },
            {
              "status": "affected",
              "version": "6.6.0"
            },
            {
              "status": "affected",
              "version": "6.6.0.1"
            },
            {
              "status": "affected",
              "version": "6.6.1"
            },
            {
              "status": "affected",
              "version": "6.6.3"
            },
            {
              "status": "affected",
              "version": "6.6.4"
            },
            {
              "status": "affected",
              "version": "6.6.5"
            },
            {
              "status": "affected",
              "version": "6.6.5.1"
            },
            {
              "status": "affected",
              "version": "6.6.5.2"
            },
            {
              "status": "affected",
              "version": "6.6.7"
            },
            {
              "status": "affected",
              "version": "6.6.7.1"
            },
            {
              "status": "affected",
              "version": "6.4.0"
            },
            {
              "status": "affected",
              "version": "6.4.0.1"
            },
            {
              "status": "affected",
              "version": "6.4.0.3"
            },
            {
              "status": "affected",
              "version": "6.4.0.2"
            },
            {
              "status": "affected",
              "version": "6.4.0.4"
            },
            {
              "status": "affected",
              "version": "6.4.0.5"
            },
            {
              "status": "affected",
              "version": "6.4.0.6"
            },
            {
              "status": "affected",
              "version": "6.4.0.7"
            },
            {
              "status": "affected",
              "version": "6.4.0.8"
            },
            {
              "status": "affected",
              "version": "6.4.0.9"
            },
            {
              "status": "affected",
              "version": "6.4.0.10"
            },
            {
              "status": "affected",
              "version": "6.4.0.11"
            },
            {
              "status": "affected",
              "version": "6.4.0.12"
            },
            {
              "status": "affected",
              "version": "6.4.0.13"
            },
            {
              "status": "affected",
              "version": "6.4.0.14"
            },
            {
              "status": "affected",
              "version": "6.4.0.15"
            },
            {
              "status": "affected",
              "version": "6.4.0.16"
            },
            {
              "status": "affected",
              "version": "6.7.0"
            },
            {
              "status": "affected",
              "version": "6.7.0.1"
            },
            {
              "status": "affected",
              "version": "6.7.0.2"
            },
            {
              "status": "affected",
              "version": "6.7.0.3"
            },
            {
              "status": "affected",
              "version": "7.0.0"
            },
            {
              "status": "affected",
              "version": "7.0.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1.1"
            },
            {
              "status": "affected",
              "version": "7.0.2"
            },
            {
              "status": "affected",
              "version": "7.0.2.1"
            },
            {
              "status": "affected",
              "version": "7.0.3"
            },
            {
              "status": "affected",
              "version": "7.0.4"
            },
            {
              "status": "affected",
              "version": "7.0.5"
            },
            {
              "status": "affected",
              "version": "7.0.6"
            },
            {
              "status": "affected",
              "version": "7.1.0"
            },
            {
              "status": "affected",
              "version": "7.1.0.1"
            },
            {
              "status": "affected",
              "version": "7.1.0.2"
            },
            {
              "status": "affected",
              "version": "7.1.0.3"
            },
            {
              "status": "affected",
              "version": "7.2.0"
            },
            {
              "status": "affected",
              "version": "7.2.0.1"
            },
            {
              "status": "affected",
              "version": "7.2.1"
            },
            {
              "status": "affected",
              "version": "7.2.2"
            },
            {
              "status": "affected",
              "version": "7.2.3"
            },
            {
              "status": "affected",
              "version": "7.2.4"
            },
            {
              "status": "affected",
              "version": "7.2.4.1"
            },
            {
              "status": "affected",
              "version": "7.2.5"
            },
            {
              "status": "affected",
              "version": "7.3.0"
            },
            {
              "status": "affected",
              "version": "7.3.1"
            },
            {
              "status": "affected",
              "version": "7.3.1.1"
            },
            {
              "status": "affected",
              "version": "7.4.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a brute force attack in an attempt to identify valid username and password combinations or an authenticated, remote attacker to establish a clientless SSL VPN session with an unauthorized user.\r\n\r This vulnerability is due to improper separation of authentication, authorization, and accounting (AAA) between the remote access VPN feature and the HTTPS management and site-to-site VPN features. An attacker could exploit this vulnerability by specifying a default connection profile/tunnel group while conducting a brute force attack or while establishing a clientless SSL VPN session using valid credentials. A successful exploit could allow the attacker to achieve one or both of the following:\r\n\r \r Identify valid credentials that could then be used to establish an unauthorized remote access VPN session.\r Establish a clientless SSL VPN session (only when running Cisco ASA Software Release 9.16 or earlier).\r \r Notes:\r\n\r \r Establishing a client-based remote access VPN tunnel is not possible as these default connection profiles/tunnel groups do not and cannot have an IP address pool configured.\r This vulnerability does not allow an attacker to bypass authentication. To successfully establish a remote access VPN session, valid credentials are required, including a valid second factor if multi-factor authentication (MFA) is configured.\r \r Cisco will release software updates that address this vulnerability. There are workarounds that address this vulnerability."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "In August 2023, the Cisco Product Security Incident Response Team (PSIRT) became aware of attempted exploitation of this vulnerability in the wild. Cisco strongly recommends that customers upgrade to a fixed software release to remediate this vulnerability once available and apply one of the suggested workarounds in the meantime.\r\n\r\nFor information on observed attempted exploitation of this vulnerability, see the Cisco blog post on Akira Ransomware Targeting VPNs without Multi-Factor Authentication [\"https://blogs.cisco.com/security/akira-ransomware-targeting-vpns-without-multi-factor-authentication\"]. As explained in this blog post, organizations can significantly reduce the risk of unauthorized access, including a potential ransomware infection, by enabling MFA in VPN implementations."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-288",
              "description": "Authentication Bypass Using an Alternate Path or Channel",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-25T16:58:36.839Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-asaftd-ravpn-auth-8LyfCkeC",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ravpn-auth-8LyfCkeC"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asaftd-ravpn-auth-8LyfCkeC",
        "defects": [
          "CSCwh23100",
          "CSCwh45108"
        ],
        "discovery": "EXTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2023-20269",
    "datePublished": "2023-09-06T17:09:29.663Z",
    "dateReserved": "2022-10-27T18:47:50.373Z",
    "dateUpdated": "2025-07-30T01:37:18.751Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-20495 (GCVE-0-2024-20495)

Vulnerability from cvelistv5

Published

2024-10-23 17:53

Modified

2024-10-23 19:12

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-20 - Improper Input Validation

Summary

A vulnerability in the Remote Access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition on an affected device. This vulnerability is due to improper validation of client key data after the TLS session is established. An attacker could exploit this vulnerability by sending a crafted key value to an affected system over the secure TLS session. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

References

▼	URL	Tags
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-vpn-cZf8gT

Impacted products

Vendor

Product

Version

▼

Cisco

Cisco Adaptive Security Appliance (ASA) Software

Version: 9.8.4.12
Version: 9.8.4.15
Version: 9.8.4.17
Version: 9.8.4.25
Version: 9.8.4.20
Version: 9.8.4.22
Version: 9.8.4.26
Version: 9.8.4.29
Version: 9.8.4.32
Version: 9.8.4.33
Version: 9.8.4.34
Version: 9.8.4.35
Version: 9.8.4.39
Version: 9.8.4.40
Version: 9.8.4.41
Version: 9.8.4.43
Version: 9.8.4.44
Version: 9.8.4.45
Version: 9.8.4.46
Version: 9.8.4.48
Version: 9.12.3
Version: 9.12.3.2
Version: 9.12.3.7
Version: 9.12.4
Version: 9.12.3.12
Version: 9.12.3.9
Version: 9.12.4.2
Version: 9.12.4.4
Version: 9.12.4.7
Version: 9.12.4.10
Version: 9.12.4.13
Version: 9.12.4.8
Version: 9.12.4.18
Version: 9.12.4.24
Version: 9.12.4.26
Version: 9.12.4.29
Version: 9.12.4.30
Version: 9.12.4.35
Version: 9.12.4.37
Version: 9.12.4.38
Version: 9.12.4.39
Version: 9.12.4.40
Version: 9.12.4.41
Version: 9.12.4.47
Version: 9.12.4.48
Version: 9.12.4.50
Version: 9.12.4.52
Version: 9.12.4.54
Version: 9.12.4.55
Version: 9.12.4.56
Version: 9.12.4.58
Version: 9.12.4.62
Version: 9.12.4.65
Version: 9.12.4.67
Version: 9.14.1
Version: 9.14.1.10
Version: 9.14.1.6
Version: 9.14.1.15
Version: 9.14.1.19
Version: 9.14.1.30
Version: 9.14.2
Version: 9.14.2.4
Version: 9.14.2.8
Version: 9.14.2.13
Version: 9.14.2.15
Version: 9.14.3
Version: 9.14.3.1
Version: 9.14.3.9
Version: 9.14.3.11
Version: 9.14.3.13
Version: 9.14.3.18
Version: 9.14.3.15
Version: 9.14.4
Version: 9.14.4.6
Version: 9.14.4.7
Version: 9.14.4.12
Version: 9.14.4.13
Version: 9.14.4.14
Version: 9.14.4.15
Version: 9.14.4.17
Version: 9.14.4.22
Version: 9.14.4.23
Version: 9.14.4.24
Version: 9.15.1
Version: 9.15.1.7
Version: 9.15.1.10
Version: 9.15.1.15
Version: 9.15.1.16
Version: 9.15.1.17
Version: 9.15.1.1
Version: 9.15.1.21
Version: 9.16.1
Version: 9.16.1.28
Version: 9.16.2
Version: 9.16.2.3
Version: 9.16.2.7
Version: 9.16.2.11
Version: 9.16.2.13
Version: 9.16.2.14
Version: 9.16.3
Version: 9.16.3.3
Version: 9.16.3.14
Version: 9.16.3.15
Version: 9.16.3.19
Version: 9.16.3.23
Version: 9.16.4
Version: 9.16.4.9
Version: 9.16.4.14
Version: 9.16.4.18
Version: 9.16.4.19
Version: 9.16.4.27
Version: 9.16.4.38
Version: 9.16.4.39
Version: 9.16.4.42
Version: 9.16.4.48
Version: 9.16.4.55
Version: 9.16.4.57
Version: 9.16.4.61
Version: 9.16.4.62
Version: 9.17.1
Version: 9.17.1.7
Version: 9.17.1.9
Version: 9.17.1.10
Version: 9.17.1.11
Version: 9.17.1.13
Version: 9.17.1.15
Version: 9.17.1.20
Version: 9.17.1.30
Version: 9.17.1.33
Version: 9.17.1.39

Cisco

Cisco Firepower Threat Defense Software

Version: 6.2.3.16
Version: 6.2.3.17
Version: 6.2.3.18
Version: 6.6.0
Version: 6.6.0.1
Version: 6.6.1
Version: 6.6.3
Version: 6.6.4
Version: 6.6.5
Version: 6.6.5.1
Version: 6.6.5.2
Version: 6.6.7
Version: 6.6.7.1
Version: 6.6.7.2
Version: 6.4.0.8
Version: 6.4.0.9
Version: 6.4.0.10
Version: 6.4.0.11
Version: 6.4.0.12
Version: 6.4.0.13
Version: 6.4.0.14
Version: 6.4.0.15
Version: 6.4.0.16
Version: 6.4.0.17
Version: 6.4.0.18
Version: 6.7.0
Version: 6.7.0.1
Version: 6.7.0.2
Version: 6.7.0.3
Version: 7.0.0
Version: 7.0.0.1
Version: 7.0.1
Version: 7.0.1.1
Version: 7.0.2
Version: 7.0.2.1
Version: 7.0.3
Version: 7.0.4
Version: 7.0.5
Version: 7.0.6
Version: 7.0.6.1
Version: 7.0.6.2
Version: 7.1.0
Version: 7.1.0.1
Version: 7.1.0.2
Version: 7.1.0.3

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "adaptive_security_appliance_software",
            "vendor": "cisco",
            "versions": [
              {
                "status": "affected",
                "version": "9.8.4.12"
              },
              {
                "status": "affected",
                "version": "9.8.4.15"
              },
              {
                "status": "affected",
                "version": "9.8.4.17"
              },
              {
                "status": "affected",
                "version": "9.8.4.25"
              },
              {
                "status": "affected",
                "version": "9.8.4.20"
              },
              {
                "status": "affected",
                "version": "9.8.4.22"
              },
              {
                "status": "affected",
                "version": "9.8.4.26"
              },
              {
                "status": "affected",
                "version": "9.8.4.29"
              },
              {
                "status": "affected",
                "version": "9.8.4.32"
              },
              {
                "status": "affected",
                "version": "9.8.4.33"
              },
              {
                "status": "affected",
                "version": "9.8.4.34"
              },
              {
                "status": "affected",
                "version": "9.8.4.35"
              },
              {
                "status": "affected",
                "version": "9.8.4.39"
              },
              {
                "status": "affected",
                "version": "9.8.4.40"
              },
              {
                "status": "affected",
                "version": "9.8.4.41"
              },
              {
                "status": "affected",
                "version": "9.8.4.43"
              },
              {
                "status": "affected",
                "version": "9.8.4.44"
              },
              {
                "status": "affected",
                "version": "9.8.4.45"
              },
              {
                "status": "affected",
                "version": "9.8.4.46"
              },
              {
                "status": "affected",
                "version": "9.8.4.48"
              },
              {
                "status": "affected",
                "version": "9.12.3"
              },
              {
                "status": "affected",
                "version": "9.12.3.2"
              },
              {
                "status": "affected",
                "version": "9.12.3.7"
              },
              {
                "status": "affected",
                "version": "9.12.4"
              },
              {
                "status": "affected",
                "version": "9.12.3.12"
              },
              {
                "status": "affected",
                "version": "9.12.3.9"
              },
              {
                "status": "affected",
                "version": "9.12.4.2"
              },
              {
                "status": "affected",
                "version": "9.12.4.4"
              },
              {
                "status": "affected",
                "version": "9.12.4.7"
              },
              {
                "status": "affected",
                "version": "9.12.4.10"
              },
              {
                "status": "affected",
                "version": "9.12.4.13"
              },
              {
                "status": "affected",
                "version": "9.12.4.8"
              },
              {
                "status": "affected",
                "version": "9.12.4.18"
              },
              {
                "status": "affected",
                "version": "9.12.4.24"
              },
              {
                "status": "affected",
                "version": "9.12.4.26"
              },
              {
                "status": "affected",
                "version": "9.12.4.29"
              },
              {
                "status": "affected",
                "version": "9.12.4.30"
              },
              {
                "status": "affected",
                "version": "9.12.4.35"
              },
              {
                "status": "affected",
                "version": "9.12.4.37"
              },
              {
                "status": "affected",
                "version": "9.12.4.38"
              },
              {
                "status": "affected",
                "version": "9.12.4.39"
              },
              {
                "status": "affected",
                "version": "9.12.4.40"
              },
              {
                "status": "affected",
                "version": "9.12.4.41"
              },
              {
                "status": "affected",
                "version": "9.12.4.47"
              },
              {
                "status": "affected",
                "version": "9.12.4.48"
              },
              {
                "status": "affected",
                "version": "9.12.4.50"
              },
              {
                "status": "affected",
                "version": "9.12.4.52"
              },
              {
                "status": "affected",
                "version": "9.12.4.54"
              },
              {
                "status": "affected",
                "version": "9.12.4.55"
              },
              {
                "status": "affected",
                "version": "9.12.4.56"
              },
              {
                "status": "affected",
                "version": "9.12.4.58"
              },
              {
                "status": "affected",
                "version": "9.12.4.62"
              },
              {
                "status": "affected",
                "version": "9.12.4.65"
              },
              {
                "status": "affected",
                "version": "9.12.4.67"
              },
              {
                "status": "affected",
                "version": "9.14.1"
              },
              {
                "status": "affected",
                "version": "9.14.1.10"
              },
              {
                "status": "affected",
                "version": "9.14.1.6"
              },
              {
                "status": "affected",
                "version": "9.14.1.15"
              },
              {
                "status": "affected",
                "version": "9.14.1.19"
              },
              {
                "status": "affected",
                "version": "9.14.1.30"
              },
              {
                "status": "affected",
                "version": "9.14.2"
              },
              {
                "status": "affected",
                "version": "9.14.2.4"
              },
              {
                "status": "affected",
                "version": "9.14.2.8"
              },
              {
                "status": "affected",
                "version": "9.14.2.13"
              },
              {
                "status": "affected",
                "version": "9.14.2.15"
              },
              {
                "status": "affected",
                "version": "9.14.3"
              },
              {
                "status": "affected",
                "version": "9.14.3.1"
              },
              {
                "status": "affected",
                "version": "9.14.3.9"
              },
              {
                "status": "affected",
                "version": "9.14.3.11"
              },
              {
                "status": "affected",
                "version": "9.14.3.13"
              },
              {
                "status": "affected",
                "version": "9.14.3.18"
              },
              {
                "status": "affected",
                "version": "9.14.3.15"
              },
              {
                "status": "affected",
                "version": "9.14.4"
              },
              {
                "status": "affected",
                "version": "9.14.4.6"
              },
              {
                "status": "affected",
                "version": "9.14.4.7"
              },
              {
                "status": "affected",
                "version": "9.14.4.12"
              },
              {
                "status": "affected",
                "version": "9.14.4.13"
              },
              {
                "status": "affected",
                "version": "9.14.4.14"
              },
              {
                "status": "affected",
                "version": "9.14.4.15"
              },
              {
                "status": "affected",
                "version": "9.14.4.17"
              },
              {
                "status": "affected",
                "version": "9.14.4.22"
              },
              {
                "status": "affected",
                "version": "9.14.4.23"
              },
              {
                "status": "affected",
                "version": "9.14.4.24"
              },
              {
                "status": "affected",
                "version": "9.15.1"
              },
              {
                "status": "affected",
                "version": "9.15.1.7"
              },
              {
                "status": "affected",
                "version": "9.15.1.10"
              },
              {
                "status": "affected",
                "version": "9.15.1.15"
              },
              {
                "status": "affected",
                "version": "9.15.1.16"
              },
              {
                "status": "affected",
                "version": "9.15.1.17"
              },
              {
                "status": "affected",
                "version": "9.15.1.1"
              },
              {
                "status": "affected",
                "version": "9.15.1.21"
              },
              {
                "status": "affected",
                "version": "9.16.1"
              },
              {
                "status": "affected",
                "version": "9.16.1.28"
              },
              {
                "status": "affected",
                "version": "9.16.2"
              },
              {
                "status": "affected",
                "version": "9.16.2.3"
              },
              {
                "status": "affected",
                "version": "9.16.2.7"
              },
              {
                "status": "affected",
                "version": "9.16.2.11"
              },
              {
                "status": "affected",
                "version": "9.16.2.13"
              },
              {
                "status": "affected",
                "version": "9.16.2.14"
              },
              {
                "status": "affected",
                "version": "9.16.3"
              },
              {
                "status": "affected",
                "version": "9.16.3.3"
              },
              {
                "status": "affected",
                "version": "9.16.3.14"
              },
              {
                "status": "affected",
                "version": "9.16.3.15"
              },
              {
                "status": "affected",
                "version": "9.16.3.19"
              },
              {
                "status": "affected",
                "version": "9.16.3.23"
              },
              {
                "status": "affected",
                "version": "9.16.4"
              },
              {
                "status": "affected",
                "version": "9.16.4.9"
              },
              {
                "status": "affected",
                "version": "9.16.4.14"
              },
              {
                "status": "affected",
                "version": "9.16.4.18"
              },
              {
                "status": "affected",
                "version": "9.16.4.19"
              },
              {
                "status": "affected",
                "version": "9.16.4.27"
              },
              {
                "status": "affected",
                "version": "9.16.4.38"
              },
              {
                "status": "affected",
                "version": "9.16.4.39"
              },
              {
                "status": "affected",
                "version": "9.16.4.42"
              },
              {
                "status": "affected",
                "version": "9.16.4.48"
              },
              {
                "status": "affected",
                "version": "9.16.4.55"
              },
              {
                "status": "affected",
                "version": "9.16.4.57"
              },
              {
                "status": "affected",
                "version": "9.16.4.61"
              },
              {
                "status": "affected",
                "version": "9.16.4.62"
              },
              {
                "status": "affected",
                "version": "9.17.1"
              },
              {
                "status": "affected",
                "version": "9.17.1.7"
              },
              {
                "status": "affected",
                "version": "9.17.1.9"
              },
              {
                "status": "affected",
                "version": "9.17.1.10"
              },
              {
                "status": "affected",
                "version": "9.17.1.11"
              },
              {
                "status": "affected",
                "version": "9.17.1.13"
              },
              {
                "status": "affected",
                "version": "9.17.1.15"
              },
              {
                "status": "affected",
                "version": "9.17.1.20"
              },
              {
                "status": "affected",
                "version": "9.17.1.30"
              },
              {
                "status": "affected",
                "version": "9.17.1.33"
              },
              {
                "status": "affected",
                "version": "9.17.1.39"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:firepower_threat_defense_software:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "firepower_threat_defense_software",
            "vendor": "cisco",
            "versions": [
              {
                "status": "affected",
                "version": "6.2.3.16"
              },
              {
                "status": "affected",
                "version": "6.2.3.17"
              },
              {
                "status": "affected",
                "version": "6.2.3.18"
              },
              {
                "status": "affected",
                "version": "6.6.0"
              },
              {
                "status": "affected",
                "version": "6.6.0.1"
              },
              {
                "status": "affected",
                "version": "6.6.1"
              },
              {
                "status": "affected",
                "version": "6.6.3"
              },
              {
                "status": "affected",
                "version": "6.6.4"
              },
              {
                "status": "affected",
                "version": "6.6.5"
              },
              {
                "status": "affected",
                "version": "6.6.5.1"
              },
              {
                "status": "affected",
                "version": "6.6.5.2"
              },
              {
                "status": "affected",
                "version": "6.6.7"
              },
              {
                "status": "affected",
                "version": "6.6.7.1"
              },
              {
                "status": "affected",
                "version": "6.6.7.2"
              },
              {
                "status": "affected",
                "version": "6.4.0.8"
              },
              {
                "status": "affected",
                "version": "6.4.0.9"
              },
              {
                "status": "affected",
                "version": "6.4.0.10"
              },
              {
                "status": "affected",
                "version": "6.4.0.11"
              },
              {
                "status": "affected",
                "version": "6.4.0.12"
              },
              {
                "status": "affected",
                "version": "6.4.0.13"
              },
              {
                "status": "affected",
                "version": "6.4.0.14"
              },
              {
                "status": "affected",
                "version": "6.4.0.15"
              },
              {
                "status": "affected",
                "version": "6.4.0.16"
              },
              {
                "status": "affected",
                "version": "6.4.0.17"
              },
              {
                "status": "affected",
                "version": "6.4.0.18"
              },
              {
                "status": "affected",
                "version": "6.7.0"
              },
              {
                "status": "affected",
                "version": "6.7.0.1"
              },
              {
                "status": "affected",
                "version": "6.7.0.2"
              },
              {
                "status": "affected",
                "version": "6.7.0.3"
              },
              {
                "status": "affected",
                "version": "7.0.0"
              },
              {
                "status": "affected",
                "version": "7.0.0.1"
              },
              {
                "status": "affected",
                "version": "7.0.1"
              },
              {
                "status": "affected",
                "version": "7.0.1.1"
              },
              {
                "status": "affected",
                "version": "7.0.2"
              },
              {
                "status": "affected",
                "version": "7.0.2.1"
              },
              {
                "status": "affected",
                "version": "7.0.3"
              },
              {
                "status": "affected",
                "version": "7.0.4"
              },
              {
                "status": "affected",
                "version": "7.0.5"
              },
              {
                "status": "affected",
                "version": "7.0.6"
              },
              {
                "status": "affected",
                "version": "7.0.6.1"
              },
              {
                "status": "affected",
                "version": "7.0.6.2"
              },
              {
                "status": "affected",
                "version": "7.1.0"
              },
              {
                "status": "affected",
                "version": "7.1.0.1"
              },
              {
                "status": "affected",
                "version": "7.1.0.2"
              },
              {
                "status": "affected",
                "version": "7.1.0.3"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-20495",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-23T18:42:04.962920Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-23T19:12:27.560Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "9.8.4.12"
            },
            {
              "status": "affected",
              "version": "9.8.4.15"
            },
            {
              "status": "affected",
              "version": "9.8.4.17"
            },
            {
              "status": "affected",
              "version": "9.8.4.25"
            },
            {
              "status": "affected",
              "version": "9.8.4.20"
            },
            {
              "status": "affected",
              "version": "9.8.4.22"
            },
            {
              "status": "affected",
              "version": "9.8.4.26"
            },
            {
              "status": "affected",
              "version": "9.8.4.29"
            },
            {
              "status": "affected",
              "version": "9.8.4.32"
            },
            {
              "status": "affected",
              "version": "9.8.4.33"
            },
            {
              "status": "affected",
              "version": "9.8.4.34"
            },
            {
              "status": "affected",
              "version": "9.8.4.35"
            },
            {
              "status": "affected",
              "version": "9.8.4.39"
            },
            {
              "status": "affected",
              "version": "9.8.4.40"
            },
            {
              "status": "affected",
              "version": "9.8.4.41"
            },
            {
              "status": "affected",
              "version": "9.8.4.43"
            },
            {
              "status": "affected",
              "version": "9.8.4.44"
            },
            {
              "status": "affected",
              "version": "9.8.4.45"
            },
            {
              "status": "affected",
              "version": "9.8.4.46"
            },
            {
              "status": "affected",
              "version": "9.8.4.48"
            },
            {
              "status": "affected",
              "version": "9.12.3"
            },
            {
              "status": "affected",
              "version": "9.12.3.2"
            },
            {
              "status": "affected",
              "version": "9.12.3.7"
            },
            {
              "status": "affected",
              "version": "9.12.4"
            },
            {
              "status": "affected",
              "version": "9.12.3.12"
            },
            {
              "status": "affected",
              "version": "9.12.3.9"
            },
            {
              "status": "affected",
              "version": "9.12.4.2"
            },
            {
              "status": "affected",
              "version": "9.12.4.4"
            },
            {
              "status": "affected",
              "version": "9.12.4.7"
            },
            {
              "status": "affected",
              "version": "9.12.4.10"
            },
            {
              "status": "affected",
              "version": "9.12.4.13"
            },
            {
              "status": "affected",
              "version": "9.12.4.8"
            },
            {
              "status": "affected",
              "version": "9.12.4.18"
            },
            {
              "status": "affected",
              "version": "9.12.4.24"
            },
            {
              "status": "affected",
              "version": "9.12.4.26"
            },
            {
              "status": "affected",
              "version": "9.12.4.29"
            },
            {
              "status": "affected",
              "version": "9.12.4.30"
            },
            {
              "status": "affected",
              "version": "9.12.4.35"
            },
            {
              "status": "affected",
              "version": "9.12.4.37"
            },
            {
              "status": "affected",
              "version": "9.12.4.38"
            },
            {
              "status": "affected",
              "version": "9.12.4.39"
            },
            {
              "status": "affected",
              "version": "9.12.4.40"
            },
            {
              "status": "affected",
              "version": "9.12.4.41"
            },
            {
              "status": "affected",
              "version": "9.12.4.47"
            },
            {
              "status": "affected",
              "version": "9.12.4.48"
            },
            {
              "status": "affected",
              "version": "9.12.4.50"
            },
            {
              "status": "affected",
              "version": "9.12.4.52"
            },
            {
              "status": "affected",
              "version": "9.12.4.54"
            },
            {
              "status": "affected",
              "version": "9.12.4.55"
            },
            {
              "status": "affected",
              "version": "9.12.4.56"
            },
            {
              "status": "affected",
              "version": "9.12.4.58"
            },
            {
              "status": "affected",
              "version": "9.12.4.62"
            },
            {
              "status": "affected",
              "version": "9.12.4.65"
            },
            {
              "status": "affected",
              "version": "9.12.4.67"
            },
            {
              "status": "affected",
              "version": "9.14.1"
            },
            {
              "status": "affected",
              "version": "9.14.1.10"
            },
            {
              "status": "affected",
              "version": "9.14.1.6"
            },
            {
              "status": "affected",
              "version": "9.14.1.15"
            },
            {
              "status": "affected",
              "version": "9.14.1.19"
            },
            {
              "status": "affected",
              "version": "9.14.1.30"
            },
            {
              "status": "affected",
              "version": "9.14.2"
            },
            {
              "status": "affected",
              "version": "9.14.2.4"
            },
            {
              "status": "affected",
              "version": "9.14.2.8"
            },
            {
              "status": "affected",
              "version": "9.14.2.13"
            },
            {
              "status": "affected",
              "version": "9.14.2.15"
            },
            {
              "status": "affected",
              "version": "9.14.3"
            },
            {
              "status": "affected",
              "version": "9.14.3.1"
            },
            {
              "status": "affected",
              "version": "9.14.3.9"
            },
            {
              "status": "affected",
              "version": "9.14.3.11"
            },
            {
              "status": "affected",
              "version": "9.14.3.13"
            },
            {
              "status": "affected",
              "version": "9.14.3.18"
            },
            {
              "status": "affected",
              "version": "9.14.3.15"
            },
            {
              "status": "affected",
              "version": "9.14.4"
            },
            {
              "status": "affected",
              "version": "9.14.4.6"
            },
            {
              "status": "affected",
              "version": "9.14.4.7"
            },
            {
              "status": "affected",
              "version": "9.14.4.12"
            },
            {
              "status": "affected",
              "version": "9.14.4.13"
            },
            {
              "status": "affected",
              "version": "9.14.4.14"
            },
            {
              "status": "affected",
              "version": "9.14.4.15"
            },
            {
              "status": "affected",
              "version": "9.14.4.17"
            },
            {
              "status": "affected",
              "version": "9.14.4.22"
            },
            {
              "status": "affected",
              "version": "9.14.4.23"
            },
            {
              "status": "affected",
              "version": "9.14.4.24"
            },
            {
              "status": "affected",
              "version": "9.15.1"
            },
            {
              "status": "affected",
              "version": "9.15.1.7"
            },
            {
              "status": "affected",
              "version": "9.15.1.10"
            },
            {
              "status": "affected",
              "version": "9.15.1.15"
            },
            {
              "status": "affected",
              "version": "9.15.1.16"
            },
            {
              "status": "affected",
              "version": "9.15.1.17"
            },
            {
              "status": "affected",
              "version": "9.15.1.1"
            },
            {
              "status": "affected",
              "version": "9.15.1.21"
            },
            {
              "status": "affected",
              "version": "9.16.1"
            },
            {
              "status": "affected",
              "version": "9.16.1.28"
            },
            {
              "status": "affected",
              "version": "9.16.2"
            },
            {
              "status": "affected",
              "version": "9.16.2.3"
            },
            {
              "status": "affected",
              "version": "9.16.2.7"
            },
            {
              "status": "affected",
              "version": "9.16.2.11"
            },
            {
              "status": "affected",
              "version": "9.16.2.13"
            },
            {
              "status": "affected",
              "version": "9.16.2.14"
            },
            {
              "status": "affected",
              "version": "9.16.3"
            },
            {
              "status": "affected",
              "version": "9.16.3.3"
            },
            {
              "status": "affected",
              "version": "9.16.3.14"
            },
            {
              "status": "affected",
              "version": "9.16.3.15"
            },
            {
              "status": "affected",
              "version": "9.16.3.19"
            },
            {
              "status": "affected",
              "version": "9.16.3.23"
            },
            {
              "status": "affected",
              "version": "9.16.4"
            },
            {
              "status": "affected",
              "version": "9.16.4.9"
            },
            {
              "status": "affected",
              "version": "9.16.4.14"
            },
            {
              "status": "affected",
              "version": "9.16.4.18"
            },
            {
              "status": "affected",
              "version": "9.16.4.19"
            },
            {
              "status": "affected",
              "version": "9.16.4.27"
            },
            {
              "status": "affected",
              "version": "9.16.4.38"
            },
            {
              "status": "affected",
              "version": "9.16.4.39"
            },
            {
              "status": "affected",
              "version": "9.16.4.42"
            },
            {
              "status": "affected",
              "version": "9.16.4.48"
            },
            {
              "status": "affected",
              "version": "9.16.4.55"
            },
            {
              "status": "affected",
              "version": "9.16.4.57"
            },
            {
              "status": "affected",
              "version": "9.16.4.61"
            },
            {
              "status": "affected",
              "version": "9.16.4.62"
            },
            {
              "status": "affected",
              "version": "9.17.1"
            },
            {
              "status": "affected",
              "version": "9.17.1.7"
            },
            {
              "status": "affected",
              "version": "9.17.1.9"
            },
            {
              "status": "affected",
              "version": "9.17.1.10"
            },
            {
              "status": "affected",
              "version": "9.17.1.11"
            },
            {
              "status": "affected",
              "version": "9.17.1.13"
            },
            {
              "status": "affected",
              "version": "9.17.1.15"
            },
            {
              "status": "affected",
              "version": "9.17.1.20"
            },
            {
              "status": "affected",
              "version": "9.17.1.30"
            },
            {
              "status": "affected",
              "version": "9.17.1.33"
            },
            {
              "status": "affected",
              "version": "9.17.1.39"
            }
          ]
        },
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "6.2.3.16"
            },
            {
              "status": "affected",
              "version": "6.2.3.17"
            },
            {
              "status": "affected",
              "version": "6.2.3.18"
            },
            {
              "status": "affected",
              "version": "6.6.0"
            },
            {
              "status": "affected",
              "version": "6.6.0.1"
            },
            {
              "status": "affected",
              "version": "6.6.1"
            },
            {
              "status": "affected",
              "version": "6.6.3"
            },
            {
              "status": "affected",
              "version": "6.6.4"
            },
            {
              "status": "affected",
              "version": "6.6.5"
            },
            {
              "status": "affected",
              "version": "6.6.5.1"
            },
            {
              "status": "affected",
              "version": "6.6.5.2"
            },
            {
              "status": "affected",
              "version": "6.6.7"
            },
            {
              "status": "affected",
              "version": "6.6.7.1"
            },
            {
              "status": "affected",
              "version": "6.6.7.2"
            },
            {
              "status": "affected",
              "version": "6.4.0.8"
            },
            {
              "status": "affected",
              "version": "6.4.0.9"
            },
            {
              "status": "affected",
              "version": "6.4.0.10"
            },
            {
              "status": "affected",
              "version": "6.4.0.11"
            },
            {
              "status": "affected",
              "version": "6.4.0.12"
            },
            {
              "status": "affected",
              "version": "6.4.0.13"
            },
            {
              "status": "affected",
              "version": "6.4.0.14"
            },
            {
              "status": "affected",
              "version": "6.4.0.15"
            },
            {
              "status": "affected",
              "version": "6.4.0.16"
            },
            {
              "status": "affected",
              "version": "6.4.0.17"
            },
            {
              "status": "affected",
              "version": "6.4.0.18"
            },
            {
              "status": "affected",
              "version": "6.7.0"
            },
            {
              "status": "affected",
              "version": "6.7.0.1"
            },
            {
              "status": "affected",
              "version": "6.7.0.2"
            },
            {
              "status": "affected",
              "version": "6.7.0.3"
            },
            {
              "status": "affected",
              "version": "7.0.0"
            },
            {
              "status": "affected",
              "version": "7.0.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1.1"
            },
            {
              "status": "affected",
              "version": "7.0.2"
            },
            {
              "status": "affected",
              "version": "7.0.2.1"
            },
            {
              "status": "affected",
              "version": "7.0.3"
            },
            {
              "status": "affected",
              "version": "7.0.4"
            },
            {
              "status": "affected",
              "version": "7.0.5"
            },
            {
              "status": "affected",
              "version": "7.0.6"
            },
            {
              "status": "affected",
              "version": "7.0.6.1"
            },
            {
              "status": "affected",
              "version": "7.0.6.2"
            },
            {
              "status": "affected",
              "version": "7.1.0"
            },
            {
              "status": "affected",
              "version": "7.1.0.1"
            },
            {
              "status": "affected",
              "version": "7.1.0.2"
            },
            {
              "status": "affected",
              "version": "7.1.0.3"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Remote Access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition on an affected device.\r\n\r This vulnerability is due to improper validation of client key data after the TLS session is established. An attacker could exploit this vulnerability by sending a crafted key value to an affected system over the secure TLS session. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "Improper Input Validation",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-23T17:53:14.516Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-asa-vpn-cZf8gT",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-vpn-cZf8gT"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asa-vpn-cZf8gT",
        "defects": [
          "CSCwk53369"
        ],
        "discovery": "INTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2024-20495",
    "datePublished": "2024-10-23T17:53:14.516Z",
    "dateReserved": "2023-11-08T15:08:07.686Z",
    "dateUpdated": "2024-10-23T19:12:27.560Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-3555 (GCVE-0-2020-3555)

Vulnerability from cvelistv5

Published

2020-10-21 18:41

Modified

2024-11-13 17:45

Severity ?

6.8 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-404

Summary

A vulnerability in the SIP inspection process of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a crash and reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to a watchdog timeout and crash during the cleanup of threads that are associated with a SIP connection that is being deleted from the connection list. An attacker could exploit this vulnerability by sending a high rate of crafted SIP traffic through an affected device. A successful exploit could allow the attacker to cause a watchdog timeout and crash, resulting in a crash and reload of the affected device.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-sipdos-3DGvdjvg	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Adaptive Security Appliance (ASA) Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T07:37:55.309Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SIP Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-sipdos-3DGvdjvg"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-3555",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-13T17:22:41.603478Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-13T17:45:33.271Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2020-10-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the SIP inspection process of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a crash and reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to a watchdog timeout and crash during the cleanup of threads that are associated with a SIP connection that is being deleted from the connection list. An attacker could exploit this vulnerability by sending a high rate of crafted SIP traffic through an affected device. A successful exploit could allow the attacker to cause a watchdog timeout and crash, resulting in a crash and reload of the affected device."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-404",
              "description": "CWE-404",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-21T18:41:28",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SIP Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-sipdos-3DGvdjvg"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asaftd-sipdos-3DGvdjvg",
        "defect": [
          [
            "CSCvu15801"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SIP Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2020-10-21T16:00:00",
          "ID": "CVE-2020-3555",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SIP Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the SIP inspection process of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a crash and reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to a watchdog timeout and crash during the cleanup of threads that are associated with a SIP connection that is being deleted from the connection list. An attacker could exploit this vulnerability by sending a high rate of crafted SIP traffic through an affected device. A successful exploit could allow the attacker to cause a watchdog timeout and crash, resulting in a crash and reload of the affected device."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "6.8",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-404"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SIP Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-sipdos-3DGvdjvg"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-asaftd-sipdos-3DGvdjvg",
          "defect": [
            [
              "CSCvu15801"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2020-3555",
    "datePublished": "2020-10-21T18:41:28.381068Z",
    "dateReserved": "2019-12-12T00:00:00",
    "dateUpdated": "2024-11-13T17:45:33.271Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-20866 (GCVE-0-2022-20866)

Vulnerability from cvelistv5

Published

2022-08-10 16:20

Modified

2024-11-01 18:54

Severity ?

7.4 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE

CWE-203

Summary

A vulnerability in the handling of RSA keys on devices running Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to retrieve an RSA private key. This vulnerability is due to a logic error when the RSA key is stored in memory on a hardware platform that performs hardware-based cryptography. An attacker could exploit this vulnerability by using a Lenstra side-channel attack against the targeted device. A successful exploit could allow the attacker to retrieve the RSA private key. The following conditions may be observed on an affected device: This vulnerability will apply to approximately 5 percent of the RSA keys on a device that is running a vulnerable release of Cisco ASA Software or Cisco FTD Software; not all RSA keys are expected to be affected due to mathematical calculations applied to the RSA key. The RSA key could be valid but have specific characteristics that make it vulnerable to the potential leak of the RSA private key. If an attacker obtains the RSA private key, they could use the key to impersonate a device that is running Cisco ASA Software or Cisco FTD Software or to decrypt the device traffic. See the Indicators of Compromise section for more information on the detection of this type of RSA key. The RSA key could be malformed and invalid. A malformed RSA key is not functional, and a TLS client connection to a device that is running Cisco ASA Software or Cisco FTD Software that uses the malformed RSA key will result in a TLS signature failure, which means a vulnerable software release created an invalid RSA signature that failed verification. If an attacker obtains the RSA private key, they could use the key to impersonate a device that is running Cisco ASA Software or Cisco FTD Software or to decrypt the device traffic.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-rsa-key-leak-Ms7UEfZz	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Adaptive Security Appliance (ASA) Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T02:24:50.207Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20220810 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software RSA Private Key Leak Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-rsa-key-leak-Ms7UEfZz"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-20866",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-01T18:42:20.599063Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-01T18:54:32.713Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2022-08-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the handling of RSA keys on devices running Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to retrieve an RSA private key. This vulnerability is due to a logic error when the RSA key is stored in memory on a hardware platform that performs hardware-based cryptography. An attacker could exploit this vulnerability by using a Lenstra side-channel attack against the targeted device. A successful exploit could allow the attacker to retrieve the RSA private key. The following conditions may be observed on an affected device: This vulnerability will apply to approximately 5 percent of the RSA keys on a device that is running a vulnerable release of Cisco ASA Software or Cisco FTD Software; not all RSA keys are expected to be affected due to mathematical calculations applied to the RSA key. The RSA key could be valid but have specific characteristics that make it vulnerable to the potential leak of the RSA private key. If an attacker obtains the RSA private key, they could use the key to impersonate a device that is running Cisco ASA Software or Cisco FTD Software or to decrypt the device traffic. See the Indicators of Compromise section for more information on the detection of this type of RSA key. The RSA key could be malformed and invalid. A malformed RSA key is not functional, and a TLS client connection to a device that is running Cisco ASA Software or Cisco FTD Software that uses the malformed RSA key will result in a TLS signature failure, which means a vulnerable software release created an invalid RSA signature that failed verification. If an attacker obtains the RSA private key, they could use the key to impersonate a device that is running Cisco ASA Software or Cisco FTD Software or to decrypt the device traffic."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is aware of a public announcement of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-203",
              "description": "CWE-203",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-08-10T16:20:19",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20220810 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software RSA Private Key Leak Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-rsa-key-leak-Ms7UEfZz"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asaftd-rsa-key-leak-Ms7UEfZz",
        "defect": [
          [
            "CSCwb88651",
            "CSCwc28334"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software RSA Private Key Leak Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2022-08-10T23:00:00",
          "ID": "CVE-2022-20866",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software RSA Private Key Leak Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the handling of RSA keys on devices running Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to retrieve an RSA private key. This vulnerability is due to a logic error when the RSA key is stored in memory on a hardware platform that performs hardware-based cryptography. An attacker could exploit this vulnerability by using a Lenstra side-channel attack against the targeted device. A successful exploit could allow the attacker to retrieve the RSA private key. The following conditions may be observed on an affected device: This vulnerability will apply to approximately 5 percent of the RSA keys on a device that is running a vulnerable release of Cisco ASA Software or Cisco FTD Software; not all RSA keys are expected to be affected due to mathematical calculations applied to the RSA key. The RSA key could be valid but have specific characteristics that make it vulnerable to the potential leak of the RSA private key. If an attacker obtains the RSA private key, they could use the key to impersonate a device that is running Cisco ASA Software or Cisco FTD Software or to decrypt the device traffic. See the Indicators of Compromise section for more information on the detection of this type of RSA key. The RSA key could be malformed and invalid. A malformed RSA key is not functional, and a TLS client connection to a device that is running Cisco ASA Software or Cisco FTD Software that uses the malformed RSA key will result in a TLS signature failure, which means a vulnerable software release created an invalid RSA signature that failed verification. If an attacker obtains the RSA private key, they could use the key to impersonate a device that is running Cisco ASA Software or Cisco FTD Software or to decrypt the device traffic."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco PSIRT is aware of a public announcement of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "7.4",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-203"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20220810 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software RSA Private Key Leak Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-rsa-key-leak-Ms7UEfZz"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-asaftd-rsa-key-leak-Ms7UEfZz",
          "defect": [
            [
              "CSCwb88651",
              "CSCwc28334"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2022-20866",
    "datePublished": "2022-08-10T16:20:19.803227Z",
    "dateReserved": "2021-11-02T00:00:00",
    "dateUpdated": "2024-11-01T18:54:32.713Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-1696 (GCVE-0-2019-1696)

Vulnerability from cvelistv5

Published

2019-05-03 15:10

Modified

2024-11-19 19:09

Severity ?

7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-400

Summary

Multiple vulnerabilities in the Server Message Block (SMB) Protocol preprocessor detection engine for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent or remote attacker to cause a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-frpwr-smb-snort	vendor-advisory, x_refsource_CISCO
	http://www.securityfocus.com/bid/108171	vdb-entry, x_refsource_BID

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Threat Defense Software	Version: unspecified < 6.2.3.12

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T18:28:41.083Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20190501 Cisco Firepower Threat Defense Software SMB Protocol Preprocessor Detection Engine Denial of Service Vulnerabilities",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-frpwr-smb-snort"
          },
          {
            "name": "108171",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/108171"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2019-1696",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-19T17:24:30.595617Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-19T19:09:35.484Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "6.2.3.12",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2019-05-01T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple vulnerabilities in the Server Message Block (SMB) Protocol preprocessor detection engine for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent or remote attacker to cause a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-05-07T13:06:06",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20190501 Cisco Firepower Threat Defense Software SMB Protocol Preprocessor Detection Engine Denial of Service Vulnerabilities",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-frpwr-smb-snort"
        },
        {
          "name": "108171",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/108171"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20190501-frpwr-smb-snort",
        "defect": [
          [
            "CSCvj83264",
            "CSCvj91418"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Firepower Threat Defense Software SMB Protocol Preprocessor Detection Engine Denial of Service Vulnerabilities",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2019-05-01T16:00:00-0700",
          "ID": "CVE-2019-1696",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Firepower Threat Defense Software SMB Protocol Preprocessor Detection Engine Denial of Service Vulnerabilities"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Firepower Threat Defense Software",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "6.2.3.12"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple vulnerabilities in the Server Message Block (SMB) Protocol preprocessor detection engine for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent or remote attacker to cause a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "7.5",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-400"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20190501 Cisco Firepower Threat Defense Software SMB Protocol Preprocessor Detection Engine Denial of Service Vulnerabilities",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-frpwr-smb-snort"
            },
            {
              "name": "108171",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/108171"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20190501-frpwr-smb-snort",
          "defect": [
            [
              "CSCvj83264",
              "CSCvj91418"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2019-1696",
    "datePublished": "2019-05-03T15:10:15.109681Z",
    "dateReserved": "2018-12-06T00:00:00",
    "dateUpdated": "2024-11-19T19:09:35.484Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-1703 (GCVE-0-2019-1703)

Vulnerability from cvelistv5

Published

2019-05-03 16:00

Modified

2024-11-19 19:09

Severity ?

8.6 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-400

Summary

A vulnerability in the internal packet-processing functionality of Cisco Firepower Threat Defense (FTD) Software for the Cisco Firepower 2100 Series could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service (DoS) condition. The vulnerability is due to a logic error, which may prevent ingress buffers from being replenished under specific traffic conditions. An attacker could exploit this vulnerability by sending a series of crafted packets to an affected device. A successful exploit could allow the attacker to consume all input buffers, which are shared between all interfaces, leading to a queue wedge condition in all active interfaces. This situation would cause an affected device to stop processing any incoming traffic and result in a DoS condition until the device is reloaded manually.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-frpwr-dos	vendor-advisory, x_refsource_CISCO
	http://www.securityfocus.com/bid/108170	vdb-entry, x_refsource_BID

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Threat Defense Software	Version: unspecified < 6.2.3.12

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T18:28:42.326Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20190501 Cisco Firepower Threat Defense Software Packet Processing Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-frpwr-dos"
          },
          {
            "name": "108170",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/108170"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2019-1703",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-19T17:24:26.054970Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-19T19:09:06.294Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "6.2.3.12",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2019-05-01T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the internal packet-processing functionality of Cisco Firepower Threat Defense (FTD) Software for the Cisco Firepower 2100 Series could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service (DoS) condition. The vulnerability is due to a logic error, which may prevent ingress buffers from being replenished under specific traffic conditions. An attacker could exploit this vulnerability by sending a series of crafted packets to an affected device. A successful exploit could allow the attacker to consume all input buffers, which are shared between all interfaces, leading to a queue wedge condition in all active interfaces. This situation would cause an affected device to stop processing any incoming traffic and result in a DoS condition until the device is reloaded manually."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-05-07T11:06:05",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20190501 Cisco Firepower Threat Defense Software Packet Processing Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-frpwr-dos"
        },
        {
          "name": "108170",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/108170"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20190501-frpwr-dos",
        "defect": [
          [
            "CSCvj62504"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Firepower Threat Defense Software Packet Processing Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2019-05-01T16:00:00-0700",
          "ID": "CVE-2019-1703",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Firepower Threat Defense Software Packet Processing Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Firepower Threat Defense Software",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "6.2.3.12"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the internal packet-processing functionality of Cisco Firepower Threat Defense (FTD) Software for the Cisco Firepower 2100 Series could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service (DoS) condition. The vulnerability is due to a logic error, which may prevent ingress buffers from being replenished under specific traffic conditions. An attacker could exploit this vulnerability by sending a series of crafted packets to an affected device. A successful exploit could allow the attacker to consume all input buffers, which are shared between all interfaces, leading to a queue wedge condition in all active interfaces. This situation would cause an affected device to stop processing any incoming traffic and result in a DoS condition until the device is reloaded manually."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.6",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-400"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20190501 Cisco Firepower Threat Defense Software Packet Processing Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-frpwr-dos"
            },
            {
              "name": "108170",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/108170"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20190501-frpwr-dos",
          "defect": [
            [
              "CSCvj62504"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2019-1703",
    "datePublished": "2019-05-03T16:00:26.411998Z",
    "dateReserved": "2018-12-06T00:00:00",
    "dateUpdated": "2024-11-19T19:09:06.294Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-20382 (GCVE-0-2024-20382)

Vulnerability from cvelistv5

Published

2024-10-23 17:31

Modified

2024-10-24 17:47

Severity ?

6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CWE

CWE-80 - Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)

Summary

A vulnerability in the VPN web client services feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a browser that is accessing an affected device. This vulnerability is due to improper validation of user-supplied input to application endpoints. An attacker could exploit this vulnerability by persuading a user to follow a link designed to submit malicious input to the affected application. A successful exploit could allow the attacker to execute arbitrary HTML or script code in the browser in the context of the web services page.

References

▼	URL	Tags
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-xss-yjj7ZjVq

Impacted products

Vendor

Product

Version

▼

Cisco

Cisco Adaptive Security Appliance (ASA) Software

Version: 9.8.1
Version: 9.8.1.5
Version: 9.8.1.7
Version: 9.8.2
Version: 9.8.2.8
Version: 9.8.2.14
Version: 9.8.2.15
Version: 9.8.2.17
Version: 9.8.2.20
Version: 9.8.2.24
Version: 9.8.2.26
Version: 9.8.2.28
Version: 9.8.2.33
Version: 9.8.2.35
Version: 9.8.2.38
Version: 9.8.3.8
Version: 9.8.3.11
Version: 9.8.3.14
Version: 9.8.3.16
Version: 9.8.3.18
Version: 9.8.3.21
Version: 9.8.3
Version: 9.8.3.26
Version: 9.8.3.29
Version: 9.8.4
Version: 9.8.4.3
Version: 9.8.4.7
Version: 9.8.4.8
Version: 9.8.4.10
Version: 9.8.4.12
Version: 9.8.4.15
Version: 9.8.4.17
Version: 9.8.2.45
Version: 9.8.4.25
Version: 9.8.4.20
Version: 9.8.4.22
Version: 9.8.4.26
Version: 9.8.4.29
Version: 9.8.4.32
Version: 9.8.4.33
Version: 9.8.4.34
Version: 9.8.4.35
Version: 9.8.4.39
Version: 9.8.4.40
Version: 9.8.4.41
Version: 9.8.4.43
Version: 9.8.4.44
Version: 9.8.4.45
Version: 9.8.4.46
Version: 9.8.4.48
Version: 9.12.1
Version: 9.12.1.2
Version: 9.12.1.3
Version: 9.12.2
Version: 9.12.2.4
Version: 9.12.2.5
Version: 9.12.2.9
Version: 9.12.3
Version: 9.12.3.2
Version: 9.12.3.7
Version: 9.12.4
Version: 9.12.3.12
Version: 9.12.3.9
Version: 9.12.2.1
Version: 9.12.4.2
Version: 9.12.4.4
Version: 9.12.4.7
Version: 9.12.4.10
Version: 9.12.4.13
Version: 9.12.4.8
Version: 9.12.4.18
Version: 9.12.4.24
Version: 9.12.4.26
Version: 9.12.4.29
Version: 9.12.4.30
Version: 9.12.4.35
Version: 9.12.4.37
Version: 9.12.4.38
Version: 9.12.4.39
Version: 9.12.4.40
Version: 9.12.4.41
Version: 9.12.4.47
Version: 9.12.4.48
Version: 9.12.4.50
Version: 9.12.4.52
Version: 9.12.4.54
Version: 9.12.4.55
Version: 9.12.4.56
Version: 9.12.4.58
Version: 9.12.4.62
Version: 9.12.4.65
Version: 9.12.4.67
Version: 9.14.1
Version: 9.14.1.10
Version: 9.14.1.6
Version: 9.14.1.15
Version: 9.14.1.19
Version: 9.14.1.30
Version: 9.14.2
Version: 9.14.2.4
Version: 9.14.2.8
Version: 9.14.2.13
Version: 9.14.2.15
Version: 9.14.3
Version: 9.14.3.1
Version: 9.14.3.9
Version: 9.14.3.11
Version: 9.14.3.13
Version: 9.14.3.18
Version: 9.14.3.15
Version: 9.14.4
Version: 9.14.4.6
Version: 9.14.4.7
Version: 9.14.4.12
Version: 9.14.4.13
Version: 9.14.4.14
Version: 9.14.4.15
Version: 9.14.4.17
Version: 9.14.4.22
Version: 9.14.4.23
Version: 9.14.4.24
Version: 9.15.1
Version: 9.15.1.7
Version: 9.15.1.10
Version: 9.15.1.15
Version: 9.15.1.16
Version: 9.15.1.17
Version: 9.15.1.1
Version: 9.15.1.21
Version: 9.16.1
Version: 9.16.1.28
Version: 9.16.2
Version: 9.16.2.3
Version: 9.16.2.7
Version: 9.16.2.11
Version: 9.16.2.13
Version: 9.16.2.14
Version: 9.16.3
Version: 9.16.3.3
Version: 9.16.3.14
Version: 9.16.3.15
Version: 9.16.3.19
Version: 9.16.3.23
Version: 9.16.4
Version: 9.16.4.9
Version: 9.16.4.14
Version: 9.16.4.18
Version: 9.16.4.19
Version: 9.16.4.27
Version: 9.16.4.38
Version: 9.16.4.39
Version: 9.16.4.42
Version: 9.16.4.48
Version: 9.16.4.55
Version: 9.16.4.57
Version: 9.16.4.61
Version: 9.17.1
Version: 9.17.1.7
Version: 9.17.1.9
Version: 9.17.1.10
Version: 9.17.1.11
Version: 9.17.1.13
Version: 9.17.1.15
Version: 9.17.1.20
Version: 9.17.1.30
Version: 9.17.1.33
Version: 9.17.1.39
Version: 9.18.1
Version: 9.18.1.3
Version: 9.18.2
Version: 9.18.2.5
Version: 9.18.2.7
Version: 9.18.2.8
Version: 9.18.3
Version: 9.18.3.39
Version: 9.18.3.46
Version: 9.18.3.53
Version: 9.18.3.55
Version: 9.18.3.56
Version: 9.18.4
Version: 9.18.4.5
Version: 9.18.4.8
Version: 9.18.4.22
Version: 9.18.4.24
Version: 9.18.4.29
Version: 9.19.1
Version: 9.19.1.5
Version: 9.19.1.9
Version: 9.19.1.12
Version: 9.19.1.18
Version: 9.19.1.22
Version: 9.19.1.24
Version: 9.19.1.27
Version: 9.19.1.28
Version: 9.19.1.31
Version: 9.20.1
Version: 9.20.1.5
Version: 9.20.2
Version: 9.20.2.10
Version: 9.20.2.21
Version: 9.20.2.22

Cisco

Cisco Firepower Threat Defense Software

Version: 6.2.3
Version: 6.2.3.1
Version: 6.2.3.2
Version: 6.2.3.3
Version: 6.2.3.4
Version: 6.2.3.5
Version: 6.2.3.6
Version: 6.2.3.7
Version: 6.2.3.8
Version: 6.2.3.10
Version: 6.2.3.11
Version: 6.2.3.9
Version: 6.2.3.12
Version: 6.2.3.13
Version: 6.2.3.14
Version: 6.2.3.15
Version: 6.2.3.16
Version: 6.2.3.17
Version: 6.2.3.18
Version: 6.6.0
Version: 6.6.0.1
Version: 6.6.1
Version: 6.6.3
Version: 6.6.4
Version: 6.6.5
Version: 6.6.5.1
Version: 6.6.5.2
Version: 6.6.7
Version: 6.6.7.1
Version: 6.6.7.2
Version: 6.4.0
Version: 6.4.0.1
Version: 6.4.0.3
Version: 6.4.0.2
Version: 6.4.0.4
Version: 6.4.0.5
Version: 6.4.0.6
Version: 6.4.0.7
Version: 6.4.0.8
Version: 6.4.0.9
Version: 6.4.0.10
Version: 6.4.0.11
Version: 6.4.0.12
Version: 6.4.0.13
Version: 6.4.0.14
Version: 6.4.0.15
Version: 6.4.0.16
Version: 6.4.0.17
Version: 6.4.0.18
Version: 6.7.0
Version: 6.7.0.1
Version: 6.7.0.2
Version: 6.7.0.3
Version: 7.0.0
Version: 7.0.0.1
Version: 7.0.1
Version: 7.0.1.1
Version: 7.0.2
Version: 7.0.2.1
Version: 7.0.3
Version: 7.0.4
Version: 7.0.5
Version: 7.0.6
Version: 7.0.6.1
Version: 7.0.6.2
Version: 7.1.0
Version: 7.1.0.1
Version: 7.1.0.2
Version: 7.1.0.3
Version: 7.2.0
Version: 7.2.0.1
Version: 7.2.1
Version: 7.2.2
Version: 7.2.3
Version: 7.2.4
Version: 7.2.4.1
Version: 7.2.5
Version: 7.2.5.1
Version: 7.2.6
Version: 7.2.7
Version: 7.2.5.2
Version: 7.2.8
Version: 7.2.8.1
Version: 7.3.0
Version: 7.3.1
Version: 7.3.1.1
Version: 7.3.1.2
Version: 7.4.0
Version: 7.4.1
Version: 7.4.1.1
Version: 7.4.2

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-20382",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-23T18:39:52.355442Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-24T17:47:33.387Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "9.8.1"
            },
            {
              "status": "affected",
              "version": "9.8.1.5"
            },
            {
              "status": "affected",
              "version": "9.8.1.7"
            },
            {
              "status": "affected",
              "version": "9.8.2"
            },
            {
              "status": "affected",
              "version": "9.8.2.8"
            },
            {
              "status": "affected",
              "version": "9.8.2.14"
            },
            {
              "status": "affected",
              "version": "9.8.2.15"
            },
            {
              "status": "affected",
              "version": "9.8.2.17"
            },
            {
              "status": "affected",
              "version": "9.8.2.20"
            },
            {
              "status": "affected",
              "version": "9.8.2.24"
            },
            {
              "status": "affected",
              "version": "9.8.2.26"
            },
            {
              "status": "affected",
              "version": "9.8.2.28"
            },
            {
              "status": "affected",
              "version": "9.8.2.33"
            },
            {
              "status": "affected",
              "version": "9.8.2.35"
            },
            {
              "status": "affected",
              "version": "9.8.2.38"
            },
            {
              "status": "affected",
              "version": "9.8.3.8"
            },
            {
              "status": "affected",
              "version": "9.8.3.11"
            },
            {
              "status": "affected",
              "version": "9.8.3.14"
            },
            {
              "status": "affected",
              "version": "9.8.3.16"
            },
            {
              "status": "affected",
              "version": "9.8.3.18"
            },
            {
              "status": "affected",
              "version": "9.8.3.21"
            },
            {
              "status": "affected",
              "version": "9.8.3"
            },
            {
              "status": "affected",
              "version": "9.8.3.26"
            },
            {
              "status": "affected",
              "version": "9.8.3.29"
            },
            {
              "status": "affected",
              "version": "9.8.4"
            },
            {
              "status": "affected",
              "version": "9.8.4.3"
            },
            {
              "status": "affected",
              "version": "9.8.4.7"
            },
            {
              "status": "affected",
              "version": "9.8.4.8"
            },
            {
              "status": "affected",
              "version": "9.8.4.10"
            },
            {
              "status": "affected",
              "version": "9.8.4.12"
            },
            {
              "status": "affected",
              "version": "9.8.4.15"
            },
            {
              "status": "affected",
              "version": "9.8.4.17"
            },
            {
              "status": "affected",
              "version": "9.8.2.45"
            },
            {
              "status": "affected",
              "version": "9.8.4.25"
            },
            {
              "status": "affected",
              "version": "9.8.4.20"
            },
            {
              "status": "affected",
              "version": "9.8.4.22"
            },
            {
              "status": "affected",
              "version": "9.8.4.26"
            },
            {
              "status": "affected",
              "version": "9.8.4.29"
            },
            {
              "status": "affected",
              "version": "9.8.4.32"
            },
            {
              "status": "affected",
              "version": "9.8.4.33"
            },
            {
              "status": "affected",
              "version": "9.8.4.34"
            },
            {
              "status": "affected",
              "version": "9.8.4.35"
            },
            {
              "status": "affected",
              "version": "9.8.4.39"
            },
            {
              "status": "affected",
              "version": "9.8.4.40"
            },
            {
              "status": "affected",
              "version": "9.8.4.41"
            },
            {
              "status": "affected",
              "version": "9.8.4.43"
            },
            {
              "status": "affected",
              "version": "9.8.4.44"
            },
            {
              "status": "affected",
              "version": "9.8.4.45"
            },
            {
              "status": "affected",
              "version": "9.8.4.46"
            },
            {
              "status": "affected",
              "version": "9.8.4.48"
            },
            {
              "status": "affected",
              "version": "9.12.1"
            },
            {
              "status": "affected",
              "version": "9.12.1.2"
            },
            {
              "status": "affected",
              "version": "9.12.1.3"
            },
            {
              "status": "affected",
              "version": "9.12.2"
            },
            {
              "status": "affected",
              "version": "9.12.2.4"
            },
            {
              "status": "affected",
              "version": "9.12.2.5"
            },
            {
              "status": "affected",
              "version": "9.12.2.9"
            },
            {
              "status": "affected",
              "version": "9.12.3"
            },
            {
              "status": "affected",
              "version": "9.12.3.2"
            },
            {
              "status": "affected",
              "version": "9.12.3.7"
            },
            {
              "status": "affected",
              "version": "9.12.4"
            },
            {
              "status": "affected",
              "version": "9.12.3.12"
            },
            {
              "status": "affected",
              "version": "9.12.3.9"
            },
            {
              "status": "affected",
              "version": "9.12.2.1"
            },
            {
              "status": "affected",
              "version": "9.12.4.2"
            },
            {
              "status": "affected",
              "version": "9.12.4.4"
            },
            {
              "status": "affected",
              "version": "9.12.4.7"
            },
            {
              "status": "affected",
              "version": "9.12.4.10"
            },
            {
              "status": "affected",
              "version": "9.12.4.13"
            },
            {
              "status": "affected",
              "version": "9.12.4.8"
            },
            {
              "status": "affected",
              "version": "9.12.4.18"
            },
            {
              "status": "affected",
              "version": "9.12.4.24"
            },
            {
              "status": "affected",
              "version": "9.12.4.26"
            },
            {
              "status": "affected",
              "version": "9.12.4.29"
            },
            {
              "status": "affected",
              "version": "9.12.4.30"
            },
            {
              "status": "affected",
              "version": "9.12.4.35"
            },
            {
              "status": "affected",
              "version": "9.12.4.37"
            },
            {
              "status": "affected",
              "version": "9.12.4.38"
            },
            {
              "status": "affected",
              "version": "9.12.4.39"
            },
            {
              "status": "affected",
              "version": "9.12.4.40"
            },
            {
              "status": "affected",
              "version": "9.12.4.41"
            },
            {
              "status": "affected",
              "version": "9.12.4.47"
            },
            {
              "status": "affected",
              "version": "9.12.4.48"
            },
            {
              "status": "affected",
              "version": "9.12.4.50"
            },
            {
              "status": "affected",
              "version": "9.12.4.52"
            },
            {
              "status": "affected",
              "version": "9.12.4.54"
            },
            {
              "status": "affected",
              "version": "9.12.4.55"
            },
            {
              "status": "affected",
              "version": "9.12.4.56"
            },
            {
              "status": "affected",
              "version": "9.12.4.58"
            },
            {
              "status": "affected",
              "version": "9.12.4.62"
            },
            {
              "status": "affected",
              "version": "9.12.4.65"
            },
            {
              "status": "affected",
              "version": "9.12.4.67"
            },
            {
              "status": "affected",
              "version": "9.14.1"
            },
            {
              "status": "affected",
              "version": "9.14.1.10"
            },
            {
              "status": "affected",
              "version": "9.14.1.6"
            },
            {
              "status": "affected",
              "version": "9.14.1.15"
            },
            {
              "status": "affected",
              "version": "9.14.1.19"
            },
            {
              "status": "affected",
              "version": "9.14.1.30"
            },
            {
              "status": "affected",
              "version": "9.14.2"
            },
            {
              "status": "affected",
              "version": "9.14.2.4"
            },
            {
              "status": "affected",
              "version": "9.14.2.8"
            },
            {
              "status": "affected",
              "version": "9.14.2.13"
            },
            {
              "status": "affected",
              "version": "9.14.2.15"
            },
            {
              "status": "affected",
              "version": "9.14.3"
            },
            {
              "status": "affected",
              "version": "9.14.3.1"
            },
            {
              "status": "affected",
              "version": "9.14.3.9"
            },
            {
              "status": "affected",
              "version": "9.14.3.11"
            },
            {
              "status": "affected",
              "version": "9.14.3.13"
            },
            {
              "status": "affected",
              "version": "9.14.3.18"
            },
            {
              "status": "affected",
              "version": "9.14.3.15"
            },
            {
              "status": "affected",
              "version": "9.14.4"
            },
            {
              "status": "affected",
              "version": "9.14.4.6"
            },
            {
              "status": "affected",
              "version": "9.14.4.7"
            },
            {
              "status": "affected",
              "version": "9.14.4.12"
            },
            {
              "status": "affected",
              "version": "9.14.4.13"
            },
            {
              "status": "affected",
              "version": "9.14.4.14"
            },
            {
              "status": "affected",
              "version": "9.14.4.15"
            },
            {
              "status": "affected",
              "version": "9.14.4.17"
            },
            {
              "status": "affected",
              "version": "9.14.4.22"
            },
            {
              "status": "affected",
              "version": "9.14.4.23"
            },
            {
              "status": "affected",
              "version": "9.14.4.24"
            },
            {
              "status": "affected",
              "version": "9.15.1"
            },
            {
              "status": "affected",
              "version": "9.15.1.7"
            },
            {
              "status": "affected",
              "version": "9.15.1.10"
            },
            {
              "status": "affected",
              "version": "9.15.1.15"
            },
            {
              "status": "affected",
              "version": "9.15.1.16"
            },
            {
              "status": "affected",
              "version": "9.15.1.17"
            },
            {
              "status": "affected",
              "version": "9.15.1.1"
            },
            {
              "status": "affected",
              "version": "9.15.1.21"
            },
            {
              "status": "affected",
              "version": "9.16.1"
            },
            {
              "status": "affected",
              "version": "9.16.1.28"
            },
            {
              "status": "affected",
              "version": "9.16.2"
            },
            {
              "status": "affected",
              "version": "9.16.2.3"
            },
            {
              "status": "affected",
              "version": "9.16.2.7"
            },
            {
              "status": "affected",
              "version": "9.16.2.11"
            },
            {
              "status": "affected",
              "version": "9.16.2.13"
            },
            {
              "status": "affected",
              "version": "9.16.2.14"
            },
            {
              "status": "affected",
              "version": "9.16.3"
            },
            {
              "status": "affected",
              "version": "9.16.3.3"
            },
            {
              "status": "affected",
              "version": "9.16.3.14"
            },
            {
              "status": "affected",
              "version": "9.16.3.15"
            },
            {
              "status": "affected",
              "version": "9.16.3.19"
            },
            {
              "status": "affected",
              "version": "9.16.3.23"
            },
            {
              "status": "affected",
              "version": "9.16.4"
            },
            {
              "status": "affected",
              "version": "9.16.4.9"
            },
            {
              "status": "affected",
              "version": "9.16.4.14"
            },
            {
              "status": "affected",
              "version": "9.16.4.18"
            },
            {
              "status": "affected",
              "version": "9.16.4.19"
            },
            {
              "status": "affected",
              "version": "9.16.4.27"
            },
            {
              "status": "affected",
              "version": "9.16.4.38"
            },
            {
              "status": "affected",
              "version": "9.16.4.39"
            },
            {
              "status": "affected",
              "version": "9.16.4.42"
            },
            {
              "status": "affected",
              "version": "9.16.4.48"
            },
            {
              "status": "affected",
              "version": "9.16.4.55"
            },
            {
              "status": "affected",
              "version": "9.16.4.57"
            },
            {
              "status": "affected",
              "version": "9.16.4.61"
            },
            {
              "status": "affected",
              "version": "9.17.1"
            },
            {
              "status": "affected",
              "version": "9.17.1.7"
            },
            {
              "status": "affected",
              "version": "9.17.1.9"
            },
            {
              "status": "affected",
              "version": "9.17.1.10"
            },
            {
              "status": "affected",
              "version": "9.17.1.11"
            },
            {
              "status": "affected",
              "version": "9.17.1.13"
            },
            {
              "status": "affected",
              "version": "9.17.1.15"
            },
            {
              "status": "affected",
              "version": "9.17.1.20"
            },
            {
              "status": "affected",
              "version": "9.17.1.30"
            },
            {
              "status": "affected",
              "version": "9.17.1.33"
            },
            {
              "status": "affected",
              "version": "9.17.1.39"
            },
            {
              "status": "affected",
              "version": "9.18.1"
            },
            {
              "status": "affected",
              "version": "9.18.1.3"
            },
            {
              "status": "affected",
              "version": "9.18.2"
            },
            {
              "status": "affected",
              "version": "9.18.2.5"
            },
            {
              "status": "affected",
              "version": "9.18.2.7"
            },
            {
              "status": "affected",
              "version": "9.18.2.8"
            },
            {
              "status": "affected",
              "version": "9.18.3"
            },
            {
              "status": "affected",
              "version": "9.18.3.39"
            },
            {
              "status": "affected",
              "version": "9.18.3.46"
            },
            {
              "status": "affected",
              "version": "9.18.3.53"
            },
            {
              "status": "affected",
              "version": "9.18.3.55"
            },
            {
              "status": "affected",
              "version": "9.18.3.56"
            },
            {
              "status": "affected",
              "version": "9.18.4"
            },
            {
              "status": "affected",
              "version": "9.18.4.5"
            },
            {
              "status": "affected",
              "version": "9.18.4.8"
            },
            {
              "status": "affected",
              "version": "9.18.4.22"
            },
            {
              "status": "affected",
              "version": "9.18.4.24"
            },
            {
              "status": "affected",
              "version": "9.18.4.29"
            },
            {
              "status": "affected",
              "version": "9.19.1"
            },
            {
              "status": "affected",
              "version": "9.19.1.5"
            },
            {
              "status": "affected",
              "version": "9.19.1.9"
            },
            {
              "status": "affected",
              "version": "9.19.1.12"
            },
            {
              "status": "affected",
              "version": "9.19.1.18"
            },
            {
              "status": "affected",
              "version": "9.19.1.22"
            },
            {
              "status": "affected",
              "version": "9.19.1.24"
            },
            {
              "status": "affected",
              "version": "9.19.1.27"
            },
            {
              "status": "affected",
              "version": "9.19.1.28"
            },
            {
              "status": "affected",
              "version": "9.19.1.31"
            },
            {
              "status": "affected",
              "version": "9.20.1"
            },
            {
              "status": "affected",
              "version": "9.20.1.5"
            },
            {
              "status": "affected",
              "version": "9.20.2"
            },
            {
              "status": "affected",
              "version": "9.20.2.10"
            },
            {
              "status": "affected",
              "version": "9.20.2.21"
            },
            {
              "status": "affected",
              "version": "9.20.2.22"
            }
          ]
        },
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "6.2.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.1"
            },
            {
              "status": "affected",
              "version": "6.2.3.2"
            },
            {
              "status": "affected",
              "version": "6.2.3.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.4"
            },
            {
              "status": "affected",
              "version": "6.2.3.5"
            },
            {
              "status": "affected",
              "version": "6.2.3.6"
            },
            {
              "status": "affected",
              "version": "6.2.3.7"
            },
            {
              "status": "affected",
              "version": "6.2.3.8"
            },
            {
              "status": "affected",
              "version": "6.2.3.10"
            },
            {
              "status": "affected",
              "version": "6.2.3.11"
            },
            {
              "status": "affected",
              "version": "6.2.3.9"
            },
            {
              "status": "affected",
              "version": "6.2.3.12"
            },
            {
              "status": "affected",
              "version": "6.2.3.13"
            },
            {
              "status": "affected",
              "version": "6.2.3.14"
            },
            {
              "status": "affected",
              "version": "6.2.3.15"
            },
            {
              "status": "affected",
              "version": "6.2.3.16"
            },
            {
              "status": "affected",
              "version": "6.2.3.17"
            },
            {
              "status": "affected",
              "version": "6.2.3.18"
            },
            {
              "status": "affected",
              "version": "6.6.0"
            },
            {
              "status": "affected",
              "version": "6.6.0.1"
            },
            {
              "status": "affected",
              "version": "6.6.1"
            },
            {
              "status": "affected",
              "version": "6.6.3"
            },
            {
              "status": "affected",
              "version": "6.6.4"
            },
            {
              "status": "affected",
              "version": "6.6.5"
            },
            {
              "status": "affected",
              "version": "6.6.5.1"
            },
            {
              "status": "affected",
              "version": "6.6.5.2"
            },
            {
              "status": "affected",
              "version": "6.6.7"
            },
            {
              "status": "affected",
              "version": "6.6.7.1"
            },
            {
              "status": "affected",
              "version": "6.6.7.2"
            },
            {
              "status": "affected",
              "version": "6.4.0"
            },
            {
              "status": "affected",
              "version": "6.4.0.1"
            },
            {
              "status": "affected",
              "version": "6.4.0.3"
            },
            {
              "status": "affected",
              "version": "6.4.0.2"
            },
            {
              "status": "affected",
              "version": "6.4.0.4"
            },
            {
              "status": "affected",
              "version": "6.4.0.5"
            },
            {
              "status": "affected",
              "version": "6.4.0.6"
            },
            {
              "status": "affected",
              "version": "6.4.0.7"
            },
            {
              "status": "affected",
              "version": "6.4.0.8"
            },
            {
              "status": "affected",
              "version": "6.4.0.9"
            },
            {
              "status": "affected",
              "version": "6.4.0.10"
            },
            {
              "status": "affected",
              "version": "6.4.0.11"
            },
            {
              "status": "affected",
              "version": "6.4.0.12"
            },
            {
              "status": "affected",
              "version": "6.4.0.13"
            },
            {
              "status": "affected",
              "version": "6.4.0.14"
            },
            {
              "status": "affected",
              "version": "6.4.0.15"
            },
            {
              "status": "affected",
              "version": "6.4.0.16"
            },
            {
              "status": "affected",
              "version": "6.4.0.17"
            },
            {
              "status": "affected",
              "version": "6.4.0.18"
            },
            {
              "status": "affected",
              "version": "6.7.0"
            },
            {
              "status": "affected",
              "version": "6.7.0.1"
            },
            {
              "status": "affected",
              "version": "6.7.0.2"
            },
            {
              "status": "affected",
              "version": "6.7.0.3"
            },
            {
              "status": "affected",
              "version": "7.0.0"
            },
            {
              "status": "affected",
              "version": "7.0.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1.1"
            },
            {
              "status": "affected",
              "version": "7.0.2"
            },
            {
              "status": "affected",
              "version": "7.0.2.1"
            },
            {
              "status": "affected",
              "version": "7.0.3"
            },
            {
              "status": "affected",
              "version": "7.0.4"
            },
            {
              "status": "affected",
              "version": "7.0.5"
            },
            {
              "status": "affected",
              "version": "7.0.6"
            },
            {
              "status": "affected",
              "version": "7.0.6.1"
            },
            {
              "status": "affected",
              "version": "7.0.6.2"
            },
            {
              "status": "affected",
              "version": "7.1.0"
            },
            {
              "status": "affected",
              "version": "7.1.0.1"
            },
            {
              "status": "affected",
              "version": "7.1.0.2"
            },
            {
              "status": "affected",
              "version": "7.1.0.3"
            },
            {
              "status": "affected",
              "version": "7.2.0"
            },
            {
              "status": "affected",
              "version": "7.2.0.1"
            },
            {
              "status": "affected",
              "version": "7.2.1"
            },
            {
              "status": "affected",
              "version": "7.2.2"
            },
            {
              "status": "affected",
              "version": "7.2.3"
            },
            {
              "status": "affected",
              "version": "7.2.4"
            },
            {
              "status": "affected",
              "version": "7.2.4.1"
            },
            {
              "status": "affected",
              "version": "7.2.5"
            },
            {
              "status": "affected",
              "version": "7.2.5.1"
            },
            {
              "status": "affected",
              "version": "7.2.6"
            },
            {
              "status": "affected",
              "version": "7.2.7"
            },
            {
              "status": "affected",
              "version": "7.2.5.2"
            },
            {
              "status": "affected",
              "version": "7.2.8"
            },
            {
              "status": "affected",
              "version": "7.2.8.1"
            },
            {
              "status": "affected",
              "version": "7.3.0"
            },
            {
              "status": "affected",
              "version": "7.3.1"
            },
            {
              "status": "affected",
              "version": "7.3.1.1"
            },
            {
              "status": "affected",
              "version": "7.3.1.2"
            },
            {
              "status": "affected",
              "version": "7.4.0"
            },
            {
              "status": "affected",
              "version": "7.4.1"
            },
            {
              "status": "affected",
              "version": "7.4.1.1"
            },
            {
              "status": "affected",
              "version": "7.4.2"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the VPN web client services feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a browser that is accessing an affected device. This vulnerability is due to improper validation of user-supplied input to application endpoints. An attacker could exploit this vulnerability by persuading a user to follow a link designed to submit malicious input to the affected application. A successful exploit could allow the attacker to execute arbitrary HTML or script code in the browser in the context of the web services page."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-80",
              "description": "Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-23T17:31:49.114Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-asaftd-xss-yjj7ZjVq",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-xss-yjj7ZjVq"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asaftd-xss-yjj7ZjVq",
        "defects": [
          "CSCwj49745"
        ],
        "discovery": "INTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2024-20382",
    "datePublished": "2024-10-23T17:31:49.114Z",
    "dateReserved": "2023-11-08T15:08:07.657Z",
    "dateUpdated": "2024-10-24T17:47:33.387Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-3561 (GCVE-0-2020-3561)

Vulnerability from cvelistv5

Published

2020-10-21 18:41

Modified

2024-11-13 17:46

Severity ?

4.7 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N

CWE

CWE-93

Summary

A vulnerability in the Clientless SSL VPN (WebVPN) of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to inject arbitrary HTTP headers in the responses of the affected system. The vulnerability is due to improper input sanitization. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to conduct a CRLF injection attack, adding arbitrary HTTP headers in the responses of the system and redirecting the user to arbitrary websites.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-crlf-inj-BX9uRwSn	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Adaptive Security Appliance (ASA) Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T07:37:54.980Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software WebVPN CRLF Injection Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-crlf-inj-BX9uRwSn"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-3561",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-13T17:22:44.032373Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-13T17:46:01.904Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2020-10-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Clientless SSL VPN (WebVPN) of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to inject arbitrary HTTP headers in the responses of the affected system. The vulnerability is due to improper input sanitization. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to conduct a CRLF injection attack, adding arbitrary HTTP headers in the responses of the system and redirecting the user to arbitrary websites."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-93",
              "description": "CWE-93",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-21T18:41:14",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software WebVPN CRLF Injection Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-crlf-inj-BX9uRwSn"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asa-ftd-crlf-inj-BX9uRwSn",
        "defect": [
          [
            "CSCvt18028"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software WebVPN CRLF Injection Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2020-10-21T16:00:00",
          "ID": "CVE-2020-3561",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software WebVPN CRLF Injection Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the Clientless SSL VPN (WebVPN) of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to inject arbitrary HTTP headers in the responses of the affected system. The vulnerability is due to improper input sanitization. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to conduct a CRLF injection attack, adding arbitrary HTTP headers in the responses of the system and redirecting the user to arbitrary websites."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "4.7",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-93"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software WebVPN CRLF Injection Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-crlf-inj-BX9uRwSn"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-asa-ftd-crlf-inj-BX9uRwSn",
          "defect": [
            [
              "CSCvt18028"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2020-3561",
    "datePublished": "2020-10-21T18:41:14.587726Z",
    "dateReserved": "2019-12-12T00:00:00",
    "dateUpdated": "2024-11-13T17:46:01.904Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-20934 (GCVE-0-2022-20934)

Vulnerability from cvelistv5

Published

2022-11-10 17:34

Modified

2024-11-19 21:04

Severity ?

6.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

CWE

CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')

Summary

A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software and Cisco FXOS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as root. This vulnerability is due to improper input validation for specific CLI commands. An attacker could exploit this vulnerability by injecting operating system commands into a legitimate command. A successful exploit could allow the attacker to escape the restricted command prompt and execute arbitrary commands on the underlying operating system. To successfully exploit this vulnerability, an attacker would need valid Administrator credentials.

References

▼	URL	Tags
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-fxos-cmd-inj-Q9bLNsrK

Impacted products

Vendor

Product

Version

▼

Cisco

Cisco Firepower Threat Defense Software

Version: 6.2.3
Version: 6.2.3.1
Version: 6.2.3.2
Version: 6.2.3.3
Version: 6.2.3.4
Version: 6.2.3.5
Version: 6.2.3.6
Version: 6.2.3.7
Version: 6.2.3.8
Version: 6.2.3.10
Version: 6.2.3.11
Version: 6.2.3.9
Version: 6.2.3.12
Version: 6.2.3.13
Version: 6.2.3.14
Version: 6.2.3.15
Version: 6.2.3.16
Version: 6.2.3.17
Version: 6.2.3.18
Version: 6.6.0
Version: 6.6.0.1
Version: 6.6.1
Version: 6.6.3
Version: 6.6.4
Version: 6.6.5
Version: 6.6.5.1
Version: 6.6.5.2
Version: 6.6.7
Version: 6.4.0
Version: 6.4.0.1
Version: 6.4.0.3
Version: 6.4.0.2
Version: 6.4.0.4
Version: 6.4.0.5
Version: 6.4.0.6
Version: 6.4.0.7
Version: 6.4.0.8
Version: 6.4.0.9
Version: 6.4.0.10
Version: 6.4.0.11
Version: 6.4.0.12
Version: 6.4.0.13
Version: 6.4.0.14
Version: 6.4.0.15
Version: 6.7.0
Version: 6.7.0.1
Version: 6.7.0.2
Version: 6.7.0.3
Version: 7.0.0
Version: 7.0.0.1
Version: 7.0.1
Version: 7.0.1.1
Version: 7.0.2
Version: 7.0.2.1
Version: 7.0.3
Version: 7.0.4
Version: 7.1.0
Version: 7.1.0.1
Version: 7.1.0.2
Version: 7.2.0
Version: 7.2.0.1

Cisco

Cisco Firepower Extensible Operating System (FXOS)

Version: 2.2.1.63
Version: 2.2.1.66
Version: 2.2.1.70
Version: 2.2.2.17
Version: 2.2.2.19
Version: 2.2.2.24
Version: 2.2.2.26
Version: 2.2.2.28
Version: 2.2.2.54
Version: 2.2.2.60
Version: 2.2.2.71
Version: 2.2.2.83
Version: 2.2.2.86
Version: 2.2.2.91
Version: 2.2.2.97
Version: 2.2.2.101
Version: 2.2.2.137
Version: 2.2.2.148
Version: 2.2.2.149
Version: 2.3.1.99
Version: 2.3.1.93
Version: 2.3.1.91
Version: 2.3.1.88
Version: 2.3.1.75
Version: 2.3.1.73
Version: 2.3.1.66
Version: 2.3.1.58
Version: 2.3.1.130
Version: 2.3.1.111
Version: 2.3.1.110
Version: 2.3.1.144
Version: 2.3.1.145
Version: 2.3.1.155
Version: 2.3.1.166
Version: 2.3.1.173
Version: 2.3.1.179
Version: 2.3.1.180
Version: 2.3.1.56
Version: 2.3.1.190
Version: 2.3.1.215
Version: 2.3.1.216
Version: 2.3.1.219
Version: 2.6.1.131
Version: 2.6.1.157
Version: 2.6.1.166
Version: 2.6.1.169
Version: 2.6.1.174
Version: 2.6.1.187
Version: 2.6.1.192
Version: 2.6.1.204
Version: 2.6.1.214
Version: 2.6.1.224
Version: 2.6.1.229
Version: 2.6.1.230
Version: 2.6.1.238
Version: 2.6.1.239
Version: 2.6.1.254
Version: 2.8.1.105
Version: 2.8.1.125
Version: 2.8.1.139
Version: 2.8.1.143
Version: 2.8.1.152
Version: 2.8.1.162
Version: 2.8.1.164
Version: 2.8.1.172
Version: 2.9.1.131
Version: 2.9.1.135
Version: 2.9.1.143
Version: 2.9.1.150
Version: 2.9.1.158
Version: 2.10.1.159
Version: 2.10.1.166
Version: 2.10.1.179
Version: 2.11.1.154

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T02:31:57.971Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "cisco-sa-ftd-fxos-cmd-inj-Q9bLNsrK",
            "tags": [
              "x_transferred"
            ],
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-fxos-cmd-inj-Q9bLNsrK"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-20934",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-01-29T21:06:56.393039Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-19T21:04:59.680Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "6.2.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.1"
            },
            {
              "status": "affected",
              "version": "6.2.3.2"
            },
            {
              "status": "affected",
              "version": "6.2.3.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.4"
            },
            {
              "status": "affected",
              "version": "6.2.3.5"
            },
            {
              "status": "affected",
              "version": "6.2.3.6"
            },
            {
              "status": "affected",
              "version": "6.2.3.7"
            },
            {
              "status": "affected",
              "version": "6.2.3.8"
            },
            {
              "status": "affected",
              "version": "6.2.3.10"
            },
            {
              "status": "affected",
              "version": "6.2.3.11"
            },
            {
              "status": "affected",
              "version": "6.2.3.9"
            },
            {
              "status": "affected",
              "version": "6.2.3.12"
            },
            {
              "status": "affected",
              "version": "6.2.3.13"
            },
            {
              "status": "affected",
              "version": "6.2.3.14"
            },
            {
              "status": "affected",
              "version": "6.2.3.15"
            },
            {
              "status": "affected",
              "version": "6.2.3.16"
            },
            {
              "status": "affected",
              "version": "6.2.3.17"
            },
            {
              "status": "affected",
              "version": "6.2.3.18"
            },
            {
              "status": "affected",
              "version": "6.6.0"
            },
            {
              "status": "affected",
              "version": "6.6.0.1"
            },
            {
              "status": "affected",
              "version": "6.6.1"
            },
            {
              "status": "affected",
              "version": "6.6.3"
            },
            {
              "status": "affected",
              "version": "6.6.4"
            },
            {
              "status": "affected",
              "version": "6.6.5"
            },
            {
              "status": "affected",
              "version": "6.6.5.1"
            },
            {
              "status": "affected",
              "version": "6.6.5.2"
            },
            {
              "status": "affected",
              "version": "6.6.7"
            },
            {
              "status": "affected",
              "version": "6.4.0"
            },
            {
              "status": "affected",
              "version": "6.4.0.1"
            },
            {
              "status": "affected",
              "version": "6.4.0.3"
            },
            {
              "status": "affected",
              "version": "6.4.0.2"
            },
            {
              "status": "affected",
              "version": "6.4.0.4"
            },
            {
              "status": "affected",
              "version": "6.4.0.5"
            },
            {
              "status": "affected",
              "version": "6.4.0.6"
            },
            {
              "status": "affected",
              "version": "6.4.0.7"
            },
            {
              "status": "affected",
              "version": "6.4.0.8"
            },
            {
              "status": "affected",
              "version": "6.4.0.9"
            },
            {
              "status": "affected",
              "version": "6.4.0.10"
            },
            {
              "status": "affected",
              "version": "6.4.0.11"
            },
            {
              "status": "affected",
              "version": "6.4.0.12"
            },
            {
              "status": "affected",
              "version": "6.4.0.13"
            },
            {
              "status": "affected",
              "version": "6.4.0.14"
            },
            {
              "status": "affected",
              "version": "6.4.0.15"
            },
            {
              "status": "affected",
              "version": "6.7.0"
            },
            {
              "status": "affected",
              "version": "6.7.0.1"
            },
            {
              "status": "affected",
              "version": "6.7.0.2"
            },
            {
              "status": "affected",
              "version": "6.7.0.3"
            },
            {
              "status": "affected",
              "version": "7.0.0"
            },
            {
              "status": "affected",
              "version": "7.0.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1.1"
            },
            {
              "status": "affected",
              "version": "7.0.2"
            },
            {
              "status": "affected",
              "version": "7.0.2.1"
            },
            {
              "status": "affected",
              "version": "7.0.3"
            },
            {
              "status": "affected",
              "version": "7.0.4"
            },
            {
              "status": "affected",
              "version": "7.1.0"
            },
            {
              "status": "affected",
              "version": "7.1.0.1"
            },
            {
              "status": "affected",
              "version": "7.1.0.2"
            },
            {
              "status": "affected",
              "version": "7.2.0"
            },
            {
              "status": "affected",
              "version": "7.2.0.1"
            }
          ]
        },
        {
          "product": "Cisco Firepower Extensible Operating System (FXOS)",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "2.2.1.63"
            },
            {
              "status": "affected",
              "version": "2.2.1.66"
            },
            {
              "status": "affected",
              "version": "2.2.1.70"
            },
            {
              "status": "affected",
              "version": "2.2.2.17"
            },
            {
              "status": "affected",
              "version": "2.2.2.19"
            },
            {
              "status": "affected",
              "version": "2.2.2.24"
            },
            {
              "status": "affected",
              "version": "2.2.2.26"
            },
            {
              "status": "affected",
              "version": "2.2.2.28"
            },
            {
              "status": "affected",
              "version": "2.2.2.54"
            },
            {
              "status": "affected",
              "version": "2.2.2.60"
            },
            {
              "status": "affected",
              "version": "2.2.2.71"
            },
            {
              "status": "affected",
              "version": "2.2.2.83"
            },
            {
              "status": "affected",
              "version": "2.2.2.86"
            },
            {
              "status": "affected",
              "version": "2.2.2.91"
            },
            {
              "status": "affected",
              "version": "2.2.2.97"
            },
            {
              "status": "affected",
              "version": "2.2.2.101"
            },
            {
              "status": "affected",
              "version": "2.2.2.137"
            },
            {
              "status": "affected",
              "version": "2.2.2.148"
            },
            {
              "status": "affected",
              "version": "2.2.2.149"
            },
            {
              "status": "affected",
              "version": "2.3.1.99"
            },
            {
              "status": "affected",
              "version": "2.3.1.93"
            },
            {
              "status": "affected",
              "version": "2.3.1.91"
            },
            {
              "status": "affected",
              "version": "2.3.1.88"
            },
            {
              "status": "affected",
              "version": "2.3.1.75"
            },
            {
              "status": "affected",
              "version": "2.3.1.73"
            },
            {
              "status": "affected",
              "version": "2.3.1.66"
            },
            {
              "status": "affected",
              "version": "2.3.1.58"
            },
            {
              "status": "affected",
              "version": "2.3.1.130"
            },
            {
              "status": "affected",
              "version": "2.3.1.111"
            },
            {
              "status": "affected",
              "version": "2.3.1.110"
            },
            {
              "status": "affected",
              "version": "2.3.1.144"
            },
            {
              "status": "affected",
              "version": "2.3.1.145"
            },
            {
              "status": "affected",
              "version": "2.3.1.155"
            },
            {
              "status": "affected",
              "version": "2.3.1.166"
            },
            {
              "status": "affected",
              "version": "2.3.1.173"
            },
            {
              "status": "affected",
              "version": "2.3.1.179"
            },
            {
              "status": "affected",
              "version": "2.3.1.180"
            },
            {
              "status": "affected",
              "version": "2.3.1.56"
            },
            {
              "status": "affected",
              "version": "2.3.1.190"
            },
            {
              "status": "affected",
              "version": "2.3.1.215"
            },
            {
              "status": "affected",
              "version": "2.3.1.216"
            },
            {
              "status": "affected",
              "version": "2.3.1.219"
            },
            {
              "status": "affected",
              "version": "2.6.1.131"
            },
            {
              "status": "affected",
              "version": "2.6.1.157"
            },
            {
              "status": "affected",
              "version": "2.6.1.166"
            },
            {
              "status": "affected",
              "version": "2.6.1.169"
            },
            {
              "status": "affected",
              "version": "2.6.1.174"
            },
            {
              "status": "affected",
              "version": "2.6.1.187"
            },
            {
              "status": "affected",
              "version": "2.6.1.192"
            },
            {
              "status": "affected",
              "version": "2.6.1.204"
            },
            {
              "status": "affected",
              "version": "2.6.1.214"
            },
            {
              "status": "affected",
              "version": "2.6.1.224"
            },
            {
              "status": "affected",
              "version": "2.6.1.229"
            },
            {
              "status": "affected",
              "version": "2.6.1.230"
            },
            {
              "status": "affected",
              "version": "2.6.1.238"
            },
            {
              "status": "affected",
              "version": "2.6.1.239"
            },
            {
              "status": "affected",
              "version": "2.6.1.254"
            },
            {
              "status": "affected",
              "version": "2.8.1.105"
            },
            {
              "status": "affected",
              "version": "2.8.1.125"
            },
            {
              "status": "affected",
              "version": "2.8.1.139"
            },
            {
              "status": "affected",
              "version": "2.8.1.143"
            },
            {
              "status": "affected",
              "version": "2.8.1.152"
            },
            {
              "status": "affected",
              "version": "2.8.1.162"
            },
            {
              "status": "affected",
              "version": "2.8.1.164"
            },
            {
              "status": "affected",
              "version": "2.8.1.172"
            },
            {
              "status": "affected",
              "version": "2.9.1.131"
            },
            {
              "status": "affected",
              "version": "2.9.1.135"
            },
            {
              "status": "affected",
              "version": "2.9.1.143"
            },
            {
              "status": "affected",
              "version": "2.9.1.150"
            },
            {
              "status": "affected",
              "version": "2.9.1.158"
            },
            {
              "status": "affected",
              "version": "2.10.1.159"
            },
            {
              "status": "affected",
              "version": "2.10.1.166"
            },
            {
              "status": "affected",
              "version": "2.10.1.179"
            },
            {
              "status": "affected",
              "version": "2.11.1.154"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software and Cisco FXOS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as root.\r\n\r This vulnerability is due to improper input validation for specific CLI commands. An attacker could exploit this vulnerability by injecting operating system commands into a legitimate command. A successful exploit could allow the attacker to escape the restricted command prompt and execute arbitrary commands on the underlying operating system. To successfully exploit this vulnerability, an attacker would need valid Administrator credentials."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-77",
              "description": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-25T16:57:16.127Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-ftd-fxos-cmd-inj-Q9bLNsrK",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-fxos-cmd-inj-Q9bLNsrK"
        }
      ],
      "source": {
        "advisory": "cisco-sa-ftd-fxos-cmd-inj-Q9bLNsrK",
        "defects": [
          "CSCwb41854",
          "CSCwc02133"
        ],
        "discovery": "INTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2022-20934",
    "datePublished": "2022-11-10T17:34:14.014Z",
    "dateReserved": "2021-11-02T13:28:29.192Z",
    "dateUpdated": "2024-11-19T21:04:59.680Z",
    "requesterUserId": "4087f8c1-b21c-479b-99df-de23cb76b743",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-3529 (GCVE-0-2020-3529)

Vulnerability from cvelistv5

Published

2020-10-21 18:35

Modified

2024-11-13 17:50

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-400

Summary

A vulnerability in the SSL VPN negotiation process for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to inefficient direct memory access (DMA) memory management during the negotiation phase of an SSL VPN connection. An attacker could exploit this vulnerability by sending a steady stream of crafted Datagram TLS (DTLS) traffic to an affected device. A successful exploit could allow the attacker to exhaust DMA memory on the device and cause a DoS condition.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-sslvpndma-dos-HRrqB9Yx	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Adaptive Security Appliance (ASA) Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T07:37:54.861Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL VPN Direct Memory Access Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-sslvpndma-dos-HRrqB9Yx"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-3529",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-13T17:12:27.863718Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-13T17:50:14.155Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2020-10-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the SSL VPN negotiation process for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to inefficient direct memory access (DMA) memory management during the negotiation phase of an SSL VPN connection. An attacker could exploit this vulnerability by sending a steady stream of crafted Datagram TLS (DTLS) traffic to an affected device. A successful exploit could allow the attacker to exhaust DMA memory on the device and cause a DoS condition."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-21T18:35:35",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL VPN Direct Memory Access Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-sslvpndma-dos-HRrqB9Yx"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asaftd-sslvpndma-dos-HRrqB9Yx",
        "defect": [
          [
            "CSCvu59817"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL VPN Direct Memory Access Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2020-10-21T16:00:00",
          "ID": "CVE-2020-3529",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL VPN Direct Memory Access Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the SSL VPN negotiation process for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to inefficient direct memory access (DMA) memory management during the negotiation phase of an SSL VPN connection. An attacker could exploit this vulnerability by sending a steady stream of crafted Datagram TLS (DTLS) traffic to an affected device. A successful exploit could allow the attacker to exhaust DMA memory on the device and cause a DoS condition."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.6",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-400"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL VPN Direct Memory Access Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-sslvpndma-dos-HRrqB9Yx"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-asaftd-sslvpndma-dos-HRrqB9Yx",
          "defect": [
            [
              "CSCvu59817"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2020-3529",
    "datePublished": "2020-10-21T18:35:35.349798Z",
    "dateReserved": "2019-12-12T00:00:00",
    "dateUpdated": "2024-11-13T17:50:14.155Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-3305 (GCVE-0-2020-3305)

Vulnerability from cvelistv5

Published

2020-05-06 16:42

Modified

2024-11-15 17:22

Severity ?

6.8 (Medium) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-400

Summary

A vulnerability in the implementation of the Border Gateway Protocol (BGP) module in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incorrect processing of certain BGP packets. An attacker could exploit this vulnerability by sending a crafted BGP packet. A successful exploit could allow the attacker to cause a DoS condition on the affected device.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-dos-P43GCE5j	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Adaptive Security Appliance (ASA) Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T07:30:57.658Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20200506 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software BGP Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-dos-P43GCE5j"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-3305",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-15T16:28:34.112185Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-15T17:22:45.767Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2020-05-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the implementation of the Border Gateway Protocol (BGP) module in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incorrect processing of certain BGP packets. An attacker could exploit this vulnerability by sending a crafted BGP packet. A successful exploit could allow the attacker to cause a DoS condition on the affected device."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-05-06T16:42:25",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20200506 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software BGP Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-dos-P43GCE5j"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asa-dos-P43GCE5j",
        "defect": [
          [
            "CSCvq66092"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software BGP Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2020-05-06T16:00:00-0700",
          "ID": "CVE-2020-3305",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software BGP Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the implementation of the Border Gateway Protocol (BGP) module in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incorrect processing of certain BGP packets. An attacker could exploit this vulnerability by sending a crafted BGP packet. A successful exploit could allow the attacker to cause a DoS condition on the affected device."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "6.8",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-400"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20200506 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software BGP Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-dos-P43GCE5j"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-asa-dos-P43GCE5j",
          "defect": [
            [
              "CSCvq66092"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2020-3305",
    "datePublished": "2020-05-06T16:42:25.564579Z",
    "dateReserved": "2019-12-12T00:00:00",
    "dateUpdated": "2024-11-15T17:22:45.767Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-3533 (GCVE-0-2020-3533)

Vulnerability from cvelistv5

Published

2020-10-21 18:35

Modified

2024-11-13 17:50

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-400

Summary

A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to restart unexpectedly. The vulnerability is due to a lack of sufficient memory management protections under heavy SNMP polling loads. An attacker could exploit this vulnerability by sending a high rate of SNMP requests to the SNMP daemon through the management interface on an affected device. A successful exploit could allow the attacker to cause the SNMP daemon process to consume a large amount of system memory over time, which could then lead to an unexpected device restart, causing a denial of service (DoS) condition. This vulnerability affects all versions of SNMP.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snmp-dos-R8ENPbOs	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Threat Defense Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T07:37:54.983Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20201021 Cisco Firepower Threat Defense Software SNMP Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snmp-dos-R8ENPbOs"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-3533",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-13T17:12:29.065065Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-13T17:50:22.926Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2020-10-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to restart unexpectedly. The vulnerability is due to a lack of sufficient memory management protections under heavy SNMP polling loads. An attacker could exploit this vulnerability by sending a high rate of SNMP requests to the SNMP daemon through the management interface on an affected device. A successful exploit could allow the attacker to cause the SNMP daemon process to consume a large amount of system memory over time, which could then lead to an unexpected device restart, causing a denial of service (DoS) condition. This vulnerability affects all versions of SNMP."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-21T18:35:29",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20201021 Cisco Firepower Threat Defense Software SNMP Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snmp-dos-R8ENPbOs"
        }
      ],
      "source": {
        "advisory": "cisco-sa-ftd-snmp-dos-R8ENPbOs",
        "defect": [
          [
            "CSCvu80370"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Firepower Threat Defense Software SNMP Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2020-10-21T16:00:00",
          "ID": "CVE-2020-3533",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Firepower Threat Defense Software SNMP Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Firepower Threat Defense Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to restart unexpectedly. The vulnerability is due to a lack of sufficient memory management protections under heavy SNMP polling loads. An attacker could exploit this vulnerability by sending a high rate of SNMP requests to the SNMP daemon through the management interface on an affected device. A successful exploit could allow the attacker to cause the SNMP daemon process to consume a large amount of system memory over time, which could then lead to an unexpected device restart, causing a denial of service (DoS) condition. This vulnerability affects all versions of SNMP."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.6",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-400"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20201021 Cisco Firepower Threat Defense Software SNMP Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snmp-dos-R8ENPbOs"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-ftd-snmp-dos-R8ENPbOs",
          "defect": [
            [
              "CSCvu80370"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2020-3533",
    "datePublished": "2020-10-21T18:35:29.775003Z",
    "dateReserved": "2019-12-12T00:00:00",
    "dateUpdated": "2024-11-13T17:50:22.926Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-1693 (GCVE-0-2019-1693)

Vulnerability from cvelistv5

Published

2019-05-03 15:05

Modified

2024-11-21 19:35

Severity ?

7.7 (High) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-399

Summary

A vulnerability in the WebVPN service of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper management of authenticated sessions in the WebVPN portal. An attacker could exploit this vulnerability by authenticating with valid credentials and accessing a specific URL in the WebVPN portal. A successful exploit could allow the attacker to cause the device to reload, resulting in a temporary DoS condition.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftd-dos	vendor-advisory, x_refsource_CISCO
	http://www.securityfocus.com/bid/108157	vdb-entry, x_refsource_BID

Impacted products

Vendor

Product

Version

▼

Cisco

Cisco Adaptive Security Appliance (ASA) Software

Version: unspecified   < 9.4.4.34
Version: unspecified   < 9.6.4.25
Version: unspecified   < 9.8.4
Version: unspecified   < 9.9.2.50
Version: unspecified   < 9.10.1.17

Cisco

Cisco Firepower Threat Defense (FTD) Software

Version: unspecified < 6.2.3.12
Version: unspecified < 6.3.0.3

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T18:28:41.635Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20190501 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software WebVPN Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftd-dos"
          },
          {
            "name": "108157",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/108157"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2019-1693",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-21T18:59:02.381584Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-21T19:35:46.198Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "9.4.4.34",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "9.6.4.25",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "9.8.4",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "9.9.2.50",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "9.10.1.17",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Cisco Firepower Threat Defense (FTD) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "6.2.3.12",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "6.3.0.3",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2019-05-01T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the WebVPN service of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper management of authenticated sessions in the WebVPN portal. An attacker could exploit this vulnerability by authenticating with valid credentials and accessing a specific URL in the WebVPN portal. A successful exploit could allow the attacker to cause the device to reload, resulting in a temporary DoS condition."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-399",
              "description": "CWE-399",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-05-06T08:06:02",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20190501 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software WebVPN Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftd-dos"
        },
        {
          "name": "108157",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/108157"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20190501-asa-ftd-dos",
        "defect": [
          [
            "CSCvn77957"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software WebVPN Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2019-05-01T16:00:00-0700",
          "ID": "CVE-2019-1693",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software WebVPN Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "9.4.4.34"
                          },
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "9.6.4.25"
                          },
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "9.8.4"
                          },
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "9.9.2.50"
                          },
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "9.10.1.17"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Cisco Firepower Threat Defense (FTD) Software",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "6.2.3.12"
                          },
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "6.3.0.3"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the WebVPN service of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper management of authenticated sessions in the WebVPN portal. An attacker could exploit this vulnerability by authenticating with valid credentials and accessing a specific URL in the WebVPN portal. A successful exploit could allow the attacker to cause the device to reload, resulting in a temporary DoS condition."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "7.7",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-399"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20190501 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software WebVPN Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftd-dos"
            },
            {
              "name": "108157",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/108157"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20190501-asa-ftd-dos",
          "defect": [
            [
              "CSCvn77957"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2019-1693",
    "datePublished": "2019-05-03T15:05:17.556539Z",
    "dateReserved": "2018-12-06T00:00:00",
    "dateUpdated": "2024-11-21T19:35:46.198Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2018-0228 (GCVE-0-2018-0228)

Vulnerability from cvelistv5

Published

2018-04-19 20:00

Modified

2024-11-29 15:18

Severity ?

CWE

CWE-20

Summary

A vulnerability in the ingress flow creation functionality of Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause the CPU to increase upwards of 100% utilization, causing a denial of service (DoS) condition on an affected system. The vulnerability is due to incorrect handling of an internal software lock that could prevent other system processes from getting CPU cycles, causing a high CPU condition. An attacker could exploit this vulnerability by sending a steady stream of malicious IP packets that can cause connections to be created on the targeted device. A successful exploit could allow the attacker to exhaust CPU resources, resulting in a DoS condition during which traffic through the device could be delayed. This vulnerability applies to either IPv4 or IPv6 ingress traffic. This vulnerability affects Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) Software that is running on the following Cisco products: 3000 Series Industrial Security Appliances (ISA), ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliances (ASAv), Firepower 2100 Series Security Appliances, Firepower 4110 Security Appliances, Firepower 9300 ASA Security Modules. Cisco Bug IDs: CSCvf63718.

References

▼	URL	Tags
	http://www.securitytracker.com/id/1040724	vdb-entry, x_refsource_SECTRACK
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa2	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/104220	vdb-entry, x_refsource_BID
	https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	Cisco Adaptive Security Appliance	Version: Cisco Adaptive Security Appliance

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T03:21:14.926Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1040724",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1040724"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa2"
          },
          {
            "name": "104220",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/104220"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2018-0228",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-29T14:44:35.232345Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-29T15:18:58.698Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Cisco Adaptive Security Appliance"
            }
          ]
        }
      ],
      "datePublic": "2018-04-19T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the ingress flow creation functionality of Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause the CPU to increase upwards of 100% utilization, causing a denial of service (DoS) condition on an affected system. The vulnerability is due to incorrect handling of an internal software lock that could prevent other system processes from getting CPU cycles, causing a high CPU condition. An attacker could exploit this vulnerability by sending a steady stream of malicious IP packets that can cause connections to be created on the targeted device. A successful exploit could allow the attacker to exhaust CPU resources, resulting in a DoS condition during which traffic through the device could be delayed. This vulnerability applies to either IPv4 or IPv6 ingress traffic. This vulnerability affects Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) Software that is running on the following Cisco products: 3000 Series Industrial Security Appliances (ISA), ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliances (ASAv), Firepower 2100 Series Security Appliances, Firepower 4110 Security Appliances, Firepower 9300 ASA Security Modules. Cisco Bug IDs: CSCvf63718."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-07-05T17:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "1040724",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1040724"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa2"
        },
        {
          "name": "104220",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/104220"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2018-0228",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Cisco Adaptive Security Appliance"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the ingress flow creation functionality of Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause the CPU to increase upwards of 100% utilization, causing a denial of service (DoS) condition on an affected system. The vulnerability is due to incorrect handling of an internal software lock that could prevent other system processes from getting CPU cycles, causing a high CPU condition. An attacker could exploit this vulnerability by sending a steady stream of malicious IP packets that can cause connections to be created on the targeted device. A successful exploit could allow the attacker to exhaust CPU resources, resulting in a DoS condition during which traffic through the device could be delayed. This vulnerability applies to either IPv4 or IPv6 ingress traffic. This vulnerability affects Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) Software that is running on the following Cisco products: 3000 Series Industrial Security Appliances (ISA), ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliances (ASAv), Firepower 2100 Series Security Appliances, Firepower 4110 Security Appliances, Firepower 9300 ASA Security Modules. Cisco Bug IDs: CSCvf63718."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1040724",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1040724"
            },
            {
              "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa2",
              "refsource": "CONFIRM",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa2"
            },
            {
              "name": "104220",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/104220"
            },
            {
              "name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01",
              "refsource": "MISC",
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2018-0228",
    "datePublished": "2018-04-19T20:00:00",
    "dateReserved": "2017-11-27T00:00:00",
    "dateUpdated": "2024-11-29T15:18:58.698Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-34794 (GCVE-0-2021-34794)

Vulnerability from cvelistv5

Published

2021-10-27 18:56

Modified

2024-11-07 21:45

Severity ?

5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

CWE

CWE-284

Summary

A vulnerability in the Simple Network Management Protocol version 3 (SNMPv3) access control functionality of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to query SNMP data. This vulnerability is due to ineffective access control. An attacker could exploit this vulnerability by sending an SNMPv3 query to an affected device from a host that is not permitted by the SNMPv3 access control list. A successful exploit could allow the attacker to send an SNMP query to an affected device and retrieve information from the device. The attacker would need valid credentials to perform the SNMP query.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-snmpaccess-M6yOweq3	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Adaptive Security Appliance (ASA) Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T00:19:48.189Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20211027 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SNMP Access Control Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-snmpaccess-M6yOweq3"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-34794",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-07T21:44:26.270729Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-07T21:45:37.552Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2021-10-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Simple Network Management Protocol version 3 (SNMPv3) access control functionality of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to query SNMP data. This vulnerability is due to ineffective access control. An attacker could exploit this vulnerability by sending an SNMPv3 query to an affected device from a host that is not permitted by the SNMPv3 access control list. A successful exploit could allow the attacker to send an SNMP query to an affected device and retrieve information from the device. The attacker would need valid credentials to perform the SNMP query."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-284",
              "description": "CWE-284",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-27T18:56:31",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20211027 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SNMP Access Control Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-snmpaccess-M6yOweq3"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asaftd-snmpaccess-M6yOweq3",
        "defect": [
          [
            "CSCvv49739",
            "CSCvw31710",
            "CSCvw51436"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SNMP Access Control Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2021-10-27T16:00:00",
          "ID": "CVE-2021-34794",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SNMP Access Control Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the Simple Network Management Protocol version 3 (SNMPv3) access control functionality of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to query SNMP data. This vulnerability is due to ineffective access control. An attacker could exploit this vulnerability by sending an SNMPv3 query to an affected device from a host that is not permitted by the SNMPv3 access control list. A successful exploit could allow the attacker to send an SNMP query to an affected device and retrieve information from the device. The attacker would need valid credentials to perform the SNMP query."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "5.3",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-284"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20211027 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SNMP Access Control Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-snmpaccess-M6yOweq3"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-asaftd-snmpaccess-M6yOweq3",
          "defect": [
            [
              "CSCvv49739",
              "CSCvw31710",
              "CSCvw51436"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2021-34794",
    "datePublished": "2021-10-27T18:56:31.725600Z",
    "dateReserved": "2021-06-15T00:00:00",
    "dateUpdated": "2024-11-07T21:45:37.552Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-3334 (GCVE-0-2020-3334)

Vulnerability from cvelistv5

Published

2020-05-06 16:40

Modified

2024-11-15 17:25

Severity ?

7.4 (High) - CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-399

Summary

A vulnerability in the ARP packet processing of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Security Appliances could allow an unauthenticated, adjacent attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition on an affected device. The vulnerability is due to incorrect processing of ARP packets received by the management interface of an affected device. An attacker could exploit this vulnerability by sending a series of unicast ARP packets in a short timeframe that would reach the management interface of an affected device. A successful exploit could allow the attacker to consume resources on an affected device, which would prevent the device from sending internal system keepalives and eventually cause the device to reload, resulting in a denial of service (DoS) condition.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fp2100-arp-dos-kLdCK8ks	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Adaptive Security Appliance (ASA) Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T07:30:58.116Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20200506 Cisco Firepower 2100 Series Security Appliances ARP Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fp2100-arp-dos-kLdCK8ks"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-3334",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-15T16:28:43.059862Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-15T17:25:59.945Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2020-05-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the ARP packet processing of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Security Appliances could allow an unauthenticated, adjacent attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition on an affected device. The vulnerability is due to incorrect processing of ARP packets received by the management interface of an affected device. An attacker could exploit this vulnerability by sending a series of unicast ARP packets in a short timeframe that would reach the management interface of an affected device. A successful exploit could allow the attacker to consume resources on an affected device, which would prevent the device from sending internal system keepalives and eventually cause the device to reload, resulting in a denial of service (DoS) condition."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-399",
              "description": "CWE-399",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-05-06T16:40:56",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20200506 Cisco Firepower 2100 Series Security Appliances ARP Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fp2100-arp-dos-kLdCK8ks"
        }
      ],
      "source": {
        "advisory": "cisco-sa-fp2100-arp-dos-kLdCK8ks",
        "defect": [
          [
            "CSCvq20910",
            "CSCvr43476",
            "CSCvr49833"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Firepower 2100 Series Security Appliances ARP Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2020-05-06T16:00:00-0700",
          "ID": "CVE-2020-3334",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Firepower 2100 Series Security Appliances ARP Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the ARP packet processing of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Security Appliances could allow an unauthenticated, adjacent attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition on an affected device. The vulnerability is due to incorrect processing of ARP packets received by the management interface of an affected device. An attacker could exploit this vulnerability by sending a series of unicast ARP packets in a short timeframe that would reach the management interface of an affected device. A successful exploit could allow the attacker to consume resources on an affected device, which would prevent the device from sending internal system keepalives and eventually cause the device to reload, resulting in a denial of service (DoS) condition."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "7.4",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-399"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20200506 Cisco Firepower 2100 Series Security Appliances ARP Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fp2100-arp-dos-kLdCK8ks"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-fp2100-arp-dos-kLdCK8ks",
          "defect": [
            [
              "CSCvq20910",
              "CSCvr43476",
              "CSCvr49833"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2020-3334",
    "datePublished": "2020-05-06T16:40:56.874274Z",
    "dateReserved": "2019-12-12T00:00:00",
    "dateUpdated": "2024-11-15T17:25:59.945Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-3514 (GCVE-0-2020-3514)

Vulnerability from cvelistv5

Published

2020-10-21 18:35

Modified

2024-11-13 17:49

Severity ?

8.2 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

CWE

CWE-216

Summary

A vulnerability in the multi-instance feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to escape the container for their Cisco FTD instance and execute commands with root privileges in the host namespace. The attacker must have valid credentials on the device.The vulnerability exists because a configuration file that is used at container startup has insufficient protections. An attacker could exploit this vulnerability by modifying a specific container configuration file on the underlying file system. A successful exploit could allow the attacker to execute commands with root privileges within the host namespace. This could allow the attacker to impact other running Cisco FTD instances or the host Cisco FXOS device.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-container-esc-FmYqFBQV	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Threat Defense Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T07:37:54.656Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20201021 Cisco Firepower Threat Defense Software Multi-Instance Container Escape Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-container-esc-FmYqFBQV"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-3514",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-13T17:17:26.956982Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-13T17:49:45.378Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2020-10-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the multi-instance feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to escape the container for their Cisco FTD instance and execute commands with root privileges in the host namespace. The attacker must have valid credentials on the device.The vulnerability exists because a configuration file that is used at container startup has insufficient protections. An attacker could exploit this vulnerability by modifying a specific container configuration file on the underlying file system. A successful exploit could allow the attacker to execute commands with root privileges within the host namespace. This could allow the attacker to impact other running Cisco FTD instances or the host Cisco FXOS device."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-216",
              "description": "CWE-216",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-21T18:35:50",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20201021 Cisco Firepower Threat Defense Software Multi-Instance Container Escape Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-container-esc-FmYqFBQV"
        }
      ],
      "source": {
        "advisory": "cisco-sa-ftd-container-esc-FmYqFBQV",
        "defect": [
          [
            "CSCvu08422"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Firepower Threat Defense Software Multi-Instance Container Escape Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2020-10-21T16:00:00",
          "ID": "CVE-2020-3514",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Firepower Threat Defense Software Multi-Instance Container Escape Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Firepower Threat Defense Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the multi-instance feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to escape the container for their Cisco FTD instance and execute commands with root privileges in the host namespace. The attacker must have valid credentials on the device.The vulnerability exists because a configuration file that is used at container startup has insufficient protections. An attacker could exploit this vulnerability by modifying a specific container configuration file on the underlying file system. A successful exploit could allow the attacker to execute commands with root privileges within the host namespace. This could allow the attacker to impact other running Cisco FTD instances or the host Cisco FXOS device."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.2",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-216"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20201021 Cisco Firepower Threat Defense Software Multi-Instance Container Escape Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-container-esc-FmYqFBQV"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-ftd-container-esc-FmYqFBQV",
          "defect": [
            [
              "CSCvu08422"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2020-3514",
    "datePublished": "2020-10-21T18:35:50.415093Z",
    "dateReserved": "2019-12-12T00:00:00",
    "dateUpdated": "2024-11-13T17:49:45.378Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-3550 (GCVE-0-2020-3550)

Vulnerability from cvelistv5

Published

2020-10-21 18:35

Modified

2024-11-13 17:50

Severity ?

8.1 (High) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

CWE

CWE-22

Summary

A vulnerability in the sfmgr daemon of Cisco Firepower Management Center (FMC) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to perform directory traversal and access directories outside the restricted path. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by using a relative path in specific sfmgr commands. An exploit could allow the attacker to read or write arbitrary files on an sftunnel-connected peer device.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftdfmc-dirtrav-NW8XcuSB	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Management Center	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T07:37:55.239Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20201021 Cisco Firepower Management Center Software and Firepower Threat Defense Software Directory Traversal Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftdfmc-dirtrav-NW8XcuSB"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-3550",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-13T17:17:30.355429Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-13T17:50:42.483Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Management Center",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2020-10-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the sfmgr daemon of Cisco Firepower Management Center (FMC) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to perform directory traversal and access directories outside the restricted path. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by using a relative path in specific sfmgr commands. An exploit could allow the attacker to read or write arbitrary files on an sftunnel-connected peer device."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-22",
              "description": "CWE-22",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-21T18:35:20",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20201021 Cisco Firepower Management Center Software and Firepower Threat Defense Software Directory Traversal Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftdfmc-dirtrav-NW8XcuSB"
        }
      ],
      "source": {
        "advisory": "cisco-sa-ftdfmc-dirtrav-NW8XcuSB",
        "defect": [
          [
            "CSCvp56744"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Firepower Management Center Software and Firepower Threat Defense Software Directory Traversal Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2020-10-21T16:00:00",
          "ID": "CVE-2020-3550",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Firepower Management Center Software and Firepower Threat Defense Software Directory Traversal Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Firepower Management Center",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the sfmgr daemon of Cisco Firepower Management Center (FMC) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to perform directory traversal and access directories outside the restricted path. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by using a relative path in specific sfmgr commands. An exploit could allow the attacker to read or write arbitrary files on an sftunnel-connected peer device."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.1",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-22"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20201021 Cisco Firepower Management Center Software and Firepower Threat Defense Software Directory Traversal Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftdfmc-dirtrav-NW8XcuSB"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-ftdfmc-dirtrav-NW8XcuSB",
          "defect": [
            [
              "CSCvp56744"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2020-3550",
    "datePublished": "2020-10-21T18:35:20.388990Z",
    "dateReserved": "2019-12-12T00:00:00",
    "dateUpdated": "2024-11-13T17:50:42.483Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-3581 (GCVE-0-2020-3581)

Vulnerability from cvelistv5

Published

2020-10-21 18:40

Modified

2024-11-13 17:47

Severity ?

6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CWE

CWE-79

Summary

Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the web services interface of an affected device. The vulnerabilities are due to insufficient validation of user-supplied input by the web services interface of an affected device. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive, browser-based information. Note: These vulnerabilities affect only specific AnyConnect and WebVPN configurations. For more information, see the Vulnerable Products section.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-xss-multiple-FCB3vPZe	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Adaptive Security Appliance (ASA) Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T07:37:55.771Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Interface Cross-Site Scripting Vulnerabilities",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-xss-multiple-FCB3vPZe"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-3581",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-13T17:22:47.053239Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-13T17:47:29.626Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2020-10-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the web services interface of an affected device. The vulnerabilities are due to insufficient validation of user-supplied input by the web services interface of an affected device. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive, browser-based information. Note: These vulnerabilities affect only specific AnyConnect and WebVPN configurations. For more information, see the Vulnerable Products section."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "CWE-79",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-21T18:40:22",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Interface Cross-Site Scripting Vulnerabilities",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-xss-multiple-FCB3vPZe"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asaftd-xss-multiple-FCB3vPZe",
        "defect": [
          [
            "CSCvu44910",
            "CSCvu75581",
            "CSCvu83309",
            "CSCvv13835"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Interface Cross-Site Scripting Vulnerabilities",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2020-10-21T16:00:00",
          "ID": "CVE-2020-3581",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Interface Cross-Site Scripting Vulnerabilities"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the web services interface of an affected device. The vulnerabilities are due to insufficient validation of user-supplied input by the web services interface of an affected device. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive, browser-based information. Note: These vulnerabilities affect only specific AnyConnect and WebVPN configurations. For more information, see the Vulnerable Products section."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "6.1",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-79"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Interface Cross-Site Scripting Vulnerabilities",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-xss-multiple-FCB3vPZe"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-asaftd-xss-multiple-FCB3vPZe",
          "defect": [
            [
              "CSCvu44910",
              "CSCvu75581",
              "CSCvu83309",
              "CSCvv13835"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2020-3581",
    "datePublished": "2020-10-21T18:40:22.099083Z",
    "dateReserved": "2019-12-12T00:00:00",
    "dateUpdated": "2024-11-13T17:47:29.626Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-3253 (GCVE-0-2020-3253)

Vulnerability from cvelistv5

Published

2020-05-06 16:41

Modified

2024-11-15 17:24

Severity ?

6.7 (Medium) - CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-284

Summary

A vulnerability in the support tunnel feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to access the shell of an affected device even though expert mode is disabled. The vulnerability is due to improper configuration of the support tunnel feature. An attacker could exploit this vulnerability by enabling the support tunnel, setting a key, and deriving the tunnel password. A successful exploit could allow the attacker to run any system command with root access on an affected device.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-shell-9rhJF68K	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Threat Defense Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T07:30:58.105Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20200506 Cisco Firepower Threat Defense Software Shell Access Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-shell-9rhJF68K"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-3253",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-15T16:24:41.505057Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-15T17:24:42.704Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2020-05-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the support tunnel feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to access the shell of an affected device even though expert mode is disabled. The vulnerability is due to improper configuration of the support tunnel feature. An attacker could exploit this vulnerability by enabling the support tunnel, setting a key, and deriving the tunnel password. A successful exploit could allow the attacker to run any system command with root access on an affected device."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-284",
              "description": "CWE-284",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-05-06T16:41:35",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20200506 Cisco Firepower Threat Defense Software Shell Access Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-shell-9rhJF68K"
        }
      ],
      "source": {
        "advisory": "cisco-sa-ftd-shell-9rhJF68K",
        "defect": [
          [
            "CSCvp16933"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Firepower Threat Defense Software Shell Access Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2020-05-06T16:00:00-0700",
          "ID": "CVE-2020-3253",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Firepower Threat Defense Software Shell Access Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Firepower Threat Defense Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the support tunnel feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to access the shell of an affected device even though expert mode is disabled. The vulnerability is due to improper configuration of the support tunnel feature. An attacker could exploit this vulnerability by enabling the support tunnel, setting a key, and deriving the tunnel password. A successful exploit could allow the attacker to run any system command with root access on an affected device."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "6.7",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-284"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20200506 Cisco Firepower Threat Defense Software Shell Access Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-shell-9rhJF68K"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-ftd-shell-9rhJF68K",
          "defect": [
            [
              "CSCvp16933"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2020-3253",
    "datePublished": "2020-05-06T16:41:35.509287Z",
    "dateReserved": "2019-12-12T00:00:00",
    "dateUpdated": "2024-11-15T17:24:42.704Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-1422 (GCVE-0-2021-1422)

Vulnerability from cvelistv5

Published

2021-07-16 12:25

Modified

2024-11-07 22:06

Severity ?

7.7 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-617

Summary

A vulnerability in the software cryptography module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker or an unauthenticated attacker in a man-in-the-middle position to cause an unexpected reload of the device that results in a denial of service (DoS) condition. The vulnerability is due to a logic error in how the software cryptography module handles specific types of decryption errors. An attacker could exploit this vulnerability by sending malicious packets over an established IPsec connection. A successful exploit could cause the device to crash, forcing it to reload. Important: Successful exploitation of this vulnerability would not cause a compromise of any encrypted data. Note: This vulnerability affects only Cisco ASA Software Release 9.16.1 and Cisco FTD Software Release 7.0.0.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-ipsec-dos-TFKQbgWC	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Adaptive Security Appliance (ASA) Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T16:11:17.041Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20210715 Cisco Adaptive Security Appliance Software Release 9.16.1 and Cisco Firepower Threat Defense Software Release 7.0.0 IPsec Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-ipsec-dos-TFKQbgWC"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-1422",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-07T21:41:12.282761Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-07T22:06:04.583Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2021-07-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the software cryptography module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker or an unauthenticated attacker in a man-in-the-middle position to cause an unexpected reload of the device that results in a denial of service (DoS) condition. The vulnerability is due to a logic error in how the software cryptography module handles specific types of decryption errors. An attacker could exploit this vulnerability by sending malicious packets over an established IPsec connection. A successful exploit could cause the device to crash, forcing it to reload. Important: Successful exploitation of this vulnerability would not cause a compromise of any encrypted data. Note: This vulnerability affects only Cisco ASA Software Release 9.16.1 and Cisco FTD Software Release 7.0.0."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-617",
              "description": "CWE-617",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-07-16T12:25:14",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20210715 Cisco Adaptive Security Appliance Software Release 9.16.1 and Cisco Firepower Threat Defense Software Release 7.0.0 IPsec Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-ipsec-dos-TFKQbgWC"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asa-ftd-ipsec-dos-TFKQbgWC",
        "defect": [
          [
            "CSCvy66711"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance Software Release 9.16.1 and Cisco Firepower Threat Defense Software Release 7.0.0 IPsec Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2021-07-15T23:00:00",
          "ID": "CVE-2021-1422",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance Software Release 9.16.1 and Cisco Firepower Threat Defense Software Release 7.0.0 IPsec Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the software cryptography module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker or an unauthenticated attacker in a man-in-the-middle position to cause an unexpected reload of the device that results in a denial of service (DoS) condition. The vulnerability is due to a logic error in how the software cryptography module handles specific types of decryption errors. An attacker could exploit this vulnerability by sending malicious packets over an established IPsec connection. A successful exploit could cause the device to crash, forcing it to reload. Important: Successful exploitation of this vulnerability would not cause a compromise of any encrypted data. Note: This vulnerability affects only Cisco ASA Software Release 9.16.1 and Cisco FTD Software Release 7.0.0."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "7.7",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-617"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20210715 Cisco Adaptive Security Appliance Software Release 9.16.1 and Cisco Firepower Threat Defense Software Release 7.0.0 IPsec Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-ipsec-dos-TFKQbgWC"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-asa-ftd-ipsec-dos-TFKQbgWC",
          "defect": [
            [
              "CSCvy66711"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2021-1422",
    "datePublished": "2021-07-16T12:25:14.725100Z",
    "dateReserved": "2020-11-13T00:00:00",
    "dateUpdated": "2024-11-07T22:06:04.583Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-1704 (GCVE-0-2019-1704)

Vulnerability from cvelistv5

Published

2019-05-03 16:00

Modified

2024-11-19 19:09

Severity ?

7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-400

Summary

Multiple vulnerabilities in the Server Message Block (SMB) Protocol preprocessor detection engine for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent or remote attacker to cause a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-frpwr-smb-snort	vendor-advisory, x_refsource_CISCO
	http://www.securityfocus.com/bid/108171	vdb-entry, x_refsource_BID

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Threat Defense Software	Version: unspecified < 6.2.3.12

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T18:28:41.709Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20190501 Cisco Firepower Threat Defense Software SMB Protocol Preprocessor Detection Engine Denial of Service Vulnerabilities",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-frpwr-smb-snort"
          },
          {
            "name": "108171",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/108171"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2019-1704",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-19T17:24:27.983301Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-19T19:09:18.873Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "6.2.3.12",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2019-05-01T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple vulnerabilities in the Server Message Block (SMB) Protocol preprocessor detection engine for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent or remote attacker to cause a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-05-07T13:06:06",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20190501 Cisco Firepower Threat Defense Software SMB Protocol Preprocessor Detection Engine Denial of Service Vulnerabilities",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-frpwr-smb-snort"
        },
        {
          "name": "108171",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/108171"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20190501-frpwr-smb-snort",
        "defect": [
          [
            "CSCvj83264",
            "CSCvj91418"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Firepower Threat Defense Software SMB Protocol Preprocessor Detection Engine Denial of Service Vulnerabilities",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2019-05-01T16:00:00-0700",
          "ID": "CVE-2019-1704",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Firepower Threat Defense Software SMB Protocol Preprocessor Detection Engine Denial of Service Vulnerabilities"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Firepower Threat Defense Software",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "6.2.3.12"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple vulnerabilities in the Server Message Block (SMB) Protocol preprocessor detection engine for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent or remote attacker to cause a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "7.5",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-400"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20190501 Cisco Firepower Threat Defense Software SMB Protocol Preprocessor Detection Engine Denial of Service Vulnerabilities",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-frpwr-smb-snort"
            },
            {
              "name": "108171",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/108171"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20190501-frpwr-smb-snort",
          "defect": [
            [
              "CSCvj83264",
              "CSCvj91418"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2019-1704",
    "datePublished": "2019-05-03T16:00:18.730907Z",
    "dateReserved": "2018-12-06T00:00:00",
    "dateUpdated": "2024-11-19T19:09:18.873Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-1573 (GCVE-0-2021-1573)

Vulnerability from cvelistv5

Published

2022-01-11 18:55

Modified

2024-11-06 16:47

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-121 - Stack-based Buffer Overflow
CWE-787 - Out-of-bounds Write

Summary

A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. This vulnerability is due to improper input validation when parsing HTTPS requests. An attacker could exploit this vulnerability by sending a malicious HTTPS request to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asafdt-webvpn-dos-KSqJAKPA	vendor-advisory, x_refsource_CISCO

Impacted products

Vendor

Product

Version

▼

Cisco

Cisco Adaptive Security Appliance Software

Version: unspecified < 6.4.0.13

Cisco

Cisco Firepower Threat Defense Software

Version: unspecified < 6.6.5

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T16:18:10.323Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asafdt-webvpn-dos-KSqJAKPA"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-1573",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-06T16:01:58.648981Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-06T16:47:14.916Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance Software",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "6.4.0.13",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "6.6.5",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2021-10-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. This vulnerability is due to improper input validation when parsing HTTPS requests. An attacker could exploit this vulnerability by sending a malicious HTTPS request to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-121",
              "description": "CWE-121 Stack-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787 Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-01-11T18:55:11",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asafdt-webvpn-dos-KSqJAKPA"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asafdt-webvpn-dos-KSqJAKPA",
        "defect": [
          "",
          "CSCvy36910"
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2021-10-27T17:38:00.000Z",
          "ID": "CVE-2021-1573",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance Software",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_value": "6.4.0.13"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Cisco Firepower Threat Defense Software",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_value": "6.6.5"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. This vulnerability is due to improper input validation when parsing HTTPS requests. An attacker could exploit this vulnerability by sending a malicious HTTPS request to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-121 Stack-based Buffer Overflow"
                }
              ]
            },
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-787 Out-of-bounds Write"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asafdt-webvpn-dos-KSqJAKPA",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asafdt-webvpn-dos-KSqJAKPA"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-asafdt-webvpn-dos-KSqJAKPA",
          "defect": [
            "",
            "CSCvy36910"
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2021-1573",
    "datePublished": "2022-01-11T18:55:11.325842Z",
    "dateReserved": "2020-11-13T00:00:00",
    "dateUpdated": "2024-11-06T16:47:14.916Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-20384 (GCVE-0-2024-20384)

Vulnerability from cvelistv5

Published

2024-10-23 17:32

Modified

2024-10-24 17:04

Severity ?

5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

CWE

CWE-290 - Authentication Bypass by Spoofing

Summary

A vulnerability in the Network Service Group (NSG) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should be denied to flow through an affected device. This vulnerability is due to a logic error that occurs when NSG ACLs are populated on an affected device. An attacker could exploit this vulnerability by establishing a connection to the affected device. A successful exploit could allow the attacker to bypass configured ACL rules.

References

▼	URL	Tags
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-nsgacl-bypass-77XnEAsL

Impacted products

Vendor

Product

Version

▼

Cisco

Cisco Adaptive Security Appliance (ASA) Software

Version: 9.16.1
Version: 9.16.1.28
Version: 9.16.2
Version: 9.16.2.3
Version: 9.16.2.7
Version: 9.16.2.11
Version: 9.16.2.13
Version: 9.16.2.14
Version: 9.16.3
Version: 9.16.3.3
Version: 9.16.3.14
Version: 9.16.3.15
Version: 9.16.3.19
Version: 9.16.3.23
Version: 9.16.4
Version: 9.16.4.9
Version: 9.16.4.14
Version: 9.16.4.18
Version: 9.16.4.19
Version: 9.16.4.27
Version: 9.16.4.38
Version: 9.16.4.39
Version: 9.16.4.42
Version: 9.16.4.48
Version: 9.16.4.55
Version: 9.16.4.57
Version: 9.16.4.61
Version: 9.17.1
Version: 9.17.1.7
Version: 9.17.1.9
Version: 9.17.1.10
Version: 9.17.1.11
Version: 9.17.1.13
Version: 9.17.1.15
Version: 9.17.1.20
Version: 9.17.1.30
Version: 9.17.1.33
Version: 9.17.1.39
Version: 9.18.1
Version: 9.18.1.3
Version: 9.18.2
Version: 9.18.2.5
Version: 9.18.2.7
Version: 9.18.2.8
Version: 9.18.3
Version: 9.18.3.39
Version: 9.18.3.46
Version: 9.18.3.53
Version: 9.18.3.55
Version: 9.18.3.56
Version: 9.18.4
Version: 9.18.4.5
Version: 9.18.4.8
Version: 9.18.4.22
Version: 9.18.4.24
Version: 9.18.4.29
Version: 9.19.1
Version: 9.19.1.5
Version: 9.19.1.9
Version: 9.19.1.12
Version: 9.19.1.18
Version: 9.19.1.22
Version: 9.19.1.24
Version: 9.19.1.27
Version: 9.19.1.28
Version: 9.19.1.31
Version: 9.20.1
Version: 9.20.1.5
Version: 9.20.2
Version: 9.20.2.10
Version: 9.20.2.21
Version: 9.20.2.22

Cisco

Cisco Firepower Threat Defense Software

Version: 7.0.0
Version: 7.0.0.1
Version: 7.0.1
Version: 7.0.1.1
Version: 7.0.2
Version: 7.0.2.1
Version: 7.0.3
Version: 7.0.4
Version: 7.0.5
Version: 7.0.6
Version: 7.0.6.1
Version: 7.0.6.2
Version: 7.1.0
Version: 7.1.0.1
Version: 7.1.0.2
Version: 7.1.0.3
Version: 7.2.0
Version: 7.2.0.1
Version: 7.2.1
Version: 7.2.2
Version: 7.2.3
Version: 7.2.4
Version: 7.2.4.1
Version: 7.2.5
Version: 7.2.5.1
Version: 7.2.6
Version: 7.2.7
Version: 7.2.5.2
Version: 7.2.8
Version: 7.2.8.1
Version: 7.3.0
Version: 7.3.1
Version: 7.3.1.1
Version: 7.3.1.2
Version: 7.4.0
Version: 7.4.1
Version: 7.4.1.1
Version: 7.4.2

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:h:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "adaptive_security_appliance",
            "vendor": "cisco",
            "versions": [
              {
                "lessThanOrEqual": "9.16.4.61",
                "status": "affected",
                "version": "9.16.1",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "9.17.1.39",
                "status": "affected",
                "version": "9.17.1",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "9.18.4.29",
                "status": "affected",
                "version": "9.18.1",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "9.19.1.31",
                "status": "affected",
                "version": "9.19.1",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "9.20.2.22",
                "status": "affected",
                "version": "9.20.1",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:firepower_threat_defense_software:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "firepower_threat_defense_software",
            "vendor": "cisco",
            "versions": [
              {
                "lessThanOrEqual": "7.0.6.2",
                "status": "affected",
                "version": "7.0.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "7.1.0.3",
                "status": "affected",
                "version": "7.1.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "7.2.8.1",
                "status": "affected",
                "version": "7.2.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "7.3.1.2",
                "status": "affected",
                "version": "7.3.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "7.4.2",
                "status": "affected",
                "version": "7.4.0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-20384",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-23T18:42:42.413636Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-24T17:04:49.872Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "9.16.1"
            },
            {
              "status": "affected",
              "version": "9.16.1.28"
            },
            {
              "status": "affected",
              "version": "9.16.2"
            },
            {
              "status": "affected",
              "version": "9.16.2.3"
            },
            {
              "status": "affected",
              "version": "9.16.2.7"
            },
            {
              "status": "affected",
              "version": "9.16.2.11"
            },
            {
              "status": "affected",
              "version": "9.16.2.13"
            },
            {
              "status": "affected",
              "version": "9.16.2.14"
            },
            {
              "status": "affected",
              "version": "9.16.3"
            },
            {
              "status": "affected",
              "version": "9.16.3.3"
            },
            {
              "status": "affected",
              "version": "9.16.3.14"
            },
            {
              "status": "affected",
              "version": "9.16.3.15"
            },
            {
              "status": "affected",
              "version": "9.16.3.19"
            },
            {
              "status": "affected",
              "version": "9.16.3.23"
            },
            {
              "status": "affected",
              "version": "9.16.4"
            },
            {
              "status": "affected",
              "version": "9.16.4.9"
            },
            {
              "status": "affected",
              "version": "9.16.4.14"
            },
            {
              "status": "affected",
              "version": "9.16.4.18"
            },
            {
              "status": "affected",
              "version": "9.16.4.19"
            },
            {
              "status": "affected",
              "version": "9.16.4.27"
            },
            {
              "status": "affected",
              "version": "9.16.4.38"
            },
            {
              "status": "affected",
              "version": "9.16.4.39"
            },
            {
              "status": "affected",
              "version": "9.16.4.42"
            },
            {
              "status": "affected",
              "version": "9.16.4.48"
            },
            {
              "status": "affected",
              "version": "9.16.4.55"
            },
            {
              "status": "affected",
              "version": "9.16.4.57"
            },
            {
              "status": "affected",
              "version": "9.16.4.61"
            },
            {
              "status": "affected",
              "version": "9.17.1"
            },
            {
              "status": "affected",
              "version": "9.17.1.7"
            },
            {
              "status": "affected",
              "version": "9.17.1.9"
            },
            {
              "status": "affected",
              "version": "9.17.1.10"
            },
            {
              "status": "affected",
              "version": "9.17.1.11"
            },
            {
              "status": "affected",
              "version": "9.17.1.13"
            },
            {
              "status": "affected",
              "version": "9.17.1.15"
            },
            {
              "status": "affected",
              "version": "9.17.1.20"
            },
            {
              "status": "affected",
              "version": "9.17.1.30"
            },
            {
              "status": "affected",
              "version": "9.17.1.33"
            },
            {
              "status": "affected",
              "version": "9.17.1.39"
            },
            {
              "status": "affected",
              "version": "9.18.1"
            },
            {
              "status": "affected",
              "version": "9.18.1.3"
            },
            {
              "status": "affected",
              "version": "9.18.2"
            },
            {
              "status": "affected",
              "version": "9.18.2.5"
            },
            {
              "status": "affected",
              "version": "9.18.2.7"
            },
            {
              "status": "affected",
              "version": "9.18.2.8"
            },
            {
              "status": "affected",
              "version": "9.18.3"
            },
            {
              "status": "affected",
              "version": "9.18.3.39"
            },
            {
              "status": "affected",
              "version": "9.18.3.46"
            },
            {
              "status": "affected",
              "version": "9.18.3.53"
            },
            {
              "status": "affected",
              "version": "9.18.3.55"
            },
            {
              "status": "affected",
              "version": "9.18.3.56"
            },
            {
              "status": "affected",
              "version": "9.18.4"
            },
            {
              "status": "affected",
              "version": "9.18.4.5"
            },
            {
              "status": "affected",
              "version": "9.18.4.8"
            },
            {
              "status": "affected",
              "version": "9.18.4.22"
            },
            {
              "status": "affected",
              "version": "9.18.4.24"
            },
            {
              "status": "affected",
              "version": "9.18.4.29"
            },
            {
              "status": "affected",
              "version": "9.19.1"
            },
            {
              "status": "affected",
              "version": "9.19.1.5"
            },
            {
              "status": "affected",
              "version": "9.19.1.9"
            },
            {
              "status": "affected",
              "version": "9.19.1.12"
            },
            {
              "status": "affected",
              "version": "9.19.1.18"
            },
            {
              "status": "affected",
              "version": "9.19.1.22"
            },
            {
              "status": "affected",
              "version": "9.19.1.24"
            },
            {
              "status": "affected",
              "version": "9.19.1.27"
            },
            {
              "status": "affected",
              "version": "9.19.1.28"
            },
            {
              "status": "affected",
              "version": "9.19.1.31"
            },
            {
              "status": "affected",
              "version": "9.20.1"
            },
            {
              "status": "affected",
              "version": "9.20.1.5"
            },
            {
              "status": "affected",
              "version": "9.20.2"
            },
            {
              "status": "affected",
              "version": "9.20.2.10"
            },
            {
              "status": "affected",
              "version": "9.20.2.21"
            },
            {
              "status": "affected",
              "version": "9.20.2.22"
            }
          ]
        },
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "7.0.0"
            },
            {
              "status": "affected",
              "version": "7.0.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1.1"
            },
            {
              "status": "affected",
              "version": "7.0.2"
            },
            {
              "status": "affected",
              "version": "7.0.2.1"
            },
            {
              "status": "affected",
              "version": "7.0.3"
            },
            {
              "status": "affected",
              "version": "7.0.4"
            },
            {
              "status": "affected",
              "version": "7.0.5"
            },
            {
              "status": "affected",
              "version": "7.0.6"
            },
            {
              "status": "affected",
              "version": "7.0.6.1"
            },
            {
              "status": "affected",
              "version": "7.0.6.2"
            },
            {
              "status": "affected",
              "version": "7.1.0"
            },
            {
              "status": "affected",
              "version": "7.1.0.1"
            },
            {
              "status": "affected",
              "version": "7.1.0.2"
            },
            {
              "status": "affected",
              "version": "7.1.0.3"
            },
            {
              "status": "affected",
              "version": "7.2.0"
            },
            {
              "status": "affected",
              "version": "7.2.0.1"
            },
            {
              "status": "affected",
              "version": "7.2.1"
            },
            {
              "status": "affected",
              "version": "7.2.2"
            },
            {
              "status": "affected",
              "version": "7.2.3"
            },
            {
              "status": "affected",
              "version": "7.2.4"
            },
            {
              "status": "affected",
              "version": "7.2.4.1"
            },
            {
              "status": "affected",
              "version": "7.2.5"
            },
            {
              "status": "affected",
              "version": "7.2.5.1"
            },
            {
              "status": "affected",
              "version": "7.2.6"
            },
            {
              "status": "affected",
              "version": "7.2.7"
            },
            {
              "status": "affected",
              "version": "7.2.5.2"
            },
            {
              "status": "affected",
              "version": "7.2.8"
            },
            {
              "status": "affected",
              "version": "7.2.8.1"
            },
            {
              "status": "affected",
              "version": "7.3.0"
            },
            {
              "status": "affected",
              "version": "7.3.1"
            },
            {
              "status": "affected",
              "version": "7.3.1.1"
            },
            {
              "status": "affected",
              "version": "7.3.1.2"
            },
            {
              "status": "affected",
              "version": "7.4.0"
            },
            {
              "status": "affected",
              "version": "7.4.1"
            },
            {
              "status": "affected",
              "version": "7.4.1.1"
            },
            {
              "status": "affected",
              "version": "7.4.2"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Network Service Group (NSG) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should be denied to flow through an affected device.\r\n\r This vulnerability is due to a logic error that occurs when NSG ACLs are populated on an affected device. An attacker could exploit this vulnerability by establishing a connection to the affected device. A successful exploit could allow the attacker to bypass configured ACL rules."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-290",
              "description": "Authentication Bypass by Spoofing",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-23T17:32:29.353Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-asaftd-nsgacl-bypass-77XnEAsL",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-nsgacl-bypass-77XnEAsL"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asaftd-nsgacl-bypass-77XnEAsL",
        "defects": [
          "CSCwj19125"
        ],
        "discovery": "INTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2024-20384",
    "datePublished": "2024-10-23T17:32:29.353Z",
    "dateReserved": "2023-11-08T15:08:07.658Z",
    "dateUpdated": "2024-10-24T17:04:49.872Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-12695 (GCVE-0-2019-12695)

Vulnerability from cvelistv5

Published

2019-10-02 19:06

Modified

2024-11-21 19:12

Severity ?

6.1 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CWE

CWE-79

Summary

A vulnerability in the Clientless SSL VPN (WebVPN) portal of Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-xss	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Adaptive Security Appliance (ASA) Software	Version: unspecified < n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T23:24:39.460Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20191002 Cisco Adaptive Security Appliance and Firepower Threat Defense Software WebVPN Cross-Site Scripting Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-xss"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2019-12695",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-21T18:56:41.790027Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-21T19:12:12.103Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "n/a",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2019-10-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Clientless SSL VPN (WebVPN) portal of Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "CWE-79",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-10-02T19:06:47",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20191002 Cisco Adaptive Security Appliance and Firepower Threat Defense Software WebVPN Cross-Site Scripting Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-xss"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20191002-asa-xss",
        "defect": [
          [
            "CSCvp33341"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance and Firepower Threat Defense Software WebVPN Cross-Site Scripting Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2019-10-02T16:00:00-0700",
          "ID": "CVE-2019-12695",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance and Firepower Threat Defense Software WebVPN Cross-Site Scripting Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the Clientless SSL VPN (WebVPN) portal of Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "6.1",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-79"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20191002 Cisco Adaptive Security Appliance and Firepower Threat Defense Software WebVPN Cross-Site Scripting Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-xss"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20191002-asa-xss",
          "defect": [
            [
              "CSCvp33341"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2019-12695",
    "datePublished": "2019-10-02T19:06:47.387950Z",
    "dateReserved": "2019-06-04T00:00:00",
    "dateUpdated": "2024-11-21T19:12:12.103Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2018-0101 (GCVE-0-2018-0101)

Vulnerability from cvelistv5

Published

2018-01-29 20:00

Modified

2024-12-02 21:25

Severity ?

CWE

CWE-415

Summary

A vulnerability in the Secure Sockets Layer (SSL) VPN functionality of the Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code. The vulnerability is due to an attempt to double free a region of memory when the webvpn feature is enabled on the Cisco ASA device. An attacker could exploit this vulnerability by sending multiple, crafted XML packets to a webvpn-configured interface on the affected system. An exploit could allow the attacker to execute arbitrary code and obtain full control of the system, or cause a reload of the affected device. This vulnerability affects Cisco ASA Software that is running on the following Cisco products: 3000 Series Industrial Security Appliance (ISA), ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, ASA 1000V Cloud Firewall, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4110 Security Appliance, Firepower 9300 ASA Security Module, Firepower Threat Defense Software (FTD). Cisco Bug IDs: CSCvg35618.

References

▼	URL	Tags
	https://icanthackit.wordpress.com/2018/01/30/thoughts-on-the-handling-cve-2018-0101-cisco-bug-cscvg35618/	x_refsource_MISC
	http://www.securityfocus.com/bid/102845	vdb-entry, x_refsource_BID
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180129-asa1	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1040292	vdb-entry, x_refsource_SECTRACK
	https://www.exploit-db.com/exploits/43986/	exploit, x_refsource_EXPLOIT-DB
	https://pastebin.com/YrBcG2Ln	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	Cisco Adaptive Security Appliance	Version: Cisco Adaptive Security Appliance

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T03:14:16.591Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://icanthackit.wordpress.com/2018/01/30/thoughts-on-the-handling-cve-2018-0101-cisco-bug-cscvg35618/"
          },
          {
            "name": "102845",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/102845"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180129-asa1"
          },
          {
            "name": "1040292",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1040292"
          },
          {
            "name": "43986",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/43986/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://pastebin.com/YrBcG2Ln"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2018-0101",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-12-02T19:24:15.000038Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-12-02T21:25:00.235Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Cisco Adaptive Security Appliance"
            }
          ]
        }
      ],
      "datePublic": "2018-01-29T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Secure Sockets Layer (SSL) VPN functionality of the Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code. The vulnerability is due to an attempt to double free a region of memory when the webvpn feature is enabled on the Cisco ASA device. An attacker could exploit this vulnerability by sending multiple, crafted XML packets to a webvpn-configured interface on the affected system. An exploit could allow the attacker to execute arbitrary code and obtain full control of the system, or cause a reload of the affected device. This vulnerability affects Cisco ASA Software that is running on the following Cisco products: 3000 Series Industrial Security Appliance (ISA), ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, ASA 1000V Cloud Firewall, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4110 Security Appliance, Firepower 9300 ASA Security Module, Firepower Threat Defense Software (FTD). Cisco Bug IDs: CSCvg35618."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-415",
              "description": "CWE-415",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-02-09T10:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://icanthackit.wordpress.com/2018/01/30/thoughts-on-the-handling-cve-2018-0101-cisco-bug-cscvg35618/"
        },
        {
          "name": "102845",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/102845"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180129-asa1"
        },
        {
          "name": "1040292",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1040292"
        },
        {
          "name": "43986",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/43986/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://pastebin.com/YrBcG2Ln"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2018-0101",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Cisco Adaptive Security Appliance"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the Secure Sockets Layer (SSL) VPN functionality of the Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code. The vulnerability is due to an attempt to double free a region of memory when the webvpn feature is enabled on the Cisco ASA device. An attacker could exploit this vulnerability by sending multiple, crafted XML packets to a webvpn-configured interface on the affected system. An exploit could allow the attacker to execute arbitrary code and obtain full control of the system, or cause a reload of the affected device. This vulnerability affects Cisco ASA Software that is running on the following Cisco products: 3000 Series Industrial Security Appliance (ISA), ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, ASA 1000V Cloud Firewall, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4110 Security Appliance, Firepower 9300 ASA Security Module, Firepower Threat Defense Software (FTD). Cisco Bug IDs: CSCvg35618."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-415"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://icanthackit.wordpress.com/2018/01/30/thoughts-on-the-handling-cve-2018-0101-cisco-bug-cscvg35618/",
              "refsource": "MISC",
              "url": "https://icanthackit.wordpress.com/2018/01/30/thoughts-on-the-handling-cve-2018-0101-cisco-bug-cscvg35618/"
            },
            {
              "name": "102845",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/102845"
            },
            {
              "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180129-asa1",
              "refsource": "CONFIRM",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180129-asa1"
            },
            {
              "name": "1040292",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1040292"
            },
            {
              "name": "43986",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/43986/"
            },
            {
              "name": "https://pastebin.com/YrBcG2Ln",
              "refsource": "MISC",
              "url": "https://pastebin.com/YrBcG2Ln"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2018-0101",
    "datePublished": "2018-01-29T20:00:00",
    "dateReserved": "2017-11-27T00:00:00",
    "dateUpdated": "2024-12-02T21:25:00.235Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-12673 (GCVE-0-2019-12673)

Vulnerability from cvelistv5

Published

2019-10-02 19:00

Modified

2024-11-19 18:54

Severity ?

8.6 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-119

Summary

A vulnerability in the FTP inspection engine of Cisco Adaptive Security (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient validation of FTP data. An attacker could exploit this vulnerability by sending malicious FTP traffic through an affected device. A successful exploit could allow the attacker to cause a DoS condition on the affected device.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-dos	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Adaptive Security Appliance (ASA) Software	Version: unspecified < n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T23:24:39.388Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20191002 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software FTP Inspection Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-dos"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2019-12673",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-19T17:22:49.483667Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-19T18:54:42.216Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "n/a",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2019-10-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the FTP inspection engine of Cisco Adaptive Security (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient validation of FTP data. An attacker could exploit this vulnerability by sending malicious FTP traffic through an affected device. A successful exploit could allow the attacker to cause a DoS condition on the affected device."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-119",
              "description": "CWE-119",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-10-02T19:00:18",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20191002 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software FTP Inspection Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-dos"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20191002-asa-dos",
        "defect": [
          [
            "CSCvo83169"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software FTP Inspection Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2019-10-02T16:00:00-0700",
          "ID": "CVE-2019-12673",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software FTP Inspection Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the FTP inspection engine of Cisco Adaptive Security (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient validation of FTP data. An attacker could exploit this vulnerability by sending malicious FTP traffic through an affected device. A successful exploit could allow the attacker to cause a DoS condition on the affected device."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.6",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-119"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20191002 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software FTP Inspection Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-dos"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20191002-asa-dos",
          "defect": [
            [
              "CSCvo83169"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2019-12673",
    "datePublished": "2019-10-02T19:00:18.444054Z",
    "dateReserved": "2019-06-04T00:00:00",
    "dateUpdated": "2024-11-19T18:54:42.216Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-20922 (GCVE-0-2022-20922)

Vulnerability from cvelistv5

Published

2022-11-10 17:37

Modified

2024-08-03 02:31

Severity ?

5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

CWE

CWE-244 - Improper Clearing of Heap Memory Before Release ('Heap Inspection')

Summary

Multiple vulnerabilities in the Server Message Block Version 2 (SMB2) processor of the Snort detection engine on multiple Cisco products could allow an unauthenticated, remote attacker to bypass the configured policies or cause a denial of service (DoS) condition on an affected device. These vulnerabilities are due to improper management of system resources when the Snort detection engine is processing SMB2 traffic. An attacker could exploit these vulnerabilities by sending a high rate of certain types of SMB2 packets through an affected device. A successful exploit could allow the attacker to trigger a reload of the Snort process, resulting in a DoS condition. Note: When the snort preserve-connection option is enabled for the Snort detection engine, a successful exploit could also allow the attacker to bypass the configured policies and deliver a malicious payload to the protected network. The snort preserve-connection setting is enabled by default. See the Details ["#details"] section of this advisory for more information. Note: Only products that have Snort 3 configured are affected. Products that are configured with Snort 2 are not affected.

References

▼	URL	Tags
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-smb-3nfhJtr

Impacted products

Vendor

Product

Version

▼

Cisco

Cisco Firepower Threat Defense Software

Version: 7.1.0
Version: 7.1.0.1
Version: 7.1.0.2
Version: 7.2.0
Version: 7.2.0.1

	Cisco	Cisco Umbrella Insights Virtual Appliance	Version: 1.5.4 Version: 1.5.5 Version: 1.5.6 Version: 2.0.0 Version: 2.0.2 Version: 2.0.3 Version: 2.1.0 Version: 2.1.2 Version: 2.1.5 Version: 2.1.4 Version: 2.4.12 Version: 2.4.6 Version: 2.4 Version: 2.4.4 Version: 2.5 Version: 2.5.4 Version: 2.5.5 Version: 2.5.6 Version: 2.5.7 Version: 2.6.0 Version: 2.6.1 Version: 2.6.2 Version: 2.7 Version: 2.8 Version: 2.8.9 Version: 3.0 Version: 3.1 Version: 3.2 Version: 2.3.1 Version: 2.3 Version: 2.2 Version: 2.2.1
	Cisco	Cisco Cyber Vision	Version: 3.0.4 Version: 3.0.0 Version: 3.0.1 Version: 3.0.2 Version: 3.0.3 Version: 3.0.5 Version: 3.0.6 Version: 3.1.0 Version: 3.1.2 Version: 3.1.1 Version: 3.2.3 Version: 3.2.1 Version: 3.2.4 Version: 3.2.0 Version: 3.2.2 Version: 4.0.0 Version: 4.0.1 Version: 4.0.2 Version: 4.0.3 Version: 4.1.0 Version: 4.1.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T02:31:57.388Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "cisco-sa-snort-smb-3nfhJtr",
            "tags": [
              "x_transferred"
            ],
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-smb-3nfhJtr"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "7.1.0"
            },
            {
              "status": "affected",
              "version": "7.1.0.1"
            },
            {
              "status": "affected",
              "version": "7.1.0.2"
            },
            {
              "status": "affected",
              "version": "7.2.0"
            },
            {
              "status": "affected",
              "version": "7.2.0.1"
            }
          ]
        },
        {
          "product": "Cisco Umbrella Insights Virtual Appliance",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "1.5.4"
            },
            {
              "status": "affected",
              "version": "1.5.5"
            },
            {
              "status": "affected",
              "version": "1.5.6"
            },
            {
              "status": "affected",
              "version": "2.0.0"
            },
            {
              "status": "affected",
              "version": "2.0.2"
            },
            {
              "status": "affected",
              "version": "2.0.3"
            },
            {
              "status": "affected",
              "version": "2.1.0"
            },
            {
              "status": "affected",
              "version": "2.1.2"
            },
            {
              "status": "affected",
              "version": "2.1.5"
            },
            {
              "status": "affected",
              "version": "2.1.4"
            },
            {
              "status": "affected",
              "version": "2.4.12"
            },
            {
              "status": "affected",
              "version": "2.4.6"
            },
            {
              "status": "affected",
              "version": "2.4"
            },
            {
              "status": "affected",
              "version": "2.4.4"
            },
            {
              "status": "affected",
              "version": "2.5"
            },
            {
              "status": "affected",
              "version": "2.5.4"
            },
            {
              "status": "affected",
              "version": "2.5.5"
            },
            {
              "status": "affected",
              "version": "2.5.6"
            },
            {
              "status": "affected",
              "version": "2.5.7"
            },
            {
              "status": "affected",
              "version": "2.6.0"
            },
            {
              "status": "affected",
              "version": "2.6.1"
            },
            {
              "status": "affected",
              "version": "2.6.2"
            },
            {
              "status": "affected",
              "version": "2.7"
            },
            {
              "status": "affected",
              "version": "2.8"
            },
            {
              "status": "affected",
              "version": "2.8.9"
            },
            {
              "status": "affected",
              "version": "3.0"
            },
            {
              "status": "affected",
              "version": "3.1"
            },
            {
              "status": "affected",
              "version": "3.2"
            },
            {
              "status": "affected",
              "version": "2.3.1"
            },
            {
              "status": "affected",
              "version": "2.3"
            },
            {
              "status": "affected",
              "version": "2.2"
            },
            {
              "status": "affected",
              "version": "2.2.1"
            }
          ]
        },
        {
          "product": "Cisco Cyber Vision",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "3.0.4"
            },
            {
              "status": "affected",
              "version": "3.0.0"
            },
            {
              "status": "affected",
              "version": "3.0.1"
            },
            {
              "status": "affected",
              "version": "3.0.2"
            },
            {
              "status": "affected",
              "version": "3.0.3"
            },
            {
              "status": "affected",
              "version": "3.0.5"
            },
            {
              "status": "affected",
              "version": "3.0.6"
            },
            {
              "status": "affected",
              "version": "3.1.0"
            },
            {
              "status": "affected",
              "version": "3.1.2"
            },
            {
              "status": "affected",
              "version": "3.1.1"
            },
            {
              "status": "affected",
              "version": "3.2.3"
            },
            {
              "status": "affected",
              "version": "3.2.1"
            },
            {
              "status": "affected",
              "version": "3.2.4"
            },
            {
              "status": "affected",
              "version": "3.2.0"
            },
            {
              "status": "affected",
              "version": "3.2.2"
            },
            {
              "status": "affected",
              "version": "4.0.0"
            },
            {
              "status": "affected",
              "version": "4.0.1"
            },
            {
              "status": "affected",
              "version": "4.0.2"
            },
            {
              "status": "affected",
              "version": "4.0.3"
            },
            {
              "status": "affected",
              "version": "4.1.0"
            },
            {
              "status": "affected",
              "version": "4.1.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple vulnerabilities in the Server Message Block Version 2 (SMB2) processor of the Snort detection engine on multiple Cisco products could allow an unauthenticated, remote attacker to bypass the configured policies or cause a denial of service (DoS) condition on an affected device.\r\n\r These vulnerabilities are due to improper management of system resources when the Snort detection engine is processing SMB2 traffic. An attacker could exploit these vulnerabilities by sending a high rate of certain types of SMB2 packets through an affected device. A successful exploit could allow the attacker to trigger a reload of the Snort process, resulting in a DoS condition.\r\n\r Note: When the snort preserve-connection option is enabled for the Snort detection engine, a successful exploit could also allow the attacker to bypass the configured policies and deliver a malicious payload to the protected network. The snort preserve-connection setting is enabled by default. See the Details [\"#details\"] section of this advisory for more information.\r\n\r Note: Only products that have Snort 3 configured are affected. Products that are configured with Snort 2 are not affected."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-244",
              "description": "Improper Clearing of Heap Memory Before Release (\u0027Heap Inspection\u0027)",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-25T16:57:13.504Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-snort-smb-3nfhJtr",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-smb-3nfhJtr"
        }
      ],
      "source": {
        "advisory": "cisco-sa-snort-smb-3nfhJtr",
        "defects": [
          "CSCwa55404",
          "CSCwb66736",
          "CSCwb87762",
          "CSCwb91454",
          "CSCwc37518",
          "CSCwc37339"
        ],
        "discovery": "EXTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2022-20922",
    "datePublished": "2022-11-10T17:37:12.903Z",
    "dateReserved": "2021-11-02T13:28:29.190Z",
    "dateUpdated": "2024-08-03T02:31:57.388Z",
    "requesterUserId": "4087f8c1-b21c-479b-99df-de23cb76b743",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-40114 (GCVE-0-2021-40114)

Vulnerability from cvelistv5

Published

2021-10-27 18:56

Modified

2024-11-07 21:43

Severity ?

6.8 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-770

Summary

Multiple Cisco products are affected by a vulnerability in the way the Snort detection engine processes ICMP traffic that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper memory resource management while the Snort detection engine is processing ICMP packets. An attacker could exploit this vulnerability by sending a series of ICMP packets through an affected device. A successful exploit could allow the attacker to exhaust resources on the affected device, causing the device to reload.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-dos-s2R7W9UU	vendor-advisory
	https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html	mailing-list
	https://www.debian.org/security/2023/dsa-5354	vendor-advisory

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Threat Defense Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T02:27:31.905Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20211027 Multiple Cisco Products Snort Memory Leak Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-dos-s2R7W9UU"
          },
          {
            "name": "[debian-lts-announce] 20230210 [SECURITY] [DLA 3317-1] snort security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html"
          },
          {
            "name": "DSA-5354",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2023/dsa-5354"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-40114",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-07T21:39:43.541348Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-07T21:43:47.611Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2021-10-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple Cisco products are affected by a vulnerability in the way the Snort detection engine processes ICMP traffic that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper memory resource management while the Snort detection engine is processing ICMP packets. An attacker could exploit this vulnerability by sending a series of ICMP packets through an affected device. A successful exploit could allow the attacker to exhaust resources on the affected device, causing the device to reload."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-770",
              "description": "CWE-770",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-02-19T00:00:00",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20211027 Multiple Cisco Products Snort Memory Leak Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-dos-s2R7W9UU"
        },
        {
          "name": "[debian-lts-announce] 20230210 [SECURITY] [DLA 3317-1] snort security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html"
        },
        {
          "name": "DSA-5354",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.debian.org/security/2023/dsa-5354"
        }
      ],
      "source": {
        "advisory": "cisco-sa-snort-dos-s2R7W9UU",
        "defect": [
          [
            "CSCvt57503",
            "CSCvx29001"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Multiple Cisco Products Snort Memory Leak Denial of Service Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2021-40114",
    "datePublished": "2021-10-27T18:56:37.380285Z",
    "dateReserved": "2021-08-25T00:00:00",
    "dateUpdated": "2024-11-07T21:43:47.611Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-20107 (GCVE-0-2023-20107)

Vulnerability from cvelistv5

Published

2023-03-23 00:00

Modified

2024-10-28 16:31

Severity ?

5.3 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CWE

CWE-332

Summary

A vulnerability in the deterministic random bit generator (DRBG), also known as pseudorandom number generator (PRNG), in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software for Cisco ASA 5506-X, ASA 5508-X, and ASA 5516-X Firewalls could allow an unauthenticated, remote attacker to cause a cryptographic collision, enabling the attacker to discover the private key of an affected device. This vulnerability is due to insufficient entropy in the DRBG for the affected hardware platforms when generating cryptographic keys. An attacker could exploit this vulnerability by generating a large number of cryptographic keys on an affected device and looking for collisions with target devices. A successful exploit could allow the attacker to impersonate an affected target device or to decrypt traffic secured by an affected key that is sent to or from an affected target device.

References

▼	URL	Tags
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa5500x-entropy-6v9bHVYP	vendor-advisory

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Adaptive Security Appliance (ASA) Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T08:57:35.883Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20230322 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Low-Entropy Keys Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa5500x-entropy-6v9bHVYP"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-20107",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-28T16:24:36.112775Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-28T16:31:56.892Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software ",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2023-03-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the deterministic random bit generator (DRBG), also known as pseudorandom number generator (PRNG), in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software for Cisco ASA 5506-X, ASA 5508-X, and ASA 5516-X Firewalls could allow an unauthenticated, remote attacker to cause a cryptographic collision, enabling the attacker to discover the private key of an affected device. This vulnerability is due to insufficient entropy in the DRBG for the affected hardware platforms when generating cryptographic keys. An attacker could exploit this vulnerability by generating a large number of cryptographic keys on an affected device and looking for collisions with target devices. A successful exploit could allow the attacker to impersonate an affected target device or to decrypt traffic secured by an affected key that is sent to or from an affected target device."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. "
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-332",
              "description": "CWE-332",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-03-23T00:00:00",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20230322 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Low-Entropy Keys Vulnerability",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa5500x-entropy-6v9bHVYP"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asa5500x-entropy-6v9bHVYP",
        "defect": [
          [
            "CSCvm90511"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Low-Entropy Keys Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2023-20107",
    "datePublished": "2023-03-23T00:00:00",
    "dateReserved": "2022-10-27T00:00:00",
    "dateUpdated": "2024-10-28T16:31:56.892Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-20412 (GCVE-0-2024-20412)

Vulnerability from cvelistv5

Published

2024-10-23 17:39

Modified

2024-10-26 03:55

Severity ?

9.3 (Critical) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

CWE

CWE-259 - Use of Hard-coded Password

Summary

A vulnerability in Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 1000, 2100, 3100, and 4200 Series could allow an unauthenticated, local attacker to access an affected system using static credentials. This vulnerability is due to the presence of static accounts with hard-coded passwords on an affected system. An attacker could exploit this vulnerability by logging in to the CLI of an affected device with these credentials. A successful exploit could allow the attacker to access the affected system and retrieve sensitive information, perform limited troubleshooting actions, modify some configuration options, or render the device unable to boot to the operating system, requiring a reimage of the device.

References

▼	URL	Tags
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-statcred-dFC8tXT5

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Threat Defense Software	Version: 7.1.0 Version: 7.1.0.1 Version: 7.1.0.2 Version: 7.1.0.3 Version: 7.2.0 Version: 7.2.0.1 Version: 7.2.1 Version: 7.2.2 Version: 7.2.3 Version: 7.2.4 Version: 7.2.4.1 Version: 7.2.5 Version: 7.2.5.1 Version: 7.2.6 Version: 7.2.7 Version: 7.2.5.2 Version: 7.3.0 Version: 7.3.1 Version: 7.3.1.1 Version: 7.3.1.2 Version: 7.4.0 Version: 7.4.1 Version: 7.4.1.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:cisco:firepower_threat_defense_software:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "firepower_threat_defense_software",
            "vendor": "cisco",
            "versions": [
              {
                "lessThanOrEqual": "7.1.0.3",
                "status": "affected",
                "version": "7.1.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "7.2.7",
                "status": "affected",
                "version": "7.2.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "7.3.1.2",
                "status": "affected",
                "version": "7.3.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "7.4.1.1",
                "status": "affected",
                "version": "7.4.0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-20412",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-25T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-26T03:55:24.066Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "7.1.0"
            },
            {
              "status": "affected",
              "version": "7.1.0.1"
            },
            {
              "status": "affected",
              "version": "7.1.0.2"
            },
            {
              "status": "affected",
              "version": "7.1.0.3"
            },
            {
              "status": "affected",
              "version": "7.2.0"
            },
            {
              "status": "affected",
              "version": "7.2.0.1"
            },
            {
              "status": "affected",
              "version": "7.2.1"
            },
            {
              "status": "affected",
              "version": "7.2.2"
            },
            {
              "status": "affected",
              "version": "7.2.3"
            },
            {
              "status": "affected",
              "version": "7.2.4"
            },
            {
              "status": "affected",
              "version": "7.2.4.1"
            },
            {
              "status": "affected",
              "version": "7.2.5"
            },
            {
              "status": "affected",
              "version": "7.2.5.1"
            },
            {
              "status": "affected",
              "version": "7.2.6"
            },
            {
              "status": "affected",
              "version": "7.2.7"
            },
            {
              "status": "affected",
              "version": "7.2.5.2"
            },
            {
              "status": "affected",
              "version": "7.3.0"
            },
            {
              "status": "affected",
              "version": "7.3.1"
            },
            {
              "status": "affected",
              "version": "7.3.1.1"
            },
            {
              "status": "affected",
              "version": "7.3.1.2"
            },
            {
              "status": "affected",
              "version": "7.4.0"
            },
            {
              "status": "affected",
              "version": "7.4.1"
            },
            {
              "status": "affected",
              "version": "7.4.1.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 1000, 2100, 3100, and 4200 Series could allow an unauthenticated, local attacker to access an affected system using static credentials.\r\n\r This vulnerability is due to the presence of static accounts with hard-coded passwords on an affected system. An attacker could exploit this vulnerability by logging in to the CLI of an affected device with these credentials. A successful exploit could allow the attacker to access the affected system and retrieve sensitive information, perform limited troubleshooting actions, modify some configuration options, or render the device unable to boot to the operating system, requiring a reimage of the device."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 9.3,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-259",
              "description": "Use of Hard-coded Password",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-23T17:39:04.071Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-ftd-statcred-dFC8tXT5",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-statcred-dFC8tXT5"
        }
      ],
      "source": {
        "advisory": "cisco-sa-ftd-statcred-dFC8tXT5",
        "defects": [
          "CSCwk07982"
        ],
        "discovery": "INTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2024-20412",
    "datePublished": "2024-10-23T17:39:04.071Z",
    "dateReserved": "2023-11-08T15:08:07.663Z",
    "dateUpdated": "2024-10-26T03:55:24.066Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2018-0453 (GCVE-0-2018-0453)

Vulnerability from cvelistv5

Published

2018-10-05 14:00

Modified

2024-11-26 14:40

Severity ?

CWE

CWE-264

Summary

A vulnerability in the Sourcefire tunnel control channel protocol in Cisco Firepower System Software running on Cisco Firepower Threat Defense (FTD) sensors could allow an authenticated, local attacker to execute specific CLI commands with root privileges on the Cisco Firepower Management Center (FMC), or through Cisco FMC on other Firepower sensors and devices that are controlled by the same Cisco FMC. To send the commands, the attacker must have root privileges for at least one affected sensor or the Cisco FMC. The vulnerability exists because the affected software performs insufficient checks for certain CLI commands, if the commands are executed via a Sourcefire tunnel connection. An attacker could exploit this vulnerability by authenticating with root privileges to a Firepower sensor or Cisco FMC, and then sending specific CLI commands to the Cisco FMC or through the Cisco FMC to another Firepower sensor via the Sourcefire tunnel connection. A successful exploit could allow the attacker to modify device configurations or delete files on the device that is running Cisco FMC Software or on any Firepower device that is managed by Cisco FMC.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-fp-cmd-injection	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco FireSIGHT System Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T03:28:10.620Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20181003 Cisco Firepower Management Center and Firepower System Software Sourcefire Tunnel Control Channel Command Execution Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-fp-cmd-injection"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2018-0453",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-25T18:51:27.788726Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-26T14:40:54.949Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco FireSIGHT System Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-10-03T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Sourcefire tunnel control channel protocol in Cisco Firepower System Software running on Cisco Firepower Threat Defense (FTD) sensors could allow an authenticated, local attacker to execute specific CLI commands with root privileges on the Cisco Firepower Management Center (FMC), or through Cisco FMC on other Firepower sensors and devices that are controlled by the same Cisco FMC. To send the commands, the attacker must have root privileges for at least one affected sensor or the Cisco FMC. The vulnerability exists because the affected software performs insufficient checks for certain CLI commands, if the commands are executed via a Sourcefire tunnel connection. An attacker could exploit this vulnerability by authenticating with root privileges to a Firepower sensor or Cisco FMC, and then sending specific CLI commands to the Cisco FMC or through the Cisco FMC to another Firepower sensor via the Sourcefire tunnel connection. A successful exploit could allow the attacker to modify device configurations or delete files on the device that is running Cisco FMC Software or on any Firepower device that is managed by Cisco FMC."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-264",
              "description": "CWE-264",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-05T13:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20181003 Cisco Firepower Management Center and Firepower System Software Sourcefire Tunnel Control Channel Command Execution Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-fp-cmd-injection"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20181003-fp-cmd-injection",
        "defect": [
          [
            "CSCvg46466"
          ]
        ],
        "discovery": "UNKNOWN"
      },
      "title": "Cisco Firepower Management Center and Firepower System Software Sourcefire Tunnel Control Channel Command Execution Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2018-10-03T16:00:00-0500",
          "ID": "CVE-2018-0453",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Firepower Management Center and Firepower System Software Sourcefire Tunnel Control Channel Command Execution Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco FireSIGHT System Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the Sourcefire tunnel control channel protocol in Cisco Firepower System Software running on Cisco Firepower Threat Defense (FTD) sensors could allow an authenticated, local attacker to execute specific CLI commands with root privileges on the Cisco Firepower Management Center (FMC), or through Cisco FMC on other Firepower sensors and devices that are controlled by the same Cisco FMC. To send the commands, the attacker must have root privileges for at least one affected sensor or the Cisco FMC. The vulnerability exists because the affected software performs insufficient checks for certain CLI commands, if the commands are executed via a Sourcefire tunnel connection. An attacker could exploit this vulnerability by authenticating with root privileges to a Firepower sensor or Cisco FMC, and then sending specific CLI commands to the Cisco FMC or through the Cisco FMC to another Firepower sensor via the Sourcefire tunnel connection. A successful exploit could allow the attacker to modify device configurations or delete files on the device that is running Cisco FMC Software or on any Firepower device that is managed by Cisco FMC."
            }
          ]
        },
        "impact": {
          "cvss": {
            "baseScore": "8.2",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-264"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20181003 Cisco Firepower Management Center and Firepower System Software Sourcefire Tunnel Control Channel Command Execution Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-fp-cmd-injection"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20181003-fp-cmd-injection",
          "defect": [
            [
              "CSCvg46466"
            ]
          ],
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2018-0453",
    "datePublished": "2018-10-05T14:00:00Z",
    "dateReserved": "2017-11-27T00:00:00",
    "dateUpdated": "2024-11-26T14:40:54.949Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-1445 (GCVE-0-2021-1445)

Vulnerability from cvelistv5

Published

2021-04-29 17:30

Modified

2024-11-08 23:24

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-787

Summary

Multiple vulnerabilities in Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. These vulnerabilities are due to lack of proper input validation of the HTTPS request. An attacker could exploit these vulnerabilities by sending a crafted HTTPS request to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Note: This vulnerability affects only specific AnyConnect and WebVPN configurations. For more information, see the Vulnerable Products section.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-vpn-dos-fpBcpEcD	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Adaptive Security Appliance (ASA) Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T16:11:17.200Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20210428 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services VPN Denial of Service Vulnerabilities",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-vpn-dos-fpBcpEcD"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-1445",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-08T20:02:22.179943Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-08T23:24:42.374Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2021-04-28T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple vulnerabilities in Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. These vulnerabilities are due to lack of proper input validation of the HTTPS request. An attacker could exploit these vulnerabilities by sending a crafted HTTPS request to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Note: This vulnerability affects only specific AnyConnect and WebVPN configurations. For more information, see the Vulnerable Products section."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-04-29T17:30:27",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20210428 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services VPN Denial of Service Vulnerabilities",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-vpn-dos-fpBcpEcD"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asa-ftd-vpn-dos-fpBcpEcD",
        "defect": [
          [
            "CSCvv56644",
            "CSCvv65184"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services VPN Denial of Service Vulnerabilities",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2021-04-28T16:00:00",
          "ID": "CVE-2021-1445",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services VPN Denial of Service Vulnerabilities"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple vulnerabilities in Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. These vulnerabilities are due to lack of proper input validation of the HTTPS request. An attacker could exploit these vulnerabilities by sending a crafted HTTPS request to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Note: This vulnerability affects only specific AnyConnect and WebVPN configurations. For more information, see the Vulnerable Products section."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.6",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-787"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20210428 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services VPN Denial of Service Vulnerabilities",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-vpn-dos-fpBcpEcD"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-asa-ftd-vpn-dos-fpBcpEcD",
          "defect": [
            [
              "CSCvv56644",
              "CSCvv65184"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2021-1445",
    "datePublished": "2021-04-29T17:30:28.009141Z",
    "dateReserved": "2020-11-13T00:00:00",
    "dateUpdated": "2024-11-08T23:24:42.374Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-44228 (GCVE-0-2021-44228)

Vulnerability from cvelistv5

Published

2021-12-10 00:00

Modified

2025-07-30 01:37

Severity ?

CWE

CWE-502 - Deserialization of Untrusted Data
CWE-400 - Uncontrolled Resource Consumption
CWE-20 - Improper Input Validation

Summary

Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects.

References

▼	URL	Tags
	https://logging.apache.org/log4j/2.x/security.html
	http://www.openwall.com/lists/oss-security/2021/12/10/1	mailing-list
	http://www.openwall.com/lists/oss-security/2021/12/10/2	mailing-list
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd	vendor-advisory
	http://www.openwall.com/lists/oss-security/2021/12/10/3	mailing-list
	https://security.netapp.com/advisory/ntap-20211210-0007/
	http://packetstormsecurity.com/files/165225/Apache-Log4j2-2.14.1-Remote-Code-Execution.html
	https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032
	https://www.oracle.com/security-alerts/alert-cve-2021-44228.html
	https://www.debian.org/security/2021/dsa-5020	vendor-advisory
	https://lists.debian.org/debian-lts-announce/2021/12/msg00007.html	mailing-list
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VU57UJDCFIASIO35GC55JMKSRXJMCDFM/	vendor-advisory
	https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/	vendor-advisory
	http://www.openwall.com/lists/oss-security/2021/12/13/2	mailing-list
	http://www.openwall.com/lists/oss-security/2021/12/13/1	mailing-list
	http://www.openwall.com/lists/oss-security/2021/12/14/4	mailing-list
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd	vendor-advisory
	https://www.kb.cert.org/vuls/id/930724	third-party-advisory
	https://twitter.com/kurtseifried/status/1469345530182455296
	https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf
	http://packetstormsecurity.com/files/165260/VMware-Security-Advisory-2021-0028.html
	http://packetstormsecurity.com/files/165270/Apache-Log4j2-2.14.1-Remote-Code-Execution.html
	http://packetstormsecurity.com/files/165261/Apache-Log4j2-2.14.1-Information-Disclosure.html
	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd	vendor-advisory
	http://www.openwall.com/lists/oss-security/2021/12/15/3	mailing-list
	http://packetstormsecurity.com/files/165282/Log4j-Payload-Generator.html
	http://packetstormsecurity.com/files/165281/Log4j2-Log4Shell-Regexes.html
	http://packetstormsecurity.com/files/165307/Log4j-Remote-Code-Execution-Word-Bypassing.html
	http://packetstormsecurity.com/files/165311/log4j-scan-Extensive-Scanner.html
	http://packetstormsecurity.com/files/165306/L4sh-Log4j-Remote-Code-Execution.html
	https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M5CSVUNV4HWZZXGOKNSK6L7RPM7BOKIB/	vendor-advisory
	http://packetstormsecurity.com/files/165371/VMware-Security-Advisory-2021-0028.4.html
	https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf
	https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf
	https://www.oracle.com/security-alerts/cpujan2022.html
	http://packetstormsecurity.com/files/165532/Log4Shell-HTTP-Header-Injection.html
	https://github.com/cisagov/log4j-affected-db/blob/develop/SOFTWARE-LIST.md
	http://packetstormsecurity.com/files/165642/VMware-vCenter-Server-Unauthenticated-Log4Shell-JNDI-Injection-Remote-Code-Execution.html
	http://packetstormsecurity.com/files/165673/UniFi-Network-Application-Unauthenticated-Log4Shell-Remote-Code-Execution.html
	http://seclists.org/fulldisclosure/2022/Mar/23	mailing-list
	https://www.bentley.com/en/common-vulnerability-exposure/be-2022-0001
	https://github.com/cisagov/log4j-affected-db
	https://support.apple.com/kb/HT213189
	https://www.oracle.com/security-alerts/cpuapr2022.html
	https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-44228
	https://www.nu11secur1ty.com/2021/12/cve-2021-44228.html
	http://seclists.org/fulldisclosure/2022/Jul/11	mailing-list
	http://packetstormsecurity.com/files/167794/Open-Xchange-App-Suite-7.10.x-Cross-Site-Scripting-Command-Injection.html
	http://packetstormsecurity.com/files/167917/MobileIron-Log4Shell-Remote-Command-Execution.html
	http://seclists.org/fulldisclosure/2022/Dec/2	mailing-list
	http://packetstormsecurity.com/files/171626/AD-Manager-Plus-7122-Remote-Code-Execution.html

Impacted products

	Vendor	Product	Version
	Apache Software Foundation	Apache Log4j2	Version: 2.0-beta9 < log4j-core*

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T04:17:24.696Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://logging.apache.org/log4j/2.x/security.html"
          },
          {
            "name": "[oss-security] 20211210 CVE-2021-44228: Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2021/12/10/1"
          },
          {
            "name": "[oss-security] 20211210 Re: CVE-2021-44228: Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2021/12/10/2"
          },
          {
            "name": "20211210 Vulnerability in Apache Log4j Library Affecting Cisco Products: December 2021",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd"
          },
          {
            "name": "[oss-security] 20211210 Re: CVE-2021-44228: Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2021/12/10/3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20211210-0007/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/165225/Apache-Log4j2-2.14.1-Remote-Code-Execution.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/alert-cve-2021-44228.html"
          },
          {
            "name": "DSA-5020",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2021/dsa-5020"
          },
          {
            "name": "[debian-lts-announce] 20211212 [SECURITY] [DLA 2842-1] apache-log4j2 security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00007.html"
          },
          {
            "name": "FEDORA-2021-f0f501d01f",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VU57UJDCFIASIO35GC55JMKSRXJMCDFM/"
          },
          {
            "name": "Microsoft\u2019s Response to CVE-2021-44228 Apache Log4j 2",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/"
          },
          {
            "name": "[oss-security] 20211213 Re: CVE-2021-4104: Deserialization of untrusted data in JMSAppender in Apache Log4j 1.2",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2021/12/13/2"
          },
          {
            "name": "[oss-security] 20211213 CVE-2021-4104: Deserialization of untrusted data in JMSAppender in Apache Log4j 1.2",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2021/12/13/1"
          },
          {
            "name": "[oss-security] 20211214 CVE-2021-45046: Apache Log4j2 Thread Context Message Pattern and Context Lookup Pattern vulnerable to a denial of service attack",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2021/12/14/4"
          },
          {
            "name": "20211210 A Vulnerability in Apache Log4j Library Affecting Cisco Products: December 2021",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd"
          },
          {
            "name": "VU#930724",
            "tags": [
              "third-party-advisory",
              "x_transferred"
            ],
            "url": "https://www.kb.cert.org/vuls/id/930724"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://twitter.com/kurtseifried/status/1469345530182455296"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/165260/VMware-Security-Advisory-2021-0028.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/165270/Apache-Log4j2-2.14.1-Remote-Code-Execution.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/165261/Apache-Log4j2-2.14.1-Information-Disclosure.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html"
          },
          {
            "name": "20211210 Vulnerabilities in Apache Log4j Library Affecting Cisco Products: December 2021",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd"
          },
          {
            "name": "[oss-security] 20211215 Re: CVE-2021-45046: Apache Log4j2 Thread Context Message Pattern and Context Lookup Pattern vulnerable to a denial of service attack",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2021/12/15/3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/165282/Log4j-Payload-Generator.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/165281/Log4j2-Log4Shell-Regexes.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/165307/Log4j-Remote-Code-Execution-Word-Bypassing.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/165311/log4j-scan-Extensive-Scanner.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/165306/L4sh-Log4j-Remote-Code-Execution.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf"
          },
          {
            "name": "FEDORA-2021-66d6c484f3",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M5CSVUNV4HWZZXGOKNSK6L7RPM7BOKIB/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/165371/VMware-Security-Advisory-2021-0028.4.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/165532/Log4Shell-HTTP-Header-Injection.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/cisagov/log4j-affected-db/blob/develop/SOFTWARE-LIST.md"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/165642/VMware-vCenter-Server-Unauthenticated-Log4Shell-JNDI-Injection-Remote-Code-Execution.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/165673/UniFi-Network-Application-Unauthenticated-Log4Shell-Remote-Code-Execution.html"
          },
          {
            "name": "20220314 APPLE-SA-2022-03-14-7 Xcode 13.3",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2022/Mar/23"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.bentley.com/en/common-vulnerability-exposure/be-2022-0001"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/cisagov/log4j-affected-db"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/kb/HT213189"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-44228"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.nu11secur1ty.com/2021/12/cve-2021-44228.html"
          },
          {
            "name": "20220721 Open-Xchange Security Advisory 2022-07-21",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2022/Jul/11"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/167794/Open-Xchange-App-Suite-7.10.x-Cross-Site-Scripting-Command-Injection.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/167917/MobileIron-Log4Shell-Remote-Command-Execution.html"
          },
          {
            "name": "20221208 Intel Data Center Manager \u003c= 5.1 Local Privileges Escalation",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2022/Dec/2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/171626/AD-Manager-Plus-7122-Remote-Code-Execution.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 10,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "CHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2021-44228",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-04T14:25:34.416117Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2021-12-10",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-44228"
              },
              "type": "kev"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-30T01:37:52.215Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2021-12-10T00:00:00+00:00",
            "value": "CVE-2021-44228 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Apache Log4j2",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "changes": [
                {
                  "at": "2.3.1",
                  "status": "unaffected"
                },
                {
                  "at": "2.4",
                  "status": "affected"
                },
                {
                  "at": "2.12.2",
                  "status": "unaffected"
                },
                {
                  "at": "2.13.0",
                  "status": "affected"
                },
                {
                  "at": "2.15.0",
                  "status": "unaffected"
                }
              ],
              "lessThan": "log4j-core*",
              "status": "affected",
              "version": "2.0-beta9",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This issue was discovered by Chen Zhaojun of Alibaba Cloud Security Team."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "other": "critical"
            },
            "type": "unknown"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-502",
              "description": "CWE-502 Deserialization of Untrusted Data",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400 Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20 Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-04-03T00:00:00.000Z",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "url": "https://logging.apache.org/log4j/2.x/security.html"
        },
        {
          "name": "[oss-security] 20211210 CVE-2021-44228: Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2021/12/10/1"
        },
        {
          "name": "[oss-security] 20211210 Re: CVE-2021-44228: Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2021/12/10/2"
        },
        {
          "name": "20211210 Vulnerability in Apache Log4j Library Affecting Cisco Products: December 2021",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd"
        },
        {
          "name": "[oss-security] 20211210 Re: CVE-2021-44228: Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2021/12/10/3"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20211210-0007/"
        },
        {
          "url": "http://packetstormsecurity.com/files/165225/Apache-Log4j2-2.14.1-Remote-Code-Execution.html"
        },
        {
          "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032"
        },
        {
          "url": "https://www.oracle.com/security-alerts/alert-cve-2021-44228.html"
        },
        {
          "name": "DSA-5020",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.debian.org/security/2021/dsa-5020"
        },
        {
          "name": "[debian-lts-announce] 20211212 [SECURITY] [DLA 2842-1] apache-log4j2 security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00007.html"
        },
        {
          "name": "FEDORA-2021-f0f501d01f",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VU57UJDCFIASIO35GC55JMKSRXJMCDFM/"
        },
        {
          "name": "Microsoft\u2019s Response to CVE-2021-44228 Apache Log4j 2",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/"
        },
        {
          "name": "[oss-security] 20211213 Re: CVE-2021-4104: Deserialization of untrusted data in JMSAppender in Apache Log4j 1.2",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2021/12/13/2"
        },
        {
          "name": "[oss-security] 20211213 CVE-2021-4104: Deserialization of untrusted data in JMSAppender in Apache Log4j 1.2",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2021/12/13/1"
        },
        {
          "name": "[oss-security] 20211214 CVE-2021-45046: Apache Log4j2 Thread Context Message Pattern and Context Lookup Pattern vulnerable to a denial of service attack",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2021/12/14/4"
        },
        {
          "name": "20211210 A Vulnerability in Apache Log4j Library Affecting Cisco Products: December 2021",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd"
        },
        {
          "name": "VU#930724",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://www.kb.cert.org/vuls/id/930724"
        },
        {
          "url": "https://twitter.com/kurtseifried/status/1469345530182455296"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf"
        },
        {
          "url": "http://packetstormsecurity.com/files/165260/VMware-Security-Advisory-2021-0028.html"
        },
        {
          "url": "http://packetstormsecurity.com/files/165270/Apache-Log4j2-2.14.1-Remote-Code-Execution.html"
        },
        {
          "url": "http://packetstormsecurity.com/files/165261/Apache-Log4j2-2.14.1-Information-Disclosure.html"
        },
        {
          "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html"
        },
        {
          "name": "20211210 Vulnerabilities in Apache Log4j Library Affecting Cisco Products: December 2021",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd"
        },
        {
          "name": "[oss-security] 20211215 Re: CVE-2021-45046: Apache Log4j2 Thread Context Message Pattern and Context Lookup Pattern vulnerable to a denial of service attack",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2021/12/15/3"
        },
        {
          "url": "http://packetstormsecurity.com/files/165282/Log4j-Payload-Generator.html"
        },
        {
          "url": "http://packetstormsecurity.com/files/165281/Log4j2-Log4Shell-Regexes.html"
        },
        {
          "url": "http://packetstormsecurity.com/files/165307/Log4j-Remote-Code-Execution-Word-Bypassing.html"
        },
        {
          "url": "http://packetstormsecurity.com/files/165311/log4j-scan-Extensive-Scanner.html"
        },
        {
          "url": "http://packetstormsecurity.com/files/165306/L4sh-Log4j-Remote-Code-Execution.html"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf"
        },
        {
          "name": "FEDORA-2021-66d6c484f3",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M5CSVUNV4HWZZXGOKNSK6L7RPM7BOKIB/"
        },
        {
          "url": "http://packetstormsecurity.com/files/165371/VMware-Security-Advisory-2021-0028.4.html"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf"
        },
        {
          "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
        },
        {
          "url": "http://packetstormsecurity.com/files/165532/Log4Shell-HTTP-Header-Injection.html"
        },
        {
          "url": "https://github.com/cisagov/log4j-affected-db/blob/develop/SOFTWARE-LIST.md"
        },
        {
          "url": "http://packetstormsecurity.com/files/165642/VMware-vCenter-Server-Unauthenticated-Log4Shell-JNDI-Injection-Remote-Code-Execution.html"
        },
        {
          "url": "http://packetstormsecurity.com/files/165673/UniFi-Network-Application-Unauthenticated-Log4Shell-Remote-Code-Execution.html"
        },
        {
          "name": "20220314 APPLE-SA-2022-03-14-7 Xcode 13.3",
          "tags": [
            "mailing-list"
          ],
          "url": "http://seclists.org/fulldisclosure/2022/Mar/23"
        },
        {
          "url": "https://www.bentley.com/en/common-vulnerability-exposure/be-2022-0001"
        },
        {
          "url": "https://github.com/cisagov/log4j-affected-db"
        },
        {
          "url": "https://support.apple.com/kb/HT213189"
        },
        {
          "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
        },
        {
          "url": "https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-44228"
        },
        {
          "url": "https://www.nu11secur1ty.com/2021/12/cve-2021-44228.html"
        },
        {
          "name": "20220721 Open-Xchange Security Advisory 2022-07-21",
          "tags": [
            "mailing-list"
          ],
          "url": "http://seclists.org/fulldisclosure/2022/Jul/11"
        },
        {
          "url": "http://packetstormsecurity.com/files/167794/Open-Xchange-App-Suite-7.10.x-Cross-Site-Scripting-Command-Injection.html"
        },
        {
          "url": "http://packetstormsecurity.com/files/167917/MobileIron-Log4Shell-Remote-Command-Execution.html"
        },
        {
          "name": "20221208 Intel Data Center Manager \u003c= 5.1 Local Privileges Escalation",
          "tags": [
            "mailing-list"
          ],
          "url": "http://seclists.org/fulldisclosure/2022/Dec/2"
        },
        {
          "url": "http://packetstormsecurity.com/files/171626/AD-Manager-Plus-7122-Remote-Code-Execution.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2021-44228",
    "datePublished": "2021-12-10T00:00:00.000Z",
    "dateReserved": "2021-11-26T00:00:00.000Z",
    "dateUpdated": "2025-07-30T01:37:52.215Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-1694 (GCVE-0-2019-1694)

Vulnerability from cvelistv5

Published

2019-05-03 15:10

Modified

2024-11-19 19:09

Severity ?

8.6 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-20

Summary

A vulnerability in the TCP processing engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to the improper handling of TCP traffic. An attacker could exploit this vulnerability by sending a specific sequence of packets at a high rate through an affected device. A successful exploit could allow the attacker to temporarily disrupt traffic through the device while it reboots.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-frpwrtd-dos	vendor-advisory, x_refsource_CISCO
	http://www.securityfocus.com/bid/108160	vdb-entry, x_refsource_BID

Impacted products

Vendor

Product

Version

▼

Cisco

Cisco Adaptive Security Appliance (ASA) Software

Version: unspecified   < 9.4.4.34
Version: unspecified   < 9.6.4.25
Version: unspecified   < 9.8.4
Version: unspecified   < 9.9.2.50
Version: unspecified   < 9.10.1.17

Cisco

Cisco Firepower Threat Defense (FTD) Software

Version: unspecified < 6.2.3.12
Version: unspecified < 6.3.0.3

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T18:28:41.063Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20190501 Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Software TCP Timer Handling Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-frpwrtd-dos"
          },
          {
            "name": "108160",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/108160"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2019-1694",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-19T17:24:29.279784Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-19T19:09:27.468Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "9.4.4.34",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "9.6.4.25",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "9.8.4",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "9.9.2.50",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "9.10.1.17",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Cisco Firepower Threat Defense (FTD) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "6.2.3.12",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "6.3.0.3",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2019-05-01T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the TCP processing engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to the improper handling of TCP traffic. An attacker could exploit this vulnerability by sending a specific sequence of packets at a high rate through an affected device. A successful exploit could allow the attacker to temporarily disrupt traffic through the device while it reboots."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-05-06T10:06:03",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20190501 Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Software TCP Timer Handling Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-frpwrtd-dos"
        },
        {
          "name": "108160",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/108160"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20190501-asa-frpwrtd-dos",
        "defect": [
          [
            "CSCvn78174"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Software TCP Timer Handling Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2019-05-01T16:00:00-0700",
          "ID": "CVE-2019-1694",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Software TCP Timer Handling Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "9.4.4.34"
                          },
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "9.6.4.25"
                          },
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "9.8.4"
                          },
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "9.9.2.50"
                          },
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "9.10.1.17"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Cisco Firepower Threat Defense (FTD) Software",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "6.2.3.12"
                          },
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "6.3.0.3"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the TCP processing engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to the improper handling of TCP traffic. An attacker could exploit this vulnerability by sending a specific sequence of packets at a high rate through an affected device. A successful exploit could allow the attacker to temporarily disrupt traffic through the device while it reboots."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.6",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20190501 Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Software TCP Timer Handling Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-frpwrtd-dos"
            },
            {
              "name": "108160",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/108160"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20190501-asa-frpwrtd-dos",
          "defect": [
            [
              "CSCvn78174"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2019-1694",
    "datePublished": "2019-05-03T15:10:31.667140Z",
    "dateReserved": "2018-12-06T00:00:00",
    "dateUpdated": "2024-11-19T19:09:27.468Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-20767 (GCVE-0-2022-20767)

Vulnerability from cvelistv5

Published

2022-05-03 03:15

Modified

2024-11-06 16:20

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-399

Summary

A vulnerability in the Snort rule evaluation function of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper handling of the DNS reputation enforcement rule. An attacker could exploit this vulnerability by sending crafted UDP packets through an affected device to force a buildup of UDP connections. A successful exploit could allow the attacker to cause traffic that is going through the affected device to be dropped, resulting in a DoS condition. Note: This vulnerability only affects Cisco FTD devices that are running Snort 3.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-FTD-snort3-DOS-Aq38LVdM	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Threat Defense Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T02:24:49.559Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20220427 Cisco Firepower Threat Defense Software DNS Enforcement Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-FTD-snort3-DOS-Aq38LVdM"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-20767",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-06T16:01:33.662003Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-06T16:20:05.356Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2022-04-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Snort rule evaluation function of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper handling of the DNS reputation enforcement rule. An attacker could exploit this vulnerability by sending crafted UDP packets through an affected device to force a buildup of UDP connections. A successful exploit could allow the attacker to cause traffic that is going through the affected device to be dropped, resulting in a DoS condition. Note: This vulnerability only affects Cisco FTD devices that are running Snort 3."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-399",
              "description": "CWE-399",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-05-03T03:15:50",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20220427 Cisco Firepower Threat Defense Software DNS Enforcement Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-FTD-snort3-DOS-Aq38LVdM"
        }
      ],
      "source": {
        "advisory": "cisco-sa-FTD-snort3-DOS-Aq38LVdM",
        "defect": [
          [
            "CSCwa21016"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Firepower Threat Defense Software DNS Enforcement Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2022-04-27T16:00:00",
          "ID": "CVE-2022-20767",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Firepower Threat Defense Software DNS Enforcement Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Firepower Threat Defense Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the Snort rule evaluation function of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper handling of the DNS reputation enforcement rule. An attacker could exploit this vulnerability by sending crafted UDP packets through an affected device to force a buildup of UDP connections. A successful exploit could allow the attacker to cause traffic that is going through the affected device to be dropped, resulting in a DoS condition. Note: This vulnerability only affects Cisco FTD devices that are running Snort 3."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.6",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-399"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20220427 Cisco Firepower Threat Defense Software DNS Enforcement Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-FTD-snort3-DOS-Aq38LVdM"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-FTD-snort3-DOS-Aq38LVdM",
          "defect": [
            [
              "CSCwa21016"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2022-20767",
    "datePublished": "2022-05-03T03:15:50.804671Z",
    "dateReserved": "2021-11-02T00:00:00",
    "dateUpdated": "2024-11-06T16:20:05.356Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-34793 (GCVE-0-2021-34793)

Vulnerability from cvelistv5

Published

2021-10-27 18:56

Modified

2024-11-07 21:45

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-924

Summary

A vulnerability in the TCP Normalizer of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software operating in transparent mode could allow an unauthenticated, remote attacker to poison MAC address tables, resulting in a denial of service (DoS) vulnerability. This vulnerability is due to incorrect handling of certain TCP segments when the affected device is operating in transparent mode. An attacker could exploit this vulnerability by sending a crafted TCP segment through an affected device. A successful exploit could allow the attacker to poison the MAC address tables in adjacent devices, resulting in network disruption.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-dos-JxYWMJyL	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Adaptive Security Appliance (ASA) Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T00:19:48.210Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20211027 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Transparent Mode Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-dos-JxYWMJyL"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-34793",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-07T21:44:27.592582Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-07T21:45:43.962Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2021-10-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the TCP Normalizer of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software operating in transparent mode could allow an unauthenticated, remote attacker to poison MAC address tables, resulting in a denial of service (DoS) vulnerability. This vulnerability is due to incorrect handling of certain TCP segments when the affected device is operating in transparent mode. An attacker could exploit this vulnerability by sending a crafted TCP segment through an affected device. A successful exploit could allow the attacker to poison the MAC address tables in adjacent devices, resulting in network disruption."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-924",
              "description": "CWE-924",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-27T18:56:26",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20211027 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Transparent Mode Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-dos-JxYWMJyL"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asa-ftd-dos-JxYWMJyL",
        "defect": [
          [
            "CSCvx46296"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Transparent Mode Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2021-10-27T16:00:00",
          "ID": "CVE-2021-34793",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Transparent Mode Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the TCP Normalizer of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software operating in transparent mode could allow an unauthenticated, remote attacker to poison MAC address tables, resulting in a denial of service (DoS) vulnerability. This vulnerability is due to incorrect handling of certain TCP segments when the affected device is operating in transparent mode. An attacker could exploit this vulnerability by sending a crafted TCP segment through an affected device. A successful exploit could allow the attacker to poison the MAC address tables in adjacent devices, resulting in network disruption."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.6",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-924"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20211027 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Transparent Mode Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-dos-JxYWMJyL"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-asa-ftd-dos-JxYWMJyL",
          "defect": [
            [
              "CSCvx46296"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2021-34793",
    "datePublished": "2021-10-27T18:56:26.248036Z",
    "dateReserved": "2021-06-15T00:00:00",
    "dateUpdated": "2024-11-07T21:45:43.962Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2018-0297 (GCVE-0-2018-0297)

Vulnerability from cvelistv5

Published

2018-05-17 03:00

Modified

2024-11-29 15:08

Severity ?

CWE

CWE-693

Summary

A vulnerability in the detection engine of Cisco Firepower Threat Defense software could allow an unauthenticated, remote attacker to bypass a configured Secure Sockets Layer (SSL) Access Control (AC) policy to block SSL traffic. The vulnerability is due to the incorrect handling of TCP SSL packets received out of order. An attacker could exploit this vulnerability by sending a crafted SSL connection through the affected device. A successful exploit could allow the attacker to bypass a configured SSL AC policy to block SSL traffic. Cisco Bug IDs: CSCvg09316.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180516-firepwr-pb	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/104197	vdb-entry, x_refsource_BID

Impacted products

	Vendor	Product	Version
	n/a	Cisco Firepower Threat Defense Software	Version: Cisco Firepower Threat Defense Software

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T03:21:15.256Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180516-firepwr-pb"
          },
          {
            "name": "104197",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/104197"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2018-0297",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-29T14:43:56.407325Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-29T15:08:58.703Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Cisco Firepower Threat Defense Software"
            }
          ]
        }
      ],
      "datePublic": "2018-05-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the detection engine of Cisco Firepower Threat Defense software could allow an unauthenticated, remote attacker to bypass a configured Secure Sockets Layer (SSL) Access Control (AC) policy to block SSL traffic. The vulnerability is due to the incorrect handling of TCP SSL packets received out of order. An attacker could exploit this vulnerability by sending a crafted SSL connection through the affected device. A successful exploit could allow the attacker to bypass a configured SSL AC policy to block SSL traffic. Cisco Bug IDs: CSCvg09316."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-693",
              "description": "CWE-693",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-05-19T09:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180516-firepwr-pb"
        },
        {
          "name": "104197",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/104197"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2018-0297",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Firepower Threat Defense Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Cisco Firepower Threat Defense Software"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the detection engine of Cisco Firepower Threat Defense software could allow an unauthenticated, remote attacker to bypass a configured Secure Sockets Layer (SSL) Access Control (AC) policy to block SSL traffic. The vulnerability is due to the incorrect handling of TCP SSL packets received out of order. An attacker could exploit this vulnerability by sending a crafted SSL connection through the affected device. A successful exploit could allow the attacker to bypass a configured SSL AC policy to block SSL traffic. Cisco Bug IDs: CSCvg09316."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-693"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180516-firepwr-pb",
              "refsource": "CONFIRM",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180516-firepwr-pb"
            },
            {
              "name": "104197",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/104197"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2018-0297",
    "datePublished": "2018-05-17T03:00:00",
    "dateReserved": "2017-11-27T00:00:00",
    "dateUpdated": "2024-11-29T15:08:58.703Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2018-15454 (GCVE-0-2018-15454)

Vulnerability from cvelistv5

Published

2018-11-01 13:00

Modified

2024-11-26 14:23

Severity ?

8.6 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-20

Summary

A vulnerability in the Session Initiation Protocol (SIP) inspection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload or trigger high CPU, resulting in a denial of service (DoS) condition. The vulnerability is due to improper handling of SIP traffic. An attacker could exploit this vulnerability by sending SIP requests designed to specifically trigger this issue at a high rate across an affected device. Software updates that address this vulnerability are not yet available.

References

▼	URL	Tags
	http://www.securityfocus.com/bid/105768	vdb-entry, x_refsource_BID
	http://www.securitytracker.com/id/1042129	vdb-entry, x_refsource_SECTRACK
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181031-asaftd-sip-dos	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Adaptive Security Appliance (ASA) Software	Version: 9.4

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T09:54:03.520Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "105768",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/105768"
          },
          {
            "name": "1042129",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1042129"
          },
          {
            "name": "20181031 Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Software Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181031-asaftd-sip-dos"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2018-15454",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-25T18:52:47.875519Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-26T14:23:11.489Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "9.4"
            }
          ]
        }
      ],
      "datePublic": "2018-10-31T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Session Initiation Protocol (SIP) inspection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload or trigger high CPU, resulting in a denial of service (DoS) condition. The vulnerability is due to improper handling of SIP traffic. An attacker could exploit this vulnerability by sending SIP requests designed to specifically trigger this issue at a high rate across an affected device. Software updates that address this vulnerability are not yet available."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) has become aware of active exploitation of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-11-16T10:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "105768",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/105768"
        },
        {
          "name": "1042129",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1042129"
        },
        {
          "name": "20181031 Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Software Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181031-asaftd-sip-dos"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20181031-asaftd-sip-dos",
        "defect": [
          [
            "CSCvm43975"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Software Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2018-10-31T19:30:00-0500",
          "ID": "CVE-2018-15454",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Software Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "9.4"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the Session Initiation Protocol (SIP) inspection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload or trigger high CPU, resulting in a denial of service (DoS) condition. The vulnerability is due to improper handling of SIP traffic. An attacker could exploit this vulnerability by sending SIP requests designed to specifically trigger this issue at a high rate across an affected device. Software updates that address this vulnerability are not yet available."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) has become aware of active exploitation of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.6",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "105768",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/105768"
            },
            {
              "name": "1042129",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1042129"
            },
            {
              "name": "20181031 Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Software Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181031-asaftd-sip-dos"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20181031-asaftd-sip-dos",
          "defect": [
            [
              "CSCvm43975"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2018-15454",
    "datePublished": "2018-11-01T13:00:00Z",
    "dateReserved": "2018-08-17T00:00:00",
    "dateUpdated": "2024-11-26T14:23:11.489Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-1224 (GCVE-0-2021-1224)

Vulnerability from cvelistv5

Published

2021-01-13 21:16

Modified

2024-11-12 20:48

Severity ?

5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

CWE

CWE-693

Summary

Multiple Cisco products are affected by a vulnerability with TCP Fast Open (TFO) when used in conjunction with the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect detection of the HTTP payload if it is contained at least partially within the TFO connection handshake. An attacker could exploit this vulnerability by sending crafted TFO packets with an HTTP payload through an affected device. A successful exploit could allow the attacker to bypass configured file policy for HTTP packets and deliver a malicious payload.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-tfo-bypass-MmzZrtes	vendor-advisory
	https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html	mailing-list
	https://www.debian.org/security/2023/dsa-5354	vendor-advisory

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Threat Defense Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T16:02:56.126Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20210113 Multiple Cisco Products Snort TCP Fast Open File Policy Bypass Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-tfo-bypass-MmzZrtes"
          },
          {
            "name": "[debian-lts-announce] 20230210 [SECURITY] [DLA 3317-1] snort security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html"
          },
          {
            "name": "DSA-5354",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2023/dsa-5354"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-1224",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-08T20:06:11.617988Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-12T20:48:38.628Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2021-01-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple Cisco products are affected by a vulnerability with TCP Fast Open (TFO) when used in conjunction with the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect detection of the HTTP payload if it is contained at least partially within the TFO connection handshake. An attacker could exploit this vulnerability by sending crafted TFO packets with an HTTP payload through an affected device. A successful exploit could allow the attacker to bypass configured file policy for HTTP packets and deliver a malicious payload."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-693",
              "description": "CWE-693",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-02-19T00:00:00",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20210113 Multiple Cisco Products Snort TCP Fast Open File Policy Bypass Vulnerability",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-tfo-bypass-MmzZrtes"
        },
        {
          "name": "[debian-lts-announce] 20230210 [SECURITY] [DLA 3317-1] snort security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html"
        },
        {
          "name": "DSA-5354",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.debian.org/security/2023/dsa-5354"
        }
      ],
      "source": {
        "advisory": "cisco-sa-snort-tfo-bypass-MmzZrtes",
        "defect": [
          [
            "CSCvt43136",
            "CSCvu88532"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Multiple Cisco Products Snort TCP Fast Open File Policy Bypass Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2021-1224",
    "datePublished": "2021-01-13T21:16:53.450812Z",
    "dateReserved": "2020-11-13T00:00:00",
    "dateUpdated": "2024-11-12T20:48:38.628Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-3186 (GCVE-0-2020-3186)

Vulnerability from cvelistv5

Published

2020-05-06 16:35

Modified

2024-11-15 17:28

Severity ?

5.3 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

CWE

CWE-284

Summary

A vulnerability in the management access list configuration of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured management interface access list on an affected system. The vulnerability is due to the configuration of different management access lists, with ports allowed in one access list and denied in another. An attacker could exploit this vulnerability by sending crafted remote management traffic to the local IP address of an affected system. A successful exploit could allow the attacker to bypass the configured management access list policies, and traffic to the management interface would not be properly denied.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-accesslist-bypass-5dZs5qZp	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Threat Defense Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T07:24:00.636Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20200506 Cisco Firepower Threat Defense Software Management Access List Bypass Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-accesslist-bypass-5dZs5qZp"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-3186",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-15T16:21:51.413823Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-15T17:28:12.837Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2020-05-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the management access list configuration of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured management interface access list on an affected system. The vulnerability is due to the configuration of different management access lists, with ports allowed in one access list and denied in another. An attacker could exploit this vulnerability by sending crafted remote management traffic to the local IP address of an affected system. A successful exploit could allow the attacker to bypass the configured management access list policies, and traffic to the management interface would not be properly denied."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-284",
              "description": "CWE-284",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-05-06T16:35:11",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20200506 Cisco Firepower Threat Defense Software Management Access List Bypass Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-accesslist-bypass-5dZs5qZp"
        }
      ],
      "source": {
        "advisory": "cisco-sa-ftd-accesslist-bypass-5dZs5qZp",
        "defect": [
          [
            "CSCvr13823"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Firepower Threat Defense Software Management Access List Bypass Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2020-05-06T16:00:00-0700",
          "ID": "CVE-2020-3186",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Firepower Threat Defense Software Management Access List Bypass Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Firepower Threat Defense Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the management access list configuration of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured management interface access list on an affected system. The vulnerability is due to the configuration of different management access lists, with ports allowed in one access list and denied in another. An attacker could exploit this vulnerability by sending crafted remote management traffic to the local IP address of an affected system. A successful exploit could allow the attacker to bypass the configured management access list policies, and traffic to the management interface would not be properly denied."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "5.3",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-284"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20200506 Cisco Firepower Threat Defense Software Management Access List Bypass Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-accesslist-bypass-5dZs5qZp"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-ftd-accesslist-bypass-5dZs5qZp",
          "defect": [
            [
              "CSCvr13823"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2020-3186",
    "datePublished": "2020-05-06T16:35:11.967549Z",
    "dateReserved": "2019-12-12T00:00:00",
    "dateUpdated": "2024-11-15T17:28:12.837Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-20330 (GCVE-0-2024-20330)

Vulnerability from cvelistv5

Published

2024-10-23 17:08

Modified

2024-10-24 16:23

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-788 - Access of Memory Location After End of Buffer

Summary

A vulnerability in the Snort 2 and Snort 3 TCP and UDP detection engine of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Appliances could allow an unauthenticated, remote attacker to cause memory corruption, which could cause the Snort detection engine to restart unexpectedly. This vulnerability is due to improper memory management when the Snort detection engine processes specific TCP or UDP packets. An attacker could exploit this vulnerability by sending crafted TCP or UDP packets through a device that is inspecting traffic using the Snort detection engine. A successful exploit could allow the attacker to restart the Snort detection engine repeatedly, which could cause a denial of service (DoS) condition. The DoS condition impacts only the traffic through the device that is examined by the Snort detection engine. The device can still be managed over the network. Note: Once a memory block is corrupted, it cannot be cleared until the Cisco Firepower 2100 Series Appliance is manually reloaded. This means that the Snort detection engine could crash repeatedly, causing traffic that is processed by the Snort detection engine to be dropped until the device is manually reloaded.

References

▼	URL	Tags
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd2100-snort-dos-M9HuMt75
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-M446vbEO
	https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Threat Defense Software	Version: 7.0.0 Version: 7.0.0.1 Version: 7.0.1 Version: 7.1.0 Version: 7.0.1.1 Version: 7.1.0.1 Version: 7.0.2 Version: 7.2.0 Version: 7.0.2.1 Version: 7.0.3 Version: 7.2.0.1 Version: 7.0.4 Version: 7.2.1 Version: 7.0.5 Version: 7.3.0 Version: 7.2.2 Version: 7.2.3 Version: 7.3.1 Version: 7.1.0.3 Version: 7.2.4 Version: 7.0.6 Version: 7.2.5 Version: 7.2.4.1 Version: 7.3.1.1 Version: 7.0.6.1 Version: 7.2.5.1 Version: 7.4.1 Version: 7.2.6 Version: 7.0.6.2 Version: 7.4.1.1 Version: 7.2.7 Version: 7.2.5.2 Version: 7.3.1.2 Version: 7.2.8 Version: 7.4.2 Version: 7.2.8.1 Version: 7.0.6.3

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:cisco:firepower_threat_defense_software:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "firepower_threat_defense_software",
            "vendor": "cisco",
            "versions": [
              {
                "lessThanOrEqual": "7.0.6.3",
                "status": "affected",
                "version": "7.0.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "7.1.0.3",
                "status": "affected",
                "version": "7.1.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "7.2.8.1",
                "status": "affected",
                "version": "7.2.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "7.3.1.2.",
                "status": "affected",
                "version": "7.3.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "7.4.2",
                "status": "affected",
                "version": "7.4.1",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-20330",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-23T18:42:48.320834Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-24T16:23:16.139Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "7.0.0"
            },
            {
              "status": "affected",
              "version": "7.0.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1"
            },
            {
              "status": "affected",
              "version": "7.1.0"
            },
            {
              "status": "affected",
              "version": "7.0.1.1"
            },
            {
              "status": "affected",
              "version": "7.1.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.2"
            },
            {
              "status": "affected",
              "version": "7.2.0"
            },
            {
              "status": "affected",
              "version": "7.0.2.1"
            },
            {
              "status": "affected",
              "version": "7.0.3"
            },
            {
              "status": "affected",
              "version": "7.2.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.4"
            },
            {
              "status": "affected",
              "version": "7.2.1"
            },
            {
              "status": "affected",
              "version": "7.0.5"
            },
            {
              "status": "affected",
              "version": "7.3.0"
            },
            {
              "status": "affected",
              "version": "7.2.2"
            },
            {
              "status": "affected",
              "version": "7.2.3"
            },
            {
              "status": "affected",
              "version": "7.3.1"
            },
            {
              "status": "affected",
              "version": "7.1.0.3"
            },
            {
              "status": "affected",
              "version": "7.2.4"
            },
            {
              "status": "affected",
              "version": "7.0.6"
            },
            {
              "status": "affected",
              "version": "7.2.5"
            },
            {
              "status": "affected",
              "version": "7.2.4.1"
            },
            {
              "status": "affected",
              "version": "7.3.1.1"
            },
            {
              "status": "affected",
              "version": "7.0.6.1"
            },
            {
              "status": "affected",
              "version": "7.2.5.1"
            },
            {
              "status": "affected",
              "version": "7.4.1"
            },
            {
              "status": "affected",
              "version": "7.2.6"
            },
            {
              "status": "affected",
              "version": "7.0.6.2"
            },
            {
              "status": "affected",
              "version": "7.4.1.1"
            },
            {
              "status": "affected",
              "version": "7.2.7"
            },
            {
              "status": "affected",
              "version": "7.2.5.2"
            },
            {
              "status": "affected",
              "version": "7.3.1.2"
            },
            {
              "status": "affected",
              "version": "7.2.8"
            },
            {
              "status": "affected",
              "version": "7.4.2"
            },
            {
              "status": "affected",
              "version": "7.2.8.1"
            },
            {
              "status": "affected",
              "version": "7.0.6.3"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Snort 2 and Snort 3 TCP and UDP detection engine of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Appliances could allow an unauthenticated, remote attacker to cause memory corruption, which could cause the Snort detection engine to restart unexpectedly.\r\n\r\nThis vulnerability is due to improper memory management when the Snort detection engine processes specific TCP or UDP packets. An attacker could exploit this vulnerability by sending crafted TCP or UDP packets through a device that is inspecting traffic using the Snort detection engine. A successful exploit could allow the attacker to restart the Snort detection engine repeatedly, which could cause a denial of service (DoS) condition. The DoS condition impacts only the traffic through the device that is examined by the Snort detection engine. The device can still be managed over the network.\r\nNote: Once a memory block is corrupted, it cannot be cleared until the Cisco Firepower 2100 Series Appliance is manually reloaded. This means that the Snort detection engine could crash repeatedly, causing traffic that is processed by the Snort detection engine to be dropped until the device is manually reloaded."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-788",
              "description": "Access of Memory Location After End of Buffer",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-23T17:08:44.510Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-ftd2100-snort-dos-M9HuMt75",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd2100-snort-dos-M9HuMt75"
        },
        {
          "name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-M446vbEO",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-M446vbEO"
        },
        {
          "name": "Cisco Event Response: October 2024 Semiannual Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication",
          "url": "https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300"
        }
      ],
      "source": {
        "advisory": "cisco-sa-ftd2100-snort-dos-M9HuMt75",
        "defects": [
          "CSCwk48488"
        ],
        "discovery": "EXTERNAL"
      },
      "title": "Cisco Firepower Threat Defense Software for Cisco Firepower 2100 Series TCP UDP Snort 2 and Snort 2 Denial of Service Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2024-20330",
    "datePublished": "2024-10-23T17:08:44.510Z",
    "dateReserved": "2023-11-08T15:08:07.641Z",
    "dateUpdated": "2024-10-24T16:23:16.139Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-20362 (GCVE-0-2025-20362)

Vulnerability from cvelistv5

Published

2025-09-25 16:12

Modified

2025-09-26 17:11

Severity ?

6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

CWE

CWE-862 - Missing Authorization

Summary

A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to access restricted URL endpoints that are related to remote access VPN that should otherwise be inaccessible without authentication. This vulnerability is due to improper validation of user-supplied input in HTTP(S) requests. An attacker could exploit this vulnerability by sending crafted HTTP requests to a targeted web server on a device. A successful exploit could allow the attacker to access a restricted URL without authentication.

References

▼	URL	Tags
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-webvpn-YROOTUW

Impacted products

Vendor

Product

Version

▼

Cisco

Cisco Adaptive Security Appliance (ASA) Software

Version: 9.8.1
Version: 9.8.1.5
Version: 9.8.1.7
Version: 9.8.2
Version: 9.8.2.8
Version: 9.8.2.14
Version: 9.8.2.15
Version: 9.8.2.17
Version: 9.8.2.20
Version: 9.8.2.24
Version: 9.8.2.26
Version: 9.8.2.28
Version: 9.8.2.33
Version: 9.8.2.35
Version: 9.8.2.38
Version: 9.8.3.8
Version: 9.8.3.11
Version: 9.8.3.14
Version: 9.8.3.16
Version: 9.8.3.18
Version: 9.8.3.21
Version: 9.8.3
Version: 9.8.3.26
Version: 9.8.3.29
Version: 9.8.4
Version: 9.8.4.3
Version: 9.8.4.7
Version: 9.8.4.8
Version: 9.8.4.10
Version: 9.8.4.12
Version: 9.8.4.15
Version: 9.8.4.17
Version: 9.8.2.45
Version: 9.8.4.25
Version: 9.8.4.20
Version: 9.8.4.22
Version: 9.8.4.26
Version: 9.8.4.29
Version: 9.8.4.32
Version: 9.8.4.33
Version: 9.8.4.34
Version: 9.8.4.35
Version: 9.8.4.39
Version: 9.8.4.40
Version: 9.8.4.41
Version: 9.8.4.43
Version: 9.8.4.44
Version: 9.8.4.45
Version: 9.8.4.46
Version: 9.8.4.48
Version: 9.12.1
Version: 9.12.1.2
Version: 9.12.1.3
Version: 9.12.2
Version: 9.12.2.4
Version: 9.12.2.5
Version: 9.12.2.9
Version: 9.12.3
Version: 9.12.3.2
Version: 9.12.3.7
Version: 9.12.4
Version: 9.12.3.12
Version: 9.12.3.9
Version: 9.12.2.1
Version: 9.12.4.2
Version: 9.12.4.4
Version: 9.12.4.7
Version: 9.12.4.10
Version: 9.12.4.13
Version: 9.12.4.8
Version: 9.12.4.18
Version: 9.12.4.24
Version: 9.12.4.26
Version: 9.12.4.29
Version: 9.12.4.30
Version: 9.12.4.35
Version: 9.12.4.37
Version: 9.12.4.38
Version: 9.12.4.39
Version: 9.12.4.40
Version: 9.12.4.41
Version: 9.12.4.47
Version: 9.12.4.48
Version: 9.12.4.50
Version: 9.12.4.52
Version: 9.12.4.54
Version: 9.12.4.55
Version: 9.12.4.56
Version: 9.12.4.58
Version: 9.12.4.62
Version: 9.12.4.65
Version: 9.12.4.67
Version: 9.14.1
Version: 9.14.1.10
Version: 9.14.1.6
Version: 9.14.1.15
Version: 9.14.1.19
Version: 9.14.1.30
Version: 9.14.2
Version: 9.14.2.4
Version: 9.14.2.8
Version: 9.14.2.13
Version: 9.14.2.15
Version: 9.14.3
Version: 9.14.3.1
Version: 9.14.3.9
Version: 9.14.3.11
Version: 9.14.3.13
Version: 9.14.3.18
Version: 9.14.3.15
Version: 9.14.4
Version: 9.14.4.6
Version: 9.14.4.7
Version: 9.14.4.12
Version: 9.14.4.13
Version: 9.14.4.14
Version: 9.14.4.15
Version: 9.14.4.17
Version: 9.14.4.22
Version: 9.14.4.23
Version: 9.14.4.24
Version: 9.16.1
Version: 9.16.1.28
Version: 9.16.2
Version: 9.16.2.3
Version: 9.16.2.7
Version: 9.16.2.11
Version: 9.16.2.13
Version: 9.16.2.14
Version: 9.16.3
Version: 9.16.3.3
Version: 9.16.3.14
Version: 9.16.3.15
Version: 9.16.3.19
Version: 9.16.3.23
Version: 9.16.4
Version: 9.16.4.9
Version: 9.16.4.14
Version: 9.16.4.18
Version: 9.16.4.19
Version: 9.16.4.27
Version: 9.16.4.38
Version: 9.16.4.39
Version: 9.16.4.42
Version: 9.16.4.48
Version: 9.16.4.55
Version: 9.16.4.57
Version: 9.16.4.61
Version: 9.16.4.62
Version: 9.16.4.67
Version: 9.16.4.70
Version: 9.16.4.71
Version: 9.16.4.76
Version: 9.16.4.82
Version: 9.16.4.84
Version: 9.17.1
Version: 9.17.1.7
Version: 9.17.1.9
Version: 9.17.1.10
Version: 9.17.1.11
Version: 9.17.1.13
Version: 9.17.1.15
Version: 9.17.1.20
Version: 9.17.1.30
Version: 9.17.1.33
Version: 9.17.1.39
Version: 9.17.1.45
Version: 9.17.1.46
Version: 9.18.1
Version: 9.18.1.3
Version: 9.18.2
Version: 9.18.2.5
Version: 9.18.2.7
Version: 9.18.2.8
Version: 9.18.3
Version: 9.18.3.39
Version: 9.18.3.46
Version: 9.18.3.53
Version: 9.18.3.55
Version: 9.18.3.56
Version: 9.18.4
Version: 9.18.4.5
Version: 9.18.4.8
Version: 9.18.4.22
Version: 9.18.4.24
Version: 9.18.4.29
Version: 9.18.4.34
Version: 9.18.4.40
Version: 9.18.4.47
Version: 9.18.4.50
Version: 9.18.4.52
Version: 9.18.4.53
Version: 9.18.4.57
Version: 9.18.4.66
Version: 9.19.1
Version: 9.19.1.5
Version: 9.19.1.9
Version: 9.19.1.12
Version: 9.19.1.18
Version: 9.19.1.22
Version: 9.19.1.24
Version: 9.19.1.27
Version: 9.19.1.28
Version: 9.19.1.31
Version: 9.19.1.37
Version: 9.19.1.38
Version: 9.19.1.42
Version: 9.20.1
Version: 9.20.1.5
Version: 9.20.2
Version: 9.20.2.10
Version: 9.20.2.21
Version: 9.20.2.22
Version: 9.20.3
Version: 9.20.3.4
Version: 9.20.3.7
Version: 9.20.3.9
Version: 9.20.3.10
Version: 9.20.3.13
Version: 9.20.3.16
Version: 9.20.3.20
Version: 9.20.4
Version: 9.20.4.7
Version: 9.22.1.1
Version: 9.22.1.3
Version: 9.22.1.2
Version: 9.22.1.6
Version: 9.22.2
Version: 9.22.2.4
Version: 9.22.2.9
Version: 9.22.2.13
Version: 9.23.1
Version: 9.23.1.3
Version: 9.23.1.7
Version: 9.23.1.13

Cisco

Cisco Firepower Threat Defense Software

Version: 6.2.3
Version: 6.2.3.1
Version: 6.2.3.2
Version: 6.2.3.3
Version: 6.2.3.4
Version: 6.2.3.5
Version: 6.2.3.6
Version: 6.2.3.7
Version: 6.2.3.8
Version: 6.2.3.10
Version: 6.2.3.11
Version: 6.2.3.9
Version: 6.2.3.12
Version: 6.2.3.13
Version: 6.2.3.14
Version: 6.2.3.15
Version: 6.2.3.16
Version: 6.2.3.17
Version: 6.2.3.18
Version: 6.6.0
Version: 6.6.0.1
Version: 6.6.1
Version: 6.6.3
Version: 6.6.4
Version: 6.6.5
Version: 6.6.5.1
Version: 6.6.5.2
Version: 6.6.7
Version: 6.6.7.1
Version: 6.6.7.2
Version: 6.4.0
Version: 6.4.0.1
Version: 6.4.0.3
Version: 6.4.0.2
Version: 6.4.0.4
Version: 6.4.0.5
Version: 6.4.0.6
Version: 6.4.0.7
Version: 6.4.0.8
Version: 6.4.0.9
Version: 6.4.0.10
Version: 6.4.0.11
Version: 6.4.0.12
Version: 6.4.0.13
Version: 6.4.0.14
Version: 6.4.0.15
Version: 6.4.0.16
Version: 6.4.0.17
Version: 6.4.0.18
Version: 7.0.0
Version: 7.0.0.1
Version: 7.0.1
Version: 7.0.1.1
Version: 7.0.2
Version: 7.0.2.1
Version: 7.0.3
Version: 7.0.4
Version: 7.0.5
Version: 7.0.6
Version: 7.0.6.1
Version: 7.0.6.2
Version: 7.0.6.3
Version: 7.0.7
Version: 7.0.8
Version: 7.1.0
Version: 7.1.0.1
Version: 7.1.0.2
Version: 7.1.0.3
Version: 7.2.0
Version: 7.2.0.1
Version: 7.2.1
Version: 7.2.2
Version: 7.2.3
Version: 7.2.4
Version: 7.2.4.1
Version: 7.2.5
Version: 7.2.5.1
Version: 7.2.6
Version: 7.2.7
Version: 7.2.5.2
Version: 7.2.8
Version: 7.2.8.1
Version: 7.2.9
Version: 7.2.10
Version: 7.3.0
Version: 7.3.1
Version: 7.3.1.1
Version: 7.3.1.2
Version: 7.4.0
Version: 7.4.1
Version: 7.4.1.1
Version: 7.4.2
Version: 7.4.2.1
Version: 7.4.2.2
Version: 7.4.2.3
Version: 7.6.0
Version: 7.6.1
Version: 7.6.2
Version: 7.7.0
Version: 7.7.10

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-20362",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-09-25T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2025-09-25",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-20362"
              },
              "type": "kev"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-09-26T03:55:15.833Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "vendor-advisory"
            ],
            "url": "https://sec.cloudapps.cisco.com/security/center/resources/asa_ftd_continued_attacks"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2025-09-25T00:00:00+00:00",
            "value": "CVE-2025-20362 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "9.8.1"
            },
            {
              "status": "affected",
              "version": "9.8.1.5"
            },
            {
              "status": "affected",
              "version": "9.8.1.7"
            },
            {
              "status": "affected",
              "version": "9.8.2"
            },
            {
              "status": "affected",
              "version": "9.8.2.8"
            },
            {
              "status": "affected",
              "version": "9.8.2.14"
            },
            {
              "status": "affected",
              "version": "9.8.2.15"
            },
            {
              "status": "affected",
              "version": "9.8.2.17"
            },
            {
              "status": "affected",
              "version": "9.8.2.20"
            },
            {
              "status": "affected",
              "version": "9.8.2.24"
            },
            {
              "status": "affected",
              "version": "9.8.2.26"
            },
            {
              "status": "affected",
              "version": "9.8.2.28"
            },
            {
              "status": "affected",
              "version": "9.8.2.33"
            },
            {
              "status": "affected",
              "version": "9.8.2.35"
            },
            {
              "status": "affected",
              "version": "9.8.2.38"
            },
            {
              "status": "affected",
              "version": "9.8.3.8"
            },
            {
              "status": "affected",
              "version": "9.8.3.11"
            },
            {
              "status": "affected",
              "version": "9.8.3.14"
            },
            {
              "status": "affected",
              "version": "9.8.3.16"
            },
            {
              "status": "affected",
              "version": "9.8.3.18"
            },
            {
              "status": "affected",
              "version": "9.8.3.21"
            },
            {
              "status": "affected",
              "version": "9.8.3"
            },
            {
              "status": "affected",
              "version": "9.8.3.26"
            },
            {
              "status": "affected",
              "version": "9.8.3.29"
            },
            {
              "status": "affected",
              "version": "9.8.4"
            },
            {
              "status": "affected",
              "version": "9.8.4.3"
            },
            {
              "status": "affected",
              "version": "9.8.4.7"
            },
            {
              "status": "affected",
              "version": "9.8.4.8"
            },
            {
              "status": "affected",
              "version": "9.8.4.10"
            },
            {
              "status": "affected",
              "version": "9.8.4.12"
            },
            {
              "status": "affected",
              "version": "9.8.4.15"
            },
            {
              "status": "affected",
              "version": "9.8.4.17"
            },
            {
              "status": "affected",
              "version": "9.8.2.45"
            },
            {
              "status": "affected",
              "version": "9.8.4.25"
            },
            {
              "status": "affected",
              "version": "9.8.4.20"
            },
            {
              "status": "affected",
              "version": "9.8.4.22"
            },
            {
              "status": "affected",
              "version": "9.8.4.26"
            },
            {
              "status": "affected",
              "version": "9.8.4.29"
            },
            {
              "status": "affected",
              "version": "9.8.4.32"
            },
            {
              "status": "affected",
              "version": "9.8.4.33"
            },
            {
              "status": "affected",
              "version": "9.8.4.34"
            },
            {
              "status": "affected",
              "version": "9.8.4.35"
            },
            {
              "status": "affected",
              "version": "9.8.4.39"
            },
            {
              "status": "affected",
              "version": "9.8.4.40"
            },
            {
              "status": "affected",
              "version": "9.8.4.41"
            },
            {
              "status": "affected",
              "version": "9.8.4.43"
            },
            {
              "status": "affected",
              "version": "9.8.4.44"
            },
            {
              "status": "affected",
              "version": "9.8.4.45"
            },
            {
              "status": "affected",
              "version": "9.8.4.46"
            },
            {
              "status": "affected",
              "version": "9.8.4.48"
            },
            {
              "status": "affected",
              "version": "9.12.1"
            },
            {
              "status": "affected",
              "version": "9.12.1.2"
            },
            {
              "status": "affected",
              "version": "9.12.1.3"
            },
            {
              "status": "affected",
              "version": "9.12.2"
            },
            {
              "status": "affected",
              "version": "9.12.2.4"
            },
            {
              "status": "affected",
              "version": "9.12.2.5"
            },
            {
              "status": "affected",
              "version": "9.12.2.9"
            },
            {
              "status": "affected",
              "version": "9.12.3"
            },
            {
              "status": "affected",
              "version": "9.12.3.2"
            },
            {
              "status": "affected",
              "version": "9.12.3.7"
            },
            {
              "status": "affected",
              "version": "9.12.4"
            },
            {
              "status": "affected",
              "version": "9.12.3.12"
            },
            {
              "status": "affected",
              "version": "9.12.3.9"
            },
            {
              "status": "affected",
              "version": "9.12.2.1"
            },
            {
              "status": "affected",
              "version": "9.12.4.2"
            },
            {
              "status": "affected",
              "version": "9.12.4.4"
            },
            {
              "status": "affected",
              "version": "9.12.4.7"
            },
            {
              "status": "affected",
              "version": "9.12.4.10"
            },
            {
              "status": "affected",
              "version": "9.12.4.13"
            },
            {
              "status": "affected",
              "version": "9.12.4.8"
            },
            {
              "status": "affected",
              "version": "9.12.4.18"
            },
            {
              "status": "affected",
              "version": "9.12.4.24"
            },
            {
              "status": "affected",
              "version": "9.12.4.26"
            },
            {
              "status": "affected",
              "version": "9.12.4.29"
            },
            {
              "status": "affected",
              "version": "9.12.4.30"
            },
            {
              "status": "affected",
              "version": "9.12.4.35"
            },
            {
              "status": "affected",
              "version": "9.12.4.37"
            },
            {
              "status": "affected",
              "version": "9.12.4.38"
            },
            {
              "status": "affected",
              "version": "9.12.4.39"
            },
            {
              "status": "affected",
              "version": "9.12.4.40"
            },
            {
              "status": "affected",
              "version": "9.12.4.41"
            },
            {
              "status": "affected",
              "version": "9.12.4.47"
            },
            {
              "status": "affected",
              "version": "9.12.4.48"
            },
            {
              "status": "affected",
              "version": "9.12.4.50"
            },
            {
              "status": "affected",
              "version": "9.12.4.52"
            },
            {
              "status": "affected",
              "version": "9.12.4.54"
            },
            {
              "status": "affected",
              "version": "9.12.4.55"
            },
            {
              "status": "affected",
              "version": "9.12.4.56"
            },
            {
              "status": "affected",
              "version": "9.12.4.58"
            },
            {
              "status": "affected",
              "version": "9.12.4.62"
            },
            {
              "status": "affected",
              "version": "9.12.4.65"
            },
            {
              "status": "affected",
              "version": "9.12.4.67"
            },
            {
              "status": "affected",
              "version": "9.14.1"
            },
            {
              "status": "affected",
              "version": "9.14.1.10"
            },
            {
              "status": "affected",
              "version": "9.14.1.6"
            },
            {
              "status": "affected",
              "version": "9.14.1.15"
            },
            {
              "status": "affected",
              "version": "9.14.1.19"
            },
            {
              "status": "affected",
              "version": "9.14.1.30"
            },
            {
              "status": "affected",
              "version": "9.14.2"
            },
            {
              "status": "affected",
              "version": "9.14.2.4"
            },
            {
              "status": "affected",
              "version": "9.14.2.8"
            },
            {
              "status": "affected",
              "version": "9.14.2.13"
            },
            {
              "status": "affected",
              "version": "9.14.2.15"
            },
            {
              "status": "affected",
              "version": "9.14.3"
            },
            {
              "status": "affected",
              "version": "9.14.3.1"
            },
            {
              "status": "affected",
              "version": "9.14.3.9"
            },
            {
              "status": "affected",
              "version": "9.14.3.11"
            },
            {
              "status": "affected",
              "version": "9.14.3.13"
            },
            {
              "status": "affected",
              "version": "9.14.3.18"
            },
            {
              "status": "affected",
              "version": "9.14.3.15"
            },
            {
              "status": "affected",
              "version": "9.14.4"
            },
            {
              "status": "affected",
              "version": "9.14.4.6"
            },
            {
              "status": "affected",
              "version": "9.14.4.7"
            },
            {
              "status": "affected",
              "version": "9.14.4.12"
            },
            {
              "status": "affected",
              "version": "9.14.4.13"
            },
            {
              "status": "affected",
              "version": "9.14.4.14"
            },
            {
              "status": "affected",
              "version": "9.14.4.15"
            },
            {
              "status": "affected",
              "version": "9.14.4.17"
            },
            {
              "status": "affected",
              "version": "9.14.4.22"
            },
            {
              "status": "affected",
              "version": "9.14.4.23"
            },
            {
              "status": "affected",
              "version": "9.14.4.24"
            },
            {
              "status": "affected",
              "version": "9.16.1"
            },
            {
              "status": "affected",
              "version": "9.16.1.28"
            },
            {
              "status": "affected",
              "version": "9.16.2"
            },
            {
              "status": "affected",
              "version": "9.16.2.3"
            },
            {
              "status": "affected",
              "version": "9.16.2.7"
            },
            {
              "status": "affected",
              "version": "9.16.2.11"
            },
            {
              "status": "affected",
              "version": "9.16.2.13"
            },
            {
              "status": "affected",
              "version": "9.16.2.14"
            },
            {
              "status": "affected",
              "version": "9.16.3"
            },
            {
              "status": "affected",
              "version": "9.16.3.3"
            },
            {
              "status": "affected",
              "version": "9.16.3.14"
            },
            {
              "status": "affected",
              "version": "9.16.3.15"
            },
            {
              "status": "affected",
              "version": "9.16.3.19"
            },
            {
              "status": "affected",
              "version": "9.16.3.23"
            },
            {
              "status": "affected",
              "version": "9.16.4"
            },
            {
              "status": "affected",
              "version": "9.16.4.9"
            },
            {
              "status": "affected",
              "version": "9.16.4.14"
            },
            {
              "status": "affected",
              "version": "9.16.4.18"
            },
            {
              "status": "affected",
              "version": "9.16.4.19"
            },
            {
              "status": "affected",
              "version": "9.16.4.27"
            },
            {
              "status": "affected",
              "version": "9.16.4.38"
            },
            {
              "status": "affected",
              "version": "9.16.4.39"
            },
            {
              "status": "affected",
              "version": "9.16.4.42"
            },
            {
              "status": "affected",
              "version": "9.16.4.48"
            },
            {
              "status": "affected",
              "version": "9.16.4.55"
            },
            {
              "status": "affected",
              "version": "9.16.4.57"
            },
            {
              "status": "affected",
              "version": "9.16.4.61"
            },
            {
              "status": "affected",
              "version": "9.16.4.62"
            },
            {
              "status": "affected",
              "version": "9.16.4.67"
            },
            {
              "status": "affected",
              "version": "9.16.4.70"
            },
            {
              "status": "affected",
              "version": "9.16.4.71"
            },
            {
              "status": "affected",
              "version": "9.16.4.76"
            },
            {
              "status": "affected",
              "version": "9.16.4.82"
            },
            {
              "status": "affected",
              "version": "9.16.4.84"
            },
            {
              "status": "affected",
              "version": "9.17.1"
            },
            {
              "status": "affected",
              "version": "9.17.1.7"
            },
            {
              "status": "affected",
              "version": "9.17.1.9"
            },
            {
              "status": "affected",
              "version": "9.17.1.10"
            },
            {
              "status": "affected",
              "version": "9.17.1.11"
            },
            {
              "status": "affected",
              "version": "9.17.1.13"
            },
            {
              "status": "affected",
              "version": "9.17.1.15"
            },
            {
              "status": "affected",
              "version": "9.17.1.20"
            },
            {
              "status": "affected",
              "version": "9.17.1.30"
            },
            {
              "status": "affected",
              "version": "9.17.1.33"
            },
            {
              "status": "affected",
              "version": "9.17.1.39"
            },
            {
              "status": "affected",
              "version": "9.17.1.45"
            },
            {
              "status": "affected",
              "version": "9.17.1.46"
            },
            {
              "status": "affected",
              "version": "9.18.1"
            },
            {
              "status": "affected",
              "version": "9.18.1.3"
            },
            {
              "status": "affected",
              "version": "9.18.2"
            },
            {
              "status": "affected",
              "version": "9.18.2.5"
            },
            {
              "status": "affected",
              "version": "9.18.2.7"
            },
            {
              "status": "affected",
              "version": "9.18.2.8"
            },
            {
              "status": "affected",
              "version": "9.18.3"
            },
            {
              "status": "affected",
              "version": "9.18.3.39"
            },
            {
              "status": "affected",
              "version": "9.18.3.46"
            },
            {
              "status": "affected",
              "version": "9.18.3.53"
            },
            {
              "status": "affected",
              "version": "9.18.3.55"
            },
            {
              "status": "affected",
              "version": "9.18.3.56"
            },
            {
              "status": "affected",
              "version": "9.18.4"
            },
            {
              "status": "affected",
              "version": "9.18.4.5"
            },
            {
              "status": "affected",
              "version": "9.18.4.8"
            },
            {
              "status": "affected",
              "version": "9.18.4.22"
            },
            {
              "status": "affected",
              "version": "9.18.4.24"
            },
            {
              "status": "affected",
              "version": "9.18.4.29"
            },
            {
              "status": "affected",
              "version": "9.18.4.34"
            },
            {
              "status": "affected",
              "version": "9.18.4.40"
            },
            {
              "status": "affected",
              "version": "9.18.4.47"
            },
            {
              "status": "affected",
              "version": "9.18.4.50"
            },
            {
              "status": "affected",
              "version": "9.18.4.52"
            },
            {
              "status": "affected",
              "version": "9.18.4.53"
            },
            {
              "status": "affected",
              "version": "9.18.4.57"
            },
            {
              "status": "affected",
              "version": "9.18.4.66"
            },
            {
              "status": "affected",
              "version": "9.19.1"
            },
            {
              "status": "affected",
              "version": "9.19.1.5"
            },
            {
              "status": "affected",
              "version": "9.19.1.9"
            },
            {
              "status": "affected",
              "version": "9.19.1.12"
            },
            {
              "status": "affected",
              "version": "9.19.1.18"
            },
            {
              "status": "affected",
              "version": "9.19.1.22"
            },
            {
              "status": "affected",
              "version": "9.19.1.24"
            },
            {
              "status": "affected",
              "version": "9.19.1.27"
            },
            {
              "status": "affected",
              "version": "9.19.1.28"
            },
            {
              "status": "affected",
              "version": "9.19.1.31"
            },
            {
              "status": "affected",
              "version": "9.19.1.37"
            },
            {
              "status": "affected",
              "version": "9.19.1.38"
            },
            {
              "status": "affected",
              "version": "9.19.1.42"
            },
            {
              "status": "affected",
              "version": "9.20.1"
            },
            {
              "status": "affected",
              "version": "9.20.1.5"
            },
            {
              "status": "affected",
              "version": "9.20.2"
            },
            {
              "status": "affected",
              "version": "9.20.2.10"
            },
            {
              "status": "affected",
              "version": "9.20.2.21"
            },
            {
              "status": "affected",
              "version": "9.20.2.22"
            },
            {
              "status": "affected",
              "version": "9.20.3"
            },
            {
              "status": "affected",
              "version": "9.20.3.4"
            },
            {
              "status": "affected",
              "version": "9.20.3.7"
            },
            {
              "status": "affected",
              "version": "9.20.3.9"
            },
            {
              "status": "affected",
              "version": "9.20.3.10"
            },
            {
              "status": "affected",
              "version": "9.20.3.13"
            },
            {
              "status": "affected",
              "version": "9.20.3.16"
            },
            {
              "status": "affected",
              "version": "9.20.3.20"
            },
            {
              "status": "affected",
              "version": "9.20.4"
            },
            {
              "status": "affected",
              "version": "9.20.4.7"
            },
            {
              "status": "affected",
              "version": "9.22.1.1"
            },
            {
              "status": "affected",
              "version": "9.22.1.3"
            },
            {
              "status": "affected",
              "version": "9.22.1.2"
            },
            {
              "status": "affected",
              "version": "9.22.1.6"
            },
            {
              "status": "affected",
              "version": "9.22.2"
            },
            {
              "status": "affected",
              "version": "9.22.2.4"
            },
            {
              "status": "affected",
              "version": "9.22.2.9"
            },
            {
              "status": "affected",
              "version": "9.22.2.13"
            },
            {
              "status": "affected",
              "version": "9.23.1"
            },
            {
              "status": "affected",
              "version": "9.23.1.3"
            },
            {
              "status": "affected",
              "version": "9.23.1.7"
            },
            {
              "status": "affected",
              "version": "9.23.1.13"
            }
          ]
        },
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "6.2.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.1"
            },
            {
              "status": "affected",
              "version": "6.2.3.2"
            },
            {
              "status": "affected",
              "version": "6.2.3.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.4"
            },
            {
              "status": "affected",
              "version": "6.2.3.5"
            },
            {
              "status": "affected",
              "version": "6.2.3.6"
            },
            {
              "status": "affected",
              "version": "6.2.3.7"
            },
            {
              "status": "affected",
              "version": "6.2.3.8"
            },
            {
              "status": "affected",
              "version": "6.2.3.10"
            },
            {
              "status": "affected",
              "version": "6.2.3.11"
            },
            {
              "status": "affected",
              "version": "6.2.3.9"
            },
            {
              "status": "affected",
              "version": "6.2.3.12"
            },
            {
              "status": "affected",
              "version": "6.2.3.13"
            },
            {
              "status": "affected",
              "version": "6.2.3.14"
            },
            {
              "status": "affected",
              "version": "6.2.3.15"
            },
            {
              "status": "affected",
              "version": "6.2.3.16"
            },
            {
              "status": "affected",
              "version": "6.2.3.17"
            },
            {
              "status": "affected",
              "version": "6.2.3.18"
            },
            {
              "status": "affected",
              "version": "6.6.0"
            },
            {
              "status": "affected",
              "version": "6.6.0.1"
            },
            {
              "status": "affected",
              "version": "6.6.1"
            },
            {
              "status": "affected",
              "version": "6.6.3"
            },
            {
              "status": "affected",
              "version": "6.6.4"
            },
            {
              "status": "affected",
              "version": "6.6.5"
            },
            {
              "status": "affected",
              "version": "6.6.5.1"
            },
            {
              "status": "affected",
              "version": "6.6.5.2"
            },
            {
              "status": "affected",
              "version": "6.6.7"
            },
            {
              "status": "affected",
              "version": "6.6.7.1"
            },
            {
              "status": "affected",
              "version": "6.6.7.2"
            },
            {
              "status": "affected",
              "version": "6.4.0"
            },
            {
              "status": "affected",
              "version": "6.4.0.1"
            },
            {
              "status": "affected",
              "version": "6.4.0.3"
            },
            {
              "status": "affected",
              "version": "6.4.0.2"
            },
            {
              "status": "affected",
              "version": "6.4.0.4"
            },
            {
              "status": "affected",
              "version": "6.4.0.5"
            },
            {
              "status": "affected",
              "version": "6.4.0.6"
            },
            {
              "status": "affected",
              "version": "6.4.0.7"
            },
            {
              "status": "affected",
              "version": "6.4.0.8"
            },
            {
              "status": "affected",
              "version": "6.4.0.9"
            },
            {
              "status": "affected",
              "version": "6.4.0.10"
            },
            {
              "status": "affected",
              "version": "6.4.0.11"
            },
            {
              "status": "affected",
              "version": "6.4.0.12"
            },
            {
              "status": "affected",
              "version": "6.4.0.13"
            },
            {
              "status": "affected",
              "version": "6.4.0.14"
            },
            {
              "status": "affected",
              "version": "6.4.0.15"
            },
            {
              "status": "affected",
              "version": "6.4.0.16"
            },
            {
              "status": "affected",
              "version": "6.4.0.17"
            },
            {
              "status": "affected",
              "version": "6.4.0.18"
            },
            {
              "status": "affected",
              "version": "7.0.0"
            },
            {
              "status": "affected",
              "version": "7.0.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1.1"
            },
            {
              "status": "affected",
              "version": "7.0.2"
            },
            {
              "status": "affected",
              "version": "7.0.2.1"
            },
            {
              "status": "affected",
              "version": "7.0.3"
            },
            {
              "status": "affected",
              "version": "7.0.4"
            },
            {
              "status": "affected",
              "version": "7.0.5"
            },
            {
              "status": "affected",
              "version": "7.0.6"
            },
            {
              "status": "affected",
              "version": "7.0.6.1"
            },
            {
              "status": "affected",
              "version": "7.0.6.2"
            },
            {
              "status": "affected",
              "version": "7.0.6.3"
            },
            {
              "status": "affected",
              "version": "7.0.7"
            },
            {
              "status": "affected",
              "version": "7.0.8"
            },
            {
              "status": "affected",
              "version": "7.1.0"
            },
            {
              "status": "affected",
              "version": "7.1.0.1"
            },
            {
              "status": "affected",
              "version": "7.1.0.2"
            },
            {
              "status": "affected",
              "version": "7.1.0.3"
            },
            {
              "status": "affected",
              "version": "7.2.0"
            },
            {
              "status": "affected",
              "version": "7.2.0.1"
            },
            {
              "status": "affected",
              "version": "7.2.1"
            },
            {
              "status": "affected",
              "version": "7.2.2"
            },
            {
              "status": "affected",
              "version": "7.2.3"
            },
            {
              "status": "affected",
              "version": "7.2.4"
            },
            {
              "status": "affected",
              "version": "7.2.4.1"
            },
            {
              "status": "affected",
              "version": "7.2.5"
            },
            {
              "status": "affected",
              "version": "7.2.5.1"
            },
            {
              "status": "affected",
              "version": "7.2.6"
            },
            {
              "status": "affected",
              "version": "7.2.7"
            },
            {
              "status": "affected",
              "version": "7.2.5.2"
            },
            {
              "status": "affected",
              "version": "7.2.8"
            },
            {
              "status": "affected",
              "version": "7.2.8.1"
            },
            {
              "status": "affected",
              "version": "7.2.9"
            },
            {
              "status": "affected",
              "version": "7.2.10"
            },
            {
              "status": "affected",
              "version": "7.3.0"
            },
            {
              "status": "affected",
              "version": "7.3.1"
            },
            {
              "status": "affected",
              "version": "7.3.1.1"
            },
            {
              "status": "affected",
              "version": "7.3.1.2"
            },
            {
              "status": "affected",
              "version": "7.4.0"
            },
            {
              "status": "affected",
              "version": "7.4.1"
            },
            {
              "status": "affected",
              "version": "7.4.1.1"
            },
            {
              "status": "affected",
              "version": "7.4.2"
            },
            {
              "status": "affected",
              "version": "7.4.2.1"
            },
            {
              "status": "affected",
              "version": "7.4.2.2"
            },
            {
              "status": "affected",
              "version": "7.4.2.3"
            },
            {
              "status": "affected",
              "version": "7.6.0"
            },
            {
              "status": "affected",
              "version": "7.6.1"
            },
            {
              "status": "affected",
              "version": "7.6.2"
            },
            {
              "status": "affected",
              "version": "7.7.0"
            },
            {
              "status": "affected",
              "version": "7.7.10"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to access restricted URL endpoints that are related to remote access VPN that should otherwise be inaccessible without authentication.\r\n\r This vulnerability is due to improper validation of user-supplied input in HTTP(S) requests. An attacker could exploit this vulnerability by sending crafted HTTP requests to a targeted web server on a device. A successful exploit could allow the attacker to access a restricted URL without authentication."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is aware of attempted exploitation of this vulnerability. Cisco continues to strongly recommend that customers upgrade to a fixed software release to remediate this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-862",
              "description": "Missing Authorization",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-09-26T17:11:45.604Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-asaftd-webvpn-YROOTUW",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-webvpn-YROOTUW"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asaftd-webvpn-YROOTUW",
        "defects": [
          "CSCwq79815"
        ],
        "discovery": "INTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2025-20362",
    "datePublished": "2025-09-25T16:12:35.916Z",
    "dateReserved": "2024-10-10T19:15:13.258Z",
    "dateUpdated": "2025-09-26T17:11:45.604Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2017-6632 (GCVE-0-2017-6632)

Vulnerability from cvelistv5

Published

2017-05-22 01:00

Modified

2024-08-05 15:33

Severity ?

CWE

CWE-399

Summary

A vulnerability in the logging configuration of Secure Sockets Layer (SSL) policies for Cisco FirePOWER System Software 5.3.0 through 6.2.2 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to high consumption of system resources. The vulnerability is due to the logging of certain TCP packets by the affected software. An attacker could exploit this vulnerability by sending a flood of crafted TCP packets to an affected device. A successful exploit could allow the attacker to cause a DoS condition. The success of an exploit is dependent on how an administrator has configured logging for SSL policies for a device. This vulnerability affects Cisco FirePOWER System Software that is configured to log connections by using SSL policy default actions. Cisco Bug IDs: CSCvd07072.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-fpwr	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/98523	vdb-entry, x_refsource_BID

Impacted products

	Vendor	Product	Version
	n/a	Cisco FirePOWER System Software	Version: Cisco FirePOWER System Software

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T15:33:20.462Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-fpwr"
          },
          {
            "name": "98523",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/98523"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco FirePOWER System Software",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Cisco FirePOWER System Software"
            }
          ]
        }
      ],
      "datePublic": "2017-05-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the logging configuration of Secure Sockets Layer (SSL) policies for Cisco FirePOWER System Software 5.3.0 through 6.2.2 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to high consumption of system resources. The vulnerability is due to the logging of certain TCP packets by the affected software. An attacker could exploit this vulnerability by sending a flood of crafted TCP packets to an affected device. A successful exploit could allow the attacker to cause a DoS condition. The success of an exploit is dependent on how an administrator has configured logging for SSL policies for a device. This vulnerability affects Cisco FirePOWER System Software that is configured to log connections by using SSL policy default actions. Cisco Bug IDs: CSCvd07072."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-399",
              "description": "CWE-399",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-05-24T09:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-fpwr"
        },
        {
          "name": "98523",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/98523"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2017-6632",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco FirePOWER System Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Cisco FirePOWER System Software"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the logging configuration of Secure Sockets Layer (SSL) policies for Cisco FirePOWER System Software 5.3.0 through 6.2.2 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to high consumption of system resources. The vulnerability is due to the logging of certain TCP packets by the affected software. An attacker could exploit this vulnerability by sending a flood of crafted TCP packets to an affected device. A successful exploit could allow the attacker to cause a DoS condition. The success of an exploit is dependent on how an administrator has configured logging for SSL policies for a device. This vulnerability affects Cisco FirePOWER System Software that is configured to log connections by using SSL policy default actions. Cisco Bug IDs: CSCvd07072."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-399"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-fpwr",
              "refsource": "CONFIRM",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-fpwr"
            },
            {
              "name": "98523",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/98523"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2017-6632",
    "datePublished": "2017-05-22T01:00:00",
    "dateReserved": "2017-03-09T00:00:00",
    "dateUpdated": "2024-08-05T15:33:20.462Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-20246 (GCVE-0-2023-20246)

Vulnerability from cvelistv5

Published

2023-11-01 17:13

Modified

2024-09-06 16:34

Severity ?

5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

CWE

CWE-290 - Authentication Bypass by Spoofing

Summary

Multiple Cisco products are affected by a vulnerability in Snort access control policies that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. This vulnerability is due to a logic error that occurs when the access control policies are being populated. An attacker could exploit this vulnerability by establishing a connection to an affected device. A successful exploit could allow the attacker to bypass configured access control rules on the affected system.

References

▼	URL	Tags
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort3acp-bypass-3bdR2BEh

Impacted products

Vendor

Product

Version

▼

Cisco

Cisco Firepower Threat Defense Software

Version: 7.0.0
Version: 7.0.0.1
Version: 7.0.1
Version: 7.0.1.1
Version: 7.0.2
Version: 7.0.2.1
Version: 7.0.3
Version: 7.0.4
Version: 7.0.5
Version: 7.1.0
Version: 7.1.0.1
Version: 7.1.0.2
Version: 7.1.0.3
Version: 7.2.0
Version: 7.2.0.1
Version: 7.2.1
Version: 7.2.2
Version: 7.2.3
Version: 7.3.0
Version: 7.3.1
Version: 7.3.1.1

Cisco

Cisco Umbrella Insights Virtual Appliance

Version: N/A

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T09:05:36.677Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "cisco-sa-ftd-snort3acp-bypass-3bdR2BEh",
            "tags": [
              "x_transferred"
            ],
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort3acp-bypass-3bdR2BEh"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-20246",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-06T16:34:21.802689Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-06T16:34:39.970Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "7.0.0"
            },
            {
              "status": "affected",
              "version": "7.0.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1.1"
            },
            {
              "status": "affected",
              "version": "7.0.2"
            },
            {
              "status": "affected",
              "version": "7.0.2.1"
            },
            {
              "status": "affected",
              "version": "7.0.3"
            },
            {
              "status": "affected",
              "version": "7.0.4"
            },
            {
              "status": "affected",
              "version": "7.0.5"
            },
            {
              "status": "affected",
              "version": "7.1.0"
            },
            {
              "status": "affected",
              "version": "7.1.0.1"
            },
            {
              "status": "affected",
              "version": "7.1.0.2"
            },
            {
              "status": "affected",
              "version": "7.1.0.3"
            },
            {
              "status": "affected",
              "version": "7.2.0"
            },
            {
              "status": "affected",
              "version": "7.2.0.1"
            },
            {
              "status": "affected",
              "version": "7.2.1"
            },
            {
              "status": "affected",
              "version": "7.2.2"
            },
            {
              "status": "affected",
              "version": "7.2.3"
            },
            {
              "status": "affected",
              "version": "7.3.0"
            },
            {
              "status": "affected",
              "version": "7.3.1"
            },
            {
              "status": "affected",
              "version": "7.3.1.1"
            }
          ]
        },
        {
          "product": "Cisco Umbrella Insights Virtual Appliance",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "N/A"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple Cisco products are affected by a vulnerability in Snort access control policies that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. \r\n\r This vulnerability is due to a logic error that occurs when the access control policies are being populated. An attacker could exploit this vulnerability by establishing a connection to an affected device. A successful exploit could allow the attacker to bypass configured access control rules on the affected system."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-290",
              "description": "Authentication Bypass by Spoofing",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-02-06T20:07:44.577Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-ftd-snort3acp-bypass-3bdR2BEh",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort3acp-bypass-3bdR2BEh"
        }
      ],
      "source": {
        "advisory": "cisco-sa-ftd-snort3acp-bypass-3bdR2BEh",
        "defects": [
          "CSCwe15280",
          "CSCwe83859"
        ],
        "discovery": "INTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2023-20246",
    "datePublished": "2023-11-01T17:13:58.231Z",
    "dateReserved": "2022-10-27T18:47:50.371Z",
    "dateUpdated": "2024-09-06T16:34:39.970Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-20095 (GCVE-0-2023-20095)

Vulnerability from cvelistv5

Published

2023-11-01 17:14

Modified

2024-08-02 08:57

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-772 - Missing Release of Resource after Effective Lifetime

Summary

A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of HTTPS requests. An attacker could exploit this vulnerability by sending crafted HTTPS requests to an affected system. A successful exploit could allow the attacker to cause resource exhaustion, resulting in a DoS condition.

References

▼	URL	Tags
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-webvpn-dos-3GhZQBAS

Impacted products

Vendor

Product

Version

▼

Cisco

Cisco Adaptive Security Appliance (ASA) Software

Version: 9.8.1
Version: 9.8.1.5
Version: 9.8.1.7
Version: 9.8.2
Version: 9.8.2.8
Version: 9.8.2.14
Version: 9.8.2.15
Version: 9.8.2.17
Version: 9.8.2.20
Version: 9.8.2.24
Version: 9.8.2.26
Version: 9.8.2.28
Version: 9.8.2.33
Version: 9.8.2.35
Version: 9.8.2.38
Version: 9.8.3.8
Version: 9.8.3.11
Version: 9.8.3.14
Version: 9.8.3.16
Version: 9.8.3.18
Version: 9.8.3.21
Version: 9.8.3
Version: 9.8.3.26
Version: 9.8.3.29
Version: 9.8.4
Version: 9.8.4.3
Version: 9.8.4.7
Version: 9.8.4.8
Version: 9.8.4.10
Version: 9.8.4.12
Version: 9.8.4.15
Version: 9.8.4.17
Version: 9.8.4.25
Version: 9.8.4.20
Version: 9.8.4.22
Version: 9.8.4.26
Version: 9.8.4.29
Version: 9.8.4.32
Version: 9.8.4.33
Version: 9.8.4.34
Version: 9.8.4.35
Version: 9.8.4.39
Version: 9.8.4.40
Version: 9.8.4.41
Version: 9.8.4.43
Version: 9.8.4.44
Version: 9.8.4.45
Version: 9.12.1
Version: 9.12.1.2
Version: 9.12.1.3
Version: 9.12.2
Version: 9.12.2.4
Version: 9.12.2.5
Version: 9.12.2.9
Version: 9.12.3
Version: 9.12.3.2
Version: 9.12.3.7
Version: 9.12.4
Version: 9.12.3.12
Version: 9.12.3.9
Version: 9.12.2.1
Version: 9.12.4.2
Version: 9.12.4.4
Version: 9.12.4.7
Version: 9.12.4.10
Version: 9.12.4.13
Version: 9.12.4.8
Version: 9.12.4.18
Version: 9.12.4.24
Version: 9.12.4.26
Version: 9.12.4.29
Version: 9.12.4.30
Version: 9.12.4.35
Version: 9.12.4.37
Version: 9.12.4.38
Version: 9.12.4.39
Version: 9.12.4.40
Version: 9.12.4.41
Version: 9.14.1
Version: 9.14.1.10
Version: 9.14.1.6
Version: 9.14.1.15
Version: 9.14.1.19
Version: 9.14.1.30
Version: 9.14.2
Version: 9.14.2.4
Version: 9.14.2.8
Version: 9.14.2.13
Version: 9.14.2.15
Version: 9.14.3
Version: 9.14.3.1
Version: 9.14.3.9
Version: 9.14.3.11
Version: 9.14.3.13
Version: 9.14.3.18
Version: 9.14.3.15
Version: 9.14.4
Version: 9.14.4.6
Version: 9.14.4.7
Version: 9.15.1
Version: 9.15.1.7
Version: 9.15.1.10
Version: 9.15.1.15
Version: 9.15.1.16
Version: 9.15.1.17
Version: 9.15.1.1
Version: 9.15.1.21
Version: 9.16.1
Version: 9.16.1.28
Version: 9.16.2
Version: 9.16.2.3
Version: 9.16.2.7
Version: 9.16.2.11
Version: 9.16.2.13
Version: 9.16.2.14
Version: 9.16.3
Version: 9.16.3.3
Version: 9.16.3.14
Version: 9.17.1
Version: 9.17.1.7
Version: 9.17.1.9
Version: 9.18.1

Cisco

Cisco Firepower Threat Defense Software

Version: 6.2.3
Version: 6.2.3.1
Version: 6.2.3.2
Version: 6.2.3.3
Version: 6.2.3.4
Version: 6.2.3.5
Version: 6.2.3.6
Version: 6.2.3.7
Version: 6.2.3.8
Version: 6.2.3.10
Version: 6.2.3.11
Version: 6.2.3.9
Version: 6.2.3.12
Version: 6.2.3.13
Version: 6.2.3.14
Version: 6.2.3.15
Version: 6.2.3.16
Version: 6.2.3.17
Version: 6.2.3.18
Version: 6.6.0
Version: 6.6.0.1
Version: 6.6.1
Version: 6.6.3
Version: 6.6.4
Version: 6.6.5
Version: 6.6.5.1
Version: 6.6.5.2
Version: 6.4.0
Version: 6.4.0.1
Version: 6.4.0.3
Version: 6.4.0.2
Version: 6.4.0.4
Version: 6.4.0.5
Version: 6.4.0.6
Version: 6.4.0.7
Version: 6.4.0.8
Version: 6.4.0.9
Version: 6.4.0.10
Version: 6.4.0.11
Version: 6.4.0.12
Version: 6.4.0.13
Version: 6.4.0.14
Version: 6.4.0.15
Version: 6.7.0
Version: 6.7.0.1
Version: 6.7.0.2
Version: 6.7.0.3
Version: 7.0.0
Version: 7.0.0.1
Version: 7.0.1
Version: 7.0.1.1
Version: 7.0.2
Version: 7.0.2.1
Version: 7.0.3
Version: 7.1.0
Version: 7.1.0.1
Version: 7.1.0.2
Version: 7.2.0
Version: 7.2.0.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T08:57:36.059Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "cisco-sa-asa-webvpn-dos-3GhZQBAS",
            "tags": [
              "x_transferred"
            ],
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-webvpn-dos-3GhZQBAS"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "9.8.1"
            },
            {
              "status": "affected",
              "version": "9.8.1.5"
            },
            {
              "status": "affected",
              "version": "9.8.1.7"
            },
            {
              "status": "affected",
              "version": "9.8.2"
            },
            {
              "status": "affected",
              "version": "9.8.2.8"
            },
            {
              "status": "affected",
              "version": "9.8.2.14"
            },
            {
              "status": "affected",
              "version": "9.8.2.15"
            },
            {
              "status": "affected",
              "version": "9.8.2.17"
            },
            {
              "status": "affected",
              "version": "9.8.2.20"
            },
            {
              "status": "affected",
              "version": "9.8.2.24"
            },
            {
              "status": "affected",
              "version": "9.8.2.26"
            },
            {
              "status": "affected",
              "version": "9.8.2.28"
            },
            {
              "status": "affected",
              "version": "9.8.2.33"
            },
            {
              "status": "affected",
              "version": "9.8.2.35"
            },
            {
              "status": "affected",
              "version": "9.8.2.38"
            },
            {
              "status": "affected",
              "version": "9.8.3.8"
            },
            {
              "status": "affected",
              "version": "9.8.3.11"
            },
            {
              "status": "affected",
              "version": "9.8.3.14"
            },
            {
              "status": "affected",
              "version": "9.8.3.16"
            },
            {
              "status": "affected",
              "version": "9.8.3.18"
            },
            {
              "status": "affected",
              "version": "9.8.3.21"
            },
            {
              "status": "affected",
              "version": "9.8.3"
            },
            {
              "status": "affected",
              "version": "9.8.3.26"
            },
            {
              "status": "affected",
              "version": "9.8.3.29"
            },
            {
              "status": "affected",
              "version": "9.8.4"
            },
            {
              "status": "affected",
              "version": "9.8.4.3"
            },
            {
              "status": "affected",
              "version": "9.8.4.7"
            },
            {
              "status": "affected",
              "version": "9.8.4.8"
            },
            {
              "status": "affected",
              "version": "9.8.4.10"
            },
            {
              "status": "affected",
              "version": "9.8.4.12"
            },
            {
              "status": "affected",
              "version": "9.8.4.15"
            },
            {
              "status": "affected",
              "version": "9.8.4.17"
            },
            {
              "status": "affected",
              "version": "9.8.4.25"
            },
            {
              "status": "affected",
              "version": "9.8.4.20"
            },
            {
              "status": "affected",
              "version": "9.8.4.22"
            },
            {
              "status": "affected",
              "version": "9.8.4.26"
            },
            {
              "status": "affected",
              "version": "9.8.4.29"
            },
            {
              "status": "affected",
              "version": "9.8.4.32"
            },
            {
              "status": "affected",
              "version": "9.8.4.33"
            },
            {
              "status": "affected",
              "version": "9.8.4.34"
            },
            {
              "status": "affected",
              "version": "9.8.4.35"
            },
            {
              "status": "affected",
              "version": "9.8.4.39"
            },
            {
              "status": "affected",
              "version": "9.8.4.40"
            },
            {
              "status": "affected",
              "version": "9.8.4.41"
            },
            {
              "status": "affected",
              "version": "9.8.4.43"
            },
            {
              "status": "affected",
              "version": "9.8.4.44"
            },
            {
              "status": "affected",
              "version": "9.8.4.45"
            },
            {
              "status": "affected",
              "version": "9.12.1"
            },
            {
              "status": "affected",
              "version": "9.12.1.2"
            },
            {
              "status": "affected",
              "version": "9.12.1.3"
            },
            {
              "status": "affected",
              "version": "9.12.2"
            },
            {
              "status": "affected",
              "version": "9.12.2.4"
            },
            {
              "status": "affected",
              "version": "9.12.2.5"
            },
            {
              "status": "affected",
              "version": "9.12.2.9"
            },
            {
              "status": "affected",
              "version": "9.12.3"
            },
            {
              "status": "affected",
              "version": "9.12.3.2"
            },
            {
              "status": "affected",
              "version": "9.12.3.7"
            },
            {
              "status": "affected",
              "version": "9.12.4"
            },
            {
              "status": "affected",
              "version": "9.12.3.12"
            },
            {
              "status": "affected",
              "version": "9.12.3.9"
            },
            {
              "status": "affected",
              "version": "9.12.2.1"
            },
            {
              "status": "affected",
              "version": "9.12.4.2"
            },
            {
              "status": "affected",
              "version": "9.12.4.4"
            },
            {
              "status": "affected",
              "version": "9.12.4.7"
            },
            {
              "status": "affected",
              "version": "9.12.4.10"
            },
            {
              "status": "affected",
              "version": "9.12.4.13"
            },
            {
              "status": "affected",
              "version": "9.12.4.8"
            },
            {
              "status": "affected",
              "version": "9.12.4.18"
            },
            {
              "status": "affected",
              "version": "9.12.4.24"
            },
            {
              "status": "affected",
              "version": "9.12.4.26"
            },
            {
              "status": "affected",
              "version": "9.12.4.29"
            },
            {
              "status": "affected",
              "version": "9.12.4.30"
            },
            {
              "status": "affected",
              "version": "9.12.4.35"
            },
            {
              "status": "affected",
              "version": "9.12.4.37"
            },
            {
              "status": "affected",
              "version": "9.12.4.38"
            },
            {
              "status": "affected",
              "version": "9.12.4.39"
            },
            {
              "status": "affected",
              "version": "9.12.4.40"
            },
            {
              "status": "affected",
              "version": "9.12.4.41"
            },
            {
              "status": "affected",
              "version": "9.14.1"
            },
            {
              "status": "affected",
              "version": "9.14.1.10"
            },
            {
              "status": "affected",
              "version": "9.14.1.6"
            },
            {
              "status": "affected",
              "version": "9.14.1.15"
            },
            {
              "status": "affected",
              "version": "9.14.1.19"
            },
            {
              "status": "affected",
              "version": "9.14.1.30"
            },
            {
              "status": "affected",
              "version": "9.14.2"
            },
            {
              "status": "affected",
              "version": "9.14.2.4"
            },
            {
              "status": "affected",
              "version": "9.14.2.8"
            },
            {
              "status": "affected",
              "version": "9.14.2.13"
            },
            {
              "status": "affected",
              "version": "9.14.2.15"
            },
            {
              "status": "affected",
              "version": "9.14.3"
            },
            {
              "status": "affected",
              "version": "9.14.3.1"
            },
            {
              "status": "affected",
              "version": "9.14.3.9"
            },
            {
              "status": "affected",
              "version": "9.14.3.11"
            },
            {
              "status": "affected",
              "version": "9.14.3.13"
            },
            {
              "status": "affected",
              "version": "9.14.3.18"
            },
            {
              "status": "affected",
              "version": "9.14.3.15"
            },
            {
              "status": "affected",
              "version": "9.14.4"
            },
            {
              "status": "affected",
              "version": "9.14.4.6"
            },
            {
              "status": "affected",
              "version": "9.14.4.7"
            },
            {
              "status": "affected",
              "version": "9.15.1"
            },
            {
              "status": "affected",
              "version": "9.15.1.7"
            },
            {
              "status": "affected",
              "version": "9.15.1.10"
            },
            {
              "status": "affected",
              "version": "9.15.1.15"
            },
            {
              "status": "affected",
              "version": "9.15.1.16"
            },
            {
              "status": "affected",
              "version": "9.15.1.17"
            },
            {
              "status": "affected",
              "version": "9.15.1.1"
            },
            {
              "status": "affected",
              "version": "9.15.1.21"
            },
            {
              "status": "affected",
              "version": "9.16.1"
            },
            {
              "status": "affected",
              "version": "9.16.1.28"
            },
            {
              "status": "affected",
              "version": "9.16.2"
            },
            {
              "status": "affected",
              "version": "9.16.2.3"
            },
            {
              "status": "affected",
              "version": "9.16.2.7"
            },
            {
              "status": "affected",
              "version": "9.16.2.11"
            },
            {
              "status": "affected",
              "version": "9.16.2.13"
            },
            {
              "status": "affected",
              "version": "9.16.2.14"
            },
            {
              "status": "affected",
              "version": "9.16.3"
            },
            {
              "status": "affected",
              "version": "9.16.3.3"
            },
            {
              "status": "affected",
              "version": "9.16.3.14"
            },
            {
              "status": "affected",
              "version": "9.17.1"
            },
            {
              "status": "affected",
              "version": "9.17.1.7"
            },
            {
              "status": "affected",
              "version": "9.17.1.9"
            },
            {
              "status": "affected",
              "version": "9.18.1"
            }
          ]
        },
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "6.2.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.1"
            },
            {
              "status": "affected",
              "version": "6.2.3.2"
            },
            {
              "status": "affected",
              "version": "6.2.3.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.4"
            },
            {
              "status": "affected",
              "version": "6.2.3.5"
            },
            {
              "status": "affected",
              "version": "6.2.3.6"
            },
            {
              "status": "affected",
              "version": "6.2.3.7"
            },
            {
              "status": "affected",
              "version": "6.2.3.8"
            },
            {
              "status": "affected",
              "version": "6.2.3.10"
            },
            {
              "status": "affected",
              "version": "6.2.3.11"
            },
            {
              "status": "affected",
              "version": "6.2.3.9"
            },
            {
              "status": "affected",
              "version": "6.2.3.12"
            },
            {
              "status": "affected",
              "version": "6.2.3.13"
            },
            {
              "status": "affected",
              "version": "6.2.3.14"
            },
            {
              "status": "affected",
              "version": "6.2.3.15"
            },
            {
              "status": "affected",
              "version": "6.2.3.16"
            },
            {
              "status": "affected",
              "version": "6.2.3.17"
            },
            {
              "status": "affected",
              "version": "6.2.3.18"
            },
            {
              "status": "affected",
              "version": "6.6.0"
            },
            {
              "status": "affected",
              "version": "6.6.0.1"
            },
            {
              "status": "affected",
              "version": "6.6.1"
            },
            {
              "status": "affected",
              "version": "6.6.3"
            },
            {
              "status": "affected",
              "version": "6.6.4"
            },
            {
              "status": "affected",
              "version": "6.6.5"
            },
            {
              "status": "affected",
              "version": "6.6.5.1"
            },
            {
              "status": "affected",
              "version": "6.6.5.2"
            },
            {
              "status": "affected",
              "version": "6.4.0"
            },
            {
              "status": "affected",
              "version": "6.4.0.1"
            },
            {
              "status": "affected",
              "version": "6.4.0.3"
            },
            {
              "status": "affected",
              "version": "6.4.0.2"
            },
            {
              "status": "affected",
              "version": "6.4.0.4"
            },
            {
              "status": "affected",
              "version": "6.4.0.5"
            },
            {
              "status": "affected",
              "version": "6.4.0.6"
            },
            {
              "status": "affected",
              "version": "6.4.0.7"
            },
            {
              "status": "affected",
              "version": "6.4.0.8"
            },
            {
              "status": "affected",
              "version": "6.4.0.9"
            },
            {
              "status": "affected",
              "version": "6.4.0.10"
            },
            {
              "status": "affected",
              "version": "6.4.0.11"
            },
            {
              "status": "affected",
              "version": "6.4.0.12"
            },
            {
              "status": "affected",
              "version": "6.4.0.13"
            },
            {
              "status": "affected",
              "version": "6.4.0.14"
            },
            {
              "status": "affected",
              "version": "6.4.0.15"
            },
            {
              "status": "affected",
              "version": "6.7.0"
            },
            {
              "status": "affected",
              "version": "6.7.0.1"
            },
            {
              "status": "affected",
              "version": "6.7.0.2"
            },
            {
              "status": "affected",
              "version": "6.7.0.3"
            },
            {
              "status": "affected",
              "version": "7.0.0"
            },
            {
              "status": "affected",
              "version": "7.0.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1.1"
            },
            {
              "status": "affected",
              "version": "7.0.2"
            },
            {
              "status": "affected",
              "version": "7.0.2.1"
            },
            {
              "status": "affected",
              "version": "7.0.3"
            },
            {
              "status": "affected",
              "version": "7.1.0"
            },
            {
              "status": "affected",
              "version": "7.1.0.1"
            },
            {
              "status": "affected",
              "version": "7.1.0.2"
            },
            {
              "status": "affected",
              "version": "7.2.0"
            },
            {
              "status": "affected",
              "version": "7.2.0.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of HTTPS requests. An attacker could exploit this vulnerability by sending crafted HTTPS requests to an affected system. A successful exploit could allow the attacker to cause resource exhaustion, resulting in a DoS condition."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-772",
              "description": "Missing Release of Resource after Effective Lifetime",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-25T16:57:43.469Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-asa-webvpn-dos-3GhZQBAS",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-webvpn-dos-3GhZQBAS"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asa-webvpn-dos-3GhZQBAS",
        "defects": [
          "CSCwb63827"
        ],
        "discovery": "INTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2023-20095",
    "datePublished": "2023-11-01T17:14:29.319Z",
    "dateReserved": "2022-10-27T18:47:50.337Z",
    "dateUpdated": "2024-08-02T08:57:36.059Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-20947 (GCVE-0-2022-20947)

Vulnerability from cvelistv5

Published

2022-11-10 17:29

Modified

2024-08-03 02:31

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Summary

A vulnerability in dynamic access policies (DAP) functionality of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. This vulnerability is due to improper processing of HostScan data received from the Posture (HostScan) module. An attacker could exploit this vulnerability by sending crafted HostScan data to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-dap-dos-GhYZBxDU ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-dap-dos-GhYZBxDU"] This advisory is part of the November 2022 release of the Cisco ASA, FTD, and FMC Security Advisory Bundled publication.

References

▼	URL	Tags
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-dap-dos-GhYZBxDU

Impacted products

Vendor

Product

Version

▼

Cisco

Cisco Adaptive Security Appliance (ASA) Software

Version: 9.12.1.3
Version: 9.17.1

Cisco

Cisco Firepower Threat Defense Software

Version: 6.2.3
Version: 6.2.3.1
Version: 6.2.3.2
Version: 6.2.3.3
Version: 6.2.3.4
Version: 6.2.3.5
Version: 6.2.3.6
Version: 6.2.3.7
Version: 6.2.3.8
Version: 6.2.3.10
Version: 6.2.3.11
Version: 6.2.3.9
Version: 6.2.3.12
Version: 6.2.3.13
Version: 6.2.3.14
Version: 6.2.3.15
Version: 6.2.3.16
Version: 6.2.3.17
Version: 6.2.3.18
Version: 6.6.0
Version: 6.6.0.1
Version: 6.6.1
Version: 6.6.3
Version: 6.6.4
Version: 6.6.5
Version: 6.6.5.1
Version: 6.4.0
Version: 6.4.0.1
Version: 6.4.0.3
Version: 6.4.0.2
Version: 6.4.0.4
Version: 6.4.0.5
Version: 6.4.0.6
Version: 6.4.0.7
Version: 6.4.0.8
Version: 6.4.0.9
Version: 6.4.0.10
Version: 6.4.0.11
Version: 6.4.0.12
Version: 6.4.0.13
Version: 6.4.0.14
Version: 6.7.0
Version: 6.7.0.1
Version: 6.7.0.2
Version: 6.7.0.3
Version: 7.0.0
Version: 7.0.0.1
Version: 7.0.1
Version: 7.0.1.1
Version: 7.1.0
Version: 7.1.0.1
Version: 7.1.0.2

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T02:31:57.971Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "cisco-sa-asa-ftd-dap-dos-GhYZBxDU",
            "tags": [
              "x_transferred"
            ],
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-dap-dos-GhYZBxDU"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "9.12.1.3"
            },
            {
              "status": "affected",
              "version": "9.17.1"
            }
          ]
        },
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "6.2.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.1"
            },
            {
              "status": "affected",
              "version": "6.2.3.2"
            },
            {
              "status": "affected",
              "version": "6.2.3.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.4"
            },
            {
              "status": "affected",
              "version": "6.2.3.5"
            },
            {
              "status": "affected",
              "version": "6.2.3.6"
            },
            {
              "status": "affected",
              "version": "6.2.3.7"
            },
            {
              "status": "affected",
              "version": "6.2.3.8"
            },
            {
              "status": "affected",
              "version": "6.2.3.10"
            },
            {
              "status": "affected",
              "version": "6.2.3.11"
            },
            {
              "status": "affected",
              "version": "6.2.3.9"
            },
            {
              "status": "affected",
              "version": "6.2.3.12"
            },
            {
              "status": "affected",
              "version": "6.2.3.13"
            },
            {
              "status": "affected",
              "version": "6.2.3.14"
            },
            {
              "status": "affected",
              "version": "6.2.3.15"
            },
            {
              "status": "affected",
              "version": "6.2.3.16"
            },
            {
              "status": "affected",
              "version": "6.2.3.17"
            },
            {
              "status": "affected",
              "version": "6.2.3.18"
            },
            {
              "status": "affected",
              "version": "6.6.0"
            },
            {
              "status": "affected",
              "version": "6.6.0.1"
            },
            {
              "status": "affected",
              "version": "6.6.1"
            },
            {
              "status": "affected",
              "version": "6.6.3"
            },
            {
              "status": "affected",
              "version": "6.6.4"
            },
            {
              "status": "affected",
              "version": "6.6.5"
            },
            {
              "status": "affected",
              "version": "6.6.5.1"
            },
            {
              "status": "affected",
              "version": "6.4.0"
            },
            {
              "status": "affected",
              "version": "6.4.0.1"
            },
            {
              "status": "affected",
              "version": "6.4.0.3"
            },
            {
              "status": "affected",
              "version": "6.4.0.2"
            },
            {
              "status": "affected",
              "version": "6.4.0.4"
            },
            {
              "status": "affected",
              "version": "6.4.0.5"
            },
            {
              "status": "affected",
              "version": "6.4.0.6"
            },
            {
              "status": "affected",
              "version": "6.4.0.7"
            },
            {
              "status": "affected",
              "version": "6.4.0.8"
            },
            {
              "status": "affected",
              "version": "6.4.0.9"
            },
            {
              "status": "affected",
              "version": "6.4.0.10"
            },
            {
              "status": "affected",
              "version": "6.4.0.11"
            },
            {
              "status": "affected",
              "version": "6.4.0.12"
            },
            {
              "status": "affected",
              "version": "6.4.0.13"
            },
            {
              "status": "affected",
              "version": "6.4.0.14"
            },
            {
              "status": "affected",
              "version": "6.7.0"
            },
            {
              "status": "affected",
              "version": "6.7.0.1"
            },
            {
              "status": "affected",
              "version": "6.7.0.2"
            },
            {
              "status": "affected",
              "version": "6.7.0.3"
            },
            {
              "status": "affected",
              "version": "7.0.0"
            },
            {
              "status": "affected",
              "version": "7.0.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1.1"
            },
            {
              "status": "affected",
              "version": "7.1.0"
            },
            {
              "status": "affected",
              "version": "7.1.0.1"
            },
            {
              "status": "affected",
              "version": "7.1.0.2"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in dynamic access policies (DAP) functionality of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition.\r\n\r This vulnerability is due to improper processing of HostScan data received from the Posture (HostScan) module. An attacker could exploit this vulnerability by sending crafted HostScan data to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition.   \r\n\r    \r\n\r  https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-dap-dos-GhYZBxDU [\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-dap-dos-GhYZBxDU\"]\r\n\r \r This advisory is part of the November 2022 release of the Cisco ASA, FTD, and FMC Security Advisory Bundled publication."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-119",
              "description": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-25T16:57:19.430Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-asa-ftd-dap-dos-GhYZBxDU",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-dap-dos-GhYZBxDU"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asa-ftd-dap-dos-GhYZBxDU",
        "defects": [
          "CSCwa47041"
        ],
        "discovery": "INTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2022-20947",
    "datePublished": "2022-11-10T17:29:29.928Z",
    "dateReserved": "2021-11-02T13:28:29.194Z",
    "dateUpdated": "2024-08-03T02:31:57.971Z",
    "requesterUserId": "4087f8c1-b21c-479b-99df-de23cb76b743",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-3285 (GCVE-0-2020-3285)

Vulnerability from cvelistv5

Published

2020-05-06 16:42

Modified

2024-11-15 17:23

Severity ?

5.8 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

CWE

CWE-693

Summary

A vulnerability in the Transport Layer Security version 1.3 (TLS 1.3) policy with URL category functionality for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured TLS 1.3 policy to block traffic for a specific URL. The vulnerability is due to a logic error with Snort handling of the connection with the TLS 1.3 policy and URL category configuration. An attacker could exploit this vulnerability by sending crafted TLS 1.3 connections to an affected device. A successful exploit could allow the attacker to bypass the TLS 1.3 policy and access URLs that are outside the affected device and normally would be dropped.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ssl-bypass-O5tGum2n	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Threat Defense Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T07:30:57.955Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20200506 Cisco Firepower Threat Defense Software SSL/TLS URL Category Bypass Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ssl-bypass-O5tGum2n"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-3285",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-15T16:21:27.045425Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-15T17:23:47.133Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2020-05-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Transport Layer Security version 1.3 (TLS 1.3) policy with URL category functionality for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured TLS 1.3 policy to block traffic for a specific URL. The vulnerability is due to a logic error with Snort handling of the connection with the TLS 1.3 policy and URL category configuration. An attacker could exploit this vulnerability by sending crafted TLS 1.3 connections to an affected device. A successful exploit could allow the attacker to bypass the TLS 1.3 policy and access URLs that are outside the affected device and normally would be dropped."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-693",
              "description": "CWE-693",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-05-06T16:42:02",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20200506 Cisco Firepower Threat Defense Software SSL/TLS URL Category Bypass Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ssl-bypass-O5tGum2n"
        }
      ],
      "source": {
        "advisory": "cisco-sa-ssl-bypass-O5tGum2n",
        "defect": [
          [
            "CSCvq93669"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Firepower Threat Defense Software SSL/TLS URL Category Bypass Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2020-05-06T16:00:00-0700",
          "ID": "CVE-2020-3285",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Firepower Threat Defense Software SSL/TLS URL Category Bypass Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Firepower Threat Defense Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the Transport Layer Security version 1.3 (TLS 1.3) policy with URL category functionality for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured TLS 1.3 policy to block traffic for a specific URL. The vulnerability is due to a logic error with Snort handling of the connection with the TLS 1.3 policy and URL category configuration. An attacker could exploit this vulnerability by sending crafted TLS 1.3 connections to an affected device. A successful exploit could allow the attacker to bypass the TLS 1.3 policy and access URLs that are outside the affected device and normally would be dropped."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "5.8",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-693"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20200506 Cisco Firepower Threat Defense Software SSL/TLS URL Category Bypass Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ssl-bypass-O5tGum2n"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-ssl-bypass-O5tGum2n",
          "defect": [
            [
              "CSCvq93669"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2020-3285",
    "datePublished": "2020-05-06T16:42:02.593614Z",
    "dateReserved": "2019-12-12T00:00:00",
    "dateUpdated": "2024-11-15T17:23:47.133Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-20355 (GCVE-0-2024-20355)

Vulnerability from cvelistv5

Published

2024-05-22 16:54

Modified

2024-08-01 21:59

Severity ?

5.0 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N

CWE

CWE-862 - Missing Authorization

Summary

A vulnerability in the implementation of SAML 2.0 single sign-on (SSO) for remote access VPN services in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to successfully establish a VPN session on an affected device. This vulnerability is due to improper separation of authorization domains when using SAML authentication. An attacker could exploit this vulnerability by using valid credentials to successfully authenticate using their designated connection profile (tunnel group), intercepting the SAML SSO token that is sent back from the Cisco ASA device, and then submitting the same SAML SSO token to a different tunnel group for authentication. A successful exploit could allow the attacker to establish a remote access VPN session using a connection profile that they are not authorized to use and connect to secured networks behind the affected device that they are not authorized to access. For successful exploitation, the attacker must have valid remote access VPN user credentials.

References

▼	URL	Tags
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-saml-bypass-KkNvXyKW

Impacted products

Vendor

Product

Version

▼

Cisco

Cisco Adaptive Security Appliance (ASA) Software

Version: 9.8.2.28
Version: 9.8.2.33
Version: 9.8.2.35
Version: 9.8.2.38
Version: 9.8.3.8
Version: 9.8.3.11
Version: 9.8.3.14
Version: 9.8.3.16
Version: 9.8.3.18
Version: 9.8.3.21
Version: 9.8.3
Version: 9.8.3.26
Version: 9.8.3.29
Version: 9.8.4
Version: 9.8.4.3
Version: 9.8.4.7
Version: 9.8.4.8
Version: 9.8.4.10
Version: 9.8.4.12
Version: 9.8.4.15
Version: 9.8.4.17
Version: 9.8.4.25
Version: 9.8.4.20
Version: 9.8.4.22
Version: 9.8.4.26
Version: 9.8.4.29
Version: 9.8.4.32
Version: 9.8.4.33
Version: 9.8.4.34
Version: 9.8.4.35
Version: 9.8.4.39
Version: 9.8.4.40
Version: 9.8.4.41
Version: 9.8.4.43
Version: 9.8.4.44
Version: 9.8.4.45
Version: 9.8.4.46
Version: 9.8.4.48
Version: 9.12.1
Version: 9.12.1.2
Version: 9.12.1.3
Version: 9.12.2
Version: 9.12.2.4
Version: 9.12.2.5
Version: 9.12.2.9
Version: 9.12.3
Version: 9.12.3.2
Version: 9.12.3.7
Version: 9.12.4
Version: 9.12.3.12
Version: 9.12.3.9
Version: 9.12.2.1
Version: 9.12.4.2
Version: 9.12.4.4
Version: 9.12.4.7
Version: 9.12.4.10
Version: 9.12.4.13
Version: 9.12.4.8
Version: 9.12.4.18
Version: 9.12.4.24
Version: 9.12.4.26
Version: 9.12.4.29
Version: 9.12.4.30
Version: 9.12.4.35
Version: 9.12.4.37
Version: 9.12.4.38
Version: 9.12.4.39
Version: 9.12.4.40
Version: 9.12.4.41
Version: 9.12.4.47
Version: 9.12.4.48
Version: 9.12.4.50
Version: 9.12.4.52
Version: 9.12.4.54
Version: 9.12.4.55
Version: 9.12.4.56
Version: 9.12.4.58
Version: 9.14.1
Version: 9.14.1.10
Version: 9.14.1.6
Version: 9.14.1.15
Version: 9.14.1.19
Version: 9.14.1.30
Version: 9.14.2
Version: 9.14.2.4
Version: 9.14.2.8
Version: 9.14.2.13
Version: 9.14.2.15
Version: 9.14.3
Version: 9.14.3.1
Version: 9.14.3.9
Version: 9.14.3.11
Version: 9.14.3.13
Version: 9.14.3.18
Version: 9.14.3.15
Version: 9.14.4
Version: 9.14.4.6
Version: 9.14.4.7
Version: 9.14.4.12
Version: 9.14.4.13
Version: 9.14.4.14
Version: 9.14.4.15
Version: 9.14.4.17
Version: 9.14.4.22
Version: 9.14.4.23
Version: 9.14.4.24
Version: 9.15.1
Version: 9.15.1.7
Version: 9.15.1.10
Version: 9.15.1.15
Version: 9.15.1.16
Version: 9.15.1.17
Version: 9.15.1.1
Version: 9.15.1.21
Version: 9.16.1
Version: 9.16.1.28
Version: 9.16.2
Version: 9.16.2.3
Version: 9.16.2.7
Version: 9.16.2.11
Version: 9.16.2.13
Version: 9.16.2.14
Version: 9.16.3
Version: 9.16.3.3
Version: 9.16.3.14
Version: 9.16.3.15
Version: 9.16.3.19
Version: 9.16.3.23
Version: 9.16.4
Version: 9.16.4.9
Version: 9.16.4.14
Version: 9.16.4.18
Version: 9.16.4.19
Version: 9.17.1
Version: 9.17.1.7
Version: 9.17.1.9
Version: 9.17.1.10
Version: 9.17.1.11
Version: 9.17.1.13
Version: 9.17.1.15
Version: 9.17.1.20
Version: 9.17.1.30
Version: 9.18.1
Version: 9.18.1.3
Version: 9.18.2
Version: 9.18.2.5
Version: 9.18.2.7
Version: 9.18.2.8
Version: 9.18.3
Version: 9.18.3.39
Version: 9.19.1
Version: 9.19.1.5
Version: 9.19.1.9

Cisco

Cisco Firepower Threat Defense Software

Version: 6.2.3
Version: 6.2.3.1
Version: 6.2.3.2
Version: 6.2.3.3
Version: 6.2.3.4
Version: 6.2.3.5
Version: 6.2.3.6
Version: 6.2.3.7
Version: 6.2.3.8
Version: 6.2.3.10
Version: 6.2.3.11
Version: 6.2.3.9
Version: 6.2.3.12
Version: 6.2.3.13
Version: 6.2.3.14
Version: 6.2.3.15
Version: 6.2.3.16
Version: 6.2.3.17
Version: 6.2.3.18
Version: 6.6.0
Version: 6.6.0.1
Version: 6.6.1
Version: 6.6.3
Version: 6.6.4
Version: 6.6.5
Version: 6.6.5.1
Version: 6.6.5.2
Version: 6.6.7
Version: 6.6.7.1
Version: 6.6.7.2
Version: 6.4.0
Version: 6.4.0.1
Version: 6.4.0.3
Version: 6.4.0.2
Version: 6.4.0.4
Version: 6.4.0.5
Version: 6.4.0.6
Version: 6.4.0.7
Version: 6.4.0.8
Version: 6.4.0.9
Version: 6.4.0.10
Version: 6.4.0.11
Version: 6.4.0.12
Version: 6.4.0.13
Version: 6.4.0.14
Version: 6.4.0.15
Version: 6.4.0.16
Version: 6.7.0
Version: 6.7.0.1
Version: 6.7.0.2
Version: 6.7.0.3
Version: 7.0.0
Version: 7.0.0.1
Version: 7.0.1
Version: 7.0.1.1
Version: 7.0.2
Version: 7.0.2.1
Version: 7.0.3
Version: 7.0.4
Version: 7.0.5
Version: 7.1.0
Version: 7.1.0.1
Version: 7.1.0.2
Version: 7.1.0.3
Version: 7.2.0
Version: 7.2.0.1
Version: 7.2.1
Version: 7.2.2
Version: 7.2.3
Version: 7.2.4
Version: 7.3.0
Version: 7.3.1
Version: 7.3.1.1
Version: 7.3.1.2

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:h:cisco:firepower_management_center:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "firepower_management_center",
            "vendor": "cisco",
            "versions": [
              {
                "status": "affected",
                "version": "6.2.3"
              },
              {
                "status": "affected",
                "version": "6.2.3.1"
              },
              {
                "status": "affected",
                "version": "6.2.3.2"
              },
              {
                "status": "affected",
                "version": "6.2.3.3"
              },
              {
                "status": "affected",
                "version": "6.2.3.4"
              },
              {
                "status": "affected",
                "version": "6.2.3.5"
              },
              {
                "status": "affected",
                "version": "6.2.3.6"
              },
              {
                "status": "affected",
                "version": "6.2.3.7"
              },
              {
                "status": "affected",
                "version": "6.2.3.8"
              },
              {
                "status": "affected",
                "version": "6.2.3.10"
              },
              {
                "status": "affected",
                "version": "6.2.3.11"
              },
              {
                "status": "affected",
                "version": "6.2.3.9"
              },
              {
                "status": "affected",
                "version": "6.2.3.12"
              },
              {
                "status": "affected",
                "version": "6.2.3.13"
              },
              {
                "status": "affected",
                "version": "6.2.3.14"
              },
              {
                "status": "affected",
                "version": "6.2.3.15"
              },
              {
                "status": "affected",
                "version": "6.2.3.16"
              },
              {
                "status": "affected",
                "version": "6.2.3.17"
              },
              {
                "status": "affected",
                "version": "6.2.3.18"
              },
              {
                "status": "affected",
                "version": "6.6.0"
              },
              {
                "status": "affected",
                "version": "6.6.0.1"
              },
              {
                "status": "affected",
                "version": "6.6.1"
              },
              {
                "status": "affected",
                "version": "6.6.3"
              },
              {
                "status": "affected",
                "version": "6.6.4"
              },
              {
                "status": "affected",
                "version": "6.6.5"
              },
              {
                "status": "affected",
                "version": "6.6.5.1"
              },
              {
                "status": "affected",
                "version": "6.6.5.2"
              },
              {
                "status": "affected",
                "version": "6.6.7"
              },
              {
                "status": "affected",
                "version": "6.6.7.1"
              },
              {
                "status": "affected",
                "version": "6.6.7.2"
              },
              {
                "status": "affected",
                "version": "6.4.0"
              },
              {
                "status": "affected",
                "version": "6.4.0.1"
              },
              {
                "status": "affected",
                "version": "6.4.0.3"
              },
              {
                "status": "affected",
                "version": "6.4.0.2"
              },
              {
                "status": "affected",
                "version": "6.4.0.4"
              },
              {
                "status": "affected",
                "version": "6.4.0.5"
              },
              {
                "status": "affected",
                "version": "6.4.0.6"
              },
              {
                "status": "affected",
                "version": "6.4.0.7"
              },
              {
                "status": "affected",
                "version": "6.4.0.8"
              },
              {
                "status": "affected",
                "version": "6.4.0.9"
              },
              {
                "status": "affected",
                "version": "6.4.0.10"
              },
              {
                "status": "affected",
                "version": "6.4.0.11"
              },
              {
                "status": "affected",
                "version": "6.4.0.12"
              },
              {
                "status": "affected",
                "version": "6.4.0.13"
              },
              {
                "status": "affected",
                "version": "6.4.0.14"
              },
              {
                "status": "affected",
                "version": "6.4.0.15"
              },
              {
                "status": "affected",
                "version": "6.4.0.16"
              },
              {
                "status": "affected",
                "version": "6.7.0"
              },
              {
                "status": "affected",
                "version": "6.7.0.1"
              },
              {
                "status": "affected",
                "version": "6.7.0.2"
              },
              {
                "status": "affected",
                "version": "6.7.0.3"
              },
              {
                "status": "affected",
                "version": "7.0.0"
              },
              {
                "status": "affected",
                "version": "7.0.0.1"
              },
              {
                "status": "affected",
                "version": "7.0.1"
              },
              {
                "status": "affected",
                "version": "7.0.1.1"
              },
              {
                "status": "affected",
                "version": "7.0.2"
              },
              {
                "status": "affected",
                "version": "7.0.2.1"
              },
              {
                "status": "affected",
                "version": "7.0.3"
              },
              {
                "status": "affected",
                "version": "7.0.4"
              },
              {
                "status": "affected",
                "version": "7.0.5"
              },
              {
                "status": "affected",
                "version": "7.1.0"
              },
              {
                "status": "affected",
                "version": "7.1.0.1"
              },
              {
                "status": "affected",
                "version": "7.1.0.2"
              },
              {
                "status": "affected",
                "version": "7.1.0.3"
              },
              {
                "status": "affected",
                "version": "7.2.0"
              },
              {
                "status": "affected",
                "version": "7.2.0.1"
              },
              {
                "status": "affected",
                "version": "7.2.1"
              },
              {
                "status": "affected",
                "version": "7.2.2"
              },
              {
                "status": "affected",
                "version": "7.2.3"
              },
              {
                "status": "affected",
                "version": "7.2.4"
              },
              {
                "status": "affected",
                "version": "7.3.0"
              },
              {
                "status": "affected",
                "version": "7.3.1"
              },
              {
                "status": "affected",
                "version": "7.3.1.1"
              },
              {
                "status": "affected",
                "version": "7.3.1.2"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:cisco:adaptive_security_appliance:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "adaptive_security_appliance",
            "vendor": "cisco",
            "versions": [
              {
                "status": "affected",
                "version": "9.8.2.28"
              },
              {
                "status": "affected",
                "version": "9.8.2.33"
              },
              {
                "status": "affected",
                "version": "9.8.2.35"
              },
              {
                "status": "affected",
                "version": "9.8.2.38"
              },
              {
                "status": "affected",
                "version": "9.8.3.8"
              },
              {
                "status": "affected",
                "version": "9.8.3.11"
              },
              {
                "status": "affected",
                "version": "9.8.3.14"
              },
              {
                "status": "affected",
                "version": "9.8.3.16"
              },
              {
                "status": "affected",
                "version": "9.8.3.18"
              },
              {
                "status": "affected",
                "version": "9.8.3.21"
              },
              {
                "status": "affected",
                "version": "9.8.3"
              },
              {
                "status": "affected",
                "version": "9.8.3.26"
              },
              {
                "status": "affected",
                "version": "9.8.3.29"
              },
              {
                "status": "affected",
                "version": "9.8.4"
              },
              {
                "status": "affected",
                "version": "9.8.4.3"
              },
              {
                "status": "affected",
                "version": "9.8.4.7"
              },
              {
                "status": "affected",
                "version": "9.8.4.8"
              },
              {
                "status": "affected",
                "version": "9.8.4.10"
              },
              {
                "status": "affected",
                "version": "9.8.4.12"
              },
              {
                "status": "affected",
                "version": "9.8.4.15"
              },
              {
                "status": "affected",
                "version": "9.8.4.17"
              },
              {
                "status": "affected",
                "version": "9.8.4.25"
              },
              {
                "status": "affected",
                "version": "9.8.4.20"
              },
              {
                "status": "affected",
                "version": "9.8.4.22"
              },
              {
                "status": "affected",
                "version": "9.8.4.26"
              },
              {
                "status": "affected",
                "version": "9.8.4.29"
              },
              {
                "status": "affected",
                "version": "9.8.4.32"
              },
              {
                "status": "affected",
                "version": "9.8.4.33"
              },
              {
                "status": "affected",
                "version": "9.8.4.34"
              },
              {
                "status": "affected",
                "version": "9.8.4.35"
              },
              {
                "status": "affected",
                "version": "9.8.4.39"
              },
              {
                "status": "affected",
                "version": "9.8.4.40"
              },
              {
                "status": "affected",
                "version": "9.8.4.41"
              },
              {
                "status": "affected",
                "version": "9.8.4.43"
              },
              {
                "status": "affected",
                "version": "9.8.4.44"
              },
              {
                "status": "affected",
                "version": "9.8.4.45"
              },
              {
                "status": "affected",
                "version": "9.8.4.46"
              },
              {
                "status": "affected",
                "version": "9.8.4.48"
              },
              {
                "status": "affected",
                "version": "9.12.1"
              },
              {
                "status": "affected",
                "version": "9.12.1.2"
              },
              {
                "status": "affected",
                "version": "9.12.1.3"
              },
              {
                "status": "affected",
                "version": "9.12.2"
              },
              {
                "status": "affected",
                "version": "9.12.2.4"
              },
              {
                "status": "affected",
                "version": "9.12.2.5"
              },
              {
                "status": "affected",
                "version": "9.12.2.9"
              },
              {
                "status": "affected",
                "version": "9.12.3"
              },
              {
                "status": "affected",
                "version": "9.12.3.2"
              },
              {
                "status": "affected",
                "version": "9.12.3.7"
              },
              {
                "status": "affected",
                "version": "9.12.4"
              },
              {
                "status": "affected",
                "version": "9.12.3.12"
              },
              {
                "status": "affected",
                "version": "9.12.3.9"
              },
              {
                "status": "affected",
                "version": "9.12.2.1"
              },
              {
                "status": "affected",
                "version": "9.12.4.2"
              },
              {
                "status": "affected",
                "version": "9.12.4.4"
              },
              {
                "status": "affected",
                "version": "9.12.4.7"
              },
              {
                "status": "affected",
                "version": "9.12.4.10"
              },
              {
                "status": "affected",
                "version": "9.12.4.13"
              },
              {
                "status": "affected",
                "version": "9.12.4.8"
              },
              {
                "status": "affected",
                "version": "9.12.4.18"
              },
              {
                "status": "affected",
                "version": "9.12.4.24"
              },
              {
                "status": "affected",
                "version": "9.12.4.26"
              },
              {
                "status": "affected",
                "version": "9.12.4.29"
              },
              {
                "status": "affected",
                "version": "9.12.4.30"
              },
              {
                "status": "affected",
                "version": "9.12.4.35"
              },
              {
                "status": "affected",
                "version": "9.12.4.37"
              },
              {
                "status": "affected",
                "version": "9.12.4.38"
              },
              {
                "status": "affected",
                "version": "9.12.4.39"
              },
              {
                "status": "affected",
                "version": "9.12.4.40"
              },
              {
                "status": "affected",
                "version": "9.12.4.41"
              },
              {
                "status": "affected",
                "version": "9.12.4.47"
              },
              {
                "status": "affected",
                "version": "9.12.4.48"
              },
              {
                "status": "affected",
                "version": "9.12.4.50"
              },
              {
                "status": "affected",
                "version": "9.12.4.52"
              },
              {
                "status": "affected",
                "version": "9.12.4.54"
              },
              {
                "status": "affected",
                "version": "9.12.4.55"
              },
              {
                "status": "affected",
                "version": "9.12.4.56"
              },
              {
                "status": "affected",
                "version": "9.12.4.58"
              },
              {
                "status": "affected",
                "version": "9.14.1"
              },
              {
                "status": "affected",
                "version": "9.14.1.10"
              },
              {
                "status": "affected",
                "version": "9.14.1.6"
              },
              {
                "status": "affected",
                "version": "9.14.1.15"
              },
              {
                "status": "affected",
                "version": "9.14.1.19"
              },
              {
                "status": "affected",
                "version": "9.14.1.30"
              },
              {
                "status": "affected",
                "version": "9.14.2"
              },
              {
                "status": "affected",
                "version": "9.14.2.4"
              },
              {
                "status": "affected",
                "version": "9.14.2.8"
              },
              {
                "status": "affected",
                "version": "9.14.2.13"
              },
              {
                "status": "affected",
                "version": "9.14.2.15"
              },
              {
                "status": "affected",
                "version": "9.14.3"
              },
              {
                "status": "affected",
                "version": "9.14.3.1"
              },
              {
                "status": "affected",
                "version": "9.14.3.9"
              },
              {
                "status": "affected",
                "version": "9.14.3.11"
              },
              {
                "status": "affected",
                "version": "9.14.3.13"
              },
              {
                "status": "affected",
                "version": "9.14.3.18"
              },
              {
                "status": "affected",
                "version": "9.14.3.15"
              },
              {
                "status": "affected",
                "version": "9.14.4"
              },
              {
                "status": "affected",
                "version": "9.14.4.6"
              },
              {
                "status": "affected",
                "version": "9.14.4.7"
              },
              {
                "status": "affected",
                "version": "9.14.4.12"
              },
              {
                "status": "affected",
                "version": "9.14.4.13"
              },
              {
                "status": "affected",
                "version": "9.14.4.14"
              },
              {
                "status": "affected",
                "version": "9.14.4.15"
              },
              {
                "status": "affected",
                "version": "9.14.4.17"
              },
              {
                "status": "affected",
                "version": "9.14.4.22"
              },
              {
                "status": "affected",
                "version": "9.14.4.23"
              },
              {
                "status": "affected",
                "version": "9.14.4.24"
              },
              {
                "status": "affected",
                "version": "9.15.1"
              },
              {
                "status": "affected",
                "version": "9.15.1.7"
              },
              {
                "status": "affected",
                "version": "9.15.1.10"
              },
              {
                "status": "affected",
                "version": "9.15.1.15"
              },
              {
                "status": "affected",
                "version": "9.15.1.16"
              },
              {
                "status": "affected",
                "version": "9.15.1.17"
              },
              {
                "status": "affected",
                "version": "9.15.1.1"
              },
              {
                "status": "affected",
                "version": "9.15.1.21"
              },
              {
                "status": "affected",
                "version": "9.16.1"
              },
              {
                "status": "affected",
                "version": "9.16.1.28"
              },
              {
                "status": "affected",
                "version": "9.16.2"
              },
              {
                "status": "affected",
                "version": "9.16.2.3"
              },
              {
                "status": "affected",
                "version": "9.16.2.7"
              },
              {
                "status": "affected",
                "version": "9.16.2.11"
              },
              {
                "status": "affected",
                "version": "9.16.2.13"
              },
              {
                "status": "affected",
                "version": "9.16.2.14"
              },
              {
                "status": "affected",
                "version": "9.16.3"
              },
              {
                "status": "affected",
                "version": "9.16.3.3"
              },
              {
                "status": "affected",
                "version": "9.16.3.14"
              },
              {
                "status": "affected",
                "version": "9.16.3.15"
              },
              {
                "status": "affected",
                "version": "9.16.3.19"
              },
              {
                "status": "affected",
                "version": "9.16.3.23"
              },
              {
                "status": "affected",
                "version": "9.16.4"
              },
              {
                "status": "affected",
                "version": "9.16.4.9"
              },
              {
                "status": "affected",
                "version": "9.16.4.14"
              },
              {
                "status": "affected",
                "version": "9.16.4.18"
              },
              {
                "status": "affected",
                "version": "9.16.4.19"
              },
              {
                "status": "affected",
                "version": "9.17.1"
              },
              {
                "status": "affected",
                "version": "9.17.1.7"
              },
              {
                "status": "affected",
                "version": "9.17.1.9"
              },
              {
                "status": "affected",
                "version": "9.17.1.10"
              },
              {
                "status": "affected",
                "version": "9.17.1.11"
              },
              {
                "status": "affected",
                "version": "9.17.1.13"
              },
              {
                "status": "affected",
                "version": "9.17.1.15"
              },
              {
                "status": "affected",
                "version": "9.17.1.20"
              },
              {
                "status": "affected",
                "version": "9.17.1.30"
              },
              {
                "status": "affected",
                "version": "9.18.1"
              },
              {
                "status": "affected",
                "version": "9.18.1.3"
              },
              {
                "status": "affected",
                "version": "9.18.2"
              },
              {
                "status": "affected",
                "version": "9.18.2.5"
              },
              {
                "status": "affected",
                "version": "9.18.2.7"
              },
              {
                "status": "affected",
                "version": "9.18.2.8"
              },
              {
                "status": "affected",
                "version": "9.18.3"
              },
              {
                "status": "affected",
                "version": "9.18.3.39"
              },
              {
                "status": "affected",
                "version": "9.19.1"
              },
              {
                "status": "affected",
                "version": "9.19.1.5"
              },
              {
                "status": "affected",
                "version": "9.19.1.9"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-20355",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-23T16:14:22.406328Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:39:58.380Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T21:59:42.284Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "cisco-sa-asaftd-saml-bypass-KkNvXyKW",
            "tags": [
              "x_transferred"
            ],
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-saml-bypass-KkNvXyKW"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "9.8.2.28"
            },
            {
              "status": "affected",
              "version": "9.8.2.33"
            },
            {
              "status": "affected",
              "version": "9.8.2.35"
            },
            {
              "status": "affected",
              "version": "9.8.2.38"
            },
            {
              "status": "affected",
              "version": "9.8.3.8"
            },
            {
              "status": "affected",
              "version": "9.8.3.11"
            },
            {
              "status": "affected",
              "version": "9.8.3.14"
            },
            {
              "status": "affected",
              "version": "9.8.3.16"
            },
            {
              "status": "affected",
              "version": "9.8.3.18"
            },
            {
              "status": "affected",
              "version": "9.8.3.21"
            },
            {
              "status": "affected",
              "version": "9.8.3"
            },
            {
              "status": "affected",
              "version": "9.8.3.26"
            },
            {
              "status": "affected",
              "version": "9.8.3.29"
            },
            {
              "status": "affected",
              "version": "9.8.4"
            },
            {
              "status": "affected",
              "version": "9.8.4.3"
            },
            {
              "status": "affected",
              "version": "9.8.4.7"
            },
            {
              "status": "affected",
              "version": "9.8.4.8"
            },
            {
              "status": "affected",
              "version": "9.8.4.10"
            },
            {
              "status": "affected",
              "version": "9.8.4.12"
            },
            {
              "status": "affected",
              "version": "9.8.4.15"
            },
            {
              "status": "affected",
              "version": "9.8.4.17"
            },
            {
              "status": "affected",
              "version": "9.8.4.25"
            },
            {
              "status": "affected",
              "version": "9.8.4.20"
            },
            {
              "status": "affected",
              "version": "9.8.4.22"
            },
            {
              "status": "affected",
              "version": "9.8.4.26"
            },
            {
              "status": "affected",
              "version": "9.8.4.29"
            },
            {
              "status": "affected",
              "version": "9.8.4.32"
            },
            {
              "status": "affected",
              "version": "9.8.4.33"
            },
            {
              "status": "affected",
              "version": "9.8.4.34"
            },
            {
              "status": "affected",
              "version": "9.8.4.35"
            },
            {
              "status": "affected",
              "version": "9.8.4.39"
            },
            {
              "status": "affected",
              "version": "9.8.4.40"
            },
            {
              "status": "affected",
              "version": "9.8.4.41"
            },
            {
              "status": "affected",
              "version": "9.8.4.43"
            },
            {
              "status": "affected",
              "version": "9.8.4.44"
            },
            {
              "status": "affected",
              "version": "9.8.4.45"
            },
            {
              "status": "affected",
              "version": "9.8.4.46"
            },
            {
              "status": "affected",
              "version": "9.8.4.48"
            },
            {
              "status": "affected",
              "version": "9.12.1"
            },
            {
              "status": "affected",
              "version": "9.12.1.2"
            },
            {
              "status": "affected",
              "version": "9.12.1.3"
            },
            {
              "status": "affected",
              "version": "9.12.2"
            },
            {
              "status": "affected",
              "version": "9.12.2.4"
            },
            {
              "status": "affected",
              "version": "9.12.2.5"
            },
            {
              "status": "affected",
              "version": "9.12.2.9"
            },
            {
              "status": "affected",
              "version": "9.12.3"
            },
            {
              "status": "affected",
              "version": "9.12.3.2"
            },
            {
              "status": "affected",
              "version": "9.12.3.7"
            },
            {
              "status": "affected",
              "version": "9.12.4"
            },
            {
              "status": "affected",
              "version": "9.12.3.12"
            },
            {
              "status": "affected",
              "version": "9.12.3.9"
            },
            {
              "status": "affected",
              "version": "9.12.2.1"
            },
            {
              "status": "affected",
              "version": "9.12.4.2"
            },
            {
              "status": "affected",
              "version": "9.12.4.4"
            },
            {
              "status": "affected",
              "version": "9.12.4.7"
            },
            {
              "status": "affected",
              "version": "9.12.4.10"
            },
            {
              "status": "affected",
              "version": "9.12.4.13"
            },
            {
              "status": "affected",
              "version": "9.12.4.8"
            },
            {
              "status": "affected",
              "version": "9.12.4.18"
            },
            {
              "status": "affected",
              "version": "9.12.4.24"
            },
            {
              "status": "affected",
              "version": "9.12.4.26"
            },
            {
              "status": "affected",
              "version": "9.12.4.29"
            },
            {
              "status": "affected",
              "version": "9.12.4.30"
            },
            {
              "status": "affected",
              "version": "9.12.4.35"
            },
            {
              "status": "affected",
              "version": "9.12.4.37"
            },
            {
              "status": "affected",
              "version": "9.12.4.38"
            },
            {
              "status": "affected",
              "version": "9.12.4.39"
            },
            {
              "status": "affected",
              "version": "9.12.4.40"
            },
            {
              "status": "affected",
              "version": "9.12.4.41"
            },
            {
              "status": "affected",
              "version": "9.12.4.47"
            },
            {
              "status": "affected",
              "version": "9.12.4.48"
            },
            {
              "status": "affected",
              "version": "9.12.4.50"
            },
            {
              "status": "affected",
              "version": "9.12.4.52"
            },
            {
              "status": "affected",
              "version": "9.12.4.54"
            },
            {
              "status": "affected",
              "version": "9.12.4.55"
            },
            {
              "status": "affected",
              "version": "9.12.4.56"
            },
            {
              "status": "affected",
              "version": "9.12.4.58"
            },
            {
              "status": "affected",
              "version": "9.14.1"
            },
            {
              "status": "affected",
              "version": "9.14.1.10"
            },
            {
              "status": "affected",
              "version": "9.14.1.6"
            },
            {
              "status": "affected",
              "version": "9.14.1.15"
            },
            {
              "status": "affected",
              "version": "9.14.1.19"
            },
            {
              "status": "affected",
              "version": "9.14.1.30"
            },
            {
              "status": "affected",
              "version": "9.14.2"
            },
            {
              "status": "affected",
              "version": "9.14.2.4"
            },
            {
              "status": "affected",
              "version": "9.14.2.8"
            },
            {
              "status": "affected",
              "version": "9.14.2.13"
            },
            {
              "status": "affected",
              "version": "9.14.2.15"
            },
            {
              "status": "affected",
              "version": "9.14.3"
            },
            {
              "status": "affected",
              "version": "9.14.3.1"
            },
            {
              "status": "affected",
              "version": "9.14.3.9"
            },
            {
              "status": "affected",
              "version": "9.14.3.11"
            },
            {
              "status": "affected",
              "version": "9.14.3.13"
            },
            {
              "status": "affected",
              "version": "9.14.3.18"
            },
            {
              "status": "affected",
              "version": "9.14.3.15"
            },
            {
              "status": "affected",
              "version": "9.14.4"
            },
            {
              "status": "affected",
              "version": "9.14.4.6"
            },
            {
              "status": "affected",
              "version": "9.14.4.7"
            },
            {
              "status": "affected",
              "version": "9.14.4.12"
            },
            {
              "status": "affected",
              "version": "9.14.4.13"
            },
            {
              "status": "affected",
              "version": "9.14.4.14"
            },
            {
              "status": "affected",
              "version": "9.14.4.15"
            },
            {
              "status": "affected",
              "version": "9.14.4.17"
            },
            {
              "status": "affected",
              "version": "9.14.4.22"
            },
            {
              "status": "affected",
              "version": "9.14.4.23"
            },
            {
              "status": "affected",
              "version": "9.14.4.24"
            },
            {
              "status": "affected",
              "version": "9.15.1"
            },
            {
              "status": "affected",
              "version": "9.15.1.7"
            },
            {
              "status": "affected",
              "version": "9.15.1.10"
            },
            {
              "status": "affected",
              "version": "9.15.1.15"
            },
            {
              "status": "affected",
              "version": "9.15.1.16"
            },
            {
              "status": "affected",
              "version": "9.15.1.17"
            },
            {
              "status": "affected",
              "version": "9.15.1.1"
            },
            {
              "status": "affected",
              "version": "9.15.1.21"
            },
            {
              "status": "affected",
              "version": "9.16.1"
            },
            {
              "status": "affected",
              "version": "9.16.1.28"
            },
            {
              "status": "affected",
              "version": "9.16.2"
            },
            {
              "status": "affected",
              "version": "9.16.2.3"
            },
            {
              "status": "affected",
              "version": "9.16.2.7"
            },
            {
              "status": "affected",
              "version": "9.16.2.11"
            },
            {
              "status": "affected",
              "version": "9.16.2.13"
            },
            {
              "status": "affected",
              "version": "9.16.2.14"
            },
            {
              "status": "affected",
              "version": "9.16.3"
            },
            {
              "status": "affected",
              "version": "9.16.3.3"
            },
            {
              "status": "affected",
              "version": "9.16.3.14"
            },
            {
              "status": "affected",
              "version": "9.16.3.15"
            },
            {
              "status": "affected",
              "version": "9.16.3.19"
            },
            {
              "status": "affected",
              "version": "9.16.3.23"
            },
            {
              "status": "affected",
              "version": "9.16.4"
            },
            {
              "status": "affected",
              "version": "9.16.4.9"
            },
            {
              "status": "affected",
              "version": "9.16.4.14"
            },
            {
              "status": "affected",
              "version": "9.16.4.18"
            },
            {
              "status": "affected",
              "version": "9.16.4.19"
            },
            {
              "status": "affected",
              "version": "9.17.1"
            },
            {
              "status": "affected",
              "version": "9.17.1.7"
            },
            {
              "status": "affected",
              "version": "9.17.1.9"
            },
            {
              "status": "affected",
              "version": "9.17.1.10"
            },
            {
              "status": "affected",
              "version": "9.17.1.11"
            },
            {
              "status": "affected",
              "version": "9.17.1.13"
            },
            {
              "status": "affected",
              "version": "9.17.1.15"
            },
            {
              "status": "affected",
              "version": "9.17.1.20"
            },
            {
              "status": "affected",
              "version": "9.17.1.30"
            },
            {
              "status": "affected",
              "version": "9.18.1"
            },
            {
              "status": "affected",
              "version": "9.18.1.3"
            },
            {
              "status": "affected",
              "version": "9.18.2"
            },
            {
              "status": "affected",
              "version": "9.18.2.5"
            },
            {
              "status": "affected",
              "version": "9.18.2.7"
            },
            {
              "status": "affected",
              "version": "9.18.2.8"
            },
            {
              "status": "affected",
              "version": "9.18.3"
            },
            {
              "status": "affected",
              "version": "9.18.3.39"
            },
            {
              "status": "affected",
              "version": "9.19.1"
            },
            {
              "status": "affected",
              "version": "9.19.1.5"
            },
            {
              "status": "affected",
              "version": "9.19.1.9"
            }
          ]
        },
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "6.2.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.1"
            },
            {
              "status": "affected",
              "version": "6.2.3.2"
            },
            {
              "status": "affected",
              "version": "6.2.3.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.4"
            },
            {
              "status": "affected",
              "version": "6.2.3.5"
            },
            {
              "status": "affected",
              "version": "6.2.3.6"
            },
            {
              "status": "affected",
              "version": "6.2.3.7"
            },
            {
              "status": "affected",
              "version": "6.2.3.8"
            },
            {
              "status": "affected",
              "version": "6.2.3.10"
            },
            {
              "status": "affected",
              "version": "6.2.3.11"
            },
            {
              "status": "affected",
              "version": "6.2.3.9"
            },
            {
              "status": "affected",
              "version": "6.2.3.12"
            },
            {
              "status": "affected",
              "version": "6.2.3.13"
            },
            {
              "status": "affected",
              "version": "6.2.3.14"
            },
            {
              "status": "affected",
              "version": "6.2.3.15"
            },
            {
              "status": "affected",
              "version": "6.2.3.16"
            },
            {
              "status": "affected",
              "version": "6.2.3.17"
            },
            {
              "status": "affected",
              "version": "6.2.3.18"
            },
            {
              "status": "affected",
              "version": "6.6.0"
            },
            {
              "status": "affected",
              "version": "6.6.0.1"
            },
            {
              "status": "affected",
              "version": "6.6.1"
            },
            {
              "status": "affected",
              "version": "6.6.3"
            },
            {
              "status": "affected",
              "version": "6.6.4"
            },
            {
              "status": "affected",
              "version": "6.6.5"
            },
            {
              "status": "affected",
              "version": "6.6.5.1"
            },
            {
              "status": "affected",
              "version": "6.6.5.2"
            },
            {
              "status": "affected",
              "version": "6.6.7"
            },
            {
              "status": "affected",
              "version": "6.6.7.1"
            },
            {
              "status": "affected",
              "version": "6.6.7.2"
            },
            {
              "status": "affected",
              "version": "6.4.0"
            },
            {
              "status": "affected",
              "version": "6.4.0.1"
            },
            {
              "status": "affected",
              "version": "6.4.0.3"
            },
            {
              "status": "affected",
              "version": "6.4.0.2"
            },
            {
              "status": "affected",
              "version": "6.4.0.4"
            },
            {
              "status": "affected",
              "version": "6.4.0.5"
            },
            {
              "status": "affected",
              "version": "6.4.0.6"
            },
            {
              "status": "affected",
              "version": "6.4.0.7"
            },
            {
              "status": "affected",
              "version": "6.4.0.8"
            },
            {
              "status": "affected",
              "version": "6.4.0.9"
            },
            {
              "status": "affected",
              "version": "6.4.0.10"
            },
            {
              "status": "affected",
              "version": "6.4.0.11"
            },
            {
              "status": "affected",
              "version": "6.4.0.12"
            },
            {
              "status": "affected",
              "version": "6.4.0.13"
            },
            {
              "status": "affected",
              "version": "6.4.0.14"
            },
            {
              "status": "affected",
              "version": "6.4.0.15"
            },
            {
              "status": "affected",
              "version": "6.4.0.16"
            },
            {
              "status": "affected",
              "version": "6.7.0"
            },
            {
              "status": "affected",
              "version": "6.7.0.1"
            },
            {
              "status": "affected",
              "version": "6.7.0.2"
            },
            {
              "status": "affected",
              "version": "6.7.0.3"
            },
            {
              "status": "affected",
              "version": "7.0.0"
            },
            {
              "status": "affected",
              "version": "7.0.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1.1"
            },
            {
              "status": "affected",
              "version": "7.0.2"
            },
            {
              "status": "affected",
              "version": "7.0.2.1"
            },
            {
              "status": "affected",
              "version": "7.0.3"
            },
            {
              "status": "affected",
              "version": "7.0.4"
            },
            {
              "status": "affected",
              "version": "7.0.5"
            },
            {
              "status": "affected",
              "version": "7.1.0"
            },
            {
              "status": "affected",
              "version": "7.1.0.1"
            },
            {
              "status": "affected",
              "version": "7.1.0.2"
            },
            {
              "status": "affected",
              "version": "7.1.0.3"
            },
            {
              "status": "affected",
              "version": "7.2.0"
            },
            {
              "status": "affected",
              "version": "7.2.0.1"
            },
            {
              "status": "affected",
              "version": "7.2.1"
            },
            {
              "status": "affected",
              "version": "7.2.2"
            },
            {
              "status": "affected",
              "version": "7.2.3"
            },
            {
              "status": "affected",
              "version": "7.2.4"
            },
            {
              "status": "affected",
              "version": "7.3.0"
            },
            {
              "status": "affected",
              "version": "7.3.1"
            },
            {
              "status": "affected",
              "version": "7.3.1.1"
            },
            {
              "status": "affected",
              "version": "7.3.1.2"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the implementation of SAML 2.0 single sign-on (SSO) for remote access VPN services in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to successfully establish a VPN session on an affected device. This vulnerability is due to improper separation of authorization domains when using SAML authentication. An attacker could exploit this vulnerability by using valid credentials to successfully authenticate using their designated connection profile (tunnel group), intercepting the SAML SSO token that is sent back from the Cisco ASA device, and then submitting the same SAML SSO token to a different tunnel group for authentication. A successful exploit could allow the attacker to establish a remote access VPN session using a connection profile that they are not authorized to use and connect to secured networks behind the affected device that they are not authorized to access. For successful exploitation, the attacker must have valid remote access VPN user credentials."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-862",
              "description": "Missing Authorization",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-05-22T16:54:35.619Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-asaftd-saml-bypass-KkNvXyKW",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-saml-bypass-KkNvXyKW"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asaftd-saml-bypass-KkNvXyKW",
        "defects": [
          "CSCwe95729"
        ],
        "discovery": "EXTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2024-20355",
    "datePublished": "2024-05-22T16:54:35.619Z",
    "dateReserved": "2023-11-08T15:08:07.648Z",
    "dateUpdated": "2024-08-01T21:59:42.284Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-20071 (GCVE-0-2023-20071)

Vulnerability from cvelistv5

Published

2023-11-01 17:07

Modified

2024-08-02 08:57

Severity ?

5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

CWE

CWE-1039 - Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations

Summary

Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. This vulnerability is due to a flaw in the FTP module of the Snort detection engine. An attacker could exploit this vulnerability by sending crafted FTP traffic through an affected device. A successful exploit could allow the attacker to bypass FTP inspection and deliver a malicious payload.

References

▼	URL	Tags
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-ftd-zXYtnjOM

Impacted products

Vendor

Product

Version

▼

Cisco

Cisco Firepower Threat Defense Software

Version: 6.2.3
Version: 6.2.3.1
Version: 6.2.3.2
Version: 6.2.3.3
Version: 6.2.3.4
Version: 6.2.3.5
Version: 6.2.3.6
Version: 6.2.3.7
Version: 6.2.3.8
Version: 6.2.3.10
Version: 6.2.3.11
Version: 6.2.3.9
Version: 6.2.3.12
Version: 6.2.3.13
Version: 6.2.3.14
Version: 6.2.3.15
Version: 6.2.3.16
Version: 6.2.3.17
Version: 6.2.3.18
Version: 6.6.0
Version: 6.6.0.1
Version: 6.6.1
Version: 6.6.3
Version: 6.6.4
Version: 6.6.5
Version: 6.6.5.1
Version: 6.6.5.2
Version: 6.6.7
Version: 6.6.7.1
Version: 6.4.0
Version: 6.4.0.1
Version: 6.4.0.3
Version: 6.4.0.2
Version: 6.4.0.4
Version: 6.4.0.5
Version: 6.4.0.6
Version: 6.4.0.7
Version: 6.4.0.8
Version: 6.4.0.9
Version: 6.4.0.10
Version: 6.4.0.11
Version: 6.4.0.12
Version: 6.4.0.13
Version: 6.4.0.14
Version: 6.4.0.15
Version: 6.4.0.16
Version: 6.7.0
Version: 6.7.0.1
Version: 6.7.0.2
Version: 6.7.0.3
Version: 7.0.0
Version: 7.0.0.1
Version: 7.0.1
Version: 7.0.1.1
Version: 7.0.2
Version: 7.0.2.1
Version: 7.0.3
Version: 7.0.4
Version: 7.0.5
Version: 7.1.0
Version: 7.1.0.1
Version: 7.1.0.2
Version: 7.1.0.3
Version: 7.2.0
Version: 7.2.0.1
Version: 7.2.1
Version: 7.2.2
Version: 7.2.3
Version: 7.3.0
Version: 7.3.1
Version: 7.3.1.1

Cisco	Cisco Umbrella Insights Virtual Appliance	Version: N/A
Cisco	Cisco Cyber Vision	Version: 3.0.4 Version: 3.0.0 Version: 3.0.1 Version: 3.0.2 Version: 3.0.3 Version: 3.0.5 Version: 3.0.6 Version: 3.1.0 Version: 3.1.2 Version: 3.1.1 Version: 3.2.3 Version: 3.2.1 Version: 3.2.4 Version: 3.2.0 Version: 3.2.2 Version: 4.0.0 Version: 4.0.1 Version: 4.0.2 Version: 4.0.3 Version: 4.1.0 Version: 4.1.1 Version: 4.1.2
Cisco	Cisco UTD SNORT IPS Engine Software	Version: 16.12.1a Version: 16.12.2 Version: 16.12.3 Version: 16.12.4 Version: 16.12.5 Version: 16.12.6 Version: 16.12.7 Version: 16.12.8 Version: 16.6.1 Version: 16.6.5 Version: 16.6.6 Version: 16.6.7a Version: 16.6.9 Version: 16.6.10 Version: 17.1.1 Version: 17.2.1r Version: 17.3.1a Version: 17.3.2 Version: 17.3.3 Version: 17.3.4a Version: 17.3.6 Version: 17.3.5 Version: 17.3.7 Version: 3.17.0S Version: 3.17.1S Version: 17.4.1a Version: 17.4.2 Version: 17.4.1b Version: 17.5.1a Version: 17.6.1a Version: 17.6.2 Version: 17.6.3a Version: 17.6.4 Version: 17.6.5 Version: 17.7.1a Version: 17.7.2 Version: 17.10.1a Version: 17.9.1a Version: 17.9.2a Version: 17.9.3a Version: 17.8.1a Version: Fuji-16.9.2 Version: Fuji-16.9.4 Version: Fuji-16.9.6 Version: Fuji-16.9.3 Version: Fuji-16.9.7 Version: Fuji-16.9.8 Version: Fuji-16.9.5 Version: Denali-16.3.3 Version: Denali-16.3.9 Version: Denali-16.3.7 Version: Denali-16.3.5 Version: Denali-16.3.4 Version: Everest-16.6.3 Version: Everest-16.6.4 Version: Everest-16.6.2

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T08:57:35.845Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "cisco-sa-snort-ftd-zXYtnjOM",
            "tags": [
              "x_transferred"
            ],
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-ftd-zXYtnjOM"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "6.2.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.1"
            },
            {
              "status": "affected",
              "version": "6.2.3.2"
            },
            {
              "status": "affected",
              "version": "6.2.3.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.4"
            },
            {
              "status": "affected",
              "version": "6.2.3.5"
            },
            {
              "status": "affected",
              "version": "6.2.3.6"
            },
            {
              "status": "affected",
              "version": "6.2.3.7"
            },
            {
              "status": "affected",
              "version": "6.2.3.8"
            },
            {
              "status": "affected",
              "version": "6.2.3.10"
            },
            {
              "status": "affected",
              "version": "6.2.3.11"
            },
            {
              "status": "affected",
              "version": "6.2.3.9"
            },
            {
              "status": "affected",
              "version": "6.2.3.12"
            },
            {
              "status": "affected",
              "version": "6.2.3.13"
            },
            {
              "status": "affected",
              "version": "6.2.3.14"
            },
            {
              "status": "affected",
              "version": "6.2.3.15"
            },
            {
              "status": "affected",
              "version": "6.2.3.16"
            },
            {
              "status": "affected",
              "version": "6.2.3.17"
            },
            {
              "status": "affected",
              "version": "6.2.3.18"
            },
            {
              "status": "affected",
              "version": "6.6.0"
            },
            {
              "status": "affected",
              "version": "6.6.0.1"
            },
            {
              "status": "affected",
              "version": "6.6.1"
            },
            {
              "status": "affected",
              "version": "6.6.3"
            },
            {
              "status": "affected",
              "version": "6.6.4"
            },
            {
              "status": "affected",
              "version": "6.6.5"
            },
            {
              "status": "affected",
              "version": "6.6.5.1"
            },
            {
              "status": "affected",
              "version": "6.6.5.2"
            },
            {
              "status": "affected",
              "version": "6.6.7"
            },
            {
              "status": "affected",
              "version": "6.6.7.1"
            },
            {
              "status": "affected",
              "version": "6.4.0"
            },
            {
              "status": "affected",
              "version": "6.4.0.1"
            },
            {
              "status": "affected",
              "version": "6.4.0.3"
            },
            {
              "status": "affected",
              "version": "6.4.0.2"
            },
            {
              "status": "affected",
              "version": "6.4.0.4"
            },
            {
              "status": "affected",
              "version": "6.4.0.5"
            },
            {
              "status": "affected",
              "version": "6.4.0.6"
            },
            {
              "status": "affected",
              "version": "6.4.0.7"
            },
            {
              "status": "affected",
              "version": "6.4.0.8"
            },
            {
              "status": "affected",
              "version": "6.4.0.9"
            },
            {
              "status": "affected",
              "version": "6.4.0.10"
            },
            {
              "status": "affected",
              "version": "6.4.0.11"
            },
            {
              "status": "affected",
              "version": "6.4.0.12"
            },
            {
              "status": "affected",
              "version": "6.4.0.13"
            },
            {
              "status": "affected",
              "version": "6.4.0.14"
            },
            {
              "status": "affected",
              "version": "6.4.0.15"
            },
            {
              "status": "affected",
              "version": "6.4.0.16"
            },
            {
              "status": "affected",
              "version": "6.7.0"
            },
            {
              "status": "affected",
              "version": "6.7.0.1"
            },
            {
              "status": "affected",
              "version": "6.7.0.2"
            },
            {
              "status": "affected",
              "version": "6.7.0.3"
            },
            {
              "status": "affected",
              "version": "7.0.0"
            },
            {
              "status": "affected",
              "version": "7.0.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1.1"
            },
            {
              "status": "affected",
              "version": "7.0.2"
            },
            {
              "status": "affected",
              "version": "7.0.2.1"
            },
            {
              "status": "affected",
              "version": "7.0.3"
            },
            {
              "status": "affected",
              "version": "7.0.4"
            },
            {
              "status": "affected",
              "version": "7.0.5"
            },
            {
              "status": "affected",
              "version": "7.1.0"
            },
            {
              "status": "affected",
              "version": "7.1.0.1"
            },
            {
              "status": "affected",
              "version": "7.1.0.2"
            },
            {
              "status": "affected",
              "version": "7.1.0.3"
            },
            {
              "status": "affected",
              "version": "7.2.0"
            },
            {
              "status": "affected",
              "version": "7.2.0.1"
            },
            {
              "status": "affected",
              "version": "7.2.1"
            },
            {
              "status": "affected",
              "version": "7.2.2"
            },
            {
              "status": "affected",
              "version": "7.2.3"
            },
            {
              "status": "affected",
              "version": "7.3.0"
            },
            {
              "status": "affected",
              "version": "7.3.1"
            },
            {
              "status": "affected",
              "version": "7.3.1.1"
            }
          ]
        },
        {
          "product": "Cisco Umbrella Insights Virtual Appliance",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "N/A"
            }
          ]
        },
        {
          "product": "Cisco Cyber Vision",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "3.0.4"
            },
            {
              "status": "affected",
              "version": "3.0.0"
            },
            {
              "status": "affected",
              "version": "3.0.1"
            },
            {
              "status": "affected",
              "version": "3.0.2"
            },
            {
              "status": "affected",
              "version": "3.0.3"
            },
            {
              "status": "affected",
              "version": "3.0.5"
            },
            {
              "status": "affected",
              "version": "3.0.6"
            },
            {
              "status": "affected",
              "version": "3.1.0"
            },
            {
              "status": "affected",
              "version": "3.1.2"
            },
            {
              "status": "affected",
              "version": "3.1.1"
            },
            {
              "status": "affected",
              "version": "3.2.3"
            },
            {
              "status": "affected",
              "version": "3.2.1"
            },
            {
              "status": "affected",
              "version": "3.2.4"
            },
            {
              "status": "affected",
              "version": "3.2.0"
            },
            {
              "status": "affected",
              "version": "3.2.2"
            },
            {
              "status": "affected",
              "version": "4.0.0"
            },
            {
              "status": "affected",
              "version": "4.0.1"
            },
            {
              "status": "affected",
              "version": "4.0.2"
            },
            {
              "status": "affected",
              "version": "4.0.3"
            },
            {
              "status": "affected",
              "version": "4.1.0"
            },
            {
              "status": "affected",
              "version": "4.1.1"
            },
            {
              "status": "affected",
              "version": "4.1.2"
            }
          ]
        },
        {
          "product": "Cisco UTD SNORT IPS Engine Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "16.12.1a"
            },
            {
              "status": "affected",
              "version": "16.12.2"
            },
            {
              "status": "affected",
              "version": "16.12.3"
            },
            {
              "status": "affected",
              "version": "16.12.4"
            },
            {
              "status": "affected",
              "version": "16.12.5"
            },
            {
              "status": "affected",
              "version": "16.12.6"
            },
            {
              "status": "affected",
              "version": "16.12.7"
            },
            {
              "status": "affected",
              "version": "16.12.8"
            },
            {
              "status": "affected",
              "version": "16.6.1"
            },
            {
              "status": "affected",
              "version": "16.6.5"
            },
            {
              "status": "affected",
              "version": "16.6.6"
            },
            {
              "status": "affected",
              "version": "16.6.7a"
            },
            {
              "status": "affected",
              "version": "16.6.9"
            },
            {
              "status": "affected",
              "version": "16.6.10"
            },
            {
              "status": "affected",
              "version": "17.1.1"
            },
            {
              "status": "affected",
              "version": "17.2.1r"
            },
            {
              "status": "affected",
              "version": "17.3.1a"
            },
            {
              "status": "affected",
              "version": "17.3.2"
            },
            {
              "status": "affected",
              "version": "17.3.3"
            },
            {
              "status": "affected",
              "version": "17.3.4a"
            },
            {
              "status": "affected",
              "version": "17.3.6"
            },
            {
              "status": "affected",
              "version": "17.3.5"
            },
            {
              "status": "affected",
              "version": "17.3.7"
            },
            {
              "status": "affected",
              "version": "3.17.0S"
            },
            {
              "status": "affected",
              "version": "3.17.1S"
            },
            {
              "status": "affected",
              "version": "17.4.1a"
            },
            {
              "status": "affected",
              "version": "17.4.2"
            },
            {
              "status": "affected",
              "version": "17.4.1b"
            },
            {
              "status": "affected",
              "version": "17.5.1a"
            },
            {
              "status": "affected",
              "version": "17.6.1a"
            },
            {
              "status": "affected",
              "version": "17.6.2"
            },
            {
              "status": "affected",
              "version": "17.6.3a"
            },
            {
              "status": "affected",
              "version": "17.6.4"
            },
            {
              "status": "affected",
              "version": "17.6.5"
            },
            {
              "status": "affected",
              "version": "17.7.1a"
            },
            {
              "status": "affected",
              "version": "17.7.2"
            },
            {
              "status": "affected",
              "version": "17.10.1a"
            },
            {
              "status": "affected",
              "version": "17.9.1a"
            },
            {
              "status": "affected",
              "version": "17.9.2a"
            },
            {
              "status": "affected",
              "version": "17.9.3a"
            },
            {
              "status": "affected",
              "version": "17.8.1a"
            },
            {
              "status": "affected",
              "version": "Fuji-16.9.2"
            },
            {
              "status": "affected",
              "version": "Fuji-16.9.4"
            },
            {
              "status": "affected",
              "version": "Fuji-16.9.6"
            },
            {
              "status": "affected",
              "version": "Fuji-16.9.3"
            },
            {
              "status": "affected",
              "version": "Fuji-16.9.7"
            },
            {
              "status": "affected",
              "version": "Fuji-16.9.8"
            },
            {
              "status": "affected",
              "version": "Fuji-16.9.5"
            },
            {
              "status": "affected",
              "version": "Denali-16.3.3"
            },
            {
              "status": "affected",
              "version": "Denali-16.3.9"
            },
            {
              "status": "affected",
              "version": "Denali-16.3.7"
            },
            {
              "status": "affected",
              "version": "Denali-16.3.5"
            },
            {
              "status": "affected",
              "version": "Denali-16.3.4"
            },
            {
              "status": "affected",
              "version": "Everest-16.6.3"
            },
            {
              "status": "affected",
              "version": "Everest-16.6.4"
            },
            {
              "status": "affected",
              "version": "Everest-16.6.2"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. This vulnerability is due to a flaw in the FTP module of the Snort detection engine. An attacker could exploit this vulnerability by sending crafted FTP traffic through an affected device. A successful exploit could allow the attacker to bypass FTP inspection and deliver a malicious payload."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1039",
              "description": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-25T16:57:41.206Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-snort-ftd-zXYtnjOM",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-ftd-zXYtnjOM"
        }
      ],
      "source": {
        "advisory": "cisco-sa-snort-ftd-zXYtnjOM",
        "defects": [
          "CSCwb69096",
          "CSCwd83613",
          "CSCwd09631",
          "CSCwe02137",
          "CSCwe57521"
        ],
        "discovery": "INTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2023-20071",
    "datePublished": "2023-11-01T17:07:44.528Z",
    "dateReserved": "2022-10-27T18:47:50.328Z",
    "dateUpdated": "2024-08-02T08:57:35.845Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-34790 (GCVE-0-2021-34790)

Vulnerability from cvelistv5

Published

2021-10-27 18:56

Modified

2024-11-07 21:44

Severity ?

4.7 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N

CWE

CWE-358

Summary

Multiple vulnerabilities in the Application Level Gateway (ALG) for the Network Address Translation (NAT) feature of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the ALG and open unauthorized connections with a host located behind the ALG. For more information about these vulnerabilities, see the Details section of this advisory. Note: These vulnerabilities have been publicly discussed as NAT Slipstreaming.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-natalg-bypass-cpKGqkng	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Adaptive Security Appliance (ASA) Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T00:19:48.263Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20211027 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Application Level Gateway Bypass Vulnerabilities",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-natalg-bypass-cpKGqkng"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-34790",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-07T21:39:46.470574Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-07T21:44:01.672Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2021-10-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple vulnerabilities in the Application Level Gateway (ALG) for the Network Address Translation (NAT) feature of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the ALG and open unauthorized connections with a host located behind the ALG. For more information about these vulnerabilities, see the Details section of this advisory. Note: These vulnerabilities have been publicly discussed as NAT Slipstreaming."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is aware that proof-of-concept exploit code is available for the vulnerabilities described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-358",
              "description": "CWE-358",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-27T18:56:09",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20211027 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Application Level Gateway Bypass Vulnerabilities",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-natalg-bypass-cpKGqkng"
        }
      ],
      "source": {
        "advisory": "cisco-sa-natalg-bypass-cpKGqkng",
        "defect": [
          [
            "CSCvw35444",
            "CSCvx50914"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Application Level Gateway Bypass Vulnerabilities",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2021-10-27T16:00:00",
          "ID": "CVE-2021-34790",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Application Level Gateway Bypass Vulnerabilities"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple vulnerabilities in the Application Level Gateway (ALG) for the Network Address Translation (NAT) feature of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the ALG and open unauthorized connections with a host located behind the ALG. For more information about these vulnerabilities, see the Details section of this advisory. Note: These vulnerabilities have been publicly discussed as NAT Slipstreaming."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco PSIRT is aware that proof-of-concept exploit code is available for the vulnerabilities described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "4.7",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-358"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20211027 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Application Level Gateway Bypass Vulnerabilities",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-natalg-bypass-cpKGqkng"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-natalg-bypass-cpKGqkng",
          "defect": [
            [
              "CSCvw35444",
              "CSCvx50914"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2021-34790",
    "datePublished": "2021-10-27T18:56:09.443390Z",
    "dateReserved": "2021-06-15T00:00:00",
    "dateUpdated": "2024-11-07T21:44:01.672Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-1402 (GCVE-0-2021-1402)

Vulnerability from cvelistv5

Published

2021-04-29 17:15

Modified

2024-11-08 23:25

Severity ?

8.6 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-119

Summary

A vulnerability in the software-based SSL/TLS message handler of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of SSL/TLS messages when the device performs software-based SSL decryption. An attacker could exploit this vulnerability by sending a crafted SSL/TLS message through an affected device. SSL/TLS messages sent to an affected device do not trigger this vulnerability. A successful exploit could allow the attacker to cause a process to crash. This crash would then trigger a reload of the device. No manual intervention is needed to recover the device after the reload.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-ssl-decrypt-dos-DdyLuK6c	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Threat Defense Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T16:11:16.984Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20210428 Cisco Firepower Threat Defense Software SSL Decryption Policy Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-ssl-decrypt-dos-DdyLuK6c"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-1402",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-08T20:02:25.729317Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-08T23:25:17.062Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2021-04-28T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the software-based SSL/TLS message handler of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of SSL/TLS messages when the device performs software-based SSL decryption. An attacker could exploit this vulnerability by sending a crafted SSL/TLS message through an affected device. SSL/TLS messages sent to an affected device do not trigger this vulnerability. A successful exploit could allow the attacker to cause a process to crash. This crash would then trigger a reload of the device. No manual intervention is needed to recover the device after the reload."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-119",
              "description": "CWE-119",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-04-29T17:15:17",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20210428 Cisco Firepower Threat Defense Software SSL Decryption Policy Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-ssl-decrypt-dos-DdyLuK6c"
        }
      ],
      "source": {
        "advisory": "cisco-sa-ftd-ssl-decrypt-dos-DdyLuK6c",
        "defect": [
          [
            "CSCvo46649"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Firepower Threat Defense Software SSL Decryption Policy Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2021-04-28T16:00:00",
          "ID": "CVE-2021-1402",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Firepower Threat Defense Software SSL Decryption Policy Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Firepower Threat Defense Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the software-based SSL/TLS message handler of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of SSL/TLS messages when the device performs software-based SSL decryption. An attacker could exploit this vulnerability by sending a crafted SSL/TLS message through an affected device. SSL/TLS messages sent to an affected device do not trigger this vulnerability. A successful exploit could allow the attacker to cause a process to crash. This crash would then trigger a reload of the device. No manual intervention is needed to recover the device after the reload."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.6",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-119"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20210428 Cisco Firepower Threat Defense Software SSL Decryption Policy Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-ssl-decrypt-dos-DdyLuK6c"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-ftd-ssl-decrypt-dos-DdyLuK6c",
          "defect": [
            [
              "CSCvo46649"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2021-1402",
    "datePublished": "2021-04-29T17:15:17.610491Z",
    "dateReserved": "2020-11-13T00:00:00",
    "dateUpdated": "2024-11-08T23:25:17.062Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-20245 (GCVE-0-2023-20245)

Vulnerability from cvelistv5

Published

2023-11-01 16:55

Modified

2024-08-02 09:05

Severity ?

5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

CWE

CWE-290 - Authentication Bypass by Spoofing

Summary

Multiple vulnerabilities in the per-user-override feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should be denied to flow through an affected device. These vulnerabilities are due to a logic error that could occur when the affected software constructs and applies per-user-override rules. An attacker could exploit these vulnerabilities by connecting to a network through an affected device that has a vulnerable configuration. A successful exploit could allow the attacker to bypass the interface ACL and access resources that would should be protected.

References

▼	URL	Tags
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ac-acl-bypass-bwd7q6Gb

Impacted products

Vendor

Product

Version

▼

Cisco

Cisco Adaptive Security Appliance (ASA) Software

Version: 9.8.3.14
Version: 9.8.3.16
Version: 9.8.3.18
Version: 9.8.3.21
Version: 9.8.3.26
Version: 9.8.3.29
Version: 9.8.4
Version: 9.8.4.3
Version: 9.8.4.7
Version: 9.8.4.8
Version: 9.8.4.10
Version: 9.8.4.12
Version: 9.8.4.15
Version: 9.8.4.17
Version: 9.8.4.25
Version: 9.8.4.20
Version: 9.8.4.22
Version: 9.8.4.26
Version: 9.8.4.29
Version: 9.8.4.32
Version: 9.8.4.33
Version: 9.8.4.34
Version: 9.8.4.35
Version: 9.8.4.39
Version: 9.8.4.40
Version: 9.8.4.41
Version: 9.8.4.43
Version: 9.8.4.44
Version: 9.8.4.45
Version: 9.8.4.46
Version: 9.8.4.48
Version: 9.12.1
Version: 9.12.1.2
Version: 9.12.1.3
Version: 9.12.2
Version: 9.12.2.4
Version: 9.12.2.5
Version: 9.12.2.9
Version: 9.12.3
Version: 9.12.3.2
Version: 9.12.3.7
Version: 9.12.4
Version: 9.12.3.12
Version: 9.12.3.9
Version: 9.12.2.1
Version: 9.12.4.2
Version: 9.12.4.4
Version: 9.12.4.7
Version: 9.12.4.10
Version: 9.12.4.13
Version: 9.12.4.8
Version: 9.12.4.18
Version: 9.12.4.24
Version: 9.12.4.26
Version: 9.12.4.29
Version: 9.12.4.30
Version: 9.12.4.35
Version: 9.12.4.37
Version: 9.12.4.38
Version: 9.12.4.39
Version: 9.12.4.40
Version: 9.12.4.41
Version: 9.12.4.47
Version: 9.12.4.48
Version: 9.12.4.50
Version: 9.12.4.52
Version: 9.12.4.54
Version: 9.12.4.55
Version: 9.12.4.56
Version: 9.14.1
Version: 9.14.1.10
Version: 9.14.1.6
Version: 9.14.1.15
Version: 9.14.1.19
Version: 9.14.1.30
Version: 9.14.2
Version: 9.14.2.4
Version: 9.14.2.8
Version: 9.14.2.13
Version: 9.14.2.15
Version: 9.14.3
Version: 9.14.3.1
Version: 9.14.3.9
Version: 9.14.3.11
Version: 9.14.3.13
Version: 9.14.3.18
Version: 9.14.3.15
Version: 9.14.4
Version: 9.14.4.6
Version: 9.14.4.7
Version: 9.14.4.12
Version: 9.14.4.13
Version: 9.14.4.14
Version: 9.14.4.15
Version: 9.14.4.17
Version: 9.14.4.22
Version: 9.14.4.23
Version: 9.15.1
Version: 9.15.1.7
Version: 9.15.1.10
Version: 9.15.1.15
Version: 9.15.1.16
Version: 9.15.1.17
Version: 9.15.1.1
Version: 9.15.1.21
Version: 9.16.1
Version: 9.16.1.28
Version: 9.16.2
Version: 9.16.2.3
Version: 9.16.2.7
Version: 9.16.2.11
Version: 9.16.2.13
Version: 9.16.2.14
Version: 9.16.3
Version: 9.16.3.3
Version: 9.16.3.14
Version: 9.16.3.15
Version: 9.16.3.19
Version: 9.16.3.23
Version: 9.16.4
Version: 9.16.4.9
Version: 9.16.4.14
Version: 9.16.4.18
Version: 9.17.1
Version: 9.17.1.7
Version: 9.17.1.9
Version: 9.17.1.10
Version: 9.17.1.11
Version: 9.17.1.13
Version: 9.17.1.15
Version: 9.17.1.20
Version: 9.17.1.30
Version: 9.18.1
Version: 9.18.1.3
Version: 9.18.2
Version: 9.18.2.5
Version: 9.18.2.7
Version: 9.18.2.8
Version: 9.18.3
Version: 9.19.1
Version: 9.19.1.5
Version: 9.19.1.9

Cisco

Cisco Firepower Threat Defense Software

Version: 6.2.3.3
Version: 6.2.3.4
Version: 6.2.3.5
Version: 6.2.3.6
Version: 6.2.3.7
Version: 6.2.3.8
Version: 6.2.3.10
Version: 6.2.3.11
Version: 6.2.3.9
Version: 6.2.3.12
Version: 6.2.3.13
Version: 6.2.3.14
Version: 6.2.3.15
Version: 6.2.3.16
Version: 6.2.3.17
Version: 6.2.3.18
Version: 6.6.0
Version: 6.6.0.1
Version: 6.6.1
Version: 6.6.3
Version: 6.6.4
Version: 6.6.5
Version: 6.6.5.1
Version: 6.6.5.2
Version: 6.6.7
Version: 6.6.7.1
Version: 6.4.0
Version: 6.4.0.1
Version: 6.4.0.3
Version: 6.4.0.2
Version: 6.4.0.4
Version: 6.4.0.5
Version: 6.4.0.6
Version: 6.4.0.7
Version: 6.4.0.8
Version: 6.4.0.9
Version: 6.4.0.10
Version: 6.4.0.11
Version: 6.4.0.12
Version: 6.4.0.13
Version: 6.4.0.14
Version: 6.4.0.15
Version: 6.4.0.16
Version: 6.7.0
Version: 6.7.0.1
Version: 6.7.0.2
Version: 6.7.0.3
Version: 7.0.0
Version: 7.0.0.1
Version: 7.0.1
Version: 7.0.1.1
Version: 7.0.2
Version: 7.0.2.1
Version: 7.0.3
Version: 7.0.4
Version: 7.0.5
Version: 7.1.0
Version: 7.1.0.1
Version: 7.1.0.2
Version: 7.1.0.3
Version: 7.2.0
Version: 7.2.0.1
Version: 7.2.1
Version: 7.2.2
Version: 7.2.3
Version: 7.3.0
Version: 7.3.1
Version: 7.3.1.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T09:05:35.937Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "cisco-sa-asaftd-ac-acl-bypass-bwd7q6Gb",
            "tags": [
              "x_transferred"
            ],
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ac-acl-bypass-bwd7q6Gb"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "9.8.3.14"
            },
            {
              "status": "affected",
              "version": "9.8.3.16"
            },
            {
              "status": "affected",
              "version": "9.8.3.18"
            },
            {
              "status": "affected",
              "version": "9.8.3.21"
            },
            {
              "status": "affected",
              "version": "9.8.3.26"
            },
            {
              "status": "affected",
              "version": "9.8.3.29"
            },
            {
              "status": "affected",
              "version": "9.8.4"
            },
            {
              "status": "affected",
              "version": "9.8.4.3"
            },
            {
              "status": "affected",
              "version": "9.8.4.7"
            },
            {
              "status": "affected",
              "version": "9.8.4.8"
            },
            {
              "status": "affected",
              "version": "9.8.4.10"
            },
            {
              "status": "affected",
              "version": "9.8.4.12"
            },
            {
              "status": "affected",
              "version": "9.8.4.15"
            },
            {
              "status": "affected",
              "version": "9.8.4.17"
            },
            {
              "status": "affected",
              "version": "9.8.4.25"
            },
            {
              "status": "affected",
              "version": "9.8.4.20"
            },
            {
              "status": "affected",
              "version": "9.8.4.22"
            },
            {
              "status": "affected",
              "version": "9.8.4.26"
            },
            {
              "status": "affected",
              "version": "9.8.4.29"
            },
            {
              "status": "affected",
              "version": "9.8.4.32"
            },
            {
              "status": "affected",
              "version": "9.8.4.33"
            },
            {
              "status": "affected",
              "version": "9.8.4.34"
            },
            {
              "status": "affected",
              "version": "9.8.4.35"
            },
            {
              "status": "affected",
              "version": "9.8.4.39"
            },
            {
              "status": "affected",
              "version": "9.8.4.40"
            },
            {
              "status": "affected",
              "version": "9.8.4.41"
            },
            {
              "status": "affected",
              "version": "9.8.4.43"
            },
            {
              "status": "affected",
              "version": "9.8.4.44"
            },
            {
              "status": "affected",
              "version": "9.8.4.45"
            },
            {
              "status": "affected",
              "version": "9.8.4.46"
            },
            {
              "status": "affected",
              "version": "9.8.4.48"
            },
            {
              "status": "affected",
              "version": "9.12.1"
            },
            {
              "status": "affected",
              "version": "9.12.1.2"
            },
            {
              "status": "affected",
              "version": "9.12.1.3"
            },
            {
              "status": "affected",
              "version": "9.12.2"
            },
            {
              "status": "affected",
              "version": "9.12.2.4"
            },
            {
              "status": "affected",
              "version": "9.12.2.5"
            },
            {
              "status": "affected",
              "version": "9.12.2.9"
            },
            {
              "status": "affected",
              "version": "9.12.3"
            },
            {
              "status": "affected",
              "version": "9.12.3.2"
            },
            {
              "status": "affected",
              "version": "9.12.3.7"
            },
            {
              "status": "affected",
              "version": "9.12.4"
            },
            {
              "status": "affected",
              "version": "9.12.3.12"
            },
            {
              "status": "affected",
              "version": "9.12.3.9"
            },
            {
              "status": "affected",
              "version": "9.12.2.1"
            },
            {
              "status": "affected",
              "version": "9.12.4.2"
            },
            {
              "status": "affected",
              "version": "9.12.4.4"
            },
            {
              "status": "affected",
              "version": "9.12.4.7"
            },
            {
              "status": "affected",
              "version": "9.12.4.10"
            },
            {
              "status": "affected",
              "version": "9.12.4.13"
            },
            {
              "status": "affected",
              "version": "9.12.4.8"
            },
            {
              "status": "affected",
              "version": "9.12.4.18"
            },
            {
              "status": "affected",
              "version": "9.12.4.24"
            },
            {
              "status": "affected",
              "version": "9.12.4.26"
            },
            {
              "status": "affected",
              "version": "9.12.4.29"
            },
            {
              "status": "affected",
              "version": "9.12.4.30"
            },
            {
              "status": "affected",
              "version": "9.12.4.35"
            },
            {
              "status": "affected",
              "version": "9.12.4.37"
            },
            {
              "status": "affected",
              "version": "9.12.4.38"
            },
            {
              "status": "affected",
              "version": "9.12.4.39"
            },
            {
              "status": "affected",
              "version": "9.12.4.40"
            },
            {
              "status": "affected",
              "version": "9.12.4.41"
            },
            {
              "status": "affected",
              "version": "9.12.4.47"
            },
            {
              "status": "affected",
              "version": "9.12.4.48"
            },
            {
              "status": "affected",
              "version": "9.12.4.50"
            },
            {
              "status": "affected",
              "version": "9.12.4.52"
            },
            {
              "status": "affected",
              "version": "9.12.4.54"
            },
            {
              "status": "affected",
              "version": "9.12.4.55"
            },
            {
              "status": "affected",
              "version": "9.12.4.56"
            },
            {
              "status": "affected",
              "version": "9.14.1"
            },
            {
              "status": "affected",
              "version": "9.14.1.10"
            },
            {
              "status": "affected",
              "version": "9.14.1.6"
            },
            {
              "status": "affected",
              "version": "9.14.1.15"
            },
            {
              "status": "affected",
              "version": "9.14.1.19"
            },
            {
              "status": "affected",
              "version": "9.14.1.30"
            },
            {
              "status": "affected",
              "version": "9.14.2"
            },
            {
              "status": "affected",
              "version": "9.14.2.4"
            },
            {
              "status": "affected",
              "version": "9.14.2.8"
            },
            {
              "status": "affected",
              "version": "9.14.2.13"
            },
            {
              "status": "affected",
              "version": "9.14.2.15"
            },
            {
              "status": "affected",
              "version": "9.14.3"
            },
            {
              "status": "affected",
              "version": "9.14.3.1"
            },
            {
              "status": "affected",
              "version": "9.14.3.9"
            },
            {
              "status": "affected",
              "version": "9.14.3.11"
            },
            {
              "status": "affected",
              "version": "9.14.3.13"
            },
            {
              "status": "affected",
              "version": "9.14.3.18"
            },
            {
              "status": "affected",
              "version": "9.14.3.15"
            },
            {
              "status": "affected",
              "version": "9.14.4"
            },
            {
              "status": "affected",
              "version": "9.14.4.6"
            },
            {
              "status": "affected",
              "version": "9.14.4.7"
            },
            {
              "status": "affected",
              "version": "9.14.4.12"
            },
            {
              "status": "affected",
              "version": "9.14.4.13"
            },
            {
              "status": "affected",
              "version": "9.14.4.14"
            },
            {
              "status": "affected",
              "version": "9.14.4.15"
            },
            {
              "status": "affected",
              "version": "9.14.4.17"
            },
            {
              "status": "affected",
              "version": "9.14.4.22"
            },
            {
              "status": "affected",
              "version": "9.14.4.23"
            },
            {
              "status": "affected",
              "version": "9.15.1"
            },
            {
              "status": "affected",
              "version": "9.15.1.7"
            },
            {
              "status": "affected",
              "version": "9.15.1.10"
            },
            {
              "status": "affected",
              "version": "9.15.1.15"
            },
            {
              "status": "affected",
              "version": "9.15.1.16"
            },
            {
              "status": "affected",
              "version": "9.15.1.17"
            },
            {
              "status": "affected",
              "version": "9.15.1.1"
            },
            {
              "status": "affected",
              "version": "9.15.1.21"
            },
            {
              "status": "affected",
              "version": "9.16.1"
            },
            {
              "status": "affected",
              "version": "9.16.1.28"
            },
            {
              "status": "affected",
              "version": "9.16.2"
            },
            {
              "status": "affected",
              "version": "9.16.2.3"
            },
            {
              "status": "affected",
              "version": "9.16.2.7"
            },
            {
              "status": "affected",
              "version": "9.16.2.11"
            },
            {
              "status": "affected",
              "version": "9.16.2.13"
            },
            {
              "status": "affected",
              "version": "9.16.2.14"
            },
            {
              "status": "affected",
              "version": "9.16.3"
            },
            {
              "status": "affected",
              "version": "9.16.3.3"
            },
            {
              "status": "affected",
              "version": "9.16.3.14"
            },
            {
              "status": "affected",
              "version": "9.16.3.15"
            },
            {
              "status": "affected",
              "version": "9.16.3.19"
            },
            {
              "status": "affected",
              "version": "9.16.3.23"
            },
            {
              "status": "affected",
              "version": "9.16.4"
            },
            {
              "status": "affected",
              "version": "9.16.4.9"
            },
            {
              "status": "affected",
              "version": "9.16.4.14"
            },
            {
              "status": "affected",
              "version": "9.16.4.18"
            },
            {
              "status": "affected",
              "version": "9.17.1"
            },
            {
              "status": "affected",
              "version": "9.17.1.7"
            },
            {
              "status": "affected",
              "version": "9.17.1.9"
            },
            {
              "status": "affected",
              "version": "9.17.1.10"
            },
            {
              "status": "affected",
              "version": "9.17.1.11"
            },
            {
              "status": "affected",
              "version": "9.17.1.13"
            },
            {
              "status": "affected",
              "version": "9.17.1.15"
            },
            {
              "status": "affected",
              "version": "9.17.1.20"
            },
            {
              "status": "affected",
              "version": "9.17.1.30"
            },
            {
              "status": "affected",
              "version": "9.18.1"
            },
            {
              "status": "affected",
              "version": "9.18.1.3"
            },
            {
              "status": "affected",
              "version": "9.18.2"
            },
            {
              "status": "affected",
              "version": "9.18.2.5"
            },
            {
              "status": "affected",
              "version": "9.18.2.7"
            },
            {
              "status": "affected",
              "version": "9.18.2.8"
            },
            {
              "status": "affected",
              "version": "9.18.3"
            },
            {
              "status": "affected",
              "version": "9.19.1"
            },
            {
              "status": "affected",
              "version": "9.19.1.5"
            },
            {
              "status": "affected",
              "version": "9.19.1.9"
            }
          ]
        },
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "6.2.3.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.4"
            },
            {
              "status": "affected",
              "version": "6.2.3.5"
            },
            {
              "status": "affected",
              "version": "6.2.3.6"
            },
            {
              "status": "affected",
              "version": "6.2.3.7"
            },
            {
              "status": "affected",
              "version": "6.2.3.8"
            },
            {
              "status": "affected",
              "version": "6.2.3.10"
            },
            {
              "status": "affected",
              "version": "6.2.3.11"
            },
            {
              "status": "affected",
              "version": "6.2.3.9"
            },
            {
              "status": "affected",
              "version": "6.2.3.12"
            },
            {
              "status": "affected",
              "version": "6.2.3.13"
            },
            {
              "status": "affected",
              "version": "6.2.3.14"
            },
            {
              "status": "affected",
              "version": "6.2.3.15"
            },
            {
              "status": "affected",
              "version": "6.2.3.16"
            },
            {
              "status": "affected",
              "version": "6.2.3.17"
            },
            {
              "status": "affected",
              "version": "6.2.3.18"
            },
            {
              "status": "affected",
              "version": "6.6.0"
            },
            {
              "status": "affected",
              "version": "6.6.0.1"
            },
            {
              "status": "affected",
              "version": "6.6.1"
            },
            {
              "status": "affected",
              "version": "6.6.3"
            },
            {
              "status": "affected",
              "version": "6.6.4"
            },
            {
              "status": "affected",
              "version": "6.6.5"
            },
            {
              "status": "affected",
              "version": "6.6.5.1"
            },
            {
              "status": "affected",
              "version": "6.6.5.2"
            },
            {
              "status": "affected",
              "version": "6.6.7"
            },
            {
              "status": "affected",
              "version": "6.6.7.1"
            },
            {
              "status": "affected",
              "version": "6.4.0"
            },
            {
              "status": "affected",
              "version": "6.4.0.1"
            },
            {
              "status": "affected",
              "version": "6.4.0.3"
            },
            {
              "status": "affected",
              "version": "6.4.0.2"
            },
            {
              "status": "affected",
              "version": "6.4.0.4"
            },
            {
              "status": "affected",
              "version": "6.4.0.5"
            },
            {
              "status": "affected",
              "version": "6.4.0.6"
            },
            {
              "status": "affected",
              "version": "6.4.0.7"
            },
            {
              "status": "affected",
              "version": "6.4.0.8"
            },
            {
              "status": "affected",
              "version": "6.4.0.9"
            },
            {
              "status": "affected",
              "version": "6.4.0.10"
            },
            {
              "status": "affected",
              "version": "6.4.0.11"
            },
            {
              "status": "affected",
              "version": "6.4.0.12"
            },
            {
              "status": "affected",
              "version": "6.4.0.13"
            },
            {
              "status": "affected",
              "version": "6.4.0.14"
            },
            {
              "status": "affected",
              "version": "6.4.0.15"
            },
            {
              "status": "affected",
              "version": "6.4.0.16"
            },
            {
              "status": "affected",
              "version": "6.7.0"
            },
            {
              "status": "affected",
              "version": "6.7.0.1"
            },
            {
              "status": "affected",
              "version": "6.7.0.2"
            },
            {
              "status": "affected",
              "version": "6.7.0.3"
            },
            {
              "status": "affected",
              "version": "7.0.0"
            },
            {
              "status": "affected",
              "version": "7.0.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1.1"
            },
            {
              "status": "affected",
              "version": "7.0.2"
            },
            {
              "status": "affected",
              "version": "7.0.2.1"
            },
            {
              "status": "affected",
              "version": "7.0.3"
            },
            {
              "status": "affected",
              "version": "7.0.4"
            },
            {
              "status": "affected",
              "version": "7.0.5"
            },
            {
              "status": "affected",
              "version": "7.1.0"
            },
            {
              "status": "affected",
              "version": "7.1.0.1"
            },
            {
              "status": "affected",
              "version": "7.1.0.2"
            },
            {
              "status": "affected",
              "version": "7.1.0.3"
            },
            {
              "status": "affected",
              "version": "7.2.0"
            },
            {
              "status": "affected",
              "version": "7.2.0.1"
            },
            {
              "status": "affected",
              "version": "7.2.1"
            },
            {
              "status": "affected",
              "version": "7.2.2"
            },
            {
              "status": "affected",
              "version": "7.2.3"
            },
            {
              "status": "affected",
              "version": "7.3.0"
            },
            {
              "status": "affected",
              "version": "7.3.1"
            },
            {
              "status": "affected",
              "version": "7.3.1.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple vulnerabilities in the per-user-override feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should be denied to flow through an affected device. These vulnerabilities are due to a logic error that could occur when the affected software constructs and applies per-user-override rules. An attacker could exploit these vulnerabilities by connecting to a network through an affected device that has a vulnerable configuration. A successful exploit could allow the attacker to bypass the interface ACL and access resources that would should be protected."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-290",
              "description": "Authentication Bypass by Spoofing",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-25T16:58:30.675Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-asaftd-ac-acl-bypass-bwd7q6Gb",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ac-acl-bypass-bwd7q6Gb"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asaftd-ac-acl-bypass-bwd7q6Gb",
        "defects": [
          "CSCwe45093"
        ],
        "discovery": "EXTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2023-20245",
    "datePublished": "2023-11-01T16:55:45.699Z",
    "dateReserved": "2022-10-27T18:47:50.371Z",
    "dateUpdated": "2024-08-02T09:05:35.937Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2018-15390 (GCVE-0-2018-15390)

Vulnerability from cvelistv5

Published

2018-10-05 14:00

Modified

2024-11-26 14:33

Severity ?

CWE

CWE-399

Summary

A vulnerability in the FTP inspection engine of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability exists because the affected software fails to release spinlocks when a device is running low on system memory, if the software is configured to apply FTP inspection and an access control rule to transit traffic, and the access control rule is associated with an FTP file policy. An attacker could exploit this vulnerability by sending a high rate of transit traffic through an affected device to cause a low-memory condition on the device. A successful exploit could allow the attacker to cause a software panic on the affected device, which could cause the device to reload and result in a temporary DoS condition.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-ftd-inspect-dos	vendor-advisory, x_refsource_CISCO
	http://www.securityfocus.com/bid/105519	vdb-entry, x_refsource_BID

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Threat Defense Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T09:54:03.458Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20181003 Cisco Firepower Threat Defense Software FTP Inspection Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-ftd-inspect-dos"
          },
          {
            "name": "105519",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/105519"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2018-15390",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-25T18:48:12.767698Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-26T14:33:49.682Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-10-03T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the FTP inspection engine of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability exists because the affected software fails to release spinlocks when a device is running low on system memory, if the software is configured to apply FTP inspection and an access control rule to transit traffic, and the access control rule is associated with an FTP file policy. An attacker could exploit this vulnerability by sending a high rate of transit traffic through an affected device to cause a low-memory condition on the device. A successful exploit could allow the attacker to cause a software panic on the affected device, which could cause the device to reload and result in a temporary DoS condition."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-399",
              "description": "CWE-399",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-07T09:57:02",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20181003 Cisco Firepower Threat Defense Software FTP Inspection Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-ftd-inspect-dos"
        },
        {
          "name": "105519",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/105519"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20181003-ftd-inspect-dos",
        "defect": [
          [
            "CSCvh77456"
          ]
        ],
        "discovery": "UNKNOWN"
      },
      "title": "Cisco Firepower Threat Defense Software FTP Inspection Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2018-10-03T16:00:00-0500",
          "ID": "CVE-2018-15390",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Firepower Threat Defense Software FTP Inspection Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Firepower Threat Defense Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the FTP inspection engine of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability exists because the affected software fails to release spinlocks when a device is running low on system memory, if the software is configured to apply FTP inspection and an access control rule to transit traffic, and the access control rule is associated with an FTP file policy. An attacker could exploit this vulnerability by sending a high rate of transit traffic through an affected device to cause a low-memory condition on the device. A successful exploit could allow the attacker to cause a software panic on the affected device, which could cause the device to reload and result in a temporary DoS condition."
            }
          ]
        },
        "impact": {
          "cvss": {
            "baseScore": "8.6",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-399"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20181003 Cisco Firepower Threat Defense Software FTP Inspection Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-ftd-inspect-dos"
            },
            {
              "name": "105519",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/105519"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20181003-ftd-inspect-dos",
          "defect": [
            [
              "CSCvh77456"
            ]
          ],
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2018-15390",
    "datePublished": "2018-10-05T14:00:00Z",
    "dateReserved": "2018-08-17T00:00:00",
    "dateUpdated": "2024-11-26T14:33:49.682Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-12694 (GCVE-0-2019-12694)

Vulnerability from cvelistv5

Published

2019-10-02 19:06

Modified

2024-11-20 17:07

Severity ?

6.7 (Medium) - CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-20

Summary

A vulnerability in the command line interface (CLI) of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker with administrative privileges to execute commands on the underlying operating system with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by executing a specific CLI command that includes crafted arguments. A successful exploit could allow the attacker to execute commands on the underlying OS with root privileges.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-ftd-cmdinj	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Threat Defense Software	Version: unspecified < n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T23:24:39.156Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20191002 Cisco Firepower Threat Defense Software Command Injection Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-ftd-cmdinj"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2019-12694",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-20T16:51:12.367311Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-20T17:07:00.935Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "n/a",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2019-10-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the command line interface (CLI) of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker with administrative privileges to execute commands on the underlying operating system with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by executing a specific CLI command that includes crafted arguments. A successful exploit could allow the attacker to execute commands on the underlying OS with root privileges."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-10-02T19:06:46",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20191002 Cisco Firepower Threat Defense Software Command Injection Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-ftd-cmdinj"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20191002-ftd-cmdinj",
        "defect": [
          [
            "CSCvo45799"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Firepower Threat Defense Software Command Injection Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2019-10-02T16:00:00-0700",
          "ID": "CVE-2019-12694",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Firepower Threat Defense Software Command Injection Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Firepower Threat Defense Software",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the command line interface (CLI) of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker with administrative privileges to execute commands on the underlying operating system with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by executing a specific CLI command that includes crafted arguments. A successful exploit could allow the attacker to execute commands on the underlying OS with root privileges."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "6.7",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20191002 Cisco Firepower Threat Defense Software Command Injection Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-ftd-cmdinj"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20191002-ftd-cmdinj",
          "defect": [
            [
              "CSCvo45799"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2019-12694",
    "datePublished": "2019-10-02T19:06:46.853658Z",
    "dateReserved": "2019-06-04T00:00:00",
    "dateUpdated": "2024-11-20T17:07:00.935Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-20742 (GCVE-0-2022-20742)

Vulnerability from cvelistv5

Published

2022-05-03 03:16

Modified

2024-11-06 16:19

Severity ?

7.4 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE

CWE-325

Summary

A vulnerability in an IPsec VPN library of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to read or modify data within an IPsec IKEv2 VPN tunnel. This vulnerability is due to an improper implementation of Galois/Counter Mode (GCM) ciphers. An attacker in a man-in-the-middle position could exploit this vulnerability by intercepting a sufficient number of encrypted messages across an affected IPsec IKEv2 VPN tunnel and then using cryptanalytic techniques to break the encryption. A successful exploit could allow the attacker to decrypt, read, modify, and re-encrypt data that is transmitted across an affected IPsec IKEv2 VPN tunnel.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ipsec-mitm-CKnLr4	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Adaptive Security Appliance (ASA) Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T02:24:49.394Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20220427 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IPsec IKEv2 VPN Information Disclosure Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ipsec-mitm-CKnLr4"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-20742",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-06T16:00:09.277652Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-06T16:19:31.684Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2022-04-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in an IPsec VPN library of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to read or modify data within an IPsec IKEv2 VPN tunnel. This vulnerability is due to an improper implementation of Galois/Counter Mode (GCM) ciphers. An attacker in a man-in-the-middle position could exploit this vulnerability by intercepting a sufficient number of encrypted messages across an affected IPsec IKEv2 VPN tunnel and then using cryptanalytic techniques to break the encryption. A successful exploit could allow the attacker to decrypt, read, modify, and re-encrypt data that is transmitted across an affected IPsec IKEv2 VPN tunnel."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-325",
              "description": "CWE-325",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-05-03T03:16:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20220427 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IPsec IKEv2 VPN Information Disclosure Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ipsec-mitm-CKnLr4"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asaftd-ipsec-mitm-CKnLr4",
        "defect": [
          [
            "CSCvz81480"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IPsec IKEv2 VPN Information Disclosure Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2022-04-27T16:00:00",
          "ID": "CVE-2022-20742",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IPsec IKEv2 VPN Information Disclosure Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in an IPsec VPN library of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to read or modify data within an IPsec IKEv2 VPN tunnel. This vulnerability is due to an improper implementation of Galois/Counter Mode (GCM) ciphers. An attacker in a man-in-the-middle position could exploit this vulnerability by intercepting a sufficient number of encrypted messages across an affected IPsec IKEv2 VPN tunnel and then using cryptanalytic techniques to break the encryption. A successful exploit could allow the attacker to decrypt, read, modify, and re-encrypt data that is transmitted across an affected IPsec IKEv2 VPN tunnel."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "7.4",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-325"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20220427 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IPsec IKEv2 VPN Information Disclosure Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ipsec-mitm-CKnLr4"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-asaftd-ipsec-mitm-CKnLr4",
          "defect": [
            [
              "CSCvz81480"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2022-20742",
    "datePublished": "2022-05-03T03:16:01.369615Z",
    "dateReserved": "2021-11-02T00:00:00",
    "dateUpdated": "2024-11-06T16:19:31.684Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-3303 (GCVE-0-2020-3303)

Vulnerability from cvelistv5

Published

2020-05-06 16:42

Modified

2024-11-15 17:23

Severity ?

6.8 (Medium) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-399

Summary

A vulnerability in the Internet Key Exchange version 1 (IKEv1) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to improper management of system memory. An attacker could exploit this vulnerability by sending malicious IKEv1 traffic to an affected device. A successful exploit could allow the attacker to cause a DoS condition on the affected device.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-dos-BqYFRJt9	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Adaptive Security Appliance (ASA) Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T07:30:57.873Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20200506 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IKEv1 Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-dos-BqYFRJt9"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-3303",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-15T16:28:35.653177Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-15T17:23:02.286Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2020-05-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Internet Key Exchange version 1 (IKEv1) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to improper management of system memory. An attacker could exploit this vulnerability by sending malicious IKEv1 traffic to an affected device. A successful exploit could allow the attacker to cause a DoS condition on the affected device."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-399",
              "description": "CWE-399",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-05-06T16:42:20",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20200506 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IKEv1 Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-dos-BqYFRJt9"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asa-dos-BqYFRJt9",
        "defect": [
          [
            "CSCvq66080"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IKEv1 Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2020-05-06T16:00:00-0700",
          "ID": "CVE-2020-3303",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IKEv1 Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the Internet Key Exchange version 1 (IKEv1) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to improper management of system memory. An attacker could exploit this vulnerability by sending malicious IKEv1 traffic to an affected device. A successful exploit could allow the attacker to cause a DoS condition on the affected device."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "6.8",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-399"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20200506 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IKEv1 Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-dos-BqYFRJt9"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-asa-dos-BqYFRJt9",
          "defect": [
            [
              "CSCvq66080"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2020-3303",
    "datePublished": "2020-05-06T16:42:21.009228Z",
    "dateReserved": "2019-12-12T00:00:00",
    "dateUpdated": "2024-11-15T17:23:02.286Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-1256 (GCVE-0-2021-1256)

Vulnerability from cvelistv5

Published

2021-04-29 17:30

Modified

2024-11-08 23:25

Severity ?

6.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H

CWE

CWE-552

Summary

A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to overwrite files on the file system of an affected device by using directory traversal techniques. A successful exploit could cause system instability if important system files are overwritten. This vulnerability is due to insufficient validation of user input for the file path in a specific CLI command. An attacker could exploit this vulnerability by logging in to a targeted device and issuing a specific CLI command with crafted user input. A successful exploit could allow the attacker to overwrite arbitrary files on the file system of the affected device. The attacker would need valid user credentials on the device.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-file-overwrite-XknRjGdB	vendor-advisory, x_refsource_CISCO
	https://kc.mcafee.com/corporate/index?page=content&id=SB10382	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Threat Defense Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T16:02:56.405Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20210428 Cisco Firepower Threat Defense Software Command File Overwrite Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-file-overwrite-XknRjGdB"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10382"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-1256",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-08T20:45:16.197162Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-08T23:25:06.066Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2021-04-28T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to overwrite files on the file system of an affected device by using directory traversal techniques. A successful exploit could cause system instability if important system files are overwritten. This vulnerability is due to insufficient validation of user input for the file path in a specific CLI command. An attacker could exploit this vulnerability by logging in to a targeted device and issuing a specific CLI command with crafted user input. A successful exploit could allow the attacker to overwrite arbitrary files on the file system of the affected device. The attacker would need valid user credentials on the device."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-552",
              "description": "CWE-552",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-04-13T07:06:13",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20210428 Cisco Firepower Threat Defense Software Command File Overwrite Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-file-overwrite-XknRjGdB"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10382"
        }
      ],
      "source": {
        "advisory": "cisco-sa-ftd-file-overwrite-XknRjGdB",
        "defect": [
          [
            "CSCvu29184"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Firepower Threat Defense Software Command File Overwrite Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2021-04-28T16:00:00",
          "ID": "CVE-2021-1256",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Firepower Threat Defense Software Command File Overwrite Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Firepower Threat Defense Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to overwrite files on the file system of an affected device by using directory traversal techniques. A successful exploit could cause system instability if important system files are overwritten. This vulnerability is due to insufficient validation of user input for the file path in a specific CLI command. An attacker could exploit this vulnerability by logging in to a targeted device and issuing a specific CLI command with crafted user input. A successful exploit could allow the attacker to overwrite arbitrary files on the file system of the affected device. The attacker would need valid user credentials on the device."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "6.0",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-552"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20210428 Cisco Firepower Threat Defense Software Command File Overwrite Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-file-overwrite-XknRjGdB"
            },
            {
              "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10382",
              "refsource": "CONFIRM",
              "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10382"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-ftd-file-overwrite-XknRjGdB",
          "defect": [
            [
              "CSCvu29184"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2021-1256",
    "datePublished": "2021-04-29T17:30:18.183521Z",
    "dateReserved": "2020-11-13T00:00:00",
    "dateUpdated": "2024-11-08T23:25:06.066Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-20759 (GCVE-0-2022-20759)

Vulnerability from cvelistv5

Published

2022-05-03 03:15

Modified

2024-11-06 16:20

Severity ?

8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-266

Summary

A vulnerability in the web services interface for remote access VPN features of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, but unprivileged, remote attacker to elevate privileges to level 15. This vulnerability is due to improper separation of authentication and authorization scopes. An attacker could exploit this vulnerability by sending crafted HTTPS messages to the web services interface of an affected device. A successful exploit could allow the attacker to gain privilege level 15 access to the web management interface of the device. This includes privilege level 15 access to the device using management tools like the Cisco Adaptive Security Device Manager (ASDM) or the Cisco Security Manager (CSM). Note: With Cisco FTD Software, the impact is lower than the CVSS score suggests because the affected web management interface allows for read access only.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-mgmt-privesc-BMFMUvye	vendor-advisory, x_refsource_CISCO
	https://github.com/orangecertcc/security-research/security/advisories/GHSA-gq88-gqmj-7v24	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Adaptive Security Appliance (ASA) Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T02:24:49.442Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20220427 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Interface Privilege Escalation Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-mgmt-privesc-BMFMUvye"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/orangecertcc/security-research/security/advisories/GHSA-gq88-gqmj-7v24"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-20759",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-06T16:00:10.238765Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-06T16:20:17.982Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2022-04-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the web services interface for remote access VPN features of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, but unprivileged, remote attacker to elevate privileges to level 15. This vulnerability is due to improper separation of authentication and authorization scopes. An attacker could exploit this vulnerability by sending crafted HTTPS messages to the web services interface of an affected device. A successful exploit could allow the attacker to gain privilege level 15 access to the web management interface of the device. This includes privilege level 15 access to the device using management tools like the Cisco Adaptive Security Device Manager (ASDM) or the Cisco Security Manager (CSM). Note: With Cisco FTD Software, the impact is lower than the CVSS score suggests because the affected web management interface allows for read access only."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-266",
              "description": "CWE-266",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-05-09T17:14:02",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20220427 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Interface Privilege Escalation Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-mgmt-privesc-BMFMUvye"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/orangecertcc/security-research/security/advisories/GHSA-gq88-gqmj-7v24"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asaftd-mgmt-privesc-BMFMUvye",
        "defect": [
          [
            "CSCvz92016"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Interface Privilege Escalation Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2022-04-27T16:00:00",
          "ID": "CVE-2022-20759",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Interface Privilege Escalation Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the web services interface for remote access VPN features of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, but unprivileged, remote attacker to elevate privileges to level 15. This vulnerability is due to improper separation of authentication and authorization scopes. An attacker could exploit this vulnerability by sending crafted HTTPS messages to the web services interface of an affected device. A successful exploit could allow the attacker to gain privilege level 15 access to the web management interface of the device. This includes privilege level 15 access to the device using management tools like the Cisco Adaptive Security Device Manager (ASDM) or the Cisco Security Manager (CSM). Note: With Cisco FTD Software, the impact is lower than the CVSS score suggests because the affected web management interface allows for read access only."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.8",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-266"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20220427 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Interface Privilege Escalation Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-mgmt-privesc-BMFMUvye"
            },
            {
              "name": "https://github.com/orangecertcc/security-research/security/advisories/GHSA-gq88-gqmj-7v24",
              "refsource": "MISC",
              "url": "https://github.com/orangecertcc/security-research/security/advisories/GHSA-gq88-gqmj-7v24"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-asaftd-mgmt-privesc-BMFMUvye",
          "defect": [
            [
              "CSCvz92016"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2022-20759",
    "datePublished": "2022-05-03T03:15:45.526167Z",
    "dateReserved": "2021-11-02T00:00:00",
    "dateUpdated": "2024-11-06T16:20:17.982Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-3580 (GCVE-0-2020-3580)

Vulnerability from cvelistv5

Published

2020-10-21 18:40

Modified

2025-07-30 01:45

Severity ?

6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CWE

CWE-79

Summary

Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the web services interface of an affected device. The vulnerabilities are due to insufficient validation of user-supplied input by the web services interface of an affected device. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive, browser-based information. Note: These vulnerabilities affect only specific AnyConnect and WebVPN configurations. For more information, see the Vulnerable Products section.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-xss-multiple-FCB3vPZe	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Adaptive Security Appliance (ASA) Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T07:37:55.605Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Interface Cross-Site Scripting Vulnerabilities",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-xss-multiple-FCB3vPZe"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-3580",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-08T16:07:33.171667Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2021-11-03",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-3580"
              },
              "type": "kev"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-30T01:45:33.928Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2021-11-03T00:00:00+00:00",
            "value": "CVE-2020-3580 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2020-10-21T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the web services interface of an affected device. The vulnerabilities are due to insufficient validation of user-supplied input by the web services interface of an affected device. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive, browser-based information. Note: These vulnerabilities affect only specific AnyConnect and WebVPN configurations. For more information, see the Vulnerable Products section."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "CWE-79",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-21T18:40:26.000Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Interface Cross-Site Scripting Vulnerabilities",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-xss-multiple-FCB3vPZe"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asaftd-xss-multiple-FCB3vPZe",
        "defect": [
          [
            "CSCvu44910",
            "CSCvu75581",
            "CSCvu83309",
            "CSCvv13835"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Interface Cross-Site Scripting Vulnerabilities",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2020-10-21T16:00:00",
          "ID": "CVE-2020-3580",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Interface Cross-Site Scripting Vulnerabilities"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the web services interface of an affected device. The vulnerabilities are due to insufficient validation of user-supplied input by the web services interface of an affected device. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive, browser-based information. Note: These vulnerabilities affect only specific AnyConnect and WebVPN configurations. For more information, see the Vulnerable Products section."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "6.1",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-79"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Interface Cross-Site Scripting Vulnerabilities",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-xss-multiple-FCB3vPZe"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-asaftd-xss-multiple-FCB3vPZe",
          "defect": [
            [
              "CSCvu44910",
              "CSCvu75581",
              "CSCvu83309",
              "CSCvv13835"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2020-3580",
    "datePublished": "2020-10-21T18:40:26.821Z",
    "dateReserved": "2019-12-12T00:00:00.000Z",
    "dateUpdated": "2025-07-30T01:45:33.928Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-20943 (GCVE-0-2022-20943)

Vulnerability from cvelistv5

Published

2022-11-10 17:37

Modified

2024-08-03 02:31

Severity ?

5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

CWE

CWE-244 - Improper Clearing of Heap Memory Before Release ('Heap Inspection')

Summary

Multiple vulnerabilities in the Server Message Block Version 2 (SMB2) processor of the Snort detection engine on multiple Cisco products could allow an unauthenticated, remote attacker to bypass the configured policies or cause a denial of service (DoS) condition on an affected device. These vulnerabilities are due to improper management of system resources when the Snort detection engine is processing SMB2 traffic. An attacker could exploit these vulnerabilities by sending a high rate of certain types of SMB2 packets through an affected device. A successful exploit could allow the attacker to trigger a reload of the Snort process, resulting in a DoS condition. Note: When the snort preserve-connection option is enabled for the Snort detection engine, a successful exploit could also allow the attacker to bypass the configured policies and deliver a malicious payload to the protected network. The snort preserve-connection setting is enabled by default. See the Details ["#details"] section of this advisory for more information. Note: Only products that have Snort 3 configured are affected. Products that are configured with Snort 2 are not affected.

References

▼	URL	Tags
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-smb-3nfhJtr

Impacted products

Vendor

Product

Version

▼

Cisco

Cisco Firepower Threat Defense Software

Version: 7.0.0
Version: 7.0.0.1
Version: 7.0.1
Version: 7.0.1.1

Cisco

Cisco Cyber Vision

Version: 3.0.4
Version: 3.0.0
Version: 3.0.1
Version: 3.0.2
Version: 3.0.3
Version: 3.0.5
Version: 3.0.6
Version: 3.1.0
Version: 3.1.2
Version: 3.1.1
Version: 3.2.3
Version: 3.2.1
Version: 3.2.4
Version: 3.2.0
Version: 3.2.2
Version: 4.0.0
Version: 4.0.1
Version: 4.0.2
Version: 4.0.3
Version: 4.1.0
Version: 4.1.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T02:31:57.976Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "cisco-sa-snort-smb-3nfhJtr",
            "tags": [
              "x_transferred"
            ],
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-smb-3nfhJtr"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "7.0.0"
            },
            {
              "status": "affected",
              "version": "7.0.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1.1"
            }
          ]
        },
        {
          "product": "Cisco Cyber Vision",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "3.0.4"
            },
            {
              "status": "affected",
              "version": "3.0.0"
            },
            {
              "status": "affected",
              "version": "3.0.1"
            },
            {
              "status": "affected",
              "version": "3.0.2"
            },
            {
              "status": "affected",
              "version": "3.0.3"
            },
            {
              "status": "affected",
              "version": "3.0.5"
            },
            {
              "status": "affected",
              "version": "3.0.6"
            },
            {
              "status": "affected",
              "version": "3.1.0"
            },
            {
              "status": "affected",
              "version": "3.1.2"
            },
            {
              "status": "affected",
              "version": "3.1.1"
            },
            {
              "status": "affected",
              "version": "3.2.3"
            },
            {
              "status": "affected",
              "version": "3.2.1"
            },
            {
              "status": "affected",
              "version": "3.2.4"
            },
            {
              "status": "affected",
              "version": "3.2.0"
            },
            {
              "status": "affected",
              "version": "3.2.2"
            },
            {
              "status": "affected",
              "version": "4.0.0"
            },
            {
              "status": "affected",
              "version": "4.0.1"
            },
            {
              "status": "affected",
              "version": "4.0.2"
            },
            {
              "status": "affected",
              "version": "4.0.3"
            },
            {
              "status": "affected",
              "version": "4.1.0"
            },
            {
              "status": "affected",
              "version": "4.1.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple vulnerabilities in the Server Message Block Version 2 (SMB2) processor of the Snort detection engine on multiple Cisco products could allow an unauthenticated, remote attacker to bypass the configured policies or cause a denial of service (DoS) condition on an affected device.\r\n\r These vulnerabilities are due to improper management of system resources when the Snort detection engine is processing SMB2 traffic. An attacker could exploit these vulnerabilities by sending a high rate of certain types of SMB2 packets through an affected device. A successful exploit could allow the attacker to trigger a reload of the Snort process, resulting in a DoS condition.\r\n\r Note: When the snort preserve-connection option is enabled for the Snort detection engine, a successful exploit could also allow the attacker to bypass the configured policies and deliver a malicious payload to the protected network. The snort preserve-connection setting is enabled by default. See the Details [\"#details\"] section of this advisory for more information.\r\n\r Note: Only products that have Snort 3 configured are affected. Products that are configured with Snort 2 are not affected."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-244",
              "description": "Improper Clearing of Heap Memory Before Release (\u0027Heap Inspection\u0027)",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-25T16:57:18.786Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-snort-smb-3nfhJtr",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-smb-3nfhJtr"
        }
      ],
      "source": {
        "advisory": "cisco-sa-snort-smb-3nfhJtr",
        "defects": [
          "CSCvy97080",
          "CSCwb78519"
        ],
        "discovery": "EXTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2022-20943",
    "datePublished": "2022-11-10T17:37:31.385Z",
    "dateReserved": "2021-11-02T13:28:29.193Z",
    "dateUpdated": "2024-08-03T02:31:57.976Z",
    "requesterUserId": "4087f8c1-b21c-479b-99df-de23cb76b743",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-12675 (GCVE-0-2019-12675)

Vulnerability from cvelistv5

Published

2019-10-02 19:06

Modified

2024-11-20 17:08

Severity ?

8.2 (High) - CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

CWE

CWE-216

Summary

Multiple vulnerabilities in the multi-instance feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to escape the container for their FTD instance and execute commands with root privileges in the host namespace. These vulnerabilities are due to insufficient protections on the underlying filesystem. An attacker could exploit these vulnerabilities by modifying critical files on the underlying filesystem. A successful exploit could allow the attacker to execute commands with root privileges within the host namespace. This could allow the attacker to impact other running FTD instances.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-ftd-container-esc	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Threat Defense Software	Version: unspecified < n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T23:24:39.211Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20191002 Cisco Firepower Threat Defense Software Multi-instance Container Escape Vulnerabilities",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-ftd-container-esc"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2019-12675",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-20T16:51:36.927165Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-20T17:08:49.643Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "n/a",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2019-10-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple vulnerabilities in the multi-instance feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to escape the container for their FTD instance and execute commands with root privileges in the host namespace. These vulnerabilities are due to insufficient protections on the underlying filesystem. An attacker could exploit these vulnerabilities by modifying critical files on the underlying filesystem. A successful exploit could allow the attacker to execute commands with root privileges within the host namespace. This could allow the attacker to impact other running FTD instances."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-216",
              "description": "CWE-216",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-10-02T19:06:38",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20191002 Cisco Firepower Threat Defense Software Multi-instance Container Escape Vulnerabilities",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-ftd-container-esc"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20191002-ftd-container-esc",
        "defect": [
          [
            "CSCvm14296",
            "CSCvo83194"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Firepower Threat Defense Software Multi-instance Container Escape Vulnerabilities",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2019-10-02T16:00:00-0700",
          "ID": "CVE-2019-12675",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Firepower Threat Defense Software Multi-instance Container Escape Vulnerabilities"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Firepower Threat Defense Software",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple vulnerabilities in the multi-instance feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to escape the container for their FTD instance and execute commands with root privileges in the host namespace. These vulnerabilities are due to insufficient protections on the underlying filesystem. An attacker could exploit these vulnerabilities by modifying critical files on the underlying filesystem. A successful exploit could allow the attacker to execute commands with root privileges within the host namespace. This could allow the attacker to impact other running FTD instances."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.2",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-216"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20191002 Cisco Firepower Threat Defense Software Multi-instance Container Escape Vulnerabilities",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-ftd-container-esc"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20191002-ftd-container-esc",
          "defect": [
            [
              "CSCvm14296",
              "CSCvo83194"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2019-12675",
    "datePublished": "2019-10-02T19:06:38.596452Z",
    "dateReserved": "2019-06-04T00:00:00",
    "dateUpdated": "2024-11-20T17:08:49.643Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-20854 (GCVE-0-2022-20854)

Vulnerability from cvelistv5

Published

2022-11-10 17:31

Modified

2024-08-03 02:24

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-400 - Uncontrolled Resource Consumption

Summary

A vulnerability in the processing of SSH connections of Cisco Firepower Management Center (FMC) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper error handling when an SSH session fails to be established. An attacker could exploit this vulnerability by sending a high rate of crafted SSH connections to the instance. A successful exploit could allow the attacker to cause resource exhaustion, resulting in a reboot on the affected device.

References

▼	URL	Tags
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-dos-OwEunWJN

Impacted products

Vendor

Product

Version

▼

Cisco

Cisco Firepower Management Center

Version: N/A

Cisco

Cisco Firepower Threat Defense Software

Version: N/A

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T02:24:50.053Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "cisco-sa-fmc-dos-OwEunWJN",
            "tags": [
              "x_transferred"
            ],
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-dos-OwEunWJN"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Management Center",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "N/A"
            }
          ]
        },
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "N/A"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the processing of SSH connections of Cisco Firepower Management Center (FMC) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\r\n\r This vulnerability is due to improper error handling when an SSH session fails to be established. An attacker could exploit this vulnerability by sending a high rate of crafted SSH connections to the instance. A successful exploit could allow the attacker to cause resource exhaustion, resulting in a reboot on the affected device."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-25T16:57:11.243Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-fmc-dos-OwEunWJN",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-dos-OwEunWJN"
        }
      ],
      "source": {
        "advisory": "cisco-sa-fmc-dos-OwEunWJN",
        "defects": [
          "CSCvy95520"
        ],
        "discovery": "INTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2022-20854",
    "datePublished": "2022-11-10T17:31:14.744Z",
    "dateReserved": "2021-11-02T13:28:29.180Z",
    "dateUpdated": "2024-08-03T02:24:50.053Z",
    "requesterUserId": "4087f8c1-b21c-479b-99df-de23cb76b743",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-34704 (GCVE-0-2021-34704)

Vulnerability from cvelistv5

Published

2022-01-11 18:50

Modified

2024-11-06 16:47

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-121 - Stack-based Buffer Overflow
CWE-787 - Out-of-bounds Write

Summary

A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. This vulnerability is due to improper input validation when parsing HTTPS requests. An attacker could exploit this vulnerability by sending a malicious HTTPS request to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asafdt-webvpn-dos-KSqJAKPA	vendor-advisory, x_refsource_CISCO

Impacted products

Vendor

Product

Version

▼

Cisco

Cisco Adaptive Security Appliance Software

Version: unspecified < 6.4.0.13

Cisco

Cisco Firepower Threat Defense Software

Version: unspecified < 6.6.5

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T00:19:48.084Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asafdt-webvpn-dos-KSqJAKPA"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-34704",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-06T16:01:59.446870Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-06T16:47:25.058Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance Software",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "6.4.0.13",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "6.6.5",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Nikita Abramov of Positive Technologies"
        }
      ],
      "datePublic": "2021-10-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. This vulnerability is due to improper input validation when parsing HTTPS requests. An attacker could exploit this vulnerability by sending a malicious HTTPS request to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-121",
              "description": "CWE-121 Stack-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787 Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-01-11T18:50:10",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asafdt-webvpn-dos-KSqJAKPA"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asafdt-webvpn-dos-KSqJAKPA",
        "defect": [
          "",
          "CSCvy36910"
        ],
        "discovery": "EXTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2021-10-27T17:38:00.000Z",
          "ID": "CVE-2021-34704",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance Software",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_value": "6.4.0.13"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Cisco Firepower Threat Defense Software",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_value": "6.6.5"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Nikita Abramov of Positive Technologies"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. This vulnerability is due to improper input validation when parsing HTTPS requests. An attacker could exploit this vulnerability by sending a malicious HTTPS request to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-121 Stack-based Buffer Overflow"
                }
              ]
            },
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-787 Out-of-bounds Write"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asafdt-webvpn-dos-KSqJAKPA",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asafdt-webvpn-dos-KSqJAKPA"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-asafdt-webvpn-dos-KSqJAKPA",
          "defect": [
            "",
            "CSCvy36910"
          ],
          "discovery": "EXTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2021-34704",
    "datePublished": "2022-01-11T18:50:10.799554Z",
    "dateReserved": "2021-06-15T00:00:00",
    "dateUpdated": "2024-11-06T16:47:25.058Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-3254 (GCVE-0-2020-3254)

Vulnerability from cvelistv5

Published

2020-05-06 16:41

Modified

2024-11-15 17:24

Severity ?

8.6 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-400

Summary

Multiple vulnerabilities in the Media Gateway Control Protocol (MGCP) inspection feature of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerabilities are due to inefficient memory management. An attacker could exploit these vulnerabilities by sending crafted MGCP packets through an affected device. An exploit could allow the attacker to cause memory exhaustion resulting in a restart of an affected device, causing a DoS condition for traffic traversing the device.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-mgcp-SUqB8VKH	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Adaptive Security Appliance (ASA) Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T07:30:58.057Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20200506 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Media Gateway Control Protocol Denial of Service Vulnerabilities",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-mgcp-SUqB8VKH"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-3254",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-15T16:21:31.051963Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-15T17:24:31.640Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2020-05-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple vulnerabilities in the Media Gateway Control Protocol (MGCP) inspection feature of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerabilities are due to inefficient memory management. An attacker could exploit these vulnerabilities by sending crafted MGCP packets through an affected device. An exploit could allow the attacker to cause memory exhaustion resulting in a restart of an affected device, causing a DoS condition for traffic traversing the device."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-05-06T16:41:39",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20200506 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Media Gateway Control Protocol Denial of Service Vulnerabilities",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-mgcp-SUqB8VKH"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asaftd-mgcp-SUqB8VKH",
        "defect": [
          [
            "CSCvp16945",
            "CSCvp16949"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Media Gateway Control Protocol Denial of Service Vulnerabilities",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2020-05-06T16:00:00-0700",
          "ID": "CVE-2020-3254",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Media Gateway Control Protocol Denial of Service Vulnerabilities"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple vulnerabilities in the Media Gateway Control Protocol (MGCP) inspection feature of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerabilities are due to inefficient memory management. An attacker could exploit these vulnerabilities by sending crafted MGCP packets through an affected device. An exploit could allow the attacker to cause memory exhaustion resulting in a restart of an affected device, causing a DoS condition for traffic traversing the device."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.6",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-400"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20200506 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Media Gateway Control Protocol Denial of Service Vulnerabilities",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-mgcp-SUqB8VKH"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-asaftd-mgcp-SUqB8VKH",
          "defect": [
            [
              "CSCvp16945",
              "CSCvp16949"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2020-3254",
    "datePublished": "2020-05-06T16:41:39.894758Z",
    "dateReserved": "2019-12-12T00:00:00",
    "dateUpdated": "2024-11-15T17:24:31.640Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-20826 (GCVE-0-2022-20826)

Vulnerability from cvelistv5

Published

2022-11-10 17:31

Modified

2024-08-03 02:24

Severity ?

6.4 (Medium) - CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-501 - Trust Boundary Violation

Summary

A vulnerability in the secure boot implementation of Cisco Secure Firewalls 3100 Series that are running Cisco Adaptive Security Appliance (ASA) Software or Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated attacker with physical access to the device to bypass the secure boot functionality. This vulnerability is due to a logic error in the boot process. An attacker could exploit this vulnerability by injecting malicious code into a specific memory location during the boot process of an affected device. A successful exploit could allow the attacker to execute persistent code at boot time and break the chain of trust.

References

▼	URL	Tags
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fw3100-secure-boot-5M8mUh26

Impacted products

Vendor

Product

Version

▼

Cisco

Cisco Adaptive Security Appliance (ASA) Software

Version: 9.17.1
Version: 9.17.1.9
Version: 9.17.1.10
Version: 9.17.1.13
Version: 9.18.1
Version: 9.18.1.3

Cisco

Cisco Firepower Threat Defense Software

Version: 7.1.0
Version: 7.2.0
Version: 7.2.0.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T02:24:50.027Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "cisco-sa-fw3100-secure-boot-5M8mUh26",
            "tags": [
              "x_transferred"
            ],
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fw3100-secure-boot-5M8mUh26"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "9.17.1"
            },
            {
              "status": "affected",
              "version": "9.17.1.9"
            },
            {
              "status": "affected",
              "version": "9.17.1.10"
            },
            {
              "status": "affected",
              "version": "9.17.1.13"
            },
            {
              "status": "affected",
              "version": "9.18.1"
            },
            {
              "status": "affected",
              "version": "9.18.1.3"
            }
          ]
        },
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "7.1.0"
            },
            {
              "status": "affected",
              "version": "7.2.0"
            },
            {
              "status": "affected",
              "version": "7.2.0.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the secure boot implementation of Cisco Secure Firewalls 3100 Series that are running Cisco Adaptive Security Appliance (ASA) Software or Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated attacker with physical access to the device to bypass the secure boot functionality.\r\n\r This vulnerability is due to a logic error in the boot process. An attacker could exploit this vulnerability by injecting malicious code into a specific memory location during the boot process of an affected device. A successful exploit could allow the attacker to execute persistent code at boot time and break the chain of trust."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "PHYSICAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-501",
              "description": "Trust Boundary Violation",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-25T16:57:07.369Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-fw3100-secure-boot-5M8mUh26",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fw3100-secure-boot-5M8mUh26"
        }
      ],
      "source": {
        "advisory": "cisco-sa-fw3100-secure-boot-5M8mUh26",
        "defects": [
          "CSCwb08411"
        ],
        "discovery": "INTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2022-20826",
    "datePublished": "2022-11-10T17:31:54.657Z",
    "dateReserved": "2021-11-02T13:28:29.176Z",
    "dateUpdated": "2024-08-03T02:24:50.027Z",
    "requesterUserId": "4087f8c1-b21c-479b-99df-de23cb76b743",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-3528 (GCVE-0-2020-3528)

Vulnerability from cvelistv5

Published

2020-10-21 18:35

Modified

2024-11-13 17:50

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-400

Summary

A vulnerability in the OSPF Version 2 (OSPFv2) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to incomplete input validation when the affected software processes certain OSPFv2 packets with Link-Local Signaling (LLS) data. An attacker could exploit this vulnerability by sending a malformed OSPFv2 packet to an affected device. A successful exploit could allow the attacker to cause an affected device to reload, resulting in a DoS condition.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ospflls-37Xy2q6r	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Adaptive Security Appliance (ASA) Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T07:37:54.684Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software OSPFv2 Link-Local Signaling Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ospflls-37Xy2q6r"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-3528",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-13T17:12:26.713141Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-13T17:50:05.218Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2020-10-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the OSPF Version 2 (OSPFv2) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to incomplete input validation when the affected software processes certain OSPFv2 packets with Link-Local Signaling (LLS) data. An attacker could exploit this vulnerability by sending a malformed OSPFv2 packet to an affected device. A successful exploit could allow the attacker to cause an affected device to reload, resulting in a DoS condition."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-21T18:35:40",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software OSPFv2 Link-Local Signaling Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ospflls-37Xy2q6r"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asaftd-ospflls-37Xy2q6r",
        "defect": [
          [
            "CSCvt83121"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software OSPFv2 Link-Local Signaling Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2020-10-21T16:00:00",
          "ID": "CVE-2020-3528",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software OSPFv2 Link-Local Signaling Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the OSPF Version 2 (OSPFv2) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to incomplete input validation when the affected software processes certain OSPFv2 packets with Link-Local Signaling (LLS) data. An attacker could exploit this vulnerability by sending a malformed OSPFv2 packet to an affected device. A successful exploit could allow the attacker to cause an affected device to reload, resulting in a DoS condition."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.6",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-400"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software OSPFv2 Link-Local Signaling Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ospflls-37Xy2q6r"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-asaftd-ospflls-37Xy2q6r",
          "defect": [
            [
              "CSCvt83121"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2020-3528",
    "datePublished": "2020-10-21T18:35:40.437725Z",
    "dateReserved": "2019-12-12T00:00:00",
    "dateUpdated": "2024-11-13T17:50:05.218Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-20924 (GCVE-0-2022-20924)

Vulnerability from cvelistv5

Published

2022-11-10 17:30

Modified

2024-08-03 02:31

Severity ?

7.7 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-703 - Improper Check or Handling of Exceptional Conditions

Summary

A vulnerability in the Simple Network Management Protocol (SNMP) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted SNMP request to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition.

References

▼	URL	Tags
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-snmp-dos-qsqBNM6x

Impacted products

Vendor

Product

Version

▼

Cisco

Cisco Adaptive Security Appliance (ASA) Software

Version: 9.14.1
Version: 9.14.1.10
Version: 9.14.1.6
Version: 9.14.1.15
Version: 9.14.1.19
Version: 9.14.1.30
Version: 9.14.2
Version: 9.14.2.4
Version: 9.14.2.8
Version: 9.14.2.13
Version: 9.14.2.15
Version: 9.14.3
Version: 9.14.3.1
Version: 9.14.3.9
Version: 9.14.3.11
Version: 9.14.3.13
Version: 9.14.3.18
Version: 9.14.3.15
Version: 9.14.4
Version: 9.14.4.6
Version: 9.14.4.7
Version: 9.14.4.12
Version: 9.15.1
Version: 9.15.1.7
Version: 9.15.1.10
Version: 9.15.1.15
Version: 9.15.1.16
Version: 9.15.1.17
Version: 9.15.1.1
Version: 9.15.1.21
Version: 9.16.1
Version: 9.16.1.28
Version: 9.16.2
Version: 9.16.2.3
Version: 9.16.2.7
Version: 9.16.2.11
Version: 9.16.2.13
Version: 9.16.2.14
Version: 9.16.3
Version: 9.16.3.3
Version: 9.16.3.14
Version: 9.17.1
Version: 9.17.1.7
Version: 9.17.1.9
Version: 9.17.1.10
Version: 9.17.1.11
Version: 9.17.1.13
Version: 9.17.1.15
Version: 9.18.1

Cisco

Cisco Firepower Threat Defense Software

Version: 6.6.0
Version: 6.6.0.1
Version: 6.6.1
Version: 6.6.3
Version: 6.6.4
Version: 6.6.5
Version: 6.6.5.1
Version: 6.6.5.2
Version: 6.7.0
Version: 6.7.0.1
Version: 6.7.0.2
Version: 6.7.0.3
Version: 7.0.0
Version: 7.0.0.1
Version: 7.0.1
Version: 7.0.1.1
Version: 7.0.2
Version: 7.0.2.1
Version: 7.0.3
Version: 7.1.0
Version: 7.1.0.1
Version: 7.1.0.2
Version: 7.2.0
Version: 7.2.0.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T02:31:58.277Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "cisco-sa-asaftd-snmp-dos-qsqBNM6x",
            "tags": [
              "x_transferred"
            ],
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-snmp-dos-qsqBNM6x"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "9.14.1"
            },
            {
              "status": "affected",
              "version": "9.14.1.10"
            },
            {
              "status": "affected",
              "version": "9.14.1.6"
            },
            {
              "status": "affected",
              "version": "9.14.1.15"
            },
            {
              "status": "affected",
              "version": "9.14.1.19"
            },
            {
              "status": "affected",
              "version": "9.14.1.30"
            },
            {
              "status": "affected",
              "version": "9.14.2"
            },
            {
              "status": "affected",
              "version": "9.14.2.4"
            },
            {
              "status": "affected",
              "version": "9.14.2.8"
            },
            {
              "status": "affected",
              "version": "9.14.2.13"
            },
            {
              "status": "affected",
              "version": "9.14.2.15"
            },
            {
              "status": "affected",
              "version": "9.14.3"
            },
            {
              "status": "affected",
              "version": "9.14.3.1"
            },
            {
              "status": "affected",
              "version": "9.14.3.9"
            },
            {
              "status": "affected",
              "version": "9.14.3.11"
            },
            {
              "status": "affected",
              "version": "9.14.3.13"
            },
            {
              "status": "affected",
              "version": "9.14.3.18"
            },
            {
              "status": "affected",
              "version": "9.14.3.15"
            },
            {
              "status": "affected",
              "version": "9.14.4"
            },
            {
              "status": "affected",
              "version": "9.14.4.6"
            },
            {
              "status": "affected",
              "version": "9.14.4.7"
            },
            {
              "status": "affected",
              "version": "9.14.4.12"
            },
            {
              "status": "affected",
              "version": "9.15.1"
            },
            {
              "status": "affected",
              "version": "9.15.1.7"
            },
            {
              "status": "affected",
              "version": "9.15.1.10"
            },
            {
              "status": "affected",
              "version": "9.15.1.15"
            },
            {
              "status": "affected",
              "version": "9.15.1.16"
            },
            {
              "status": "affected",
              "version": "9.15.1.17"
            },
            {
              "status": "affected",
              "version": "9.15.1.1"
            },
            {
              "status": "affected",
              "version": "9.15.1.21"
            },
            {
              "status": "affected",
              "version": "9.16.1"
            },
            {
              "status": "affected",
              "version": "9.16.1.28"
            },
            {
              "status": "affected",
              "version": "9.16.2"
            },
            {
              "status": "affected",
              "version": "9.16.2.3"
            },
            {
              "status": "affected",
              "version": "9.16.2.7"
            },
            {
              "status": "affected",
              "version": "9.16.2.11"
            },
            {
              "status": "affected",
              "version": "9.16.2.13"
            },
            {
              "status": "affected",
              "version": "9.16.2.14"
            },
            {
              "status": "affected",
              "version": "9.16.3"
            },
            {
              "status": "affected",
              "version": "9.16.3.3"
            },
            {
              "status": "affected",
              "version": "9.16.3.14"
            },
            {
              "status": "affected",
              "version": "9.17.1"
            },
            {
              "status": "affected",
              "version": "9.17.1.7"
            },
            {
              "status": "affected",
              "version": "9.17.1.9"
            },
            {
              "status": "affected",
              "version": "9.17.1.10"
            },
            {
              "status": "affected",
              "version": "9.17.1.11"
            },
            {
              "status": "affected",
              "version": "9.17.1.13"
            },
            {
              "status": "affected",
              "version": "9.17.1.15"
            },
            {
              "status": "affected",
              "version": "9.18.1"
            }
          ]
        },
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "6.6.0"
            },
            {
              "status": "affected",
              "version": "6.6.0.1"
            },
            {
              "status": "affected",
              "version": "6.6.1"
            },
            {
              "status": "affected",
              "version": "6.6.3"
            },
            {
              "status": "affected",
              "version": "6.6.4"
            },
            {
              "status": "affected",
              "version": "6.6.5"
            },
            {
              "status": "affected",
              "version": "6.6.5.1"
            },
            {
              "status": "affected",
              "version": "6.6.5.2"
            },
            {
              "status": "affected",
              "version": "6.7.0"
            },
            {
              "status": "affected",
              "version": "6.7.0.1"
            },
            {
              "status": "affected",
              "version": "6.7.0.2"
            },
            {
              "status": "affected",
              "version": "6.7.0.3"
            },
            {
              "status": "affected",
              "version": "7.0.0"
            },
            {
              "status": "affected",
              "version": "7.0.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1.1"
            },
            {
              "status": "affected",
              "version": "7.0.2"
            },
            {
              "status": "affected",
              "version": "7.0.2.1"
            },
            {
              "status": "affected",
              "version": "7.0.3"
            },
            {
              "status": "affected",
              "version": "7.1.0"
            },
            {
              "status": "affected",
              "version": "7.1.0.1"
            },
            {
              "status": "affected",
              "version": "7.1.0.2"
            },
            {
              "status": "affected",
              "version": "7.2.0"
            },
            {
              "status": "affected",
              "version": "7.2.0.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Simple Network Management Protocol (SNMP) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\r\n\r This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted SNMP request to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-703",
              "description": "Improper Check or Handling of Exceptional Conditions",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-25T16:57:13.846Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-asaftd-snmp-dos-qsqBNM6x",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-snmp-dos-qsqBNM6x"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asaftd-snmp-dos-qsqBNM6x",
        "defects": [
          "CSCwb05148"
        ],
        "discovery": "INTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2022-20924",
    "datePublished": "2022-11-10T17:30:58.312Z",
    "dateReserved": "2021-11-02T13:28:29.190Z",
    "dateUpdated": "2024-08-03T02:31:58.277Z",
    "requesterUserId": "4087f8c1-b21c-479b-99df-de23cb76b743",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-3583 (GCVE-0-2020-3583)

Vulnerability from cvelistv5

Published

2020-10-21 18:36

Modified

2024-11-13 17:20

Severity ?

6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CWE

CWE-79

Summary

Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the web services interface of an affected device. The vulnerabilities are due to insufficient validation of user-supplied input by the web services interface of an affected device. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive, browser-based information. Note: These vulnerabilities affect only specific AnyConnect and WebVPN configurations. For more information, see the Vulnerable Products section.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-xss-multiple-FCB3vPZe	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Adaptive Security Appliance (ASA) Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T07:37:55.498Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Interface Cross-Site Scripting Vulnerabilities",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-xss-multiple-FCB3vPZe"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-3583",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-13T17:19:59.663469Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-13T17:20:13.751Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2020-10-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the web services interface of an affected device. The vulnerabilities are due to insufficient validation of user-supplied input by the web services interface of an affected device. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive, browser-based information. Note: These vulnerabilities affect only specific AnyConnect and WebVPN configurations. For more information, see the Vulnerable Products section."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "CWE-79",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-21T18:36:57",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Interface Cross-Site Scripting Vulnerabilities",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-xss-multiple-FCB3vPZe"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asaftd-xss-multiple-FCB3vPZe",
        "defect": [
          [
            "CSCvu44910",
            "CSCvu75581",
            "CSCvu83309",
            "CSCvv13835"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Interface Cross-Site Scripting Vulnerabilities",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2020-10-21T16:00:00",
          "ID": "CVE-2020-3583",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Interface Cross-Site Scripting Vulnerabilities"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the web services interface of an affected device. The vulnerabilities are due to insufficient validation of user-supplied input by the web services interface of an affected device. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive, browser-based information. Note: These vulnerabilities affect only specific AnyConnect and WebVPN configurations. For more information, see the Vulnerable Products section."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "6.1",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-79"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Interface Cross-Site Scripting Vulnerabilities",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-xss-multiple-FCB3vPZe"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-asaftd-xss-multiple-FCB3vPZe",
          "defect": [
            [
              "CSCvu44910",
              "CSCvu75581",
              "CSCvu83309",
              "CSCvv13835"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2020-3583",
    "datePublished": "2020-10-21T18:36:58.006121Z",
    "dateReserved": "2019-12-12T00:00:00",
    "dateUpdated": "2024-11-13T17:20:13.751Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-1504 (GCVE-0-2021-1504)

Vulnerability from cvelistv5

Published

2021-04-29 17:31

Modified

2024-11-08 23:22

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-787

Summary

Multiple vulnerabilities in Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. These vulnerabilities are due to lack of proper input validation of the HTTPS request. An attacker could exploit these vulnerabilities by sending a crafted HTTPS request to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Note: This vulnerability affects only specific AnyConnect and WebVPN configurations. For more information, see the Vulnerable Products section.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-vpn-dos-fpBcpEcD	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Adaptive Security Appliance (ASA) Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T16:11:17.373Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20210428 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services VPN Denial of Service Vulnerabilities",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-vpn-dos-fpBcpEcD"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-1504",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-08T20:02:03.395327Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-08T23:22:14.830Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2021-04-28T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple vulnerabilities in Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. These vulnerabilities are due to lack of proper input validation of the HTTPS request. An attacker could exploit these vulnerabilities by sending a crafted HTTPS request to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Note: This vulnerability affects only specific AnyConnect and WebVPN configurations. For more information, see the Vulnerable Products section."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-04-29T17:31:28",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20210428 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services VPN Denial of Service Vulnerabilities",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-vpn-dos-fpBcpEcD"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asa-ftd-vpn-dos-fpBcpEcD",
        "defect": [
          [
            "CSCvv56644",
            "CSCvv65184"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services VPN Denial of Service Vulnerabilities",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2021-04-28T16:00:00",
          "ID": "CVE-2021-1504",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services VPN Denial of Service Vulnerabilities"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple vulnerabilities in Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. These vulnerabilities are due to lack of proper input validation of the HTTPS request. An attacker could exploit these vulnerabilities by sending a crafted HTTPS request to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Note: This vulnerability affects only specific AnyConnect and WebVPN configurations. For more information, see the Vulnerable Products section."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.6",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-787"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20210428 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services VPN Denial of Service Vulnerabilities",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-vpn-dos-fpBcpEcD"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-asa-ftd-vpn-dos-fpBcpEcD",
          "defect": [
            [
              "CSCvv56644",
              "CSCvv65184"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2021-1504",
    "datePublished": "2021-04-29T17:31:29.038213Z",
    "dateReserved": "2020-11-13T00:00:00",
    "dateUpdated": "2024-11-08T23:22:14.830Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2018-0230 (GCVE-0-2018-0230)

Vulnerability from cvelistv5

Published

2018-04-19 20:00

Modified

2024-11-29 15:18

Severity ?

CWE

CWE-400

Summary

A vulnerability in the internal packet-processing functionality of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Security Appliances could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service (DoS) condition. The vulnerability is due to the affected software improperly validating IP Version 4 (IPv4) and IP Version 6 (IPv6) packets after the software reassembles the packets (following IP Fragmentation). An attacker could exploit this vulnerability by sending a series of malicious, fragmented IPv4 or IPv6 packets to an affected device. A successful exploit could allow the attacker to cause Snort processes on the affected device to hang at 100% CPU utilization, which could cause the device to stop processing traffic and result in a DoS condition until the device is reloaded manually. This vulnerability affects Cisco Firepower Threat Defense (FTD) Software Releases 6.2.1 and 6.2.2, if the software is running on a Cisco Firepower 2100 Series Security Appliance. Cisco Bug IDs: CSCvf91098.

References

▼	URL	Tags
	http://www.securityfocus.com/bid/103931	vdb-entry, x_refsource_BID
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-fp2100	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	Cisco Firepower 2100 Series Security Appliances	Version: Cisco Firepower 2100 Series Security Appliances

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T03:21:13.990Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "103931",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/103931"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-fp2100"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2018-0230",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-29T14:44:33.543235Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-29T15:18:30.922Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower 2100 Series Security Appliances",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Cisco Firepower 2100 Series Security Appliances"
            }
          ]
        }
      ],
      "datePublic": "2018-04-19T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the internal packet-processing functionality of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Security Appliances could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service (DoS) condition. The vulnerability is due to the affected software improperly validating IP Version 4 (IPv4) and IP Version 6 (IPv6) packets after the software reassembles the packets (following IP Fragmentation). An attacker could exploit this vulnerability by sending a series of malicious, fragmented IPv4 or IPv6 packets to an affected device. A successful exploit could allow the attacker to cause Snort processes on the affected device to hang at 100% CPU utilization, which could cause the device to stop processing traffic and result in a DoS condition until the device is reloaded manually. This vulnerability affects Cisco Firepower Threat Defense (FTD) Software Releases 6.2.1 and 6.2.2, if the software is running on a Cisco Firepower 2100 Series Security Appliance. Cisco Bug IDs: CSCvf91098."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-04-21T09:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "103931",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/103931"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-fp2100"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2018-0230",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Firepower 2100 Series Security Appliances",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Cisco Firepower 2100 Series Security Appliances"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the internal packet-processing functionality of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Security Appliances could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service (DoS) condition. The vulnerability is due to the affected software improperly validating IP Version 4 (IPv4) and IP Version 6 (IPv6) packets after the software reassembles the packets (following IP Fragmentation). An attacker could exploit this vulnerability by sending a series of malicious, fragmented IPv4 or IPv6 packets to an affected device. A successful exploit could allow the attacker to cause Snort processes on the affected device to hang at 100% CPU utilization, which could cause the device to stop processing traffic and result in a DoS condition until the device is reloaded manually. This vulnerability affects Cisco Firepower Threat Defense (FTD) Software Releases 6.2.1 and 6.2.2, if the software is running on a Cisco Firepower 2100 Series Security Appliance. Cisco Bug IDs: CSCvf91098."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-400"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "103931",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/103931"
            },
            {
              "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-fp2100",
              "refsource": "CONFIRM",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-fp2100"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2018-0230",
    "datePublished": "2018-04-19T20:00:00",
    "dateReserved": "2017-11-27T00:00:00",
    "dateUpdated": "2024-11-29T15:18:30.922Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-34761 (GCVE-0-2021-34761)

Vulnerability from cvelistv5

Published

2021-10-27 18:55

Modified

2024-11-07 21:44

Severity ?

4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

CWE

CWE-73

Summary

A vulnerability in Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to overwrite or append arbitrary data to system files using root-level privileges. The attacker must have administrative credentials on the device. This vulnerability is due to incomplete validation of user input for a specific CLI command. An attacker could exploit this vulnerability by authenticating to the device with administrative privileges and issuing a CLI command with crafted user parameters. A successful exploit could allow the attacker to overwrite or append arbitrary data to system files using root-level privileges.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-file-write-SHVcmQVc	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Threat Defense Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T00:19:48.218Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20211027 Cisco Firepower Threat Defense Software CLI Arbitrary File Write Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-file-write-SHVcmQVc"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-34761",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-07T21:39:50.562966Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-07T21:44:29.552Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2021-10-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to overwrite or append arbitrary data to system files using root-level privileges. The attacker must have administrative credentials on the device. This vulnerability is due to incomplete validation of user input for a specific CLI command. An attacker could exploit this vulnerability by authenticating to the device with administrative privileges and issuing a CLI command with crafted user parameters. A successful exploit could allow the attacker to overwrite or append arbitrary data to system files using root-level privileges."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-73",
              "description": "CWE-73",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-27T18:55:30",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20211027 Cisco Firepower Threat Defense Software CLI Arbitrary File Write Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-file-write-SHVcmQVc"
        }
      ],
      "source": {
        "advisory": "cisco-sa-ftd-file-write-SHVcmQVc",
        "defect": [
          [
            "CSCvy41757"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Firepower Threat Defense Software CLI Arbitrary File Write Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2021-10-27T16:00:00",
          "ID": "CVE-2021-34761",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Firepower Threat Defense Software CLI Arbitrary File Write Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Firepower Threat Defense Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to overwrite or append arbitrary data to system files using root-level privileges. The attacker must have administrative credentials on the device. This vulnerability is due to incomplete validation of user input for a specific CLI command. An attacker could exploit this vulnerability by authenticating to the device with administrative privileges and issuing a CLI command with crafted user parameters. A successful exploit could allow the attacker to overwrite or append arbitrary data to system files using root-level privileges."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "4.4",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-73"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20211027 Cisco Firepower Threat Defense Software CLI Arbitrary File Write Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-file-write-SHVcmQVc"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-ftd-file-write-SHVcmQVc",
          "defect": [
            [
              "CSCvy41757"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2021-34761",
    "datePublished": "2021-10-27T18:55:30.453403Z",
    "dateReserved": "2021-06-15T00:00:00",
    "dateUpdated": "2024-11-07T21:44:29.552Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-3191 (GCVE-0-2020-3191)

Vulnerability from cvelistv5

Published

2020-05-06 16:41

Modified

2024-11-15 17:25

Severity ?

8.6 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-20

Summary

A vulnerability in DNS over IPv6 packet processing for Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to unexpectedly reload, resulting in a denial of service (DoS) condition. The vulnerability is due to improper length validation of a field in an IPv6 DNS packet. An attacker could exploit this vulnerability by sending a crafted DNS query over IPv6, which traverses the affected device. An exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. This vulnerability is specific to DNS over IPv6 traffic only.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ipv6-67pA658k	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Adaptive Security Appliance (ASA) Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T07:24:00.910Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20200506 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IPv6 DNS Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ipv6-67pA658k"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-3191",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-15T16:21:41.163420Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-15T17:25:21.757Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2020-05-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in DNS over IPv6 packet processing for Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to unexpectedly reload, resulting in a denial of service (DoS) condition. The vulnerability is due to improper length validation of a field in an IPv6 DNS packet. An attacker could exploit this vulnerability by sending a crafted DNS query over IPv6, which traverses the affected device. An exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. This vulnerability is specific to DNS over IPv6 traffic only."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-05-06T16:41:16",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20200506 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IPv6 DNS Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ipv6-67pA658k"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asaftd-ipv6-67pA658k",
        "defect": [
          [
            "CSCvr07419"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IPv6 DNS Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2020-05-06T16:00:00-0700",
          "ID": "CVE-2020-3191",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IPv6 DNS Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in DNS over IPv6 packet processing for Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to unexpectedly reload, resulting in a denial of service (DoS) condition. The vulnerability is due to improper length validation of a field in an IPv6 DNS packet. An attacker could exploit this vulnerability by sending a crafted DNS query over IPv6, which traverses the affected device. An exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. This vulnerability is specific to DNS over IPv6 traffic only."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.6",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20200506 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IPv6 DNS Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ipv6-67pA658k"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-asaftd-ipv6-67pA658k",
          "defect": [
            [
              "CSCvr07419"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2020-3191",
    "datePublished": "2020-05-06T16:41:16.093868Z",
    "dateReserved": "2019-12-12T00:00:00",
    "dateUpdated": "2024-11-15T17:25:21.757Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-12699 (GCVE-0-2019-12699)

Vulnerability from cvelistv5

Published

2019-10-02 19:06

Modified

2024-11-20 17:06

Severity ?

8.8 (High) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

CWE

CWE-20

Summary

Multiple vulnerabilities in the CLI of Cisco FXOS Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute commands on the underlying operating system (OS) with root privileges. These vulnerabilities are due to insufficient input validation. An attacker could exploit these vulnerabilities by including crafted arguments to specific CLI commands. A successful exploit could allow the attacker to execute commands on the underlying OS with root privileges.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-fxos-cmd-inject	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Extensible Operating System (FXOS)	Version: unspecified < n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T23:24:39.241Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20191002 Cisco FXOS Software and Firepower Threat Defense Software Command Injection Vulnerabilities",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-fxos-cmd-inject"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2019-12699",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-20T16:51:10.583231Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-20T17:06:54.317Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Extensible Operating System (FXOS)",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "n/a",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2019-10-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple vulnerabilities in the CLI of Cisco FXOS Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute commands on the underlying operating system (OS) with root privileges. These vulnerabilities are due to insufficient input validation. An attacker could exploit these vulnerabilities by including crafted arguments to specific CLI commands. A successful exploit could allow the attacker to execute commands on the underlying OS with root privileges."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-10-02T19:06:49",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20191002 Cisco FXOS Software and Firepower Threat Defense Software Command Injection Vulnerabilities",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-fxos-cmd-inject"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20191002-fxos-cmd-inject",
        "defect": [
          [
            "CSCvm14277",
            "CSCvm14279",
            "CSCvm25813",
            "CSCvm25894",
            "CSCvo42621",
            "CSCvo42651",
            "CSCvo83496"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco FXOS Software and Firepower Threat Defense Software Command Injection Vulnerabilities",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2019-10-02T16:00:00-0700",
          "ID": "CVE-2019-12699",
          "STATE": "PUBLIC",
          "TITLE": "Cisco FXOS Software and Firepower Threat Defense Software Command Injection Vulnerabilities"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Firepower Extensible Operating System (FXOS)",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple vulnerabilities in the CLI of Cisco FXOS Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute commands on the underlying operating system (OS) with root privileges. These vulnerabilities are due to insufficient input validation. An attacker could exploit these vulnerabilities by including crafted arguments to specific CLI commands. A successful exploit could allow the attacker to execute commands on the underlying OS with root privileges."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.8",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20191002 Cisco FXOS Software and Firepower Threat Defense Software Command Injection Vulnerabilities",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-fxos-cmd-inject"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20191002-fxos-cmd-inject",
          "defect": [
            [
              "CSCvm14277",
              "CSCvm14279",
              "CSCvm25813",
              "CSCvm25894",
              "CSCvo42621",
              "CSCvo42651",
              "CSCvo83496"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2019-12699",
    "datePublished": "2019-10-02T19:06:49.219612Z",
    "dateReserved": "2019-06-04T00:00:00",
    "dateUpdated": "2024-11-20T17:06:54.317Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-1687 (GCVE-0-2019-1687)

Vulnerability from cvelistv5

Published

2019-05-03 15:00

Modified

2024-11-21 19:35

Severity ?

6.8 (Medium) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-20

Summary

A vulnerability in the TCP proxy functionality for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to an error in TCP-based packet inspection, which could cause the TCP packet to have an invalid Layer 2 (L2)-formatted header. An attacker could exploit this vulnerability by sending a crafted TCP packet sequence to the targeted device. A successful exploit could allow the attacker to cause a DoS condition.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftdtcp-dos	vendor-advisory, x_refsource_CISCO
	http://www.securityfocus.com/bid/108176	vdb-entry, x_refsource_BID

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Adaptive Security Appliance (ASA) Software	Version: unspecified < 9.4.4.34 Version: unspecified < 9.8.4 Version: unspecified < 9.9.2.50

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T18:28:41.094Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20190501 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software TCP Proxy Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftdtcp-dos"
          },
          {
            "name": "108176",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/108176"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2019-1687",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-21T18:59:03.755893Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-21T19:35:56.261Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "9.4.4.34",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "9.8.4",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "9.9.2.50",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2019-05-01T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the TCP proxy functionality for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to an error in TCP-based packet inspection, which could cause the TCP packet to have an invalid Layer 2 (L2)-formatted header. An attacker could exploit this vulnerability by sending a crafted TCP packet sequence to the targeted device. A successful exploit could allow the attacker to cause a DoS condition."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-05-07T14:06:08",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20190501 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software TCP Proxy Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftdtcp-dos"
        },
        {
          "name": "108176",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/108176"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20190501-asa-ftdtcp-dos",
        "defect": [
          [
            "CSCvk44166"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software TCP Proxy Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2019-05-01T16:00:00-0700",
          "ID": "CVE-2019-1687",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software TCP Proxy Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "9.4.4.34"
                          },
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "9.8.4"
                          },
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "9.9.2.50"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the TCP proxy functionality for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to an error in TCP-based packet inspection, which could cause the TCP packet to have an invalid Layer 2 (L2)-formatted header. An attacker could exploit this vulnerability by sending a crafted TCP packet sequence to the targeted device. A successful exploit could allow the attacker to cause a DoS condition."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "6.8",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20190501 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software TCP Proxy Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftdtcp-dos"
            },
            {
              "name": "108176",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/108176"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20190501-asa-ftdtcp-dos",
          "defect": [
            [
              "CSCvk44166"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2019-1687",
    "datePublished": "2019-05-03T15:00:26.666081Z",
    "dateReserved": "2018-12-06T00:00:00",
    "dateUpdated": "2024-11-21T19:35:56.261Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-20713 (GCVE-0-2022-20713)

Vulnerability from cvelistv5

Published

2022-08-10 16:20

Modified

2024-09-16 20:53

Severity ?

4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

CWE

CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')

Summary

A vulnerability in the VPN web client services component of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct browser-based attacks against users of an affected device. This vulnerability is due to improper validation of input that is passed to the VPN web client services component before being returned to the browser that is in use. An attacker could exploit this vulnerability by persuading a user to visit a website that is designed to pass malicious requests to a device that is running Cisco ASA Software or Cisco FTD Software and has web services endpoints supporting VPN features enabled. A successful exploit could allow the attacker to reflect malicious input from the affected device to the browser that is in use and conduct browser-based attacks, including cross-site scripting attacks. The attacker could not directly impact the affected device.

References

▼	URL	Tags
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-webvpn-LOeKsNmO

Impacted products

Vendor

Product

Version

▼

Cisco

Cisco Adaptive Security Appliance (ASA) Software

Version: 9.8.1
Version: 9.8.1.5
Version: 9.8.1.7
Version: 9.8.2
Version: 9.8.2.8
Version: 9.8.2.14
Version: 9.8.2.15
Version: 9.8.2.17
Version: 9.8.2.20
Version: 9.8.2.24
Version: 9.8.2.26
Version: 9.8.2.28
Version: 9.8.2.33
Version: 9.8.2.35
Version: 9.8.2.38
Version: 9.8.3.8
Version: 9.8.3.11
Version: 9.8.3.14
Version: 9.8.3.16
Version: 9.8.3.18
Version: 9.8.3.21
Version: 9.8.3
Version: 9.8.3.26
Version: 9.8.3.29
Version: 9.8.4
Version: 9.8.4.3
Version: 9.8.4.7
Version: 9.8.4.8
Version: 9.8.4.10
Version: 9.8.4.12
Version: 9.8.4.15
Version: 9.8.4.17
Version: 9.8.4.25
Version: 9.8.4.20
Version: 9.8.4.22
Version: 9.8.4.26
Version: 9.8.4.29
Version: 9.8.4.32
Version: 9.8.4.33
Version: 9.8.4.34
Version: 9.8.4.35
Version: 9.8.4.39
Version: 9.8.4.40
Version: 9.8.4.41
Version: 9.8.4.43
Version: 9.8.4.44
Version: 9.8.4.45
Version: 9.8.4.46
Version: 9.8.4.48
Version: 9.12.1
Version: 9.12.1.2
Version: 9.12.1.3
Version: 9.12.2
Version: 9.12.2.4
Version: 9.12.2.5
Version: 9.12.2.9
Version: 9.12.3
Version: 9.12.3.2
Version: 9.12.3.7
Version: 9.12.4
Version: 9.12.3.12
Version: 9.12.3.9
Version: 9.12.2.1
Version: 9.12.4.2
Version: 9.12.4.4
Version: 9.12.4.7
Version: 9.12.4.10
Version: 9.12.4.13
Version: 9.12.4.8
Version: 9.12.4.18
Version: 9.12.4.24
Version: 9.12.4.26
Version: 9.12.4.29
Version: 9.12.4.30
Version: 9.12.4.35
Version: 9.12.4.37
Version: 9.12.4.38
Version: 9.12.4.39
Version: 9.12.4.40
Version: 9.12.4.41
Version: 9.12.4.47
Version: 9.12.4.48
Version: 9.12.4.50
Version: 9.12.4.52
Version: 9.12.4.54
Version: 9.12.4.55
Version: 9.12.4.56
Version: 9.12.4.58
Version: 9.14.1
Version: 9.14.1.10
Version: 9.14.1.6
Version: 9.14.1.15
Version: 9.14.1.19
Version: 9.14.1.30
Version: 9.14.2
Version: 9.14.2.4
Version: 9.14.2.8
Version: 9.14.2.13
Version: 9.14.2.15
Version: 9.14.3
Version: 9.14.3.1
Version: 9.14.3.9
Version: 9.14.3.11
Version: 9.14.3.13
Version: 9.14.3.18
Version: 9.14.3.15
Version: 9.14.4
Version: 9.14.4.6
Version: 9.14.4.7
Version: 9.14.4.12
Version: 9.14.4.13
Version: 9.14.4.14
Version: 9.14.4.15
Version: 9.14.4.17
Version: 9.14.4.22
Version: 9.14.4.23
Version: 9.15.1
Version: 9.15.1.7
Version: 9.15.1.10
Version: 9.15.1.15
Version: 9.15.1.16
Version: 9.15.1.17
Version: 9.15.1.1
Version: 9.15.1.21
Version: 9.16.1
Version: 9.16.1.28
Version: 9.16.2
Version: 9.16.2.3
Version: 9.16.2.7
Version: 9.16.2.11
Version: 9.16.2.13
Version: 9.16.2.14
Version: 9.16.3
Version: 9.16.3.3
Version: 9.16.3.14
Version: 9.16.3.15
Version: 9.16.3.19
Version: 9.16.3.23
Version: 9.16.4
Version: 9.16.4.9
Version: 9.16.4.14
Version: 9.16.4.18
Version: 9.16.4.19
Version: 9.16.4.27
Version: 9.17.1
Version: 9.17.1.7
Version: 9.17.1.9
Version: 9.17.1.10
Version: 9.17.1.11
Version: 9.17.1.13
Version: 9.17.1.15
Version: 9.17.1.20
Version: 9.17.1.30
Version: 9.18.1
Version: 9.18.1.3
Version: 9.18.2
Version: 9.18.2.5
Version: 9.18.2.7
Version: 9.18.2.8
Version: 9.18.3
Version: 9.18.3.39
Version: 9.18.3.46
Version: 9.19.1
Version: 9.19.1.5
Version: 9.19.1.9
Version: 9.19.1.12

Cisco

Cisco Firepower Threat Defense Software

Version: 6.2.3
Version: 6.2.3.1
Version: 6.2.3.2
Version: 6.2.3.3
Version: 6.2.3.4
Version: 6.2.3.5
Version: 6.2.3.6
Version: 6.2.3.7
Version: 6.2.3.8
Version: 6.2.3.10
Version: 6.2.3.11
Version: 6.2.3.9
Version: 6.2.3.12
Version: 6.2.3.13
Version: 6.2.3.14
Version: 6.2.3.15
Version: 6.2.3.16
Version: 6.2.3.17
Version: 6.2.3.18
Version: 6.6.0
Version: 6.6.0.1
Version: 6.6.1
Version: 6.6.3
Version: 6.6.4
Version: 6.6.5
Version: 6.6.5.1
Version: 6.6.5.2
Version: 6.6.7
Version: 6.6.7.1
Version: 6.4.0
Version: 6.4.0.1
Version: 6.4.0.3
Version: 6.4.0.2
Version: 6.4.0.4
Version: 6.4.0.5
Version: 6.4.0.6
Version: 6.4.0.7
Version: 6.4.0.8
Version: 6.4.0.9
Version: 6.4.0.10
Version: 6.4.0.11
Version: 6.4.0.12
Version: 6.4.0.13
Version: 6.4.0.14
Version: 6.4.0.15
Version: 6.4.0.16
Version: 6.7.0
Version: 6.7.0.1
Version: 6.7.0.2
Version: 6.7.0.3
Version: 7.0.0
Version: 7.0.0.1
Version: 7.0.1
Version: 7.0.1.1
Version: 7.0.2
Version: 7.0.2.1
Version: 7.0.3
Version: 7.0.4
Version: 7.0.5
Version: 7.1.0
Version: 7.1.0.1
Version: 7.1.0.2
Version: 7.1.0.3
Version: 7.2.0
Version: 7.2.0.1
Version: 7.2.1
Version: 7.2.2
Version: 7.2.3
Version: 7.2.4
Version: 7.3.0
Version: 7.3.1
Version: 7.3.1.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T02:24:48.583Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "cisco-sa-asa-webvpn-LOeKsNmO",
            "tags": [
              "x_transferred"
            ],
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-webvpn-LOeKsNmO"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "9.8.1"
            },
            {
              "status": "affected",
              "version": "9.8.1.5"
            },
            {
              "status": "affected",
              "version": "9.8.1.7"
            },
            {
              "status": "affected",
              "version": "9.8.2"
            },
            {
              "status": "affected",
              "version": "9.8.2.8"
            },
            {
              "status": "affected",
              "version": "9.8.2.14"
            },
            {
              "status": "affected",
              "version": "9.8.2.15"
            },
            {
              "status": "affected",
              "version": "9.8.2.17"
            },
            {
              "status": "affected",
              "version": "9.8.2.20"
            },
            {
              "status": "affected",
              "version": "9.8.2.24"
            },
            {
              "status": "affected",
              "version": "9.8.2.26"
            },
            {
              "status": "affected",
              "version": "9.8.2.28"
            },
            {
              "status": "affected",
              "version": "9.8.2.33"
            },
            {
              "status": "affected",
              "version": "9.8.2.35"
            },
            {
              "status": "affected",
              "version": "9.8.2.38"
            },
            {
              "status": "affected",
              "version": "9.8.3.8"
            },
            {
              "status": "affected",
              "version": "9.8.3.11"
            },
            {
              "status": "affected",
              "version": "9.8.3.14"
            },
            {
              "status": "affected",
              "version": "9.8.3.16"
            },
            {
              "status": "affected",
              "version": "9.8.3.18"
            },
            {
              "status": "affected",
              "version": "9.8.3.21"
            },
            {
              "status": "affected",
              "version": "9.8.3"
            },
            {
              "status": "affected",
              "version": "9.8.3.26"
            },
            {
              "status": "affected",
              "version": "9.8.3.29"
            },
            {
              "status": "affected",
              "version": "9.8.4"
            },
            {
              "status": "affected",
              "version": "9.8.4.3"
            },
            {
              "status": "affected",
              "version": "9.8.4.7"
            },
            {
              "status": "affected",
              "version": "9.8.4.8"
            },
            {
              "status": "affected",
              "version": "9.8.4.10"
            },
            {
              "status": "affected",
              "version": "9.8.4.12"
            },
            {
              "status": "affected",
              "version": "9.8.4.15"
            },
            {
              "status": "affected",
              "version": "9.8.4.17"
            },
            {
              "status": "affected",
              "version": "9.8.4.25"
            },
            {
              "status": "affected",
              "version": "9.8.4.20"
            },
            {
              "status": "affected",
              "version": "9.8.4.22"
            },
            {
              "status": "affected",
              "version": "9.8.4.26"
            },
            {
              "status": "affected",
              "version": "9.8.4.29"
            },
            {
              "status": "affected",
              "version": "9.8.4.32"
            },
            {
              "status": "affected",
              "version": "9.8.4.33"
            },
            {
              "status": "affected",
              "version": "9.8.4.34"
            },
            {
              "status": "affected",
              "version": "9.8.4.35"
            },
            {
              "status": "affected",
              "version": "9.8.4.39"
            },
            {
              "status": "affected",
              "version": "9.8.4.40"
            },
            {
              "status": "affected",
              "version": "9.8.4.41"
            },
            {
              "status": "affected",
              "version": "9.8.4.43"
            },
            {
              "status": "affected",
              "version": "9.8.4.44"
            },
            {
              "status": "affected",
              "version": "9.8.4.45"
            },
            {
              "status": "affected",
              "version": "9.8.4.46"
            },
            {
              "status": "affected",
              "version": "9.8.4.48"
            },
            {
              "status": "affected",
              "version": "9.12.1"
            },
            {
              "status": "affected",
              "version": "9.12.1.2"
            },
            {
              "status": "affected",
              "version": "9.12.1.3"
            },
            {
              "status": "affected",
              "version": "9.12.2"
            },
            {
              "status": "affected",
              "version": "9.12.2.4"
            },
            {
              "status": "affected",
              "version": "9.12.2.5"
            },
            {
              "status": "affected",
              "version": "9.12.2.9"
            },
            {
              "status": "affected",
              "version": "9.12.3"
            },
            {
              "status": "affected",
              "version": "9.12.3.2"
            },
            {
              "status": "affected",
              "version": "9.12.3.7"
            },
            {
              "status": "affected",
              "version": "9.12.4"
            },
            {
              "status": "affected",
              "version": "9.12.3.12"
            },
            {
              "status": "affected",
              "version": "9.12.3.9"
            },
            {
              "status": "affected",
              "version": "9.12.2.1"
            },
            {
              "status": "affected",
              "version": "9.12.4.2"
            },
            {
              "status": "affected",
              "version": "9.12.4.4"
            },
            {
              "status": "affected",
              "version": "9.12.4.7"
            },
            {
              "status": "affected",
              "version": "9.12.4.10"
            },
            {
              "status": "affected",
              "version": "9.12.4.13"
            },
            {
              "status": "affected",
              "version": "9.12.4.8"
            },
            {
              "status": "affected",
              "version": "9.12.4.18"
            },
            {
              "status": "affected",
              "version": "9.12.4.24"
            },
            {
              "status": "affected",
              "version": "9.12.4.26"
            },
            {
              "status": "affected",
              "version": "9.12.4.29"
            },
            {
              "status": "affected",
              "version": "9.12.4.30"
            },
            {
              "status": "affected",
              "version": "9.12.4.35"
            },
            {
              "status": "affected",
              "version": "9.12.4.37"
            },
            {
              "status": "affected",
              "version": "9.12.4.38"
            },
            {
              "status": "affected",
              "version": "9.12.4.39"
            },
            {
              "status": "affected",
              "version": "9.12.4.40"
            },
            {
              "status": "affected",
              "version": "9.12.4.41"
            },
            {
              "status": "affected",
              "version": "9.12.4.47"
            },
            {
              "status": "affected",
              "version": "9.12.4.48"
            },
            {
              "status": "affected",
              "version": "9.12.4.50"
            },
            {
              "status": "affected",
              "version": "9.12.4.52"
            },
            {
              "status": "affected",
              "version": "9.12.4.54"
            },
            {
              "status": "affected",
              "version": "9.12.4.55"
            },
            {
              "status": "affected",
              "version": "9.12.4.56"
            },
            {
              "status": "affected",
              "version": "9.12.4.58"
            },
            {
              "status": "affected",
              "version": "9.14.1"
            },
            {
              "status": "affected",
              "version": "9.14.1.10"
            },
            {
              "status": "affected",
              "version": "9.14.1.6"
            },
            {
              "status": "affected",
              "version": "9.14.1.15"
            },
            {
              "status": "affected",
              "version": "9.14.1.19"
            },
            {
              "status": "affected",
              "version": "9.14.1.30"
            },
            {
              "status": "affected",
              "version": "9.14.2"
            },
            {
              "status": "affected",
              "version": "9.14.2.4"
            },
            {
              "status": "affected",
              "version": "9.14.2.8"
            },
            {
              "status": "affected",
              "version": "9.14.2.13"
            },
            {
              "status": "affected",
              "version": "9.14.2.15"
            },
            {
              "status": "affected",
              "version": "9.14.3"
            },
            {
              "status": "affected",
              "version": "9.14.3.1"
            },
            {
              "status": "affected",
              "version": "9.14.3.9"
            },
            {
              "status": "affected",
              "version": "9.14.3.11"
            },
            {
              "status": "affected",
              "version": "9.14.3.13"
            },
            {
              "status": "affected",
              "version": "9.14.3.18"
            },
            {
              "status": "affected",
              "version": "9.14.3.15"
            },
            {
              "status": "affected",
              "version": "9.14.4"
            },
            {
              "status": "affected",
              "version": "9.14.4.6"
            },
            {
              "status": "affected",
              "version": "9.14.4.7"
            },
            {
              "status": "affected",
              "version": "9.14.4.12"
            },
            {
              "status": "affected",
              "version": "9.14.4.13"
            },
            {
              "status": "affected",
              "version": "9.14.4.14"
            },
            {
              "status": "affected",
              "version": "9.14.4.15"
            },
            {
              "status": "affected",
              "version": "9.14.4.17"
            },
            {
              "status": "affected",
              "version": "9.14.4.22"
            },
            {
              "status": "affected",
              "version": "9.14.4.23"
            },
            {
              "status": "affected",
              "version": "9.15.1"
            },
            {
              "status": "affected",
              "version": "9.15.1.7"
            },
            {
              "status": "affected",
              "version": "9.15.1.10"
            },
            {
              "status": "affected",
              "version": "9.15.1.15"
            },
            {
              "status": "affected",
              "version": "9.15.1.16"
            },
            {
              "status": "affected",
              "version": "9.15.1.17"
            },
            {
              "status": "affected",
              "version": "9.15.1.1"
            },
            {
              "status": "affected",
              "version": "9.15.1.21"
            },
            {
              "status": "affected",
              "version": "9.16.1"
            },
            {
              "status": "affected",
              "version": "9.16.1.28"
            },
            {
              "status": "affected",
              "version": "9.16.2"
            },
            {
              "status": "affected",
              "version": "9.16.2.3"
            },
            {
              "status": "affected",
              "version": "9.16.2.7"
            },
            {
              "status": "affected",
              "version": "9.16.2.11"
            },
            {
              "status": "affected",
              "version": "9.16.2.13"
            },
            {
              "status": "affected",
              "version": "9.16.2.14"
            },
            {
              "status": "affected",
              "version": "9.16.3"
            },
            {
              "status": "affected",
              "version": "9.16.3.3"
            },
            {
              "status": "affected",
              "version": "9.16.3.14"
            },
            {
              "status": "affected",
              "version": "9.16.3.15"
            },
            {
              "status": "affected",
              "version": "9.16.3.19"
            },
            {
              "status": "affected",
              "version": "9.16.3.23"
            },
            {
              "status": "affected",
              "version": "9.16.4"
            },
            {
              "status": "affected",
              "version": "9.16.4.9"
            },
            {
              "status": "affected",
              "version": "9.16.4.14"
            },
            {
              "status": "affected",
              "version": "9.16.4.18"
            },
            {
              "status": "affected",
              "version": "9.16.4.19"
            },
            {
              "status": "affected",
              "version": "9.16.4.27"
            },
            {
              "status": "affected",
              "version": "9.17.1"
            },
            {
              "status": "affected",
              "version": "9.17.1.7"
            },
            {
              "status": "affected",
              "version": "9.17.1.9"
            },
            {
              "status": "affected",
              "version": "9.17.1.10"
            },
            {
              "status": "affected",
              "version": "9.17.1.11"
            },
            {
              "status": "affected",
              "version": "9.17.1.13"
            },
            {
              "status": "affected",
              "version": "9.17.1.15"
            },
            {
              "status": "affected",
              "version": "9.17.1.20"
            },
            {
              "status": "affected",
              "version": "9.17.1.30"
            },
            {
              "status": "affected",
              "version": "9.18.1"
            },
            {
              "status": "affected",
              "version": "9.18.1.3"
            },
            {
              "status": "affected",
              "version": "9.18.2"
            },
            {
              "status": "affected",
              "version": "9.18.2.5"
            },
            {
              "status": "affected",
              "version": "9.18.2.7"
            },
            {
              "status": "affected",
              "version": "9.18.2.8"
            },
            {
              "status": "affected",
              "version": "9.18.3"
            },
            {
              "status": "affected",
              "version": "9.18.3.39"
            },
            {
              "status": "affected",
              "version": "9.18.3.46"
            },
            {
              "status": "affected",
              "version": "9.19.1"
            },
            {
              "status": "affected",
              "version": "9.19.1.5"
            },
            {
              "status": "affected",
              "version": "9.19.1.9"
            },
            {
              "status": "affected",
              "version": "9.19.1.12"
            }
          ]
        },
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "6.2.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.1"
            },
            {
              "status": "affected",
              "version": "6.2.3.2"
            },
            {
              "status": "affected",
              "version": "6.2.3.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.4"
            },
            {
              "status": "affected",
              "version": "6.2.3.5"
            },
            {
              "status": "affected",
              "version": "6.2.3.6"
            },
            {
              "status": "affected",
              "version": "6.2.3.7"
            },
            {
              "status": "affected",
              "version": "6.2.3.8"
            },
            {
              "status": "affected",
              "version": "6.2.3.10"
            },
            {
              "status": "affected",
              "version": "6.2.3.11"
            },
            {
              "status": "affected",
              "version": "6.2.3.9"
            },
            {
              "status": "affected",
              "version": "6.2.3.12"
            },
            {
              "status": "affected",
              "version": "6.2.3.13"
            },
            {
              "status": "affected",
              "version": "6.2.3.14"
            },
            {
              "status": "affected",
              "version": "6.2.3.15"
            },
            {
              "status": "affected",
              "version": "6.2.3.16"
            },
            {
              "status": "affected",
              "version": "6.2.3.17"
            },
            {
              "status": "affected",
              "version": "6.2.3.18"
            },
            {
              "status": "affected",
              "version": "6.6.0"
            },
            {
              "status": "affected",
              "version": "6.6.0.1"
            },
            {
              "status": "affected",
              "version": "6.6.1"
            },
            {
              "status": "affected",
              "version": "6.6.3"
            },
            {
              "status": "affected",
              "version": "6.6.4"
            },
            {
              "status": "affected",
              "version": "6.6.5"
            },
            {
              "status": "affected",
              "version": "6.6.5.1"
            },
            {
              "status": "affected",
              "version": "6.6.5.2"
            },
            {
              "status": "affected",
              "version": "6.6.7"
            },
            {
              "status": "affected",
              "version": "6.6.7.1"
            },
            {
              "status": "affected",
              "version": "6.4.0"
            },
            {
              "status": "affected",
              "version": "6.4.0.1"
            },
            {
              "status": "affected",
              "version": "6.4.0.3"
            },
            {
              "status": "affected",
              "version": "6.4.0.2"
            },
            {
              "status": "affected",
              "version": "6.4.0.4"
            },
            {
              "status": "affected",
              "version": "6.4.0.5"
            },
            {
              "status": "affected",
              "version": "6.4.0.6"
            },
            {
              "status": "affected",
              "version": "6.4.0.7"
            },
            {
              "status": "affected",
              "version": "6.4.0.8"
            },
            {
              "status": "affected",
              "version": "6.4.0.9"
            },
            {
              "status": "affected",
              "version": "6.4.0.10"
            },
            {
              "status": "affected",
              "version": "6.4.0.11"
            },
            {
              "status": "affected",
              "version": "6.4.0.12"
            },
            {
              "status": "affected",
              "version": "6.4.0.13"
            },
            {
              "status": "affected",
              "version": "6.4.0.14"
            },
            {
              "status": "affected",
              "version": "6.4.0.15"
            },
            {
              "status": "affected",
              "version": "6.4.0.16"
            },
            {
              "status": "affected",
              "version": "6.7.0"
            },
            {
              "status": "affected",
              "version": "6.7.0.1"
            },
            {
              "status": "affected",
              "version": "6.7.0.2"
            },
            {
              "status": "affected",
              "version": "6.7.0.3"
            },
            {
              "status": "affected",
              "version": "7.0.0"
            },
            {
              "status": "affected",
              "version": "7.0.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1.1"
            },
            {
              "status": "affected",
              "version": "7.0.2"
            },
            {
              "status": "affected",
              "version": "7.0.2.1"
            },
            {
              "status": "affected",
              "version": "7.0.3"
            },
            {
              "status": "affected",
              "version": "7.0.4"
            },
            {
              "status": "affected",
              "version": "7.0.5"
            },
            {
              "status": "affected",
              "version": "7.1.0"
            },
            {
              "status": "affected",
              "version": "7.1.0.1"
            },
            {
              "status": "affected",
              "version": "7.1.0.2"
            },
            {
              "status": "affected",
              "version": "7.1.0.3"
            },
            {
              "status": "affected",
              "version": "7.2.0"
            },
            {
              "status": "affected",
              "version": "7.2.0.1"
            },
            {
              "status": "affected",
              "version": "7.2.1"
            },
            {
              "status": "affected",
              "version": "7.2.2"
            },
            {
              "status": "affected",
              "version": "7.2.3"
            },
            {
              "status": "affected",
              "version": "7.2.4"
            },
            {
              "status": "affected",
              "version": "7.3.0"
            },
            {
              "status": "affected",
              "version": "7.3.1"
            },
            {
              "status": "affected",
              "version": "7.3.1.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the VPN web client services component of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct browser-based attacks against users of an affected device. This vulnerability is due to improper validation of input that is passed to the VPN web client services component before being returned to the browser that is in use. An attacker could exploit this vulnerability by persuading a user to visit a website that is designed to pass malicious requests to a device that is running Cisco ASA Software or Cisco FTD Software and has web services endpoints supporting VPN features enabled. A successful exploit could allow the attacker to reflect malicious input from the affected device to the browser that is in use and conduct browser-based attacks, including cross-site scripting attacks. The attacker could not directly impact the affected device."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerability described in this advisory.\r\n\r\nThe Cisco PSIRT is not aware of any malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-444",
              "description": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request Smuggling\u0027)",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-25T16:57:06.740Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-asa-webvpn-LOeKsNmO",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-webvpn-LOeKsNmO"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asa-webvpn-LOeKsNmO",
        "defects": [
          "CSCwa04262",
          "CSCwe93561",
          "CSCwf47924",
          "CSCwd95043"
        ],
        "discovery": "EXTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2022-20713",
    "datePublished": "2022-08-10T16:20:10.618838Z",
    "dateReserved": "2021-11-02T00:00:00",
    "dateUpdated": "2024-09-16T20:53:04.405Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-20299 (GCVE-0-2024-20299)

Vulnerability from cvelistv5

Published

2024-10-23 17:08

Modified

2024-10-24 16:39

Severity ?

5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

CWE

CWE-290 - Authentication Bypass by Spoofing

Summary

A vulnerability in the AnyConnect firewall for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should have been denied to flow through an affected device. This vulnerability is due to a logic error in populating group ACLs when an AnyConnect client establishes a new session toward an affected device. An attacker could exploit this vulnerability by establishing an AnyConnect connection to the affected device. A successful exploit could allow the attacker to bypass configured ACL rules.

References

▼	URL	Tags
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-acl-bypass-VvnLNKqf
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-M446vbEO
	https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300

Impacted products

Vendor

Product

Version

▼

Cisco

Cisco Adaptive Security Appliance (ASA) Software

Version: 9.12.3
Version: 9.8.3
Version: 9.12.1
Version: 9.8.1
Version: 9.12.2
Version: 9.8.2.45
Version: 9.8.2
Version: 9.8.4
Version: 9.14.1
Version: 9.12.4
Version: 9.8.2.26
Version: 9.8.2.24
Version: 9.8.2.15
Version: 9.8.2.14
Version: 9.8.2.35
Version: 9.8.2.20
Version: 9.8.2.8
Version: 9.8.2.17
Version: 9.8.2.28
Version: 9.8.2.33
Version: 9.8.2.38
Version: 9.8.4.25
Version: 9.12.3.2
Version: 9.12.3.7
Version: 9.8.3.18
Version: 9.8.3.14
Version: 9.8.4.15
Version: 9.8.4.8
Version: 9.8.1.7
Version: 9.8.3.29
Version: 9.14.1.10
Version: 9.12.2.5
Version: 9.8.4.22
Version: 9.12.3.12
Version: 9.8.4.7
Version: 9.8.4.17
Version: 9.8.3.16
Version: 9.8.4.20
Version: 9.8.3.11
Version: 9.12.1.3
Version: 9.8.4.3
Version: 9.12.2.4
Version: 9.8.4.12
Version: 9.12.1.2
Version: 9.8.3.26
Version: 9.8.1.5
Version: 9.12.2.9
Version: 9.12.3.9
Version: 9.8.3.21
Version: 9.8.4.10
Version: 9.12.2.1
Version: 9.12.4.2
Version: 9.14.1.6
Version: 9.8.3.8
Version: 9.14.1.15
Version: 9.14.1.19
Version: 9.8.4.26
Version: 9.12.4.4
Version: 9.14.1.30
Version: 9.8.4.29
Version: 9.12.4.7
Version: 9.15.1
Version: 9.14.2
Version: 9.12.4.8
Version: 9.8.4.32
Version: 9.12.4.10
Version: 9.14.2.4
Version: 9.15.1.7
Version: 9.14.2.8
Version: 9.12.4.13
Version: 9.8.4.33
Version: 9.15.1.10
Version: 9.14.2.13
Version: 9.8.4.34
Version: 9.12.4.18
Version: 9.15.1.15
Version: 9.8.4.35
Version: 9.14.2.15
Version: 9.12.4.24
Version: 9.16.1
Version: 9.15.1.16
Version: 9.8.4.39
Version: 9.14.3
Version: 9.12.4.26
Version: 9.16.1.28
Version: 9.14.3.1
Version: 9.12.4.29
Version: 9.14.3.9
Version: 9.16.2
Version: 9.12.4.30
Version: 9.16.2.3
Version: 9.8.4.40
Version: 9.14.3.11
Version: 9.15.1.17
Version: 9.12.4.35
Version: 9.8.4.41
Version: 9.15.1.1
Version: 9.14.3.13
Version: 9.16.2.7
Version: 9.12.4.37
Version: 9.14.3.15
Version: 9.17.1
Version: 9.16.2.11
Version: 9.14.3.18
Version: 9.16.2.13
Version: 9.12.4.39
Version: 9.12.4.38
Version: 9.8.4.43
Version: 9.14.4
Version: 9.16.2.14
Version: 9.17.1.7
Version: 9.12.4.40
Version: 9.15.1.21
Version: 9.16.3.3
Version: 9.14.4.6
Version: 9.16.3
Version: 9.16.3.14
Version: 9.17.1.9
Version: 9.14.4.7
Version: 9.12.4.41
Version: 9.17.1.10
Version: 9.8.4.44
Version: 9.18.1
Version: 9.12.4.47
Version: 9.14.4.12
Version: 9.16.3.15
Version: 9.18.1.3
Version: 9.17.1.11
Version: 9.12.4.48
Version: 9.14.4.13
Version: 9.18.2
Version: 9.16.3.19
Version: 9.17.1.13
Version: 9.12.4.50
Version: 9.14.4.14
Version: 9.17.1.15
Version: 9.8.4.45
Version: 9.12.4.52
Version: 9.14.4.15
Version: 9.16.3.23
Version: 9.18.2.5
Version: 9.16.4
Version: 9.12.4.54
Version: 9.14.4.17
Version: 9.8.4.46
Version: 9.17.1.20
Version: 9.18.2.7
Version: 9.19.1
Version: 9.16.4.9
Version: 9.12.4.55
Version: 9.18.2.8
Version: 9.8.4.48

Cisco

Cisco Firepower Threat Defense Software

Version: 6.2.3.14
Version: 6.4.0.1
Version: 6.2.3.7
Version: 6.2.3
Version: 6.4.0.2
Version: 6.2.3.9
Version: 6.2.3.1
Version: 6.2.3.2
Version: 6.4.0.5
Version: 6.2.3.10
Version: 6.4.0
Version: 6.4.0.3
Version: 6.2.3.6
Version: 6.4.0.4
Version: 6.2.3.15
Version: 6.2.3.5
Version: 6.2.3.4
Version: 6.2.3.3
Version: 6.2.3.8
Version: 6.4.0.6
Version: 6.2.3.11
Version: 6.2.3.12
Version: 6.2.3.13
Version: 6.4.0.7
Version: 6.4.0.8
Version: 6.6.0
Version: 6.4.0.9
Version: 6.2.3.16
Version: 6.6.0.1
Version: 6.6.1
Version: 6.4.0.10
Version: 6.7.0
Version: 6.4.0.11
Version: 6.6.3
Version: 6.7.0.1
Version: 6.6.4
Version: 6.4.0.12
Version: 6.7.0.2
Version: 7.0.0
Version: 6.2.3.17
Version: 7.0.0.1
Version: 6.6.5
Version: 7.0.1
Version: 7.1.0
Version: 6.4.0.13
Version: 6.6.5.1
Version: 6.2.3.18
Version: 7.0.1.1
Version: 6.7.0.3
Version: 6.4.0.14
Version: 7.1.0.1
Version: 6.6.5.2
Version: 7.0.2
Version: 6.4.0.15
Version: 7.2.0
Version: 7.0.2.1
Version: 7.0.3
Version: 6.6.7
Version: 7.1.0.2
Version: 7.2.0.1
Version: 7.0.4
Version: 7.2.1
Version: 7.0.5
Version: 6.4.0.16
Version: 7.3.0
Version: 7.2.2
Version: 7.2.3
Version: 6.6.7.1
Version: 7.3.1
Version: 7.1.0.3
Version: 7.3.1.1
Version: 6.6.7.2
Version: 7.3.1.2

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "adaptive_security_appliance_software",
            "vendor": "cisco",
            "versions": [
              {
                "lessThanOrEqual": "9.8.4.48",
                "status": "affected",
                "version": "9.8.1",
                "versionType": "custom"
              },
              {
                "status": "affected",
                "version": "9.19.1"
              },
              {
                "lessThanOrEqual": "9.18.2.8",
                "status": "affected",
                "version": "9.18.1",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "9.17.1.20",
                "status": "affected",
                "version": "9.17.1",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "9.16.4.9",
                "status": "affected",
                "version": "9.16.1",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "9.15.1.21",
                "status": "affected",
                "version": "9.15.1",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "9.14.4.17",
                "status": "affected",
                "version": "9.14.1",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "9.12.4.55",
                "status": "affected",
                "version": "9.12.1",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:firepower_threat_defense_software:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "firepower_threat_defense_software",
            "vendor": "cisco",
            "versions": [
              {
                "lessThanOrEqual": "6.7.0.3",
                "status": "affected",
                "version": "6.2.3",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "7.3.1.2",
                "status": "affected",
                "version": "7.0.0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-20299",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-23T18:42:49.526238Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-24T16:39:38.139Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "9.12.3"
            },
            {
              "status": "affected",
              "version": "9.8.3"
            },
            {
              "status": "affected",
              "version": "9.12.1"
            },
            {
              "status": "affected",
              "version": "9.8.1"
            },
            {
              "status": "affected",
              "version": "9.12.2"
            },
            {
              "status": "affected",
              "version": "9.8.2.45"
            },
            {
              "status": "affected",
              "version": "9.8.2"
            },
            {
              "status": "affected",
              "version": "9.8.4"
            },
            {
              "status": "affected",
              "version": "9.14.1"
            },
            {
              "status": "affected",
              "version": "9.12.4"
            },
            {
              "status": "affected",
              "version": "9.8.2.26"
            },
            {
              "status": "affected",
              "version": "9.8.2.24"
            },
            {
              "status": "affected",
              "version": "9.8.2.15"
            },
            {
              "status": "affected",
              "version": "9.8.2.14"
            },
            {
              "status": "affected",
              "version": "9.8.2.35"
            },
            {
              "status": "affected",
              "version": "9.8.2.20"
            },
            {
              "status": "affected",
              "version": "9.8.2.8"
            },
            {
              "status": "affected",
              "version": "9.8.2.17"
            },
            {
              "status": "affected",
              "version": "9.8.2.28"
            },
            {
              "status": "affected",
              "version": "9.8.2.33"
            },
            {
              "status": "affected",
              "version": "9.8.2.38"
            },
            {
              "status": "affected",
              "version": "9.8.4.25"
            },
            {
              "status": "affected",
              "version": "9.12.3.2"
            },
            {
              "status": "affected",
              "version": "9.12.3.7"
            },
            {
              "status": "affected",
              "version": "9.8.3.18"
            },
            {
              "status": "affected",
              "version": "9.8.3.14"
            },
            {
              "status": "affected",
              "version": "9.8.4.15"
            },
            {
              "status": "affected",
              "version": "9.8.4.8"
            },
            {
              "status": "affected",
              "version": "9.8.1.7"
            },
            {
              "status": "affected",
              "version": "9.8.3.29"
            },
            {
              "status": "affected",
              "version": "9.14.1.10"
            },
            {
              "status": "affected",
              "version": "9.12.2.5"
            },
            {
              "status": "affected",
              "version": "9.8.4.22"
            },
            {
              "status": "affected",
              "version": "9.12.3.12"
            },
            {
              "status": "affected",
              "version": "9.8.4.7"
            },
            {
              "status": "affected",
              "version": "9.8.4.17"
            },
            {
              "status": "affected",
              "version": "9.8.3.16"
            },
            {
              "status": "affected",
              "version": "9.8.4.20"
            },
            {
              "status": "affected",
              "version": "9.8.3.11"
            },
            {
              "status": "affected",
              "version": "9.12.1.3"
            },
            {
              "status": "affected",
              "version": "9.8.4.3"
            },
            {
              "status": "affected",
              "version": "9.12.2.4"
            },
            {
              "status": "affected",
              "version": "9.8.4.12"
            },
            {
              "status": "affected",
              "version": "9.12.1.2"
            },
            {
              "status": "affected",
              "version": "9.8.3.26"
            },
            {
              "status": "affected",
              "version": "9.8.1.5"
            },
            {
              "status": "affected",
              "version": "9.12.2.9"
            },
            {
              "status": "affected",
              "version": "9.12.3.9"
            },
            {
              "status": "affected",
              "version": "9.8.3.21"
            },
            {
              "status": "affected",
              "version": "9.8.4.10"
            },
            {
              "status": "affected",
              "version": "9.12.2.1"
            },
            {
              "status": "affected",
              "version": "9.12.4.2"
            },
            {
              "status": "affected",
              "version": "9.14.1.6"
            },
            {
              "status": "affected",
              "version": "9.8.3.8"
            },
            {
              "status": "affected",
              "version": "9.14.1.15"
            },
            {
              "status": "affected",
              "version": "9.14.1.19"
            },
            {
              "status": "affected",
              "version": "9.8.4.26"
            },
            {
              "status": "affected",
              "version": "9.12.4.4"
            },
            {
              "status": "affected",
              "version": "9.14.1.30"
            },
            {
              "status": "affected",
              "version": "9.8.4.29"
            },
            {
              "status": "affected",
              "version": "9.12.4.7"
            },
            {
              "status": "affected",
              "version": "9.15.1"
            },
            {
              "status": "affected",
              "version": "9.14.2"
            },
            {
              "status": "affected",
              "version": "9.12.4.8"
            },
            {
              "status": "affected",
              "version": "9.8.4.32"
            },
            {
              "status": "affected",
              "version": "9.12.4.10"
            },
            {
              "status": "affected",
              "version": "9.14.2.4"
            },
            {
              "status": "affected",
              "version": "9.15.1.7"
            },
            {
              "status": "affected",
              "version": "9.14.2.8"
            },
            {
              "status": "affected",
              "version": "9.12.4.13"
            },
            {
              "status": "affected",
              "version": "9.8.4.33"
            },
            {
              "status": "affected",
              "version": "9.15.1.10"
            },
            {
              "status": "affected",
              "version": "9.14.2.13"
            },
            {
              "status": "affected",
              "version": "9.8.4.34"
            },
            {
              "status": "affected",
              "version": "9.12.4.18"
            },
            {
              "status": "affected",
              "version": "9.15.1.15"
            },
            {
              "status": "affected",
              "version": "9.8.4.35"
            },
            {
              "status": "affected",
              "version": "9.14.2.15"
            },
            {
              "status": "affected",
              "version": "9.12.4.24"
            },
            {
              "status": "affected",
              "version": "9.16.1"
            },
            {
              "status": "affected",
              "version": "9.15.1.16"
            },
            {
              "status": "affected",
              "version": "9.8.4.39"
            },
            {
              "status": "affected",
              "version": "9.14.3"
            },
            {
              "status": "affected",
              "version": "9.12.4.26"
            },
            {
              "status": "affected",
              "version": "9.16.1.28"
            },
            {
              "status": "affected",
              "version": "9.14.3.1"
            },
            {
              "status": "affected",
              "version": "9.12.4.29"
            },
            {
              "status": "affected",
              "version": "9.14.3.9"
            },
            {
              "status": "affected",
              "version": "9.16.2"
            },
            {
              "status": "affected",
              "version": "9.12.4.30"
            },
            {
              "status": "affected",
              "version": "9.16.2.3"
            },
            {
              "status": "affected",
              "version": "9.8.4.40"
            },
            {
              "status": "affected",
              "version": "9.14.3.11"
            },
            {
              "status": "affected",
              "version": "9.15.1.17"
            },
            {
              "status": "affected",
              "version": "9.12.4.35"
            },
            {
              "status": "affected",
              "version": "9.8.4.41"
            },
            {
              "status": "affected",
              "version": "9.15.1.1"
            },
            {
              "status": "affected",
              "version": "9.14.3.13"
            },
            {
              "status": "affected",
              "version": "9.16.2.7"
            },
            {
              "status": "affected",
              "version": "9.12.4.37"
            },
            {
              "status": "affected",
              "version": "9.14.3.15"
            },
            {
              "status": "affected",
              "version": "9.17.1"
            },
            {
              "status": "affected",
              "version": "9.16.2.11"
            },
            {
              "status": "affected",
              "version": "9.14.3.18"
            },
            {
              "status": "affected",
              "version": "9.16.2.13"
            },
            {
              "status": "affected",
              "version": "9.12.4.39"
            },
            {
              "status": "affected",
              "version": "9.12.4.38"
            },
            {
              "status": "affected",
              "version": "9.8.4.43"
            },
            {
              "status": "affected",
              "version": "9.14.4"
            },
            {
              "status": "affected",
              "version": "9.16.2.14"
            },
            {
              "status": "affected",
              "version": "9.17.1.7"
            },
            {
              "status": "affected",
              "version": "9.12.4.40"
            },
            {
              "status": "affected",
              "version": "9.15.1.21"
            },
            {
              "status": "affected",
              "version": "9.16.3.3"
            },
            {
              "status": "affected",
              "version": "9.14.4.6"
            },
            {
              "status": "affected",
              "version": "9.16.3"
            },
            {
              "status": "affected",
              "version": "9.16.3.14"
            },
            {
              "status": "affected",
              "version": "9.17.1.9"
            },
            {
              "status": "affected",
              "version": "9.14.4.7"
            },
            {
              "status": "affected",
              "version": "9.12.4.41"
            },
            {
              "status": "affected",
              "version": "9.17.1.10"
            },
            {
              "status": "affected",
              "version": "9.8.4.44"
            },
            {
              "status": "affected",
              "version": "9.18.1"
            },
            {
              "status": "affected",
              "version": "9.12.4.47"
            },
            {
              "status": "affected",
              "version": "9.14.4.12"
            },
            {
              "status": "affected",
              "version": "9.16.3.15"
            },
            {
              "status": "affected",
              "version": "9.18.1.3"
            },
            {
              "status": "affected",
              "version": "9.17.1.11"
            },
            {
              "status": "affected",
              "version": "9.12.4.48"
            },
            {
              "status": "affected",
              "version": "9.14.4.13"
            },
            {
              "status": "affected",
              "version": "9.18.2"
            },
            {
              "status": "affected",
              "version": "9.16.3.19"
            },
            {
              "status": "affected",
              "version": "9.17.1.13"
            },
            {
              "status": "affected",
              "version": "9.12.4.50"
            },
            {
              "status": "affected",
              "version": "9.14.4.14"
            },
            {
              "status": "affected",
              "version": "9.17.1.15"
            },
            {
              "status": "affected",
              "version": "9.8.4.45"
            },
            {
              "status": "affected",
              "version": "9.12.4.52"
            },
            {
              "status": "affected",
              "version": "9.14.4.15"
            },
            {
              "status": "affected",
              "version": "9.16.3.23"
            },
            {
              "status": "affected",
              "version": "9.18.2.5"
            },
            {
              "status": "affected",
              "version": "9.16.4"
            },
            {
              "status": "affected",
              "version": "9.12.4.54"
            },
            {
              "status": "affected",
              "version": "9.14.4.17"
            },
            {
              "status": "affected",
              "version": "9.8.4.46"
            },
            {
              "status": "affected",
              "version": "9.17.1.20"
            },
            {
              "status": "affected",
              "version": "9.18.2.7"
            },
            {
              "status": "affected",
              "version": "9.19.1"
            },
            {
              "status": "affected",
              "version": "9.16.4.9"
            },
            {
              "status": "affected",
              "version": "9.12.4.55"
            },
            {
              "status": "affected",
              "version": "9.18.2.8"
            },
            {
              "status": "affected",
              "version": "9.8.4.48"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "6.2.3.14"
            },
            {
              "status": "affected",
              "version": "6.4.0.1"
            },
            {
              "status": "affected",
              "version": "6.2.3.7"
            },
            {
              "status": "affected",
              "version": "6.2.3"
            },
            {
              "status": "affected",
              "version": "6.4.0.2"
            },
            {
              "status": "affected",
              "version": "6.2.3.9"
            },
            {
              "status": "affected",
              "version": "6.2.3.1"
            },
            {
              "status": "affected",
              "version": "6.2.3.2"
            },
            {
              "status": "affected",
              "version": "6.4.0.5"
            },
            {
              "status": "affected",
              "version": "6.2.3.10"
            },
            {
              "status": "affected",
              "version": "6.4.0"
            },
            {
              "status": "affected",
              "version": "6.4.0.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.6"
            },
            {
              "status": "affected",
              "version": "6.4.0.4"
            },
            {
              "status": "affected",
              "version": "6.2.3.15"
            },
            {
              "status": "affected",
              "version": "6.2.3.5"
            },
            {
              "status": "affected",
              "version": "6.2.3.4"
            },
            {
              "status": "affected",
              "version": "6.2.3.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.8"
            },
            {
              "status": "affected",
              "version": "6.4.0.6"
            },
            {
              "status": "affected",
              "version": "6.2.3.11"
            },
            {
              "status": "affected",
              "version": "6.2.3.12"
            },
            {
              "status": "affected",
              "version": "6.2.3.13"
            },
            {
              "status": "affected",
              "version": "6.4.0.7"
            },
            {
              "status": "affected",
              "version": "6.4.0.8"
            },
            {
              "status": "affected",
              "version": "6.6.0"
            },
            {
              "status": "affected",
              "version": "6.4.0.9"
            },
            {
              "status": "affected",
              "version": "6.2.3.16"
            },
            {
              "status": "affected",
              "version": "6.6.0.1"
            },
            {
              "status": "affected",
              "version": "6.6.1"
            },
            {
              "status": "affected",
              "version": "6.4.0.10"
            },
            {
              "status": "affected",
              "version": "6.7.0"
            },
            {
              "status": "affected",
              "version": "6.4.0.11"
            },
            {
              "status": "affected",
              "version": "6.6.3"
            },
            {
              "status": "affected",
              "version": "6.7.0.1"
            },
            {
              "status": "affected",
              "version": "6.6.4"
            },
            {
              "status": "affected",
              "version": "6.4.0.12"
            },
            {
              "status": "affected",
              "version": "6.7.0.2"
            },
            {
              "status": "affected",
              "version": "7.0.0"
            },
            {
              "status": "affected",
              "version": "6.2.3.17"
            },
            {
              "status": "affected",
              "version": "7.0.0.1"
            },
            {
              "status": "affected",
              "version": "6.6.5"
            },
            {
              "status": "affected",
              "version": "7.0.1"
            },
            {
              "status": "affected",
              "version": "7.1.0"
            },
            {
              "status": "affected",
              "version": "6.4.0.13"
            },
            {
              "status": "affected",
              "version": "6.6.5.1"
            },
            {
              "status": "affected",
              "version": "6.2.3.18"
            },
            {
              "status": "affected",
              "version": "7.0.1.1"
            },
            {
              "status": "affected",
              "version": "6.7.0.3"
            },
            {
              "status": "affected",
              "version": "6.4.0.14"
            },
            {
              "status": "affected",
              "version": "7.1.0.1"
            },
            {
              "status": "affected",
              "version": "6.6.5.2"
            },
            {
              "status": "affected",
              "version": "7.0.2"
            },
            {
              "status": "affected",
              "version": "6.4.0.15"
            },
            {
              "status": "affected",
              "version": "7.2.0"
            },
            {
              "status": "affected",
              "version": "7.0.2.1"
            },
            {
              "status": "affected",
              "version": "7.0.3"
            },
            {
              "status": "affected",
              "version": "6.6.7"
            },
            {
              "status": "affected",
              "version": "7.1.0.2"
            },
            {
              "status": "affected",
              "version": "7.2.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.4"
            },
            {
              "status": "affected",
              "version": "7.2.1"
            },
            {
              "status": "affected",
              "version": "7.0.5"
            },
            {
              "status": "affected",
              "version": "6.4.0.16"
            },
            {
              "status": "affected",
              "version": "7.3.0"
            },
            {
              "status": "affected",
              "version": "7.2.2"
            },
            {
              "status": "affected",
              "version": "7.2.3"
            },
            {
              "status": "affected",
              "version": "6.6.7.1"
            },
            {
              "status": "affected",
              "version": "7.3.1"
            },
            {
              "status": "affected",
              "version": "7.1.0.3"
            },
            {
              "status": "affected",
              "version": "7.3.1.1"
            },
            {
              "status": "affected",
              "version": "6.6.7.2"
            },
            {
              "status": "affected",
              "version": "7.3.1.2"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the AnyConnect firewall for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should have been denied to flow through an affected device. This vulnerability is due to a logic error in populating group ACLs when an AnyConnect client establishes a new session toward an affected device. An attacker could exploit this vulnerability by establishing an AnyConnect connection to the affected device. A successful exploit could allow the attacker to bypass configured ACL rules."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-290",
              "description": "Authentication Bypass by Spoofing",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-23T17:08:13.630Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-asaftd-acl-bypass-VvnLNKqf",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-acl-bypass-VvnLNKqf"
        },
        {
          "name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-M446vbEO",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-M446vbEO"
        },
        {
          "name": "Cisco Event Response: October 2024 Semiannual Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication",
          "url": "https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asaftd-acl-bypass-VvnLNKqf",
        "defects": [
          "CSCwd96845"
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance and Firepower Threat Defense AnyConnect  Access Control List Bypass Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2024-20299",
    "datePublished": "2024-10-23T17:08:13.630Z",
    "dateReserved": "2023-11-08T15:08:07.630Z",
    "dateUpdated": "2024-10-24T16:39:38.139Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-20388 (GCVE-0-2024-20388)

Vulnerability from cvelistv5

Published

2024-10-23 17:35

Modified

2024-10-24 16:24

Severity ?

5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CWE

CWE-202 - Exposure of Sensitive Information Through Data Queries

Summary

A vulnerability in the password change feature of Cisco Firepower Management Center (FMC) software could allow an unauthenticated, remote attacker to determine valid user names on an affected device. This vulnerability is due to improper authentication of password update responses. An attacker could exploit this vulnerability by forcing a password reset on an affected device. A successful exploit could allow the attacker to determine valid user names in the unauthenticated response to a forced password reset.

References

▼	URL	Tags
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-infodisc-RL4mJFer

Impacted products

Vendor

Product

Version

▼

Cisco

Cisco Firepower Management Center

Version: 6.2.3
Version: 6.2.3.1
Version: 6.2.3.2
Version: 6.2.3.3
Version: 6.2.3.4
Version: 6.2.3.5
Version: 6.2.3.6
Version: 6.2.3.7
Version: 6.2.3.9
Version: 6.2.3.10
Version: 6.2.3.11
Version: 6.2.3.12
Version: 6.2.3.13
Version: 6.2.3.14
Version: 6.2.3.15
Version: 6.2.3.8
Version: 6.2.3.16
Version: 6.2.3.17
Version: 6.2.3.18
Version: 6.4.0
Version: 6.4.0.1
Version: 6.4.0.3
Version: 6.4.0.2
Version: 6.4.0.4
Version: 6.4.0.5
Version: 6.4.0.6
Version: 6.4.0.7
Version: 6.4.0.8
Version: 6.4.0.9
Version: 6.4.0.10
Version: 6.4.0.11
Version: 6.4.0.12
Version: 6.4.0.13
Version: 6.4.0.14
Version: 6.4.0.15
Version: 6.4.0.16
Version: 6.4.0.17
Version: 6.4.0.18
Version: 6.6.0
Version: 6.6.0.1
Version: 6.6.1
Version: 6.6.3
Version: 6.6.4
Version: 6.6.5
Version: 6.6.5.1
Version: 6.6.5.2
Version: 6.6.7
Version: 6.6.7.1
Version: 6.6.7.2
Version: 6.7.0
Version: 6.7.0.1
Version: 6.7.0.2
Version: 6.7.0.3
Version: 7.0.0
Version: 7.0.0.1
Version: 7.0.1
Version: 7.0.1.1
Version: 7.0.2
Version: 7.0.2.1
Version: 7.0.3
Version: 7.0.4
Version: 7.0.5
Version: 7.0.6
Version: 7.0.6.1
Version: 7.0.6.2
Version: 7.1.0
Version: 7.1.0.1
Version: 7.1.0.2
Version: 7.1.0.3
Version: 7.2.0
Version: 7.2.1
Version: 7.2.2
Version: 7.2.0.1
Version: 7.2.3
Version: 7.2.3.1
Version: 7.2.4
Version: 7.2.4.1
Version: 7.2.5
Version: 7.2.5.1
Version: 7.2.6
Version: 7.2.7
Version: 7.2.5.2
Version: 7.2.8
Version: 7.2.8.1
Version: 7.3.0
Version: 7.3.1
Version: 7.3.1.1
Version: 7.3.1.2
Version: 7.4.0
Version: 7.4.1
Version: 7.4.1.1

Cisco

Cisco Firepower Threat Defense Software

Version: 6.6.5.1
Version: 6.6.7
Version: 6.4.0.4
Version: 6.4.0.10
Version: 6.4.0.12
Version: 6.4.0.14
Version: 6.4.0.16
Version: 6.4.0.18
Version: 6.7.0.2
Version: 7.1.0.1
Version: 7.1.0.3
Version: 7.2.2
Version: 7.4.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:cisco:firepower_management_center:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "firepower_management_center",
            "vendor": "cisco",
            "versions": [
              {
                "lessThanOrEqual": "6.2.3.18",
                "status": "affected",
                "version": "6.2.3",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "6.4.0.18",
                "status": "affected",
                "version": "6.4.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "6.6.7.2",
                "status": "affected",
                "version": "6.6.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "6.7.0.3",
                "status": "affected",
                "version": "6.7.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "7.0.6.2",
                "status": "affected",
                "version": "7.0.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "7.1.0.3",
                "status": "affected",
                "version": "7.1.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "7.2.8.1",
                "status": "affected",
                "version": "7.2.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "7.3.1.2",
                "status": "affected",
                "version": "7.3.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "7.4.1.1",
                "status": "affected",
                "version": "7.4.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:firepower_threat_defense_software:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "firepower_threat_defense_software",
            "vendor": "cisco",
            "versions": [
              {
                "lessThanOrEqual": "6.4.0.18",
                "status": "affected",
                "version": "6.4.0.4",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "6.6.7",
                "status": "affected",
                "version": "6.6.5.1",
                "versionType": "custom"
              },
              {
                "status": "affected",
                "version": "6.7.0.2"
              },
              {
                "lessThanOrEqual": "7.1.0.3",
                "status": "affected",
                "version": "7.1.0.1",
                "versionType": "custom"
              },
              {
                "status": "affected",
                "version": "7.2.2"
              },
              {
                "status": "affected",
                "version": "7.4.1"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-20388",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-23T18:45:56.491861Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-24T16:24:24.678Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Management Center",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "6.2.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.1"
            },
            {
              "status": "affected",
              "version": "6.2.3.2"
            },
            {
              "status": "affected",
              "version": "6.2.3.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.4"
            },
            {
              "status": "affected",
              "version": "6.2.3.5"
            },
            {
              "status": "affected",
              "version": "6.2.3.6"
            },
            {
              "status": "affected",
              "version": "6.2.3.7"
            },
            {
              "status": "affected",
              "version": "6.2.3.9"
            },
            {
              "status": "affected",
              "version": "6.2.3.10"
            },
            {
              "status": "affected",
              "version": "6.2.3.11"
            },
            {
              "status": "affected",
              "version": "6.2.3.12"
            },
            {
              "status": "affected",
              "version": "6.2.3.13"
            },
            {
              "status": "affected",
              "version": "6.2.3.14"
            },
            {
              "status": "affected",
              "version": "6.2.3.15"
            },
            {
              "status": "affected",
              "version": "6.2.3.8"
            },
            {
              "status": "affected",
              "version": "6.2.3.16"
            },
            {
              "status": "affected",
              "version": "6.2.3.17"
            },
            {
              "status": "affected",
              "version": "6.2.3.18"
            },
            {
              "status": "affected",
              "version": "6.4.0"
            },
            {
              "status": "affected",
              "version": "6.4.0.1"
            },
            {
              "status": "affected",
              "version": "6.4.0.3"
            },
            {
              "status": "affected",
              "version": "6.4.0.2"
            },
            {
              "status": "affected",
              "version": "6.4.0.4"
            },
            {
              "status": "affected",
              "version": "6.4.0.5"
            },
            {
              "status": "affected",
              "version": "6.4.0.6"
            },
            {
              "status": "affected",
              "version": "6.4.0.7"
            },
            {
              "status": "affected",
              "version": "6.4.0.8"
            },
            {
              "status": "affected",
              "version": "6.4.0.9"
            },
            {
              "status": "affected",
              "version": "6.4.0.10"
            },
            {
              "status": "affected",
              "version": "6.4.0.11"
            },
            {
              "status": "affected",
              "version": "6.4.0.12"
            },
            {
              "status": "affected",
              "version": "6.4.0.13"
            },
            {
              "status": "affected",
              "version": "6.4.0.14"
            },
            {
              "status": "affected",
              "version": "6.4.0.15"
            },
            {
              "status": "affected",
              "version": "6.4.0.16"
            },
            {
              "status": "affected",
              "version": "6.4.0.17"
            },
            {
              "status": "affected",
              "version": "6.4.0.18"
            },
            {
              "status": "affected",
              "version": "6.6.0"
            },
            {
              "status": "affected",
              "version": "6.6.0.1"
            },
            {
              "status": "affected",
              "version": "6.6.1"
            },
            {
              "status": "affected",
              "version": "6.6.3"
            },
            {
              "status": "affected",
              "version": "6.6.4"
            },
            {
              "status": "affected",
              "version": "6.6.5"
            },
            {
              "status": "affected",
              "version": "6.6.5.1"
            },
            {
              "status": "affected",
              "version": "6.6.5.2"
            },
            {
              "status": "affected",
              "version": "6.6.7"
            },
            {
              "status": "affected",
              "version": "6.6.7.1"
            },
            {
              "status": "affected",
              "version": "6.6.7.2"
            },
            {
              "status": "affected",
              "version": "6.7.0"
            },
            {
              "status": "affected",
              "version": "6.7.0.1"
            },
            {
              "status": "affected",
              "version": "6.7.0.2"
            },
            {
              "status": "affected",
              "version": "6.7.0.3"
            },
            {
              "status": "affected",
              "version": "7.0.0"
            },
            {
              "status": "affected",
              "version": "7.0.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1.1"
            },
            {
              "status": "affected",
              "version": "7.0.2"
            },
            {
              "status": "affected",
              "version": "7.0.2.1"
            },
            {
              "status": "affected",
              "version": "7.0.3"
            },
            {
              "status": "affected",
              "version": "7.0.4"
            },
            {
              "status": "affected",
              "version": "7.0.5"
            },
            {
              "status": "affected",
              "version": "7.0.6"
            },
            {
              "status": "affected",
              "version": "7.0.6.1"
            },
            {
              "status": "affected",
              "version": "7.0.6.2"
            },
            {
              "status": "affected",
              "version": "7.1.0"
            },
            {
              "status": "affected",
              "version": "7.1.0.1"
            },
            {
              "status": "affected",
              "version": "7.1.0.2"
            },
            {
              "status": "affected",
              "version": "7.1.0.3"
            },
            {
              "status": "affected",
              "version": "7.2.0"
            },
            {
              "status": "affected",
              "version": "7.2.1"
            },
            {
              "status": "affected",
              "version": "7.2.2"
            },
            {
              "status": "affected",
              "version": "7.2.0.1"
            },
            {
              "status": "affected",
              "version": "7.2.3"
            },
            {
              "status": "affected",
              "version": "7.2.3.1"
            },
            {
              "status": "affected",
              "version": "7.2.4"
            },
            {
              "status": "affected",
              "version": "7.2.4.1"
            },
            {
              "status": "affected",
              "version": "7.2.5"
            },
            {
              "status": "affected",
              "version": "7.2.5.1"
            },
            {
              "status": "affected",
              "version": "7.2.6"
            },
            {
              "status": "affected",
              "version": "7.2.7"
            },
            {
              "status": "affected",
              "version": "7.2.5.2"
            },
            {
              "status": "affected",
              "version": "7.2.8"
            },
            {
              "status": "affected",
              "version": "7.2.8.1"
            },
            {
              "status": "affected",
              "version": "7.3.0"
            },
            {
              "status": "affected",
              "version": "7.3.1"
            },
            {
              "status": "affected",
              "version": "7.3.1.1"
            },
            {
              "status": "affected",
              "version": "7.3.1.2"
            },
            {
              "status": "affected",
              "version": "7.4.0"
            },
            {
              "status": "affected",
              "version": "7.4.1"
            },
            {
              "status": "affected",
              "version": "7.4.1.1"
            }
          ]
        },
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "6.6.5.1"
            },
            {
              "status": "affected",
              "version": "6.6.7"
            },
            {
              "status": "affected",
              "version": "6.4.0.4"
            },
            {
              "status": "affected",
              "version": "6.4.0.10"
            },
            {
              "status": "affected",
              "version": "6.4.0.12"
            },
            {
              "status": "affected",
              "version": "6.4.0.14"
            },
            {
              "status": "affected",
              "version": "6.4.0.16"
            },
            {
              "status": "affected",
              "version": "6.4.0.18"
            },
            {
              "status": "affected",
              "version": "6.7.0.2"
            },
            {
              "status": "affected",
              "version": "7.1.0.1"
            },
            {
              "status": "affected",
              "version": "7.1.0.3"
            },
            {
              "status": "affected",
              "version": "7.2.2"
            },
            {
              "status": "affected",
              "version": "7.4.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the password change feature of Cisco Firepower Management Center (FMC) software could allow an unauthenticated, remote attacker to determine valid user names on an affected device.\r\n\r This vulnerability is due to improper authentication of password update responses. An attacker could exploit this vulnerability by forcing a password reset on an affected device. A successful exploit could allow the attacker to determine valid user names in the unauthenticated response to a forced password reset."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.\r\n\r\nThe Cisco PSIRT is not aware of any malicious use of the vulnerabilities that are described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-202",
              "description": "Exposure of Sensitive Information Through Data Queries",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-23T17:35:24.772Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-fmc-xss-infodisc-RL4mJFer",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-infodisc-RL4mJFer"
        }
      ],
      "source": {
        "advisory": "cisco-sa-fmc-xss-infodisc-RL4mJFer",
        "defects": [
          "CSCwj03056"
        ],
        "discovery": "EXTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2024-20388",
    "datePublished": "2024-10-23T17:35:24.772Z",
    "dateReserved": "2023-11-08T15:08:07.658Z",
    "dateUpdated": "2024-10-24T16:24:24.678Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-20182 (GCVE-0-2025-20182)

Vulnerability from cvelistv5

Published

2025-05-07 17:18

Modified

2025-05-07 19:47

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-787 - Out-of-bounds Write

Summary

A vulnerability in the Internet Key Exchange version 2 (IKEv2) protocol processing of Cisco Adaptive Security Appliance (ASA) Software, Cisco Firepower Threat Defense (FTD) Software, Cisco IOS Software, and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation when processing IKEv2 messages. An attacker could exploit this vulnerability by sending crafted IKEv2 traffic to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition on the affected device.

References

▼	URL	Tags
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-multiprod-ikev2-dos-gPctUqv2

Impacted products

Vendor

Product

Version

▼

Cisco

Cisco Adaptive Security Appliance (ASA) Software

Version: 9.12.3
Version: 9.8.3
Version: 9.12.1
Version: 9.8.1
Version: 9.12.2
Version: 9.8.2.45
Version: 9.8.2
Version: 9.8.4
Version: 9.14.1
Version: 9.12.4
Version: 9.8.2.26
Version: 9.8.2.24
Version: 9.8.2.15
Version: 9.8.2.14
Version: 9.8.2.35
Version: 9.8.2.20
Version: 9.8.2.8
Version: 9.8.2.17
Version: 9.8.2.28
Version: 9.8.2.33
Version: 9.8.2.38
Version: 9.8.4.25
Version: 9.12.3.2
Version: 9.12.3.7
Version: 9.8.3.18
Version: 9.8.3.14
Version: 9.8.4.15
Version: 9.8.4.8
Version: 9.8.1.7
Version: 9.8.3.29
Version: 9.14.1.10
Version: 9.12.2.5
Version: 9.8.4.22
Version: 9.12.3.12
Version: 9.8.4.7
Version: 9.8.4.17
Version: 9.8.3.16
Version: 9.8.4.20
Version: 9.8.3.11
Version: 9.12.1.3
Version: 9.8.4.3
Version: 9.12.2.4
Version: 9.8.4.12
Version: 9.12.1.2
Version: 9.8.3.26
Version: 9.8.1.5
Version: 9.12.2.9
Version: 9.12.3.9
Version: 9.8.3.21
Version: 9.8.4.10
Version: 9.12.2.1
Version: 9.12.4.2
Version: 9.14.1.6
Version: 9.8.3.8
Version: 9.14.1.15
Version: 9.14.1.19
Version: 9.8.4.26
Version: 9.12.4.4
Version: 9.14.1.30
Version: 9.8.4.29
Version: 9.12.4.7
Version: 9.14.2
Version: 9.12.4.8
Version: 9.8.4.32
Version: 9.12.4.10
Version: 9.14.2.4
Version: 9.14.2.8
Version: 9.12.4.13
Version: 9.8.4.33
Version: 9.14.2.13
Version: 9.8.4.34
Version: 9.12.4.18
Version: 9.8.4.35
Version: 9.14.2.15
Version: 9.12.4.24
Version: 9.16.1
Version: 9.8.4.39
Version: 9.14.3
Version: 9.12.4.26
Version: 9.16.1.28
Version: 9.14.3.1
Version: 9.12.4.29
Version: 9.14.3.9
Version: 9.16.2
Version: 9.12.4.30
Version: 9.16.2.3
Version: 9.8.4.40
Version: 9.14.3.11
Version: 9.12.4.35
Version: 9.8.4.41
Version: 9.15.1.1
Version: 9.14.3.13
Version: 9.16.2.7
Version: 9.12.4.37
Version: 9.14.3.15
Version: 9.17.1
Version: 9.16.2.11
Version: 9.14.3.18
Version: 9.16.2.13
Version: 9.12.4.39
Version: 9.12.4.38
Version: 9.8.4.43
Version: 9.14.4
Version: 9.16.2.14
Version: 9.17.1.7
Version: 9.12.4.40
Version: 9.16.3.3
Version: 9.14.4.6
Version: 9.16.3
Version: 9.16.3.14
Version: 9.17.1.9
Version: 9.14.4.7
Version: 9.12.4.41
Version: 9.17.1.10
Version: 9.8.4.44
Version: 9.18.1
Version: 9.12.4.47
Version: 9.14.4.12
Version: 9.16.3.15
Version: 9.18.1.3
Version: 9.17.1.11
Version: 9.12.4.48
Version: 9.14.4.13
Version: 9.18.2
Version: 9.16.3.19
Version: 9.17.1.13
Version: 9.12.4.50
Version: 9.14.4.14
Version: 9.17.1.15
Version: 9.8.4.45
Version: 9.12.4.52
Version: 9.14.4.15
Version: 9.16.3.23
Version: 9.18.2.5
Version: 9.16.4
Version: 9.12.4.54
Version: 9.14.4.17
Version: 9.8.4.46
Version: 9.17.1.20
Version: 9.18.2.7
Version: 9.19.1
Version: 9.16.4.9
Version: 9.12.4.55
Version: 9.18.2.8
Version: 9.14.4.22
Version: 9.16.4.14
Version: 9.8.4.48
Version: 9.18.3
Version: 9.19.1.5
Version: 9.14.4.23
Version: 9.12.4.56
Version: 9.16.4.18
Version: 9.17.1.30
Version: 9.19.1.9
Version: 9.18.3.39
Version: 9.16.4.19
Version: 9.12.4.58
Version: 9.19.1.12
Version: 9.18.3.46
Version: 9.16.4.27
Version: 9.19.1.18
Version: 9.18.3.53
Version: 9.18.3.55
Version: 9.16.4.38
Version: 9.17.1.33
Version: 9.12.4.62
Version: 9.16.4.39
Version: 9.18.3.56
Version: 9.20.1
Version: 9.16.4.42
Version: 9.19.1.22
Version: 9.18.4
Version: 9.20.1.5
Version: 9.18.4.5
Version: 9.19.1.24
Version: 9.16.4.48
Version: 9.18.4.8
Version: 9.20.2
Version: 9.19.1.27
Version: 9.12.4.65
Version: 9.16.4.55
Version: 9.18.4.22
Version: 9.20.2.10
Version: 9.16.4.57
Version: 9.19.1.28
Version: 9.17.1.39
Version: 9.12.4.67
Version: 9.14.4.24
Version: 9.18.4.24
Version: 9.20.2.21
Version: 9.16.4.61
Version: 9.19.1.31
Version: 9.18.4.29

Cisco

Cisco Firepower Threat Defense Software

Version: 6.2.3.14
Version: 6.4.0.1
Version: 6.2.3.7
Version: 6.2.3
Version: 6.4.0.2
Version: 6.2.3.9
Version: 6.2.3.1
Version: 6.2.3.2
Version: 6.4.0.5
Version: 6.2.3.10
Version: 6.4.0
Version: 6.4.0.3
Version: 6.2.3.6
Version: 6.4.0.4
Version: 6.2.3.15
Version: 6.2.3.5
Version: 6.2.3.4
Version: 6.2.3.3
Version: 6.2.3.8
Version: 6.4.0.6
Version: 6.2.3.11
Version: 6.2.3.12
Version: 6.2.3.13
Version: 6.4.0.7
Version: 6.4.0.8
Version: 6.6.0
Version: 6.4.0.9
Version: 6.2.3.16
Version: 6.6.0.1
Version: 6.6.1
Version: 6.4.0.10
Version: 6.4.0.11
Version: 6.6.3
Version: 6.6.4
Version: 6.4.0.12
Version: 7.0.0
Version: 6.2.3.17
Version: 7.0.0.1
Version: 6.6.5
Version: 7.0.1
Version: 7.1.0
Version: 6.4.0.13
Version: 6.6.5.1
Version: 6.2.3.18
Version: 7.0.1.1
Version: 6.4.0.14
Version: 7.1.0.1
Version: 6.6.5.2
Version: 7.0.2
Version: 6.4.0.15
Version: 7.2.0
Version: 7.0.2.1
Version: 7.0.3
Version: 6.6.7
Version: 7.1.0.2
Version: 7.2.0.1
Version: 7.0.4
Version: 7.2.1
Version: 7.0.5
Version: 6.4.0.16
Version: 7.3.0
Version: 7.2.2
Version: 7.2.3
Version: 6.6.7.1
Version: 7.3.1
Version: 7.1.0.3
Version: 7.2.4
Version: 7.0.6
Version: 7.2.5
Version: 7.2.4.1
Version: 7.3.1.1
Version: 7.4.0
Version: 6.4.0.17
Version: 7.0.6.1
Version: 7.2.5.1
Version: 7.4.1
Version: 7.2.6
Version: 7.0.6.2
Version: 7.4.1.1
Version: 6.6.7.2
Version: 6.4.0.18
Version: 7.2.7
Version: 7.2.5.2
Version: 7.3.1.2
Version: 7.2.8
Version: 7.2.8.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-20182",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-07T18:57:03.651780Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-07T19:47:40.064Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "9.12.3"
            },
            {
              "status": "affected",
              "version": "9.8.3"
            },
            {
              "status": "affected",
              "version": "9.12.1"
            },
            {
              "status": "affected",
              "version": "9.8.1"
            },
            {
              "status": "affected",
              "version": "9.12.2"
            },
            {
              "status": "affected",
              "version": "9.8.2.45"
            },
            {
              "status": "affected",
              "version": "9.8.2"
            },
            {
              "status": "affected",
              "version": "9.8.4"
            },
            {
              "status": "affected",
              "version": "9.14.1"
            },
            {
              "status": "affected",
              "version": "9.12.4"
            },
            {
              "status": "affected",
              "version": "9.8.2.26"
            },
            {
              "status": "affected",
              "version": "9.8.2.24"
            },
            {
              "status": "affected",
              "version": "9.8.2.15"
            },
            {
              "status": "affected",
              "version": "9.8.2.14"
            },
            {
              "status": "affected",
              "version": "9.8.2.35"
            },
            {
              "status": "affected",
              "version": "9.8.2.20"
            },
            {
              "status": "affected",
              "version": "9.8.2.8"
            },
            {
              "status": "affected",
              "version": "9.8.2.17"
            },
            {
              "status": "affected",
              "version": "9.8.2.28"
            },
            {
              "status": "affected",
              "version": "9.8.2.33"
            },
            {
              "status": "affected",
              "version": "9.8.2.38"
            },
            {
              "status": "affected",
              "version": "9.8.4.25"
            },
            {
              "status": "affected",
              "version": "9.12.3.2"
            },
            {
              "status": "affected",
              "version": "9.12.3.7"
            },
            {
              "status": "affected",
              "version": "9.8.3.18"
            },
            {
              "status": "affected",
              "version": "9.8.3.14"
            },
            {
              "status": "affected",
              "version": "9.8.4.15"
            },
            {
              "status": "affected",
              "version": "9.8.4.8"
            },
            {
              "status": "affected",
              "version": "9.8.1.7"
            },
            {
              "status": "affected",
              "version": "9.8.3.29"
            },
            {
              "status": "affected",
              "version": "9.14.1.10"
            },
            {
              "status": "affected",
              "version": "9.12.2.5"
            },
            {
              "status": "affected",
              "version": "9.8.4.22"
            },
            {
              "status": "affected",
              "version": "9.12.3.12"
            },
            {
              "status": "affected",
              "version": "9.8.4.7"
            },
            {
              "status": "affected",
              "version": "9.8.4.17"
            },
            {
              "status": "affected",
              "version": "9.8.3.16"
            },
            {
              "status": "affected",
              "version": "9.8.4.20"
            },
            {
              "status": "affected",
              "version": "9.8.3.11"
            },
            {
              "status": "affected",
              "version": "9.12.1.3"
            },
            {
              "status": "affected",
              "version": "9.8.4.3"
            },
            {
              "status": "affected",
              "version": "9.12.2.4"
            },
            {
              "status": "affected",
              "version": "9.8.4.12"
            },
            {
              "status": "affected",
              "version": "9.12.1.2"
            },
            {
              "status": "affected",
              "version": "9.8.3.26"
            },
            {
              "status": "affected",
              "version": "9.8.1.5"
            },
            {
              "status": "affected",
              "version": "9.12.2.9"
            },
            {
              "status": "affected",
              "version": "9.12.3.9"
            },
            {
              "status": "affected",
              "version": "9.8.3.21"
            },
            {
              "status": "affected",
              "version": "9.8.4.10"
            },
            {
              "status": "affected",
              "version": "9.12.2.1"
            },
            {
              "status": "affected",
              "version": "9.12.4.2"
            },
            {
              "status": "affected",
              "version": "9.14.1.6"
            },
            {
              "status": "affected",
              "version": "9.8.3.8"
            },
            {
              "status": "affected",
              "version": "9.14.1.15"
            },
            {
              "status": "affected",
              "version": "9.14.1.19"
            },
            {
              "status": "affected",
              "version": "9.8.4.26"
            },
            {
              "status": "affected",
              "version": "9.12.4.4"
            },
            {
              "status": "affected",
              "version": "9.14.1.30"
            },
            {
              "status": "affected",
              "version": "9.8.4.29"
            },
            {
              "status": "affected",
              "version": "9.12.4.7"
            },
            {
              "status": "affected",
              "version": "9.14.2"
            },
            {
              "status": "affected",
              "version": "9.12.4.8"
            },
            {
              "status": "affected",
              "version": "9.8.4.32"
            },
            {
              "status": "affected",
              "version": "9.12.4.10"
            },
            {
              "status": "affected",
              "version": "9.14.2.4"
            },
            {
              "status": "affected",
              "version": "9.14.2.8"
            },
            {
              "status": "affected",
              "version": "9.12.4.13"
            },
            {
              "status": "affected",
              "version": "9.8.4.33"
            },
            {
              "status": "affected",
              "version": "9.14.2.13"
            },
            {
              "status": "affected",
              "version": "9.8.4.34"
            },
            {
              "status": "affected",
              "version": "9.12.4.18"
            },
            {
              "status": "affected",
              "version": "9.8.4.35"
            },
            {
              "status": "affected",
              "version": "9.14.2.15"
            },
            {
              "status": "affected",
              "version": "9.12.4.24"
            },
            {
              "status": "affected",
              "version": "9.16.1"
            },
            {
              "status": "affected",
              "version": "9.8.4.39"
            },
            {
              "status": "affected",
              "version": "9.14.3"
            },
            {
              "status": "affected",
              "version": "9.12.4.26"
            },
            {
              "status": "affected",
              "version": "9.16.1.28"
            },
            {
              "status": "affected",
              "version": "9.14.3.1"
            },
            {
              "status": "affected",
              "version": "9.12.4.29"
            },
            {
              "status": "affected",
              "version": "9.14.3.9"
            },
            {
              "status": "affected",
              "version": "9.16.2"
            },
            {
              "status": "affected",
              "version": "9.12.4.30"
            },
            {
              "status": "affected",
              "version": "9.16.2.3"
            },
            {
              "status": "affected",
              "version": "9.8.4.40"
            },
            {
              "status": "affected",
              "version": "9.14.3.11"
            },
            {
              "status": "affected",
              "version": "9.12.4.35"
            },
            {
              "status": "affected",
              "version": "9.8.4.41"
            },
            {
              "status": "affected",
              "version": "9.15.1.1"
            },
            {
              "status": "affected",
              "version": "9.14.3.13"
            },
            {
              "status": "affected",
              "version": "9.16.2.7"
            },
            {
              "status": "affected",
              "version": "9.12.4.37"
            },
            {
              "status": "affected",
              "version": "9.14.3.15"
            },
            {
              "status": "affected",
              "version": "9.17.1"
            },
            {
              "status": "affected",
              "version": "9.16.2.11"
            },
            {
              "status": "affected",
              "version": "9.14.3.18"
            },
            {
              "status": "affected",
              "version": "9.16.2.13"
            },
            {
              "status": "affected",
              "version": "9.12.4.39"
            },
            {
              "status": "affected",
              "version": "9.12.4.38"
            },
            {
              "status": "affected",
              "version": "9.8.4.43"
            },
            {
              "status": "affected",
              "version": "9.14.4"
            },
            {
              "status": "affected",
              "version": "9.16.2.14"
            },
            {
              "status": "affected",
              "version": "9.17.1.7"
            },
            {
              "status": "affected",
              "version": "9.12.4.40"
            },
            {
              "status": "affected",
              "version": "9.16.3.3"
            },
            {
              "status": "affected",
              "version": "9.14.4.6"
            },
            {
              "status": "affected",
              "version": "9.16.3"
            },
            {
              "status": "affected",
              "version": "9.16.3.14"
            },
            {
              "status": "affected",
              "version": "9.17.1.9"
            },
            {
              "status": "affected",
              "version": "9.14.4.7"
            },
            {
              "status": "affected",
              "version": "9.12.4.41"
            },
            {
              "status": "affected",
              "version": "9.17.1.10"
            },
            {
              "status": "affected",
              "version": "9.8.4.44"
            },
            {
              "status": "affected",
              "version": "9.18.1"
            },
            {
              "status": "affected",
              "version": "9.12.4.47"
            },
            {
              "status": "affected",
              "version": "9.14.4.12"
            },
            {
              "status": "affected",
              "version": "9.16.3.15"
            },
            {
              "status": "affected",
              "version": "9.18.1.3"
            },
            {
              "status": "affected",
              "version": "9.17.1.11"
            },
            {
              "status": "affected",
              "version": "9.12.4.48"
            },
            {
              "status": "affected",
              "version": "9.14.4.13"
            },
            {
              "status": "affected",
              "version": "9.18.2"
            },
            {
              "status": "affected",
              "version": "9.16.3.19"
            },
            {
              "status": "affected",
              "version": "9.17.1.13"
            },
            {
              "status": "affected",
              "version": "9.12.4.50"
            },
            {
              "status": "affected",
              "version": "9.14.4.14"
            },
            {
              "status": "affected",
              "version": "9.17.1.15"
            },
            {
              "status": "affected",
              "version": "9.8.4.45"
            },
            {
              "status": "affected",
              "version": "9.12.4.52"
            },
            {
              "status": "affected",
              "version": "9.14.4.15"
            },
            {
              "status": "affected",
              "version": "9.16.3.23"
            },
            {
              "status": "affected",
              "version": "9.18.2.5"
            },
            {
              "status": "affected",
              "version": "9.16.4"
            },
            {
              "status": "affected",
              "version": "9.12.4.54"
            },
            {
              "status": "affected",
              "version": "9.14.4.17"
            },
            {
              "status": "affected",
              "version": "9.8.4.46"
            },
            {
              "status": "affected",
              "version": "9.17.1.20"
            },
            {
              "status": "affected",
              "version": "9.18.2.7"
            },
            {
              "status": "affected",
              "version": "9.19.1"
            },
            {
              "status": "affected",
              "version": "9.16.4.9"
            },
            {
              "status": "affected",
              "version": "9.12.4.55"
            },
            {
              "status": "affected",
              "version": "9.18.2.8"
            },
            {
              "status": "affected",
              "version": "9.14.4.22"
            },
            {
              "status": "affected",
              "version": "9.16.4.14"
            },
            {
              "status": "affected",
              "version": "9.8.4.48"
            },
            {
              "status": "affected",
              "version": "9.18.3"
            },
            {
              "status": "affected",
              "version": "9.19.1.5"
            },
            {
              "status": "affected",
              "version": "9.14.4.23"
            },
            {
              "status": "affected",
              "version": "9.12.4.56"
            },
            {
              "status": "affected",
              "version": "9.16.4.18"
            },
            {
              "status": "affected",
              "version": "9.17.1.30"
            },
            {
              "status": "affected",
              "version": "9.19.1.9"
            },
            {
              "status": "affected",
              "version": "9.18.3.39"
            },
            {
              "status": "affected",
              "version": "9.16.4.19"
            },
            {
              "status": "affected",
              "version": "9.12.4.58"
            },
            {
              "status": "affected",
              "version": "9.19.1.12"
            },
            {
              "status": "affected",
              "version": "9.18.3.46"
            },
            {
              "status": "affected",
              "version": "9.16.4.27"
            },
            {
              "status": "affected",
              "version": "9.19.1.18"
            },
            {
              "status": "affected",
              "version": "9.18.3.53"
            },
            {
              "status": "affected",
              "version": "9.18.3.55"
            },
            {
              "status": "affected",
              "version": "9.16.4.38"
            },
            {
              "status": "affected",
              "version": "9.17.1.33"
            },
            {
              "status": "affected",
              "version": "9.12.4.62"
            },
            {
              "status": "affected",
              "version": "9.16.4.39"
            },
            {
              "status": "affected",
              "version": "9.18.3.56"
            },
            {
              "status": "affected",
              "version": "9.20.1"
            },
            {
              "status": "affected",
              "version": "9.16.4.42"
            },
            {
              "status": "affected",
              "version": "9.19.1.22"
            },
            {
              "status": "affected",
              "version": "9.18.4"
            },
            {
              "status": "affected",
              "version": "9.20.1.5"
            },
            {
              "status": "affected",
              "version": "9.18.4.5"
            },
            {
              "status": "affected",
              "version": "9.19.1.24"
            },
            {
              "status": "affected",
              "version": "9.16.4.48"
            },
            {
              "status": "affected",
              "version": "9.18.4.8"
            },
            {
              "status": "affected",
              "version": "9.20.2"
            },
            {
              "status": "affected",
              "version": "9.19.1.27"
            },
            {
              "status": "affected",
              "version": "9.12.4.65"
            },
            {
              "status": "affected",
              "version": "9.16.4.55"
            },
            {
              "status": "affected",
              "version": "9.18.4.22"
            },
            {
              "status": "affected",
              "version": "9.20.2.10"
            },
            {
              "status": "affected",
              "version": "9.16.4.57"
            },
            {
              "status": "affected",
              "version": "9.19.1.28"
            },
            {
              "status": "affected",
              "version": "9.17.1.39"
            },
            {
              "status": "affected",
              "version": "9.12.4.67"
            },
            {
              "status": "affected",
              "version": "9.14.4.24"
            },
            {
              "status": "affected",
              "version": "9.18.4.24"
            },
            {
              "status": "affected",
              "version": "9.20.2.21"
            },
            {
              "status": "affected",
              "version": "9.16.4.61"
            },
            {
              "status": "affected",
              "version": "9.19.1.31"
            },
            {
              "status": "affected",
              "version": "9.18.4.29"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "6.2.3.14"
            },
            {
              "status": "affected",
              "version": "6.4.0.1"
            },
            {
              "status": "affected",
              "version": "6.2.3.7"
            },
            {
              "status": "affected",
              "version": "6.2.3"
            },
            {
              "status": "affected",
              "version": "6.4.0.2"
            },
            {
              "status": "affected",
              "version": "6.2.3.9"
            },
            {
              "status": "affected",
              "version": "6.2.3.1"
            },
            {
              "status": "affected",
              "version": "6.2.3.2"
            },
            {
              "status": "affected",
              "version": "6.4.0.5"
            },
            {
              "status": "affected",
              "version": "6.2.3.10"
            },
            {
              "status": "affected",
              "version": "6.4.0"
            },
            {
              "status": "affected",
              "version": "6.4.0.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.6"
            },
            {
              "status": "affected",
              "version": "6.4.0.4"
            },
            {
              "status": "affected",
              "version": "6.2.3.15"
            },
            {
              "status": "affected",
              "version": "6.2.3.5"
            },
            {
              "status": "affected",
              "version": "6.2.3.4"
            },
            {
              "status": "affected",
              "version": "6.2.3.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.8"
            },
            {
              "status": "affected",
              "version": "6.4.0.6"
            },
            {
              "status": "affected",
              "version": "6.2.3.11"
            },
            {
              "status": "affected",
              "version": "6.2.3.12"
            },
            {
              "status": "affected",
              "version": "6.2.3.13"
            },
            {
              "status": "affected",
              "version": "6.4.0.7"
            },
            {
              "status": "affected",
              "version": "6.4.0.8"
            },
            {
              "status": "affected",
              "version": "6.6.0"
            },
            {
              "status": "affected",
              "version": "6.4.0.9"
            },
            {
              "status": "affected",
              "version": "6.2.3.16"
            },
            {
              "status": "affected",
              "version": "6.6.0.1"
            },
            {
              "status": "affected",
              "version": "6.6.1"
            },
            {
              "status": "affected",
              "version": "6.4.0.10"
            },
            {
              "status": "affected",
              "version": "6.4.0.11"
            },
            {
              "status": "affected",
              "version": "6.6.3"
            },
            {
              "status": "affected",
              "version": "6.6.4"
            },
            {
              "status": "affected",
              "version": "6.4.0.12"
            },
            {
              "status": "affected",
              "version": "7.0.0"
            },
            {
              "status": "affected",
              "version": "6.2.3.17"
            },
            {
              "status": "affected",
              "version": "7.0.0.1"
            },
            {
              "status": "affected",
              "version": "6.6.5"
            },
            {
              "status": "affected",
              "version": "7.0.1"
            },
            {
              "status": "affected",
              "version": "7.1.0"
            },
            {
              "status": "affected",
              "version": "6.4.0.13"
            },
            {
              "status": "affected",
              "version": "6.6.5.1"
            },
            {
              "status": "affected",
              "version": "6.2.3.18"
            },
            {
              "status": "affected",
              "version": "7.0.1.1"
            },
            {
              "status": "affected",
              "version": "6.4.0.14"
            },
            {
              "status": "affected",
              "version": "7.1.0.1"
            },
            {
              "status": "affected",
              "version": "6.6.5.2"
            },
            {
              "status": "affected",
              "version": "7.0.2"
            },
            {
              "status": "affected",
              "version": "6.4.0.15"
            },
            {
              "status": "affected",
              "version": "7.2.0"
            },
            {
              "status": "affected",
              "version": "7.0.2.1"
            },
            {
              "status": "affected",
              "version": "7.0.3"
            },
            {
              "status": "affected",
              "version": "6.6.7"
            },
            {
              "status": "affected",
              "version": "7.1.0.2"
            },
            {
              "status": "affected",
              "version": "7.2.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.4"
            },
            {
              "status": "affected",
              "version": "7.2.1"
            },
            {
              "status": "affected",
              "version": "7.0.5"
            },
            {
              "status": "affected",
              "version": "6.4.0.16"
            },
            {
              "status": "affected",
              "version": "7.3.0"
            },
            {
              "status": "affected",
              "version": "7.2.2"
            },
            {
              "status": "affected",
              "version": "7.2.3"
            },
            {
              "status": "affected",
              "version": "6.6.7.1"
            },
            {
              "status": "affected",
              "version": "7.3.1"
            },
            {
              "status": "affected",
              "version": "7.1.0.3"
            },
            {
              "status": "affected",
              "version": "7.2.4"
            },
            {
              "status": "affected",
              "version": "7.0.6"
            },
            {
              "status": "affected",
              "version": "7.2.5"
            },
            {
              "status": "affected",
              "version": "7.2.4.1"
            },
            {
              "status": "affected",
              "version": "7.3.1.1"
            },
            {
              "status": "affected",
              "version": "7.4.0"
            },
            {
              "status": "affected",
              "version": "6.4.0.17"
            },
            {
              "status": "affected",
              "version": "7.0.6.1"
            },
            {
              "status": "affected",
              "version": "7.2.5.1"
            },
            {
              "status": "affected",
              "version": "7.4.1"
            },
            {
              "status": "affected",
              "version": "7.2.6"
            },
            {
              "status": "affected",
              "version": "7.0.6.2"
            },
            {
              "status": "affected",
              "version": "7.4.1.1"
            },
            {
              "status": "affected",
              "version": "6.6.7.2"
            },
            {
              "status": "affected",
              "version": "6.4.0.18"
            },
            {
              "status": "affected",
              "version": "7.2.7"
            },
            {
              "status": "affected",
              "version": "7.2.5.2"
            },
            {
              "status": "affected",
              "version": "7.3.1.2"
            },
            {
              "status": "affected",
              "version": "7.2.8"
            },
            {
              "status": "affected",
              "version": "7.2.8.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Internet Key Exchange version 2 (IKEv2) protocol processing of Cisco Adaptive Security Appliance (ASA) Software, Cisco Firepower Threat Defense (FTD) Software, Cisco IOS Software, and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\r\n\r\nThis vulnerability is due to insufficient input validation when processing IKEv2 messages. An attacker could exploit this vulnerability by sending crafted IKEv2 traffic to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition on the affected device."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "Out-of-bounds Write",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-07T17:18:14.386Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-multiprod-ikev2-dos-gPctUqv2",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-multiprod-ikev2-dos-gPctUqv2"
        }
      ],
      "source": {
        "advisory": "cisco-sa-multiprod-ikev2-dos-gPctUqv2",
        "defects": [
          "CSCwj99043"
        ],
        "discovery": "EXTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance Software, Firepower Threat Defense Software and IOS XE Software IKEv2 Denial of Service Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2025-20182",
    "datePublished": "2025-05-07T17:18:14.386Z",
    "dateReserved": "2024-10-10T19:15:13.225Z",
    "dateUpdated": "2025-05-07T19:47:40.064Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-3571 (GCVE-0-2020-3571)

Vulnerability from cvelistv5

Published

2020-10-21 18:40

Modified

2024-11-13 17:46

Severity ?

8.6 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-400

Summary

A vulnerability in the ICMP ingress packet processing of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 4110 appliances could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to incomplete input validation upon receiving ICMP packets. An attacker could exploit this vulnerability by sending a high number of crafted ICMP or ICMPv6 packets to an affected device. A successful exploit could allow the attacker to cause a memory exhaustion condition that may result in an unexpected reload. No manual intervention is needed to recover the device after the reload.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-icmp-dos-hxxcycM	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Threat Defense Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T07:37:55.489Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20201021 Cisco Firepower 4110 ICMP Flood Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-icmp-dos-hxxcycM"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-3571",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-13T17:12:16.266699Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-13T17:46:50.965Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2020-10-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the ICMP ingress packet processing of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 4110 appliances could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to incomplete input validation upon receiving ICMP packets. An attacker could exploit this vulnerability by sending a high number of crafted ICMP or ICMPv6 packets to an affected device. A successful exploit could allow the attacker to cause a memory exhaustion condition that may result in an unexpected reload. No manual intervention is needed to recover the device after the reload."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-21T18:40:47",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20201021 Cisco Firepower 4110 ICMP Flood Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-icmp-dos-hxxcycM"
        }
      ],
      "source": {
        "advisory": "cisco-sa-ftd-icmp-dos-hxxcycM",
        "defect": [
          [
            "CSCvt09940"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Firepower 4110 ICMP Flood Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2020-10-21T16:00:00",
          "ID": "CVE-2020-3571",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Firepower 4110 ICMP Flood Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Firepower Threat Defense Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the ICMP ingress packet processing of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 4110 appliances could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to incomplete input validation upon receiving ICMP packets. An attacker could exploit this vulnerability by sending a high number of crafted ICMP or ICMPv6 packets to an affected device. A successful exploit could allow the attacker to cause a memory exhaustion condition that may result in an unexpected reload. No manual intervention is needed to recover the device after the reload."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.6",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-400"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20201021 Cisco Firepower 4110 ICMP Flood Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-icmp-dos-hxxcycM"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-ftd-icmp-dos-hxxcycM",
          "defect": [
            [
              "CSCvt09940"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2020-3571",
    "datePublished": "2020-10-21T18:40:48.022255Z",
    "dateReserved": "2019-12-12T00:00:00",
    "dateUpdated": "2024-11-13T17:46:50.965Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-34762 (GCVE-0-2021-34762)

Vulnerability from cvelistv5

Published

2021-10-27 18:55

Modified

2024-11-07 21:44

Severity ?

8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

CWE

CWE-26

Summary

A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to perform a directory traversal attack on an affected device. The attacker would require valid device credentials. The vulnerability is due to insufficient input validation of the HTTPS URL by the web-based management interface. An attacker could exploit this vulnerability by sending a crafted HTTPS request that contains directory traversal character sequences to an affected device. A successful exploit could allow the attacker to read or write arbitrary files on the device.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-dir-traversal-95UyW5tk	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Management Center	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T00:19:48.207Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20211027 Cisco Firepower Management Center Software Authenticated Directory Traversal Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-dir-traversal-95UyW5tk"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-34762",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-07T21:42:46.118918Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-07T21:44:23.088Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Management Center",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2021-10-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to perform a directory traversal attack on an affected device. The attacker would require valid device credentials. The vulnerability is due to insufficient input validation of the HTTPS URL by the web-based management interface. An attacker could exploit this vulnerability by sending a crafted HTTPS request that contains directory traversal character sequences to an affected device. A successful exploit could allow the attacker to read or write arbitrary files on the device."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-26",
              "description": "CWE-26",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-27T18:55:36",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20211027 Cisco Firepower Management Center Software Authenticated Directory Traversal Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-dir-traversal-95UyW5tk"
        }
      ],
      "source": {
        "advisory": "cisco-sa-fmc-dir-traversal-95UyW5tk",
        "defect": [
          [
            "CSCvy41771"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Firepower Management Center Software Authenticated Directory Traversal Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2021-10-27T16:00:00",
          "ID": "CVE-2021-34762",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Firepower Management Center Software Authenticated Directory Traversal Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Firepower Management Center",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to perform a directory traversal attack on an affected device. The attacker would require valid device credentials. The vulnerability is due to insufficient input validation of the HTTPS URL by the web-based management interface. An attacker could exploit this vulnerability by sending a crafted HTTPS request that contains directory traversal character sequences to an affected device. A successful exploit could allow the attacker to read or write arbitrary files on the device."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.1",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-26"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20211027 Cisco Firepower Management Center Software Authenticated Directory Traversal Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-dir-traversal-95UyW5tk"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-fmc-dir-traversal-95UyW5tk",
          "defect": [
            [
              "CSCvy41771"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2021-34762",
    "datePublished": "2021-10-27T18:55:36.199997Z",
    "dateReserved": "2021-06-15T00:00:00",
    "dateUpdated": "2024-11-07T21:44:23.088Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-1709 (GCVE-0-2019-1709)

Vulnerability from cvelistv5

Published

2019-05-03 16:10

Modified

2024-11-21 19:34

Severity ?

6.0 (Medium) - CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H

CWE

CWE-78

Summary

A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting commands into arguments for a specific command. A successful exploit could allow the attacker to execute commands with root privileges.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-frpwr-cmd-inj	vendor-advisory, x_refsource_CISCO
	http://www.securityfocus.com/bid/108156	vdb-entry, x_refsource_BID

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Threat Defense Software	Version: unspecified < 6.2.3.12

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T18:28:42.298Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20190501 Cisco Firepower Threat Defense Software Command Injection Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-frpwr-cmd-inj"
          },
          {
            "name": "108156",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/108156"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2019-1709",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-21T18:58:56.814590Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-21T19:34:53.354Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "6.2.3.12",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2019-05-01T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting commands into arguments for a specific command. A successful exploit could allow the attacker to execute commands with root privileges."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "CWE-78",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-05-06T09:06:05",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20190501 Cisco Firepower Threat Defense Software Command Injection Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-frpwr-cmd-inj"
        },
        {
          "name": "108156",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/108156"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20190501-frpwr-cmd-inj",
        "defect": [
          [
            "CSCvm14267"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Firepower Threat Defense Software Command Injection Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2019-05-01T16:00:00-0700",
          "ID": "CVE-2019-1709",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Firepower Threat Defense Software Command Injection Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Firepower Threat Defense Software",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "6.2.3.12"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting commands into arguments for a specific command. A successful exploit could allow the attacker to execute commands with root privileges."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "6.0",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-78"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20190501 Cisco Firepower Threat Defense Software Command Injection Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-frpwr-cmd-inj"
            },
            {
              "name": "108156",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/108156"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20190501-frpwr-cmd-inj",
          "defect": [
            [
              "CSCvm14267"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2019-1709",
    "datePublished": "2019-05-03T16:10:13.500549Z",
    "dateReserved": "2018-12-06T00:00:00",
    "dateUpdated": "2024-11-21T19:34:53.354Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-20950 (GCVE-0-2022-20950)

Vulnerability from cvelistv5

Published

2022-11-10 17:32

Modified

2024-11-19 21:05

Severity ?

5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

CWE

CWE-770 - Allocation of Resources Without Limits or Throttling

Summary

A vulnerability in the interaction of SIP and Snort 3 for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the Snort 3 detection engine to restart. This vulnerability is due to a lack of error-checking when SIP bidirectional flows are being inspected by Snort 3. An attacker could exploit this vulnerability by sending a stream of crafted SIP traffic through an interface on the targeted device. A successful exploit could allow the attacker to trigger a restart of the Snort 3 process, resulting in a denial of service (DoS) condition.

References

▼	URL	Tags
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftdsnort3sip-dos-A4cHeArC

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Threat Defense Software	Version: 7.2.0 Version: 7.2.0.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T02:31:58.477Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "cisco-sa-ftdsnort3sip-dos-A4cHeArC",
            "tags": [
              "x_transferred"
            ],
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftdsnort3sip-dos-A4cHeArC"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-20950",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-01-29T21:08:12.183436Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-19T21:05:42.392Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "7.2.0"
            },
            {
              "status": "affected",
              "version": "7.2.0.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the interaction of SIP and Snort 3 for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the Snort 3 detection engine to restart.\r\n\r This vulnerability is due to a lack of error-checking when SIP bidirectional flows are being inspected by Snort 3. An attacker could exploit this vulnerability by sending a stream of crafted SIP traffic through an interface on the targeted device. A successful exploit could allow the attacker to trigger a restart of the Snort 3 process, resulting in a denial of service (DoS) condition."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-770",
              "description": "Allocation of Resources Without Limits or Throttling",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-25T16:57:20.040Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-ftdsnort3sip-dos-A4cHeArC",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftdsnort3sip-dos-A4cHeArC"
        }
      ],
      "source": {
        "advisory": "cisco-sa-ftdsnort3sip-dos-A4cHeArC",
        "defects": [
          "CSCwb99509"
        ],
        "discovery": "EXTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2022-20950",
    "datePublished": "2022-11-10T17:32:32.127Z",
    "dateReserved": "2021-11-02T13:28:29.194Z",
    "dateUpdated": "2024-11-19T21:05:42.392Z",
    "requesterUserId": "4087f8c1-b21c-479b-99df-de23cb76b743",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-20940 (GCVE-0-2022-20940)

Vulnerability from cvelistv5

Published

2022-11-10 17:38

Modified

2024-08-03 02:31

Severity ?

5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CWE

CWE-203 - Observable Discrepancy

Summary

A vulnerability in the TLS handler of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to gain access to sensitive information. This vulnerability is due to improper implementation of countermeasures against a Bleichenbacher attack on a device that uses SSL decryption policies. An attacker could exploit this vulnerability by sending crafted TLS messages to an affected device, which would act as an oracle and allow the attacker to carry out a chosen-ciphertext attack. A successful exploit could allow the attacker to perform cryptanalytic operations that may allow decryption of previously captured TLS sessions to the affected device.

References

▼	URL	Tags
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tls-bb-rCgtmY2

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Threat Defense Software	Version: 6.2.3 Version: 6.2.3.1 Version: 6.2.3.2 Version: 6.2.3.3 Version: 6.2.3.4 Version: 6.2.3.5 Version: 6.2.3.6 Version: 6.2.3.7 Version: 6.2.3.8 Version: 6.2.3.10 Version: 6.2.3.11 Version: 6.2.3.9 Version: 6.2.3.12 Version: 6.2.3.13 Version: 6.2.3.14 Version: 6.2.3.15 Version: 6.2.3.16 Version: 6.2.3.17 Version: 6.2.3.18 Version: 6.6.0 Version: 6.6.0.1 Version: 6.6.1 Version: 6.6.3 Version: 6.6.4 Version: 6.6.5 Version: 6.6.5.1 Version: 6.6.5.2 Version: 6.4.0 Version: 6.4.0.1 Version: 6.4.0.3 Version: 6.4.0.2 Version: 6.4.0.4 Version: 6.4.0.5 Version: 6.4.0.6 Version: 6.4.0.7 Version: 6.4.0.8 Version: 6.4.0.9 Version: 6.4.0.10 Version: 6.4.0.11 Version: 6.4.0.12 Version: 6.4.0.13 Version: 6.4.0.14 Version: 6.7.0 Version: 6.7.0.1 Version: 6.7.0.2 Version: 6.7.0.3 Version: 7.0.0 Version: 7.0.0.1 Version: 7.0.1 Version: 7.0.1.1 Version: 7.0.2 Version: 7.0.2.1 Version: 7.0.3 Version: 7.1.0 Version: 7.1.0.1 Version: 7.1.0.2

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T02:31:58.809Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "cisco-sa-ftd-tls-bb-rCgtmY2",
            "tags": [
              "x_transferred"
            ],
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tls-bb-rCgtmY2"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "6.2.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.1"
            },
            {
              "status": "affected",
              "version": "6.2.3.2"
            },
            {
              "status": "affected",
              "version": "6.2.3.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.4"
            },
            {
              "status": "affected",
              "version": "6.2.3.5"
            },
            {
              "status": "affected",
              "version": "6.2.3.6"
            },
            {
              "status": "affected",
              "version": "6.2.3.7"
            },
            {
              "status": "affected",
              "version": "6.2.3.8"
            },
            {
              "status": "affected",
              "version": "6.2.3.10"
            },
            {
              "status": "affected",
              "version": "6.2.3.11"
            },
            {
              "status": "affected",
              "version": "6.2.3.9"
            },
            {
              "status": "affected",
              "version": "6.2.3.12"
            },
            {
              "status": "affected",
              "version": "6.2.3.13"
            },
            {
              "status": "affected",
              "version": "6.2.3.14"
            },
            {
              "status": "affected",
              "version": "6.2.3.15"
            },
            {
              "status": "affected",
              "version": "6.2.3.16"
            },
            {
              "status": "affected",
              "version": "6.2.3.17"
            },
            {
              "status": "affected",
              "version": "6.2.3.18"
            },
            {
              "status": "affected",
              "version": "6.6.0"
            },
            {
              "status": "affected",
              "version": "6.6.0.1"
            },
            {
              "status": "affected",
              "version": "6.6.1"
            },
            {
              "status": "affected",
              "version": "6.6.3"
            },
            {
              "status": "affected",
              "version": "6.6.4"
            },
            {
              "status": "affected",
              "version": "6.6.5"
            },
            {
              "status": "affected",
              "version": "6.6.5.1"
            },
            {
              "status": "affected",
              "version": "6.6.5.2"
            },
            {
              "status": "affected",
              "version": "6.4.0"
            },
            {
              "status": "affected",
              "version": "6.4.0.1"
            },
            {
              "status": "affected",
              "version": "6.4.0.3"
            },
            {
              "status": "affected",
              "version": "6.4.0.2"
            },
            {
              "status": "affected",
              "version": "6.4.0.4"
            },
            {
              "status": "affected",
              "version": "6.4.0.5"
            },
            {
              "status": "affected",
              "version": "6.4.0.6"
            },
            {
              "status": "affected",
              "version": "6.4.0.7"
            },
            {
              "status": "affected",
              "version": "6.4.0.8"
            },
            {
              "status": "affected",
              "version": "6.4.0.9"
            },
            {
              "status": "affected",
              "version": "6.4.0.10"
            },
            {
              "status": "affected",
              "version": "6.4.0.11"
            },
            {
              "status": "affected",
              "version": "6.4.0.12"
            },
            {
              "status": "affected",
              "version": "6.4.0.13"
            },
            {
              "status": "affected",
              "version": "6.4.0.14"
            },
            {
              "status": "affected",
              "version": "6.7.0"
            },
            {
              "status": "affected",
              "version": "6.7.0.1"
            },
            {
              "status": "affected",
              "version": "6.7.0.2"
            },
            {
              "status": "affected",
              "version": "6.7.0.3"
            },
            {
              "status": "affected",
              "version": "7.0.0"
            },
            {
              "status": "affected",
              "version": "7.0.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1.1"
            },
            {
              "status": "affected",
              "version": "7.0.2"
            },
            {
              "status": "affected",
              "version": "7.0.2.1"
            },
            {
              "status": "affected",
              "version": "7.0.3"
            },
            {
              "status": "affected",
              "version": "7.1.0"
            },
            {
              "status": "affected",
              "version": "7.1.0.1"
            },
            {
              "status": "affected",
              "version": "7.1.0.2"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the TLS handler of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to gain access to sensitive information.\r\n\r This vulnerability is due to improper implementation of countermeasures against a Bleichenbacher attack on a device that uses SSL decryption policies. An attacker could exploit this vulnerability by sending crafted TLS messages to an affected device, which would act as an oracle and allow the attacker to carry out a chosen-ciphertext attack. A successful exploit could allow the attacker to perform cryptanalytic operations that may allow decryption of previously captured TLS sessions to the affected device."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-203",
              "description": "Observable Discrepancy",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-25T16:57:17.707Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-ftd-tls-bb-rCgtmY2",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tls-bb-rCgtmY2"
        }
      ],
      "source": {
        "advisory": "cisco-sa-ftd-tls-bb-rCgtmY2",
        "defects": [
          "CSCwa41936"
        ],
        "discovery": "EXTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2022-20940",
    "datePublished": "2022-11-10T17:38:07.193Z",
    "dateReserved": "2021-11-02T13:28:29.193Z",
    "dateUpdated": "2024-08-03T02:31:58.809Z",
    "requesterUserId": "4087f8c1-b21c-479b-99df-de23cb76b743",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-3554 (GCVE-0-2020-3554)

Vulnerability from cvelistv5

Published

2020-10-21 18:41

Modified

2024-11-13 17:45

Severity ?

8.6 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-400

Summary

A vulnerability in the TCP packet processing of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a memory exhaustion condition. An attacker could exploit this vulnerability by sending a high rate of crafted TCP traffic through an affected device. A successful exploit could allow the attacker to exhaust device resources, resulting in a DoS condition for traffic transiting the affected device.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dos-QFcNEPfx	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Adaptive Security Appliance (ASA) Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T07:37:54.973Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dos-QFcNEPfx"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-3554",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-13T17:12:09.155663Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-13T17:45:24.428Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2020-10-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the TCP packet processing of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a memory exhaustion condition. An attacker could exploit this vulnerability by sending a high rate of crafted TCP traffic through an affected device. A successful exploit could allow the attacker to exhaust device resources, resulting in a DoS condition for traffic transiting the affected device."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-21T18:41:33",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dos-QFcNEPfx"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asaftd-dos-QFcNEPfx",
        "defect": [
          [
            "CSCvt35897"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2020-10-21T16:00:00",
          "ID": "CVE-2020-3554",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the TCP packet processing of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a memory exhaustion condition. An attacker could exploit this vulnerability by sending a high rate of crafted TCP traffic through an affected device. A successful exploit could allow the attacker to exhaust device resources, resulting in a DoS condition for traffic transiting the affected device."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.6",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-400"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dos-QFcNEPfx"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-asaftd-dos-QFcNEPfx",
          "defect": [
            [
              "CSCvt35897"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2020-3554",
    "datePublished": "2020-10-21T18:41:33.900058Z",
    "dateReserved": "2019-12-12T00:00:00",
    "dateUpdated": "2024-11-13T17:45:24.428Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-34755 (GCVE-0-2021-34755)

Vulnerability from cvelistv5

Published

2021-10-27 18:55

Modified

2024-11-07 21:44

Severity ?

6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-20

Summary

Multiple vulnerabilities in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details section of this advisory.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-cmdinject-FmzsLN8	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Threat Defense Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T00:19:48.221Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20211027 Cisco Firepower Threat Defense Software Command Injection Vulnerabilities",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-cmdinject-FmzsLN8"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-34755",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-07T21:42:48.873506Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-07T21:44:44.575Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2021-10-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple vulnerabilities in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details section of this advisory."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-27T18:55:17",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20211027 Cisco Firepower Threat Defense Software Command Injection Vulnerabilities",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-cmdinject-FmzsLN8"
        }
      ],
      "source": {
        "advisory": "cisco-sa-ftd-cmdinject-FmzsLN8",
        "defect": [
          [
            "CSCvx86283",
            "CSCvy16559",
            "CSCvy16573",
            "CSCvy19225"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Firepower Threat Defense Software Command Injection Vulnerabilities",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2021-10-27T16:00:00",
          "ID": "CVE-2021-34755",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Firepower Threat Defense Software Command Injection Vulnerabilities"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Firepower Threat Defense Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple vulnerabilities in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details section of this advisory."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "7.8",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20211027 Cisco Firepower Threat Defense Software Command Injection Vulnerabilities",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-cmdinject-FmzsLN8"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-ftd-cmdinject-FmzsLN8",
          "defect": [
            [
              "CSCvx86283",
              "CSCvy16559",
              "CSCvy16573",
              "CSCvy19225"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2021-34755",
    "datePublished": "2021-10-27T18:55:17.981307Z",
    "dateReserved": "2021-06-15T00:00:00",
    "dateUpdated": "2024-11-07T21:44:44.575Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-20408 (GCVE-0-2024-20408)

Vulnerability from cvelistv5

Published

2024-10-23 17:37

Modified

2024-10-24 17:47

Severity ?

7.7 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-1287 - Improper Validation of Specified Type of Input

Summary

A vulnerability in the Dynamic Access Policies (DAP) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause an affected device to reload unexpectedly. To exploit this vulnerability, an attacker would need valid remote access VPN user credentials on the affected device. This vulnerability is due to improper validation of data in HTTPS POST requests. An attacker could exploit this vulnerability by sending a crafted HTTPS POST request to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a denial of service (DoS) condition.

References

▼	URL	Tags
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dap-dos-bhEkP7n

Impacted products

Vendor

Product

Version

▼

Cisco

Cisco Adaptive Security Appliance (ASA) Software

Version: 9.8.1
Version: 9.8.1.5
Version: 9.8.1.7
Version: 9.8.2
Version: 9.8.2.8
Version: 9.8.2.14
Version: 9.8.2.15
Version: 9.8.2.17
Version: 9.8.2.20
Version: 9.8.2.24
Version: 9.8.2.26
Version: 9.8.2.28
Version: 9.8.2.33
Version: 9.8.2.35
Version: 9.8.2.38
Version: 9.8.3.8
Version: 9.8.3.11
Version: 9.8.3.14
Version: 9.8.3.16
Version: 9.8.3.18
Version: 9.8.3.21
Version: 9.8.3
Version: 9.8.3.26
Version: 9.8.3.29
Version: 9.8.4
Version: 9.8.4.3
Version: 9.8.4.7
Version: 9.8.4.8
Version: 9.8.4.10
Version: 9.8.4.12
Version: 9.8.4.15
Version: 9.8.4.17
Version: 9.8.2.45
Version: 9.8.4.25
Version: 9.8.4.20
Version: 9.8.4.22
Version: 9.8.4.26
Version: 9.8.4.29
Version: 9.8.4.32
Version: 9.8.4.33
Version: 9.8.4.34
Version: 9.8.4.35
Version: 9.8.4.39
Version: 9.8.4.40
Version: 9.8.4.41
Version: 9.8.4.43
Version: 9.8.4.44
Version: 9.8.4.45
Version: 9.8.4.46
Version: 9.8.4.48
Version: 9.12.1
Version: 9.12.1.2
Version: 9.12.1.3
Version: 9.12.2
Version: 9.12.2.4
Version: 9.12.2.5
Version: 9.12.2.9
Version: 9.12.3
Version: 9.12.3.2
Version: 9.12.3.7
Version: 9.12.4
Version: 9.12.3.12
Version: 9.12.3.9
Version: 9.12.2.1
Version: 9.12.4.2
Version: 9.12.4.4
Version: 9.12.4.7
Version: 9.12.4.10
Version: 9.12.4.13
Version: 9.12.4.8
Version: 9.12.4.18
Version: 9.12.4.24
Version: 9.12.4.26
Version: 9.12.4.29
Version: 9.12.4.30
Version: 9.12.4.35
Version: 9.12.4.37
Version: 9.12.4.38
Version: 9.12.4.39
Version: 9.12.4.40
Version: 9.12.4.41
Version: 9.12.4.47
Version: 9.12.4.48
Version: 9.12.4.50
Version: 9.12.4.52
Version: 9.12.4.54
Version: 9.12.4.55
Version: 9.12.4.56
Version: 9.12.4.58
Version: 9.12.4.62
Version: 9.12.4.65
Version: 9.12.4.67
Version: 9.14.1
Version: 9.14.1.10
Version: 9.14.1.6
Version: 9.14.1.15
Version: 9.14.1.19
Version: 9.14.1.30
Version: 9.14.2
Version: 9.14.2.4
Version: 9.14.2.8
Version: 9.14.2.13
Version: 9.14.2.15
Version: 9.14.3
Version: 9.14.3.1
Version: 9.14.3.9
Version: 9.14.3.11
Version: 9.14.3.13
Version: 9.14.3.18
Version: 9.14.3.15
Version: 9.14.4
Version: 9.14.4.6
Version: 9.14.4.7
Version: 9.14.4.12
Version: 9.14.4.13
Version: 9.14.4.14
Version: 9.14.4.15
Version: 9.14.4.17
Version: 9.14.4.22
Version: 9.14.4.23
Version: 9.14.4.24
Version: 9.15.1
Version: 9.15.1.7
Version: 9.15.1.10
Version: 9.15.1.15
Version: 9.15.1.16
Version: 9.15.1.17
Version: 9.15.1.1
Version: 9.15.1.21
Version: 9.16.1
Version: 9.16.1.28
Version: 9.16.2
Version: 9.16.2.3
Version: 9.16.2.7
Version: 9.16.2.11
Version: 9.16.2.13
Version: 9.16.2.14
Version: 9.16.3
Version: 9.16.3.3
Version: 9.16.3.14
Version: 9.16.3.15
Version: 9.16.3.19
Version: 9.16.3.23
Version: 9.16.4
Version: 9.16.4.9
Version: 9.16.4.14
Version: 9.16.4.18
Version: 9.16.4.19
Version: 9.16.4.27
Version: 9.16.4.38
Version: 9.16.4.39
Version: 9.16.4.42
Version: 9.16.4.48
Version: 9.16.4.55
Version: 9.16.4.57
Version: 9.17.1
Version: 9.17.1.7
Version: 9.17.1.9
Version: 9.17.1.10
Version: 9.17.1.11
Version: 9.17.1.13
Version: 9.17.1.15
Version: 9.17.1.20
Version: 9.17.1.30
Version: 9.17.1.33
Version: 9.17.1.39
Version: 9.18.1
Version: 9.18.1.3
Version: 9.18.2
Version: 9.18.2.5
Version: 9.18.2.7
Version: 9.18.2.8
Version: 9.18.3
Version: 9.18.3.39
Version: 9.18.3.46
Version: 9.18.3.53
Version: 9.18.3.55
Version: 9.18.3.56
Version: 9.18.4
Version: 9.18.4.5
Version: 9.18.4.8
Version: 9.18.4.22
Version: 9.19.1
Version: 9.19.1.5
Version: 9.19.1.9
Version: 9.19.1.12
Version: 9.19.1.18
Version: 9.19.1.22
Version: 9.19.1.24
Version: 9.19.1.27
Version: 9.19.1.28
Version: 9.20.1
Version: 9.20.1.5
Version: 9.20.2
Version: 9.20.2.10

Cisco

Cisco Firepower Threat Defense Software

Version: 6.2.3
Version: 6.2.3.1
Version: 6.2.3.2
Version: 6.2.3.3
Version: 6.2.3.4
Version: 6.2.3.5
Version: 6.2.3.6
Version: 6.2.3.7
Version: 6.2.3.8
Version: 6.2.3.10
Version: 6.2.3.11
Version: 6.2.3.9
Version: 6.2.3.12
Version: 6.2.3.13
Version: 6.2.3.14
Version: 6.2.3.15
Version: 6.2.3.16
Version: 6.2.3.17
Version: 6.2.3.18
Version: 6.6.0
Version: 6.6.0.1
Version: 6.6.1
Version: 6.6.3
Version: 6.6.4
Version: 6.6.5
Version: 6.6.5.1
Version: 6.6.5.2
Version: 6.6.7
Version: 6.6.7.1
Version: 6.6.7.2
Version: 6.4.0
Version: 6.4.0.1
Version: 6.4.0.3
Version: 6.4.0.2
Version: 6.4.0.4
Version: 6.4.0.5
Version: 6.4.0.6
Version: 6.4.0.7
Version: 6.4.0.8
Version: 6.4.0.9
Version: 6.4.0.10
Version: 6.4.0.11
Version: 6.4.0.12
Version: 6.4.0.13
Version: 6.4.0.14
Version: 6.4.0.15
Version: 6.4.0.16
Version: 6.4.0.17
Version: 6.4.0.18
Version: 6.7.0
Version: 6.7.0.1
Version: 6.7.0.2
Version: 6.7.0.3
Version: 7.0.0
Version: 7.0.0.1
Version: 7.0.1
Version: 7.0.1.1
Version: 7.0.2
Version: 7.0.2.1
Version: 7.0.3
Version: 7.0.4
Version: 7.0.5
Version: 7.0.6
Version: 7.0.6.1
Version: 7.0.6.2
Version: 7.1.0
Version: 7.1.0.1
Version: 7.1.0.2
Version: 7.1.0.3
Version: 7.2.0
Version: 7.2.0.1
Version: 7.2.1
Version: 7.2.2
Version: 7.2.3
Version: 7.2.4
Version: 7.2.4.1
Version: 7.2.5
Version: 7.2.5.1
Version: 7.2.6
Version: 7.2.7
Version: 7.2.5.2
Version: 7.2.8
Version: 7.2.8.1
Version: 7.3.0
Version: 7.3.1
Version: 7.3.1.1
Version: 7.3.1.2
Version: 7.4.0
Version: 7.4.1
Version: 7.4.1.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-20408",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-23T18:39:48.529110Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-24T17:47:04.680Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "9.8.1"
            },
            {
              "status": "affected",
              "version": "9.8.1.5"
            },
            {
              "status": "affected",
              "version": "9.8.1.7"
            },
            {
              "status": "affected",
              "version": "9.8.2"
            },
            {
              "status": "affected",
              "version": "9.8.2.8"
            },
            {
              "status": "affected",
              "version": "9.8.2.14"
            },
            {
              "status": "affected",
              "version": "9.8.2.15"
            },
            {
              "status": "affected",
              "version": "9.8.2.17"
            },
            {
              "status": "affected",
              "version": "9.8.2.20"
            },
            {
              "status": "affected",
              "version": "9.8.2.24"
            },
            {
              "status": "affected",
              "version": "9.8.2.26"
            },
            {
              "status": "affected",
              "version": "9.8.2.28"
            },
            {
              "status": "affected",
              "version": "9.8.2.33"
            },
            {
              "status": "affected",
              "version": "9.8.2.35"
            },
            {
              "status": "affected",
              "version": "9.8.2.38"
            },
            {
              "status": "affected",
              "version": "9.8.3.8"
            },
            {
              "status": "affected",
              "version": "9.8.3.11"
            },
            {
              "status": "affected",
              "version": "9.8.3.14"
            },
            {
              "status": "affected",
              "version": "9.8.3.16"
            },
            {
              "status": "affected",
              "version": "9.8.3.18"
            },
            {
              "status": "affected",
              "version": "9.8.3.21"
            },
            {
              "status": "affected",
              "version": "9.8.3"
            },
            {
              "status": "affected",
              "version": "9.8.3.26"
            },
            {
              "status": "affected",
              "version": "9.8.3.29"
            },
            {
              "status": "affected",
              "version": "9.8.4"
            },
            {
              "status": "affected",
              "version": "9.8.4.3"
            },
            {
              "status": "affected",
              "version": "9.8.4.7"
            },
            {
              "status": "affected",
              "version": "9.8.4.8"
            },
            {
              "status": "affected",
              "version": "9.8.4.10"
            },
            {
              "status": "affected",
              "version": "9.8.4.12"
            },
            {
              "status": "affected",
              "version": "9.8.4.15"
            },
            {
              "status": "affected",
              "version": "9.8.4.17"
            },
            {
              "status": "affected",
              "version": "9.8.2.45"
            },
            {
              "status": "affected",
              "version": "9.8.4.25"
            },
            {
              "status": "affected",
              "version": "9.8.4.20"
            },
            {
              "status": "affected",
              "version": "9.8.4.22"
            },
            {
              "status": "affected",
              "version": "9.8.4.26"
            },
            {
              "status": "affected",
              "version": "9.8.4.29"
            },
            {
              "status": "affected",
              "version": "9.8.4.32"
            },
            {
              "status": "affected",
              "version": "9.8.4.33"
            },
            {
              "status": "affected",
              "version": "9.8.4.34"
            },
            {
              "status": "affected",
              "version": "9.8.4.35"
            },
            {
              "status": "affected",
              "version": "9.8.4.39"
            },
            {
              "status": "affected",
              "version": "9.8.4.40"
            },
            {
              "status": "affected",
              "version": "9.8.4.41"
            },
            {
              "status": "affected",
              "version": "9.8.4.43"
            },
            {
              "status": "affected",
              "version": "9.8.4.44"
            },
            {
              "status": "affected",
              "version": "9.8.4.45"
            },
            {
              "status": "affected",
              "version": "9.8.4.46"
            },
            {
              "status": "affected",
              "version": "9.8.4.48"
            },
            {
              "status": "affected",
              "version": "9.12.1"
            },
            {
              "status": "affected",
              "version": "9.12.1.2"
            },
            {
              "status": "affected",
              "version": "9.12.1.3"
            },
            {
              "status": "affected",
              "version": "9.12.2"
            },
            {
              "status": "affected",
              "version": "9.12.2.4"
            },
            {
              "status": "affected",
              "version": "9.12.2.5"
            },
            {
              "status": "affected",
              "version": "9.12.2.9"
            },
            {
              "status": "affected",
              "version": "9.12.3"
            },
            {
              "status": "affected",
              "version": "9.12.3.2"
            },
            {
              "status": "affected",
              "version": "9.12.3.7"
            },
            {
              "status": "affected",
              "version": "9.12.4"
            },
            {
              "status": "affected",
              "version": "9.12.3.12"
            },
            {
              "status": "affected",
              "version": "9.12.3.9"
            },
            {
              "status": "affected",
              "version": "9.12.2.1"
            },
            {
              "status": "affected",
              "version": "9.12.4.2"
            },
            {
              "status": "affected",
              "version": "9.12.4.4"
            },
            {
              "status": "affected",
              "version": "9.12.4.7"
            },
            {
              "status": "affected",
              "version": "9.12.4.10"
            },
            {
              "status": "affected",
              "version": "9.12.4.13"
            },
            {
              "status": "affected",
              "version": "9.12.4.8"
            },
            {
              "status": "affected",
              "version": "9.12.4.18"
            },
            {
              "status": "affected",
              "version": "9.12.4.24"
            },
            {
              "status": "affected",
              "version": "9.12.4.26"
            },
            {
              "status": "affected",
              "version": "9.12.4.29"
            },
            {
              "status": "affected",
              "version": "9.12.4.30"
            },
            {
              "status": "affected",
              "version": "9.12.4.35"
            },
            {
              "status": "affected",
              "version": "9.12.4.37"
            },
            {
              "status": "affected",
              "version": "9.12.4.38"
            },
            {
              "status": "affected",
              "version": "9.12.4.39"
            },
            {
              "status": "affected",
              "version": "9.12.4.40"
            },
            {
              "status": "affected",
              "version": "9.12.4.41"
            },
            {
              "status": "affected",
              "version": "9.12.4.47"
            },
            {
              "status": "affected",
              "version": "9.12.4.48"
            },
            {
              "status": "affected",
              "version": "9.12.4.50"
            },
            {
              "status": "affected",
              "version": "9.12.4.52"
            },
            {
              "status": "affected",
              "version": "9.12.4.54"
            },
            {
              "status": "affected",
              "version": "9.12.4.55"
            },
            {
              "status": "affected",
              "version": "9.12.4.56"
            },
            {
              "status": "affected",
              "version": "9.12.4.58"
            },
            {
              "status": "affected",
              "version": "9.12.4.62"
            },
            {
              "status": "affected",
              "version": "9.12.4.65"
            },
            {
              "status": "affected",
              "version": "9.12.4.67"
            },
            {
              "status": "affected",
              "version": "9.14.1"
            },
            {
              "status": "affected",
              "version": "9.14.1.10"
            },
            {
              "status": "affected",
              "version": "9.14.1.6"
            },
            {
              "status": "affected",
              "version": "9.14.1.15"
            },
            {
              "status": "affected",
              "version": "9.14.1.19"
            },
            {
              "status": "affected",
              "version": "9.14.1.30"
            },
            {
              "status": "affected",
              "version": "9.14.2"
            },
            {
              "status": "affected",
              "version": "9.14.2.4"
            },
            {
              "status": "affected",
              "version": "9.14.2.8"
            },
            {
              "status": "affected",
              "version": "9.14.2.13"
            },
            {
              "status": "affected",
              "version": "9.14.2.15"
            },
            {
              "status": "affected",
              "version": "9.14.3"
            },
            {
              "status": "affected",
              "version": "9.14.3.1"
            },
            {
              "status": "affected",
              "version": "9.14.3.9"
            },
            {
              "status": "affected",
              "version": "9.14.3.11"
            },
            {
              "status": "affected",
              "version": "9.14.3.13"
            },
            {
              "status": "affected",
              "version": "9.14.3.18"
            },
            {
              "status": "affected",
              "version": "9.14.3.15"
            },
            {
              "status": "affected",
              "version": "9.14.4"
            },
            {
              "status": "affected",
              "version": "9.14.4.6"
            },
            {
              "status": "affected",
              "version": "9.14.4.7"
            },
            {
              "status": "affected",
              "version": "9.14.4.12"
            },
            {
              "status": "affected",
              "version": "9.14.4.13"
            },
            {
              "status": "affected",
              "version": "9.14.4.14"
            },
            {
              "status": "affected",
              "version": "9.14.4.15"
            },
            {
              "status": "affected",
              "version": "9.14.4.17"
            },
            {
              "status": "affected",
              "version": "9.14.4.22"
            },
            {
              "status": "affected",
              "version": "9.14.4.23"
            },
            {
              "status": "affected",
              "version": "9.14.4.24"
            },
            {
              "status": "affected",
              "version": "9.15.1"
            },
            {
              "status": "affected",
              "version": "9.15.1.7"
            },
            {
              "status": "affected",
              "version": "9.15.1.10"
            },
            {
              "status": "affected",
              "version": "9.15.1.15"
            },
            {
              "status": "affected",
              "version": "9.15.1.16"
            },
            {
              "status": "affected",
              "version": "9.15.1.17"
            },
            {
              "status": "affected",
              "version": "9.15.1.1"
            },
            {
              "status": "affected",
              "version": "9.15.1.21"
            },
            {
              "status": "affected",
              "version": "9.16.1"
            },
            {
              "status": "affected",
              "version": "9.16.1.28"
            },
            {
              "status": "affected",
              "version": "9.16.2"
            },
            {
              "status": "affected",
              "version": "9.16.2.3"
            },
            {
              "status": "affected",
              "version": "9.16.2.7"
            },
            {
              "status": "affected",
              "version": "9.16.2.11"
            },
            {
              "status": "affected",
              "version": "9.16.2.13"
            },
            {
              "status": "affected",
              "version": "9.16.2.14"
            },
            {
              "status": "affected",
              "version": "9.16.3"
            },
            {
              "status": "affected",
              "version": "9.16.3.3"
            },
            {
              "status": "affected",
              "version": "9.16.3.14"
            },
            {
              "status": "affected",
              "version": "9.16.3.15"
            },
            {
              "status": "affected",
              "version": "9.16.3.19"
            },
            {
              "status": "affected",
              "version": "9.16.3.23"
            },
            {
              "status": "affected",
              "version": "9.16.4"
            },
            {
              "status": "affected",
              "version": "9.16.4.9"
            },
            {
              "status": "affected",
              "version": "9.16.4.14"
            },
            {
              "status": "affected",
              "version": "9.16.4.18"
            },
            {
              "status": "affected",
              "version": "9.16.4.19"
            },
            {
              "status": "affected",
              "version": "9.16.4.27"
            },
            {
              "status": "affected",
              "version": "9.16.4.38"
            },
            {
              "status": "affected",
              "version": "9.16.4.39"
            },
            {
              "status": "affected",
              "version": "9.16.4.42"
            },
            {
              "status": "affected",
              "version": "9.16.4.48"
            },
            {
              "status": "affected",
              "version": "9.16.4.55"
            },
            {
              "status": "affected",
              "version": "9.16.4.57"
            },
            {
              "status": "affected",
              "version": "9.17.1"
            },
            {
              "status": "affected",
              "version": "9.17.1.7"
            },
            {
              "status": "affected",
              "version": "9.17.1.9"
            },
            {
              "status": "affected",
              "version": "9.17.1.10"
            },
            {
              "status": "affected",
              "version": "9.17.1.11"
            },
            {
              "status": "affected",
              "version": "9.17.1.13"
            },
            {
              "status": "affected",
              "version": "9.17.1.15"
            },
            {
              "status": "affected",
              "version": "9.17.1.20"
            },
            {
              "status": "affected",
              "version": "9.17.1.30"
            },
            {
              "status": "affected",
              "version": "9.17.1.33"
            },
            {
              "status": "affected",
              "version": "9.17.1.39"
            },
            {
              "status": "affected",
              "version": "9.18.1"
            },
            {
              "status": "affected",
              "version": "9.18.1.3"
            },
            {
              "status": "affected",
              "version": "9.18.2"
            },
            {
              "status": "affected",
              "version": "9.18.2.5"
            },
            {
              "status": "affected",
              "version": "9.18.2.7"
            },
            {
              "status": "affected",
              "version": "9.18.2.8"
            },
            {
              "status": "affected",
              "version": "9.18.3"
            },
            {
              "status": "affected",
              "version": "9.18.3.39"
            },
            {
              "status": "affected",
              "version": "9.18.3.46"
            },
            {
              "status": "affected",
              "version": "9.18.3.53"
            },
            {
              "status": "affected",
              "version": "9.18.3.55"
            },
            {
              "status": "affected",
              "version": "9.18.3.56"
            },
            {
              "status": "affected",
              "version": "9.18.4"
            },
            {
              "status": "affected",
              "version": "9.18.4.5"
            },
            {
              "status": "affected",
              "version": "9.18.4.8"
            },
            {
              "status": "affected",
              "version": "9.18.4.22"
            },
            {
              "status": "affected",
              "version": "9.19.1"
            },
            {
              "status": "affected",
              "version": "9.19.1.5"
            },
            {
              "status": "affected",
              "version": "9.19.1.9"
            },
            {
              "status": "affected",
              "version": "9.19.1.12"
            },
            {
              "status": "affected",
              "version": "9.19.1.18"
            },
            {
              "status": "affected",
              "version": "9.19.1.22"
            },
            {
              "status": "affected",
              "version": "9.19.1.24"
            },
            {
              "status": "affected",
              "version": "9.19.1.27"
            },
            {
              "status": "affected",
              "version": "9.19.1.28"
            },
            {
              "status": "affected",
              "version": "9.20.1"
            },
            {
              "status": "affected",
              "version": "9.20.1.5"
            },
            {
              "status": "affected",
              "version": "9.20.2"
            },
            {
              "status": "affected",
              "version": "9.20.2.10"
            }
          ]
        },
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "6.2.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.1"
            },
            {
              "status": "affected",
              "version": "6.2.3.2"
            },
            {
              "status": "affected",
              "version": "6.2.3.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.4"
            },
            {
              "status": "affected",
              "version": "6.2.3.5"
            },
            {
              "status": "affected",
              "version": "6.2.3.6"
            },
            {
              "status": "affected",
              "version": "6.2.3.7"
            },
            {
              "status": "affected",
              "version": "6.2.3.8"
            },
            {
              "status": "affected",
              "version": "6.2.3.10"
            },
            {
              "status": "affected",
              "version": "6.2.3.11"
            },
            {
              "status": "affected",
              "version": "6.2.3.9"
            },
            {
              "status": "affected",
              "version": "6.2.3.12"
            },
            {
              "status": "affected",
              "version": "6.2.3.13"
            },
            {
              "status": "affected",
              "version": "6.2.3.14"
            },
            {
              "status": "affected",
              "version": "6.2.3.15"
            },
            {
              "status": "affected",
              "version": "6.2.3.16"
            },
            {
              "status": "affected",
              "version": "6.2.3.17"
            },
            {
              "status": "affected",
              "version": "6.2.3.18"
            },
            {
              "status": "affected",
              "version": "6.6.0"
            },
            {
              "status": "affected",
              "version": "6.6.0.1"
            },
            {
              "status": "affected",
              "version": "6.6.1"
            },
            {
              "status": "affected",
              "version": "6.6.3"
            },
            {
              "status": "affected",
              "version": "6.6.4"
            },
            {
              "status": "affected",
              "version": "6.6.5"
            },
            {
              "status": "affected",
              "version": "6.6.5.1"
            },
            {
              "status": "affected",
              "version": "6.6.5.2"
            },
            {
              "status": "affected",
              "version": "6.6.7"
            },
            {
              "status": "affected",
              "version": "6.6.7.1"
            },
            {
              "status": "affected",
              "version": "6.6.7.2"
            },
            {
              "status": "affected",
              "version": "6.4.0"
            },
            {
              "status": "affected",
              "version": "6.4.0.1"
            },
            {
              "status": "affected",
              "version": "6.4.0.3"
            },
            {
              "status": "affected",
              "version": "6.4.0.2"
            },
            {
              "status": "affected",
              "version": "6.4.0.4"
            },
            {
              "status": "affected",
              "version": "6.4.0.5"
            },
            {
              "status": "affected",
              "version": "6.4.0.6"
            },
            {
              "status": "affected",
              "version": "6.4.0.7"
            },
            {
              "status": "affected",
              "version": "6.4.0.8"
            },
            {
              "status": "affected",
              "version": "6.4.0.9"
            },
            {
              "status": "affected",
              "version": "6.4.0.10"
            },
            {
              "status": "affected",
              "version": "6.4.0.11"
            },
            {
              "status": "affected",
              "version": "6.4.0.12"
            },
            {
              "status": "affected",
              "version": "6.4.0.13"
            },
            {
              "status": "affected",
              "version": "6.4.0.14"
            },
            {
              "status": "affected",
              "version": "6.4.0.15"
            },
            {
              "status": "affected",
              "version": "6.4.0.16"
            },
            {
              "status": "affected",
              "version": "6.4.0.17"
            },
            {
              "status": "affected",
              "version": "6.4.0.18"
            },
            {
              "status": "affected",
              "version": "6.7.0"
            },
            {
              "status": "affected",
              "version": "6.7.0.1"
            },
            {
              "status": "affected",
              "version": "6.7.0.2"
            },
            {
              "status": "affected",
              "version": "6.7.0.3"
            },
            {
              "status": "affected",
              "version": "7.0.0"
            },
            {
              "status": "affected",
              "version": "7.0.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1.1"
            },
            {
              "status": "affected",
              "version": "7.0.2"
            },
            {
              "status": "affected",
              "version": "7.0.2.1"
            },
            {
              "status": "affected",
              "version": "7.0.3"
            },
            {
              "status": "affected",
              "version": "7.0.4"
            },
            {
              "status": "affected",
              "version": "7.0.5"
            },
            {
              "status": "affected",
              "version": "7.0.6"
            },
            {
              "status": "affected",
              "version": "7.0.6.1"
            },
            {
              "status": "affected",
              "version": "7.0.6.2"
            },
            {
              "status": "affected",
              "version": "7.1.0"
            },
            {
              "status": "affected",
              "version": "7.1.0.1"
            },
            {
              "status": "affected",
              "version": "7.1.0.2"
            },
            {
              "status": "affected",
              "version": "7.1.0.3"
            },
            {
              "status": "affected",
              "version": "7.2.0"
            },
            {
              "status": "affected",
              "version": "7.2.0.1"
            },
            {
              "status": "affected",
              "version": "7.2.1"
            },
            {
              "status": "affected",
              "version": "7.2.2"
            },
            {
              "status": "affected",
              "version": "7.2.3"
            },
            {
              "status": "affected",
              "version": "7.2.4"
            },
            {
              "status": "affected",
              "version": "7.2.4.1"
            },
            {
              "status": "affected",
              "version": "7.2.5"
            },
            {
              "status": "affected",
              "version": "7.2.5.1"
            },
            {
              "status": "affected",
              "version": "7.2.6"
            },
            {
              "status": "affected",
              "version": "7.2.7"
            },
            {
              "status": "affected",
              "version": "7.2.5.2"
            },
            {
              "status": "affected",
              "version": "7.2.8"
            },
            {
              "status": "affected",
              "version": "7.2.8.1"
            },
            {
              "status": "affected",
              "version": "7.3.0"
            },
            {
              "status": "affected",
              "version": "7.3.1"
            },
            {
              "status": "affected",
              "version": "7.3.1.1"
            },
            {
              "status": "affected",
              "version": "7.3.1.2"
            },
            {
              "status": "affected",
              "version": "7.4.0"
            },
            {
              "status": "affected",
              "version": "7.4.1"
            },
            {
              "status": "affected",
              "version": "7.4.1.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Dynamic Access Policies (DAP) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause an affected device to reload unexpectedly. To exploit this vulnerability, an attacker would need valid remote access VPN user credentials on the affected device.\r\n\r This vulnerability is due to improper validation of data in HTTPS POST requests. An attacker could exploit this vulnerability by sending a crafted HTTPS POST request to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a denial of service (DoS) condition."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1287",
              "description": "Improper Validation of Specified Type of Input",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-23T17:37:12.496Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-asaftd-dap-dos-bhEkP7n",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dap-dos-bhEkP7n"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asaftd-dap-dos-bhEkP7n",
        "defects": [
          "CSCwj15792"
        ],
        "discovery": "EXTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2024-20408",
    "datePublished": "2024-10-23T17:37:12.496Z",
    "dateReserved": "2023-11-08T15:08:07.661Z",
    "dateUpdated": "2024-10-24T17:47:04.680Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-40117 (GCVE-0-2021-40117)

Vulnerability from cvelistv5

Published

2021-10-27 18:56

Modified

2024-11-07 21:45

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-119

Summary

A vulnerability in SSL/TLS message handler for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability exists because incoming SSL/TLS packets are not properly processed. An attacker could exploit this vulnerability by sending a crafted SSL/TLS packet to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dos-4ygzLKU9	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Adaptive Security Appliance (ASA) Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T02:27:31.839Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20211027 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL/TLS Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dos-4ygzLKU9"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-40117",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-07T21:44:23.302529Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-07T21:45:24.364Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2021-10-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in SSL/TLS message handler for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability exists because incoming SSL/TLS packets are not properly processed. An attacker could exploit this vulnerability by sending a crafted SSL/TLS packet to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-119",
              "description": "CWE-119",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-27T18:56:48",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20211027 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL/TLS Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dos-4ygzLKU9"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asaftd-dos-4ygzLKU9",
        "defect": [
          [
            "CSCvy43187"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL/TLS Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2021-10-27T16:00:00",
          "ID": "CVE-2021-40117",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL/TLS Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in SSL/TLS message handler for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability exists because incoming SSL/TLS packets are not properly processed. An attacker could exploit this vulnerability by sending a crafted SSL/TLS packet to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.6",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-119"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20211027 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL/TLS Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dos-4ygzLKU9"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-asaftd-dos-4ygzLKU9",
          "defect": [
            [
              "CSCvy43187"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2021-40117",
    "datePublished": "2021-10-27T18:56:48.507586Z",
    "dateReserved": "2021-08-25T00:00:00",
    "dateUpdated": "2024-11-07T21:45:24.364Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-20946 (GCVE-0-2022-20946)

Vulnerability from cvelistv5

Published

2022-11-10 17:29

Modified

2024-08-03 02:31

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-122 - Heap-based Buffer Overflow

Summary

A vulnerability in the generic routing encapsulation (GRE) tunnel decapsulation feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to a memory handling error that occurs when GRE traffic is processed. An attacker could exploit this vulnerability by sending a crafted GRE payload through an affected device. A successful exploit could allow the attacker to cause the device to restart, resulting in a DoS condition. https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-gre-dos-hmedHQPM ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-gre-dos-hmedHQPM"] This advisory is part of the November 2022 release of the Cisco ASA, FTD, and FMC Security Advisory Bundled publication.

References

▼	URL	Tags
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-gre-dos-hmedHQPM

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Threat Defense Software	Version: 6.6.0 Version: 6.6.0.1 Version: 6.6.1 Version: 6.6.3 Version: 6.6.4 Version: 6.6.5 Version: 6.6.5.1 Version: 6.6.5.2 Version: 6.4.0 Version: 6.4.0.1 Version: 6.4.0.3 Version: 6.4.0.2 Version: 6.4.0.4 Version: 6.4.0.5 Version: 6.4.0.6 Version: 6.4.0.7 Version: 6.4.0.8 Version: 6.4.0.9 Version: 6.4.0.10 Version: 6.4.0.11 Version: 6.4.0.12 Version: 6.4.0.13 Version: 6.4.0.14 Version: 6.4.0.15 Version: 6.7.0 Version: 6.7.0.1 Version: 6.7.0.2 Version: 6.7.0.3 Version: 7.0.0 Version: 7.0.0.1 Version: 7.0.1 Version: 7.0.1.1 Version: 7.0.2 Version: 7.0.2.1 Version: 7.0.3 Version: 7.1.0 Version: 7.1.0.1 Version: 7.1.0.2

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T02:31:58.684Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "cisco-sa-ftd-gre-dos-hmedHQPM",
            "tags": [
              "x_transferred"
            ],
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-gre-dos-hmedHQPM"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "6.6.0"
            },
            {
              "status": "affected",
              "version": "6.6.0.1"
            },
            {
              "status": "affected",
              "version": "6.6.1"
            },
            {
              "status": "affected",
              "version": "6.6.3"
            },
            {
              "status": "affected",
              "version": "6.6.4"
            },
            {
              "status": "affected",
              "version": "6.6.5"
            },
            {
              "status": "affected",
              "version": "6.6.5.1"
            },
            {
              "status": "affected",
              "version": "6.6.5.2"
            },
            {
              "status": "affected",
              "version": "6.4.0"
            },
            {
              "status": "affected",
              "version": "6.4.0.1"
            },
            {
              "status": "affected",
              "version": "6.4.0.3"
            },
            {
              "status": "affected",
              "version": "6.4.0.2"
            },
            {
              "status": "affected",
              "version": "6.4.0.4"
            },
            {
              "status": "affected",
              "version": "6.4.0.5"
            },
            {
              "status": "affected",
              "version": "6.4.0.6"
            },
            {
              "status": "affected",
              "version": "6.4.0.7"
            },
            {
              "status": "affected",
              "version": "6.4.0.8"
            },
            {
              "status": "affected",
              "version": "6.4.0.9"
            },
            {
              "status": "affected",
              "version": "6.4.0.10"
            },
            {
              "status": "affected",
              "version": "6.4.0.11"
            },
            {
              "status": "affected",
              "version": "6.4.0.12"
            },
            {
              "status": "affected",
              "version": "6.4.0.13"
            },
            {
              "status": "affected",
              "version": "6.4.0.14"
            },
            {
              "status": "affected",
              "version": "6.4.0.15"
            },
            {
              "status": "affected",
              "version": "6.7.0"
            },
            {
              "status": "affected",
              "version": "6.7.0.1"
            },
            {
              "status": "affected",
              "version": "6.7.0.2"
            },
            {
              "status": "affected",
              "version": "6.7.0.3"
            },
            {
              "status": "affected",
              "version": "7.0.0"
            },
            {
              "status": "affected",
              "version": "7.0.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1.1"
            },
            {
              "status": "affected",
              "version": "7.0.2"
            },
            {
              "status": "affected",
              "version": "7.0.2.1"
            },
            {
              "status": "affected",
              "version": "7.0.3"
            },
            {
              "status": "affected",
              "version": "7.1.0"
            },
            {
              "status": "affected",
              "version": "7.1.0.1"
            },
            {
              "status": "affected",
              "version": "7.1.0.2"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the generic routing encapsulation (GRE) tunnel decapsulation feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\r\n\r This vulnerability is due to a memory handling error that occurs when GRE traffic is processed. An attacker could exploit this vulnerability by sending a crafted GRE payload through an affected device. A successful exploit could allow the attacker to cause the device to restart, resulting in a DoS condition.\r\n\r    \r\n\r  https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-gre-dos-hmedHQPM [\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-gre-dos-hmedHQPM\"]\r\n\r \r This advisory is part of the November 2022 release of the Cisco ASA, FTD, and FMC Security Advisory Bundled publication."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-122",
              "description": "Heap-based Buffer Overflow",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-25T16:57:19.097Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-ftd-gre-dos-hmedHQPM",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-gre-dos-hmedHQPM"
        }
      ],
      "source": {
        "advisory": "cisco-sa-ftd-gre-dos-hmedHQPM",
        "defects": [
          "CSCwb66761"
        ],
        "discovery": "INTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2022-20946",
    "datePublished": "2022-11-10T17:29:08.400Z",
    "dateReserved": "2021-11-02T13:28:29.194Z",
    "dateUpdated": "2024-08-03T02:31:58.684Z",
    "requesterUserId": "4087f8c1-b21c-479b-99df-de23cb76b743",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-20359 (GCVE-0-2024-20359)

Vulnerability from cvelistv5

Published

2024-04-24 18:16

Modified

2025-07-30 01:37

Severity ?

6.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

CWE

CWE-94 - Improper Control of Generation of Code ('Code Injection')

Summary

A vulnerability in a legacy capability that allowed for the preloading of VPN clients and plug-ins and that has been available in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary code with root-level privileges. Administrator-level privileges are required to exploit this vulnerability. This vulnerability is due to improper validation of a file when it is read from system flash memory. An attacker could exploit this vulnerability by copying a crafted file to the disk0: file system of an affected device. A successful exploit could allow the attacker to execute arbitrary code on the affected device after the next reload of the device, which could alter system behavior. Because the injected code could persist across device reboots, Cisco has raised the Security Impact Rating (SIR) of this advisory from Medium to High.

References

▼	URL	Tags
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-persist-rce-FLsNXF4h

Impacted products

Vendor

Product

Version

▼

Cisco

Cisco Adaptive Security Appliance (ASA) Software

Version: 9.8.1
Version: 9.8.1.5
Version: 9.8.1.7
Version: 9.8.2
Version: 9.8.2.8
Version: 9.8.2.14
Version: 9.8.2.15
Version: 9.8.2.17
Version: 9.8.2.20
Version: 9.8.2.24
Version: 9.8.2.26
Version: 9.8.2.28
Version: 9.8.2.33
Version: 9.8.2.35
Version: 9.8.2.38
Version: 9.8.3.8
Version: 9.8.3.11
Version: 9.8.3.14
Version: 9.8.3.16
Version: 9.8.3.18
Version: 9.8.3.21
Version: 9.8.3
Version: 9.8.3.26
Version: 9.8.3.29
Version: 9.8.4
Version: 9.8.4.3
Version: 9.8.4.7
Version: 9.8.4.8
Version: 9.8.4.10
Version: 9.8.4.12
Version: 9.8.4.15
Version: 9.8.4.17
Version: 9.8.4.25
Version: 9.8.4.20
Version: 9.8.4.22
Version: 9.8.4.26
Version: 9.8.4.29
Version: 9.8.4.32
Version: 9.8.4.33
Version: 9.8.4.34
Version: 9.8.4.35
Version: 9.8.4.39
Version: 9.8.4.40
Version: 9.8.4.41
Version: 9.8.4.43
Version: 9.8.4.44
Version: 9.8.4.45
Version: 9.8.4.46
Version: 9.8.4.48
Version: 9.12.1
Version: 9.12.1.2
Version: 9.12.1.3
Version: 9.12.2
Version: 9.12.2.4
Version: 9.12.2.5
Version: 9.12.2.9
Version: 9.12.3
Version: 9.12.3.2
Version: 9.12.3.7
Version: 9.12.4
Version: 9.12.3.12
Version: 9.12.3.9
Version: 9.12.2.1
Version: 9.12.4.2
Version: 9.12.4.4
Version: 9.12.4.7
Version: 9.12.4.10
Version: 9.12.4.13
Version: 9.12.4.8
Version: 9.12.4.18
Version: 9.12.4.24
Version: 9.12.4.26
Version: 9.12.4.29
Version: 9.12.4.30
Version: 9.12.4.35
Version: 9.12.4.37
Version: 9.12.4.38
Version: 9.12.4.39
Version: 9.12.4.40
Version: 9.12.4.41
Version: 9.12.4.47
Version: 9.12.4.48
Version: 9.12.4.50
Version: 9.12.4.52
Version: 9.12.4.54
Version: 9.12.4.55
Version: 9.12.4.56
Version: 9.12.4.58
Version: 9.12.4.62
Version: 9.12.4.65
Version: 9.14.1
Version: 9.14.1.10
Version: 9.14.1.6
Version: 9.14.1.15
Version: 9.14.1.19
Version: 9.14.1.30
Version: 9.14.2
Version: 9.14.2.4
Version: 9.14.2.8
Version: 9.14.2.13
Version: 9.14.2.15
Version: 9.14.3
Version: 9.14.3.1
Version: 9.14.3.9
Version: 9.14.3.11
Version: 9.14.3.13
Version: 9.14.3.18
Version: 9.14.3.15
Version: 9.14.4
Version: 9.14.4.6
Version: 9.14.4.7
Version: 9.14.4.12
Version: 9.14.4.13
Version: 9.14.4.14
Version: 9.14.4.15
Version: 9.14.4.17
Version: 9.14.4.22
Version: 9.14.4.23
Version: 9.15.1
Version: 9.15.1.7
Version: 9.15.1.10
Version: 9.15.1.15
Version: 9.15.1.16
Version: 9.15.1.17
Version: 9.15.1.1
Version: 9.15.1.21
Version: 9.16.1
Version: 9.16.1.28
Version: 9.16.2
Version: 9.16.2.3
Version: 9.16.2.7
Version: 9.16.2.11
Version: 9.16.2.13
Version: 9.16.2.14
Version: 9.16.3
Version: 9.16.3.3
Version: 9.16.3.14
Version: 9.16.3.15
Version: 9.16.3.19
Version: 9.16.3.23
Version: 9.16.4
Version: 9.16.4.9
Version: 9.16.4.14
Version: 9.16.4.18
Version: 9.16.4.19
Version: 9.16.4.27
Version: 9.16.4.38
Version: 9.16.4.39
Version: 9.16.4.42
Version: 9.16.4.48
Version: 9.16.4.55
Version: 9.17.1
Version: 9.17.1.7
Version: 9.17.1.9
Version: 9.17.1.10
Version: 9.17.1.11
Version: 9.17.1.13
Version: 9.17.1.15
Version: 9.17.1.20
Version: 9.17.1.30
Version: 9.17.1.33
Version: 9.18.1
Version: 9.18.1.3
Version: 9.18.2
Version: 9.18.2.5
Version: 9.18.2.7
Version: 9.18.2.8
Version: 9.18.3
Version: 9.18.3.39
Version: 9.18.3.46
Version: 9.18.3.53
Version: 9.18.3.55
Version: 9.18.3.56
Version: 9.18.4
Version: 9.18.4.5
Version: 9.18.4.8
Version: 9.19.1
Version: 9.19.1.5
Version: 9.19.1.9
Version: 9.19.1.12
Version: 9.19.1.18
Version: 9.19.1.22
Version: 9.19.1.24
Version: 9.19.1.27
Version: 9.20.1
Version: 9.20.1.5
Version: 9.20.2

Cisco

Cisco Firepower Threat Defense Software

Version: 6.2.3
Version: 6.2.3.1
Version: 6.2.3.2
Version: 6.2.3.3
Version: 6.2.3.4
Version: 6.2.3.5
Version: 6.2.3.6
Version: 6.2.3.7
Version: 6.2.3.8
Version: 6.2.3.10
Version: 6.2.3.11
Version: 6.2.3.9
Version: 6.2.3.12
Version: 6.2.3.13
Version: 6.2.3.14
Version: 6.2.3.15
Version: 6.2.3.16
Version: 6.2.3.17
Version: 6.2.3.18
Version: 6.6.0
Version: 6.6.0.1
Version: 6.6.1
Version: 6.6.3
Version: 6.6.4
Version: 6.6.5
Version: 6.6.5.1
Version: 6.6.5.2
Version: 6.6.7
Version: 6.6.7.1
Version: 6.4.0
Version: 6.4.0.1
Version: 6.4.0.3
Version: 6.4.0.2
Version: 6.4.0.4
Version: 6.4.0.5
Version: 6.4.0.6
Version: 6.4.0.7
Version: 6.4.0.8
Version: 6.4.0.9
Version: 6.4.0.10
Version: 6.4.0.11
Version: 6.4.0.12
Version: 6.4.0.13
Version: 6.4.0.14
Version: 6.4.0.15
Version: 6.4.0.16
Version: 6.4.0.17
Version: 6.7.0
Version: 6.7.0.1
Version: 6.7.0.2
Version: 6.7.0.3
Version: 7.0.0
Version: 7.0.0.1
Version: 7.0.1
Version: 7.0.1.1
Version: 7.0.2
Version: 7.0.2.1
Version: 7.0.3
Version: 7.0.4
Version: 7.0.5
Version: 7.0.6
Version: 7.0.6.1
Version: 7.1.0
Version: 7.1.0.1
Version: 7.1.0.2
Version: 7.1.0.3
Version: 7.2.0
Version: 7.2.0.1
Version: 7.2.1
Version: 7.2.2
Version: 7.2.3
Version: 7.2.4
Version: 7.2.4.1
Version: 7.2.5
Version: 7.2.5.1
Version: 7.3.0
Version: 7.3.1
Version: 7.3.1.1
Version: 7.4.0
Version: 7.4.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:cisco:asa:9.12.1:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "asa",
            "vendor": "cisco",
            "versions": [
              {
                "lessThanOrEqual": "9.12.4.65",
                "status": "affected",
                "version": "9.12.1",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:asa:9.14.1:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "asa",
            "vendor": "cisco",
            "versions": [
              {
                "lessThan": "9.14.4.23",
                "status": "affected",
                "version": "9.14.1",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:asa:9.15.1:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "asa",
            "vendor": "cisco",
            "versions": [
              {
                "lessThanOrEqual": "9.15.1.21",
                "status": "affected",
                "version": "9.15.1",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:asa:9.16.1:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "asa",
            "vendor": "cisco",
            "versions": [
              {
                "lessThanOrEqual": "9.16.4.55",
                "status": "affected",
                "version": "9.16.1",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:asa:9.17.1:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "asa",
            "vendor": "cisco",
            "versions": [
              {
                "lessThanOrEqual": "9.17.1.33",
                "status": "affected",
                "version": "9.17.1",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:asa:9.18.1:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "asa",
            "vendor": "cisco",
            "versions": [
              {
                "lessThanOrEqual": "9.18.4.8",
                "status": "affected",
                "version": "9.18.1",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:asa:9.19.1:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "asa",
            "vendor": "cisco",
            "versions": [
              {
                "lessThanOrEqual": "9.19.1.27",
                "status": "affected",
                "version": "9.19.1",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:asa:9.20.1:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "asa",
            "vendor": "cisco",
            "versions": [
              {
                "lessThanOrEqual": "9.20.2",
                "status": "affected",
                "version": "9.20.1",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:firepower_threat_defense_software:6.2.3:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "firepower_threat_defense_software",
            "vendor": "cisco",
            "versions": [
              {
                "lessThanOrEqual": "6.2.3.18",
                "status": "affected",
                "version": "6.2.3",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:firepower_threat_defense_software:6.6.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "firepower_threat_defense_software",
            "vendor": "cisco",
            "versions": [
              {
                "lessThanOrEqual": "6.6.7.1",
                "status": "affected",
                "version": "6.6.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:firepower_threat_defense_software:6.4.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "firepower_threat_defense_software",
            "vendor": "cisco",
            "versions": [
              {
                "lessThanOrEqual": "6.4.0.17",
                "status": "affected",
                "version": "6.4.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:firepower_threat_defense_software:6.7.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "firepower_threat_defense_software",
            "vendor": "cisco",
            "versions": [
              {
                "lessThanOrEqual": "6.7.0.3",
                "status": "affected",
                "version": "6.7.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:firepower_threat_defense_software:7.0.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "firepower_threat_defense_software",
            "vendor": "cisco",
            "versions": [
              {
                "lessThanOrEqual": "7.0.6",
                "status": "affected",
                "version": "7.0.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:firepower_threat_defense_software:7.1.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "firepower_threat_defense_software",
            "vendor": "cisco",
            "versions": [
              {
                "lessThanOrEqual": "7.1.0.3",
                "status": "affected",
                "version": "7.1.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:firepower_threat_defense_software:7.2.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "firepower_threat_defense_software",
            "vendor": "cisco",
            "versions": [
              {
                "lessThanOrEqual": "7.2.4.1",
                "status": "affected",
                "version": "7.2.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:firepower_threat_defense_software:7.3.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "firepower_threat_defense_software",
            "vendor": "cisco",
            "versions": [
              {
                "lessThanOrEqual": "7.3.1.1",
                "status": "affected",
                "version": "7.3.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:firepower_threat_defense_software:7.4.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "firepower_threat_defense_software",
            "vendor": "cisco",
            "versions": [
              {
                "lessThanOrEqual": "7.4.1",
                "status": "affected",
                "version": "7.4.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:asa:9.8.1:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "asa",
            "vendor": "cisco",
            "versions": [
              {
                "lessThanOrEqual": "9.8.4.48",
                "status": "affected",
                "version": "9.8.1",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-20359",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-04-30T13:04:16.676593Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2024-04-24",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-20359"
              },
              "type": "kev"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-30T01:37:04.169Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://blog.talosintelligence.com/arcanedoor-new-espionage-focused-campaign-found-targeting-perimeter-network-devices/"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2024-04-24T00:00:00+00:00",
            "value": "CVE-2024-20359 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T21:59:42.379Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "cisco-sa-asaftd-persist-rce-FLsNXF4h",
            "tags": [
              "x_transferred"
            ],
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-persist-rce-FLsNXF4h"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "9.8.1"
            },
            {
              "status": "affected",
              "version": "9.8.1.5"
            },
            {
              "status": "affected",
              "version": "9.8.1.7"
            },
            {
              "status": "affected",
              "version": "9.8.2"
            },
            {
              "status": "affected",
              "version": "9.8.2.8"
            },
            {
              "status": "affected",
              "version": "9.8.2.14"
            },
            {
              "status": "affected",
              "version": "9.8.2.15"
            },
            {
              "status": "affected",
              "version": "9.8.2.17"
            },
            {
              "status": "affected",
              "version": "9.8.2.20"
            },
            {
              "status": "affected",
              "version": "9.8.2.24"
            },
            {
              "status": "affected",
              "version": "9.8.2.26"
            },
            {
              "status": "affected",
              "version": "9.8.2.28"
            },
            {
              "status": "affected",
              "version": "9.8.2.33"
            },
            {
              "status": "affected",
              "version": "9.8.2.35"
            },
            {
              "status": "affected",
              "version": "9.8.2.38"
            },
            {
              "status": "affected",
              "version": "9.8.3.8"
            },
            {
              "status": "affected",
              "version": "9.8.3.11"
            },
            {
              "status": "affected",
              "version": "9.8.3.14"
            },
            {
              "status": "affected",
              "version": "9.8.3.16"
            },
            {
              "status": "affected",
              "version": "9.8.3.18"
            },
            {
              "status": "affected",
              "version": "9.8.3.21"
            },
            {
              "status": "affected",
              "version": "9.8.3"
            },
            {
              "status": "affected",
              "version": "9.8.3.26"
            },
            {
              "status": "affected",
              "version": "9.8.3.29"
            },
            {
              "status": "affected",
              "version": "9.8.4"
            },
            {
              "status": "affected",
              "version": "9.8.4.3"
            },
            {
              "status": "affected",
              "version": "9.8.4.7"
            },
            {
              "status": "affected",
              "version": "9.8.4.8"
            },
            {
              "status": "affected",
              "version": "9.8.4.10"
            },
            {
              "status": "affected",
              "version": "9.8.4.12"
            },
            {
              "status": "affected",
              "version": "9.8.4.15"
            },
            {
              "status": "affected",
              "version": "9.8.4.17"
            },
            {
              "status": "affected",
              "version": "9.8.4.25"
            },
            {
              "status": "affected",
              "version": "9.8.4.20"
            },
            {
              "status": "affected",
              "version": "9.8.4.22"
            },
            {
              "status": "affected",
              "version": "9.8.4.26"
            },
            {
              "status": "affected",
              "version": "9.8.4.29"
            },
            {
              "status": "affected",
              "version": "9.8.4.32"
            },
            {
              "status": "affected",
              "version": "9.8.4.33"
            },
            {
              "status": "affected",
              "version": "9.8.4.34"
            },
            {
              "status": "affected",
              "version": "9.8.4.35"
            },
            {
              "status": "affected",
              "version": "9.8.4.39"
            },
            {
              "status": "affected",
              "version": "9.8.4.40"
            },
            {
              "status": "affected",
              "version": "9.8.4.41"
            },
            {
              "status": "affected",
              "version": "9.8.4.43"
            },
            {
              "status": "affected",
              "version": "9.8.4.44"
            },
            {
              "status": "affected",
              "version": "9.8.4.45"
            },
            {
              "status": "affected",
              "version": "9.8.4.46"
            },
            {
              "status": "affected",
              "version": "9.8.4.48"
            },
            {
              "status": "affected",
              "version": "9.12.1"
            },
            {
              "status": "affected",
              "version": "9.12.1.2"
            },
            {
              "status": "affected",
              "version": "9.12.1.3"
            },
            {
              "status": "affected",
              "version": "9.12.2"
            },
            {
              "status": "affected",
              "version": "9.12.2.4"
            },
            {
              "status": "affected",
              "version": "9.12.2.5"
            },
            {
              "status": "affected",
              "version": "9.12.2.9"
            },
            {
              "status": "affected",
              "version": "9.12.3"
            },
            {
              "status": "affected",
              "version": "9.12.3.2"
            },
            {
              "status": "affected",
              "version": "9.12.3.7"
            },
            {
              "status": "affected",
              "version": "9.12.4"
            },
            {
              "status": "affected",
              "version": "9.12.3.12"
            },
            {
              "status": "affected",
              "version": "9.12.3.9"
            },
            {
              "status": "affected",
              "version": "9.12.2.1"
            },
            {
              "status": "affected",
              "version": "9.12.4.2"
            },
            {
              "status": "affected",
              "version": "9.12.4.4"
            },
            {
              "status": "affected",
              "version": "9.12.4.7"
            },
            {
              "status": "affected",
              "version": "9.12.4.10"
            },
            {
              "status": "affected",
              "version": "9.12.4.13"
            },
            {
              "status": "affected",
              "version": "9.12.4.8"
            },
            {
              "status": "affected",
              "version": "9.12.4.18"
            },
            {
              "status": "affected",
              "version": "9.12.4.24"
            },
            {
              "status": "affected",
              "version": "9.12.4.26"
            },
            {
              "status": "affected",
              "version": "9.12.4.29"
            },
            {
              "status": "affected",
              "version": "9.12.4.30"
            },
            {
              "status": "affected",
              "version": "9.12.4.35"
            },
            {
              "status": "affected",
              "version": "9.12.4.37"
            },
            {
              "status": "affected",
              "version": "9.12.4.38"
            },
            {
              "status": "affected",
              "version": "9.12.4.39"
            },
            {
              "status": "affected",
              "version": "9.12.4.40"
            },
            {
              "status": "affected",
              "version": "9.12.4.41"
            },
            {
              "status": "affected",
              "version": "9.12.4.47"
            },
            {
              "status": "affected",
              "version": "9.12.4.48"
            },
            {
              "status": "affected",
              "version": "9.12.4.50"
            },
            {
              "status": "affected",
              "version": "9.12.4.52"
            },
            {
              "status": "affected",
              "version": "9.12.4.54"
            },
            {
              "status": "affected",
              "version": "9.12.4.55"
            },
            {
              "status": "affected",
              "version": "9.12.4.56"
            },
            {
              "status": "affected",
              "version": "9.12.4.58"
            },
            {
              "status": "affected",
              "version": "9.12.4.62"
            },
            {
              "status": "affected",
              "version": "9.12.4.65"
            },
            {
              "status": "affected",
              "version": "9.14.1"
            },
            {
              "status": "affected",
              "version": "9.14.1.10"
            },
            {
              "status": "affected",
              "version": "9.14.1.6"
            },
            {
              "status": "affected",
              "version": "9.14.1.15"
            },
            {
              "status": "affected",
              "version": "9.14.1.19"
            },
            {
              "status": "affected",
              "version": "9.14.1.30"
            },
            {
              "status": "affected",
              "version": "9.14.2"
            },
            {
              "status": "affected",
              "version": "9.14.2.4"
            },
            {
              "status": "affected",
              "version": "9.14.2.8"
            },
            {
              "status": "affected",
              "version": "9.14.2.13"
            },
            {
              "status": "affected",
              "version": "9.14.2.15"
            },
            {
              "status": "affected",
              "version": "9.14.3"
            },
            {
              "status": "affected",
              "version": "9.14.3.1"
            },
            {
              "status": "affected",
              "version": "9.14.3.9"
            },
            {
              "status": "affected",
              "version": "9.14.3.11"
            },
            {
              "status": "affected",
              "version": "9.14.3.13"
            },
            {
              "status": "affected",
              "version": "9.14.3.18"
            },
            {
              "status": "affected",
              "version": "9.14.3.15"
            },
            {
              "status": "affected",
              "version": "9.14.4"
            },
            {
              "status": "affected",
              "version": "9.14.4.6"
            },
            {
              "status": "affected",
              "version": "9.14.4.7"
            },
            {
              "status": "affected",
              "version": "9.14.4.12"
            },
            {
              "status": "affected",
              "version": "9.14.4.13"
            },
            {
              "status": "affected",
              "version": "9.14.4.14"
            },
            {
              "status": "affected",
              "version": "9.14.4.15"
            },
            {
              "status": "affected",
              "version": "9.14.4.17"
            },
            {
              "status": "affected",
              "version": "9.14.4.22"
            },
            {
              "status": "affected",
              "version": "9.14.4.23"
            },
            {
              "status": "affected",
              "version": "9.15.1"
            },
            {
              "status": "affected",
              "version": "9.15.1.7"
            },
            {
              "status": "affected",
              "version": "9.15.1.10"
            },
            {
              "status": "affected",
              "version": "9.15.1.15"
            },
            {
              "status": "affected",
              "version": "9.15.1.16"
            },
            {
              "status": "affected",
              "version": "9.15.1.17"
            },
            {
              "status": "affected",
              "version": "9.15.1.1"
            },
            {
              "status": "affected",
              "version": "9.15.1.21"
            },
            {
              "status": "affected",
              "version": "9.16.1"
            },
            {
              "status": "affected",
              "version": "9.16.1.28"
            },
            {
              "status": "affected",
              "version": "9.16.2"
            },
            {
              "status": "affected",
              "version": "9.16.2.3"
            },
            {
              "status": "affected",
              "version": "9.16.2.7"
            },
            {
              "status": "affected",
              "version": "9.16.2.11"
            },
            {
              "status": "affected",
              "version": "9.16.2.13"
            },
            {
              "status": "affected",
              "version": "9.16.2.14"
            },
            {
              "status": "affected",
              "version": "9.16.3"
            },
            {
              "status": "affected",
              "version": "9.16.3.3"
            },
            {
              "status": "affected",
              "version": "9.16.3.14"
            },
            {
              "status": "affected",
              "version": "9.16.3.15"
            },
            {
              "status": "affected",
              "version": "9.16.3.19"
            },
            {
              "status": "affected",
              "version": "9.16.3.23"
            },
            {
              "status": "affected",
              "version": "9.16.4"
            },
            {
              "status": "affected",
              "version": "9.16.4.9"
            },
            {
              "status": "affected",
              "version": "9.16.4.14"
            },
            {
              "status": "affected",
              "version": "9.16.4.18"
            },
            {
              "status": "affected",
              "version": "9.16.4.19"
            },
            {
              "status": "affected",
              "version": "9.16.4.27"
            },
            {
              "status": "affected",
              "version": "9.16.4.38"
            },
            {
              "status": "affected",
              "version": "9.16.4.39"
            },
            {
              "status": "affected",
              "version": "9.16.4.42"
            },
            {
              "status": "affected",
              "version": "9.16.4.48"
            },
            {
              "status": "affected",
              "version": "9.16.4.55"
            },
            {
              "status": "affected",
              "version": "9.17.1"
            },
            {
              "status": "affected",
              "version": "9.17.1.7"
            },
            {
              "status": "affected",
              "version": "9.17.1.9"
            },
            {
              "status": "affected",
              "version": "9.17.1.10"
            },
            {
              "status": "affected",
              "version": "9.17.1.11"
            },
            {
              "status": "affected",
              "version": "9.17.1.13"
            },
            {
              "status": "affected",
              "version": "9.17.1.15"
            },
            {
              "status": "affected",
              "version": "9.17.1.20"
            },
            {
              "status": "affected",
              "version": "9.17.1.30"
            },
            {
              "status": "affected",
              "version": "9.17.1.33"
            },
            {
              "status": "affected",
              "version": "9.18.1"
            },
            {
              "status": "affected",
              "version": "9.18.1.3"
            },
            {
              "status": "affected",
              "version": "9.18.2"
            },
            {
              "status": "affected",
              "version": "9.18.2.5"
            },
            {
              "status": "affected",
              "version": "9.18.2.7"
            },
            {
              "status": "affected",
              "version": "9.18.2.8"
            },
            {
              "status": "affected",
              "version": "9.18.3"
            },
            {
              "status": "affected",
              "version": "9.18.3.39"
            },
            {
              "status": "affected",
              "version": "9.18.3.46"
            },
            {
              "status": "affected",
              "version": "9.18.3.53"
            },
            {
              "status": "affected",
              "version": "9.18.3.55"
            },
            {
              "status": "affected",
              "version": "9.18.3.56"
            },
            {
              "status": "affected",
              "version": "9.18.4"
            },
            {
              "status": "affected",
              "version": "9.18.4.5"
            },
            {
              "status": "affected",
              "version": "9.18.4.8"
            },
            {
              "status": "affected",
              "version": "9.19.1"
            },
            {
              "status": "affected",
              "version": "9.19.1.5"
            },
            {
              "status": "affected",
              "version": "9.19.1.9"
            },
            {
              "status": "affected",
              "version": "9.19.1.12"
            },
            {
              "status": "affected",
              "version": "9.19.1.18"
            },
            {
              "status": "affected",
              "version": "9.19.1.22"
            },
            {
              "status": "affected",
              "version": "9.19.1.24"
            },
            {
              "status": "affected",
              "version": "9.19.1.27"
            },
            {
              "status": "affected",
              "version": "9.20.1"
            },
            {
              "status": "affected",
              "version": "9.20.1.5"
            },
            {
              "status": "affected",
              "version": "9.20.2"
            }
          ]
        },
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "6.2.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.1"
            },
            {
              "status": "affected",
              "version": "6.2.3.2"
            },
            {
              "status": "affected",
              "version": "6.2.3.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.4"
            },
            {
              "status": "affected",
              "version": "6.2.3.5"
            },
            {
              "status": "affected",
              "version": "6.2.3.6"
            },
            {
              "status": "affected",
              "version": "6.2.3.7"
            },
            {
              "status": "affected",
              "version": "6.2.3.8"
            },
            {
              "status": "affected",
              "version": "6.2.3.10"
            },
            {
              "status": "affected",
              "version": "6.2.3.11"
            },
            {
              "status": "affected",
              "version": "6.2.3.9"
            },
            {
              "status": "affected",
              "version": "6.2.3.12"
            },
            {
              "status": "affected",
              "version": "6.2.3.13"
            },
            {
              "status": "affected",
              "version": "6.2.3.14"
            },
            {
              "status": "affected",
              "version": "6.2.3.15"
            },
            {
              "status": "affected",
              "version": "6.2.3.16"
            },
            {
              "status": "affected",
              "version": "6.2.3.17"
            },
            {
              "status": "affected",
              "version": "6.2.3.18"
            },
            {
              "status": "affected",
              "version": "6.6.0"
            },
            {
              "status": "affected",
              "version": "6.6.0.1"
            },
            {
              "status": "affected",
              "version": "6.6.1"
            },
            {
              "status": "affected",
              "version": "6.6.3"
            },
            {
              "status": "affected",
              "version": "6.6.4"
            },
            {
              "status": "affected",
              "version": "6.6.5"
            },
            {
              "status": "affected",
              "version": "6.6.5.1"
            },
            {
              "status": "affected",
              "version": "6.6.5.2"
            },
            {
              "status": "affected",
              "version": "6.6.7"
            },
            {
              "status": "affected",
              "version": "6.6.7.1"
            },
            {
              "status": "affected",
              "version": "6.4.0"
            },
            {
              "status": "affected",
              "version": "6.4.0.1"
            },
            {
              "status": "affected",
              "version": "6.4.0.3"
            },
            {
              "status": "affected",
              "version": "6.4.0.2"
            },
            {
              "status": "affected",
              "version": "6.4.0.4"
            },
            {
              "status": "affected",
              "version": "6.4.0.5"
            },
            {
              "status": "affected",
              "version": "6.4.0.6"
            },
            {
              "status": "affected",
              "version": "6.4.0.7"
            },
            {
              "status": "affected",
              "version": "6.4.0.8"
            },
            {
              "status": "affected",
              "version": "6.4.0.9"
            },
            {
              "status": "affected",
              "version": "6.4.0.10"
            },
            {
              "status": "affected",
              "version": "6.4.0.11"
            },
            {
              "status": "affected",
              "version": "6.4.0.12"
            },
            {
              "status": "affected",
              "version": "6.4.0.13"
            },
            {
              "status": "affected",
              "version": "6.4.0.14"
            },
            {
              "status": "affected",
              "version": "6.4.0.15"
            },
            {
              "status": "affected",
              "version": "6.4.0.16"
            },
            {
              "status": "affected",
              "version": "6.4.0.17"
            },
            {
              "status": "affected",
              "version": "6.7.0"
            },
            {
              "status": "affected",
              "version": "6.7.0.1"
            },
            {
              "status": "affected",
              "version": "6.7.0.2"
            },
            {
              "status": "affected",
              "version": "6.7.0.3"
            },
            {
              "status": "affected",
              "version": "7.0.0"
            },
            {
              "status": "affected",
              "version": "7.0.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1.1"
            },
            {
              "status": "affected",
              "version": "7.0.2"
            },
            {
              "status": "affected",
              "version": "7.0.2.1"
            },
            {
              "status": "affected",
              "version": "7.0.3"
            },
            {
              "status": "affected",
              "version": "7.0.4"
            },
            {
              "status": "affected",
              "version": "7.0.5"
            },
            {
              "status": "affected",
              "version": "7.0.6"
            },
            {
              "status": "affected",
              "version": "7.0.6.1"
            },
            {
              "status": "affected",
              "version": "7.1.0"
            },
            {
              "status": "affected",
              "version": "7.1.0.1"
            },
            {
              "status": "affected",
              "version": "7.1.0.2"
            },
            {
              "status": "affected",
              "version": "7.1.0.3"
            },
            {
              "status": "affected",
              "version": "7.2.0"
            },
            {
              "status": "affected",
              "version": "7.2.0.1"
            },
            {
              "status": "affected",
              "version": "7.2.1"
            },
            {
              "status": "affected",
              "version": "7.2.2"
            },
            {
              "status": "affected",
              "version": "7.2.3"
            },
            {
              "status": "affected",
              "version": "7.2.4"
            },
            {
              "status": "affected",
              "version": "7.2.4.1"
            },
            {
              "status": "affected",
              "version": "7.2.5"
            },
            {
              "status": "affected",
              "version": "7.2.5.1"
            },
            {
              "status": "affected",
              "version": "7.3.0"
            },
            {
              "status": "affected",
              "version": "7.3.1"
            },
            {
              "status": "affected",
              "version": "7.3.1.1"
            },
            {
              "status": "affected",
              "version": "7.4.0"
            },
            {
              "status": "affected",
              "version": "7.4.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in a legacy capability that allowed for the preloading of VPN clients and plug-ins and that has been available in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary code with root-level privileges. Administrator-level privileges are required to exploit this vulnerability.\r\n\r This vulnerability is due to improper validation of a file when it is read from system flash memory. An attacker could exploit this vulnerability by copying a crafted file to the disk0: file system of an affected device. A successful exploit could allow the attacker to execute arbitrary code on the affected device after the next reload of the device, which could alter system behavior. Because the injected code could persist across device reboots, Cisco has raised the Security Impact Rating (SIR) of this advisory from Medium to High."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Cisco has confirmed that this vulnerability has been exploited. Cisco strongly recommends that customers upgrade to fixed software to resolve this vulnerability. Customers are also strongly encouraged to monitor system logs for indicators of undocumented configuration changes, unscheduled reboots, and any anomalous credential activity."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-94",
              "description": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-04-24T18:16:49.769Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-asaftd-persist-rce-FLsNXF4h",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-persist-rce-FLsNXF4h"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asaftd-persist-rce-FLsNXF4h",
        "defects": [
          "CSCwi98284"
        ],
        "discovery": "EXTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2024-20359",
    "datePublished": "2024-04-24T18:16:49.769Z",
    "dateReserved": "2023-11-08T15:08:07.650Z",
    "dateUpdated": "2025-07-30T01:37:04.169Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-20363 (GCVE-0-2024-20363)

Vulnerability from cvelistv5

Published

2024-05-22 16:52

Modified

2024-08-01 21:59

Severity ?

5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

CWE

CWE-290 - Authentication Bypass by Spoofing

Summary

Multiple Cisco products are affected by a vulnerability in the Snort Intrusion Prevention System (IPS) rule engine that could allow an unauthenticated, remote attacker to bypass the configured rules on an affected system. This vulnerability is due to incorrect HTTP packet handling. An attacker could exploit this vulnerability by sending crafted HTTP packets through an affected device. A successful exploit could allow the attacker to bypass configured IPS rules and allow uninspected traffic onto the network.

References

▼	URL	Tags
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort3-ips-bypass-uE69KBMd

Impacted products

Vendor

Product

Version

▼

Cisco

Cisco Firepower Threat Defense Software

Version: 7.4.0

Cisco

Cisco UTD SNORT IPS Engine Software

Version: 17.6.4
Version: 17.6.5
Version: 17.12.1a
Version: 17.12.2

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:cisco:firepower_threat_defense:7.4.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "firepower_threat_defense",
            "vendor": "cisco",
            "versions": [
              {
                "status": "affected",
                "version": "7.4.0"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:snort_intrusion_prevention_system:17.6.4:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "affected",
            "product": "snort_intrusion_prevention_system",
            "vendor": "cisco",
            "versions": [
              {
                "status": "affected",
                "version": "17.6.4"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:snort_intrusion_prevention_system:17.6.5:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "affected",
            "product": "snort_intrusion_prevention_system",
            "vendor": "cisco",
            "versions": [
              {
                "status": "affected",
                "version": "17.6.5"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:snort_intrusion_prevention_system:17.12.1a:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "affected",
            "product": "snort_intrusion_prevention_system",
            "vendor": "cisco",
            "versions": [
              {
                "status": "affected",
                "version": "17.12.1a"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:snort_intrusion_prevention_system:17.12.2:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "affected",
            "product": "snort_intrusion_prevention_system",
            "vendor": "cisco",
            "versions": [
              {
                "status": "affected",
                "version": "17.12.2"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-20363",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-22T17:52:45.758246Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-290",
                "description": "CWE-290 Authentication Bypass by Spoofing",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:40:03.436Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T21:59:42.321Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "cisco-sa-snort3-ips-bypass-uE69KBMd",
            "tags": [
              "x_transferred"
            ],
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort3-ips-bypass-uE69KBMd"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "7.4.0"
            }
          ]
        },
        {
          "product": "Cisco UTD SNORT IPS Engine Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "17.6.4"
            },
            {
              "status": "affected",
              "version": "17.6.5"
            },
            {
              "status": "affected",
              "version": "17.12.1a"
            },
            {
              "status": "affected",
              "version": "17.12.2"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple Cisco products are affected by a vulnerability in the Snort Intrusion Prevention System (IPS) rule engine that could allow an unauthenticated, remote attacker to bypass the configured rules on an affected system. This vulnerability is due to incorrect HTTP packet handling. An attacker could exploit this vulnerability by sending crafted HTTP packets through an affected device. A successful exploit could allow the attacker to bypass configured IPS rules and allow uninspected traffic onto the network."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-290",
              "description": "Authentication Bypass by Spoofing",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-05-22T16:52:53.274Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-snort3-ips-bypass-uE69KBMd",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort3-ips-bypass-uE69KBMd"
        }
      ],
      "source": {
        "advisory": "cisco-sa-snort3-ips-bypass-uE69KBMd",
        "defects": [
          "CSCwh22565",
          "CSCwh73244"
        ],
        "discovery": "INTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2024-20363",
    "datePublished": "2024-05-22T16:52:53.274Z",
    "dateReserved": "2023-11-08T15:08:07.651Z",
    "dateUpdated": "2024-08-01T21:59:42.321Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-3458 (GCVE-0-2020-3458)

Vulnerability from cvelistv5

Published

2020-10-21 18:36

Modified

2024-11-13 17:49

Severity ?

6.7 (Medium) - CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-693

Summary

Multiple vulnerabilities in the secure boot process of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software for the Firepower 1000 Series and Firepower 2100 Series Appliances could allow an authenticated, local attacker to bypass the secure boot mechanism. The vulnerabilities are due to insufficient protections of the secure boot process. An attacker could exploit these vulnerabilities by injecting code into specific files that are then referenced during the device boot process. A successful exploit could allow the attacker to break the chain of trust and inject code into the boot process of the device, which would be executed at each boot and maintain persistence across reboots.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-sbbyp-KqP6NgrE	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Adaptive Security Appliance (ASA) Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T07:37:54.379Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software for Firepower 1000/2100 Series Appliances Secure Boot Bypass Vulnerabilities",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-sbbyp-KqP6NgrE"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-3458",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-13T17:17:23.563766Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-13T17:49:16.063Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2020-10-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple vulnerabilities in the secure boot process of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software for the Firepower 1000 Series and Firepower 2100 Series Appliances could allow an authenticated, local attacker to bypass the secure boot mechanism. The vulnerabilities are due to insufficient protections of the secure boot process. An attacker could exploit these vulnerabilities by injecting code into specific files that are then referenced during the device boot process. A successful exploit could allow the attacker to break the chain of trust and inject code into the boot process of the device, which would be executed at each boot and maintain persistence across reboots."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-693",
              "description": "CWE-693",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-21T18:36:05",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software for Firepower 1000/2100 Series Appliances Secure Boot Bypass Vulnerabilities",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-sbbyp-KqP6NgrE"
        }
      ],
      "source": {
        "advisory": "cisco-sa-fxos-sbbyp-KqP6NgrE",
        "defect": [
          [
            "CSCvt31177",
            "CSCvt31178"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software for Firepower 1000/2100 Series Appliances Secure Boot Bypass Vulnerabilities",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2020-10-21T16:00:00",
          "ID": "CVE-2020-3458",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software for Firepower 1000/2100 Series Appliances Secure Boot Bypass Vulnerabilities"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple vulnerabilities in the secure boot process of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software for the Firepower 1000 Series and Firepower 2100 Series Appliances could allow an authenticated, local attacker to bypass the secure boot mechanism. The vulnerabilities are due to insufficient protections of the secure boot process. An attacker could exploit these vulnerabilities by injecting code into specific files that are then referenced during the device boot process. A successful exploit could allow the attacker to break the chain of trust and inject code into the boot process of the device, which would be executed at each boot and maintain persistence across reboots."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "6.7",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-693"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software for Firepower 1000/2100 Series Appliances Secure Boot Bypass Vulnerabilities",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-sbbyp-KqP6NgrE"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-fxos-sbbyp-KqP6NgrE",
          "defect": [
            [
              "CSCvt31177",
              "CSCvt31178"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2020-3458",
    "datePublished": "2020-10-21T18:36:05.376490Z",
    "dateReserved": "2019-12-12T00:00:00",
    "dateUpdated": "2024-11-13T17:49:16.063Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-15256 (GCVE-0-2019-15256)

Vulnerability from cvelistv5

Published

2019-10-02 19:06

Modified

2024-11-19 18:53

Severity ?

8.6 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-399

Summary

A vulnerability in the Internet Key Exchange version 1 (IKEv1) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper management of system memory. An attacker could exploit this vulnerability by sending malicious IKEv1 traffic to an affected device. The attacker does not need valid credentials to authenticate the VPN session, nor does the attacker's source address need to match a peer statement in the crypto map applied to the ingress interface of the affected device. An exploit could allow the attacker to exhaust system memory resources, leading to a reload of an affected device.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-ftd-ikev1-dos	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Adaptive Security Appliance (ASA) Software	Version: unspecified < n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T00:42:03.653Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20191002 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IKEv1 Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-ftd-ikev1-dos"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2019-15256",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-19T17:22:38.622665Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-19T18:53:23.477Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "n/a",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2019-10-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Internet Key Exchange version 1 (IKEv1) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper management of system memory. An attacker could exploit this vulnerability by sending malicious IKEv1 traffic to an affected device. The attacker does not need valid credentials to authenticate the VPN session, nor does the attacker\u0027s source address need to match a peer statement in the crypto map applied to the ingress interface of the affected device. An exploit could allow the attacker to exhaust system memory resources, leading to a reload of an affected device."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-399",
              "description": "CWE-399",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-10-02T19:06:54",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20191002 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IKEv1 Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-ftd-ikev1-dos"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20191002-asa-ftd-ikev1-dos",
        "defect": [
          [
            "CSCvo11077"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IKEv1 Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2019-10-02T16:00:00-0700",
          "ID": "CVE-2019-15256",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IKEv1 Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the Internet Key Exchange version 1 (IKEv1) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper management of system memory. An attacker could exploit this vulnerability by sending malicious IKEv1 traffic to an affected device. The attacker does not need valid credentials to authenticate the VPN session, nor does the attacker\u0027s source address need to match a peer statement in the crypto map applied to the ingress interface of the affected device. An exploit could allow the attacker to exhaust system memory resources, leading to a reload of an affected device."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.6",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-399"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20191002 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IKEv1 Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-ftd-ikev1-dos"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20191002-asa-ftd-ikev1-dos",
          "defect": [
            [
              "CSCvo11077"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2019-15256",
    "datePublished": "2019-10-02T19:06:54.797081Z",
    "dateReserved": "2019-08-20T00:00:00",
    "dateUpdated": "2024-11-19T18:53:23.477Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-20431 (GCVE-0-2024-20431)

Vulnerability from cvelistv5

Published

2024-10-23 17:46

Modified

2024-10-24 14:30

Severity ?

5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

CWE

CWE-229 - Improper Handling of Values

Summary

A vulnerability in the geolocation access control feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass an access control policy. This vulnerability is due to improper assignment of geolocation data. An attacker could exploit this vulnerability by sending traffic through an affected device. A successful exploit could allow the attacker to bypass a geolocation-based access control policy and successfully send traffic to a protected device.

References

▼	URL	Tags
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-geoip-bypass-MB4zRDu

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Threat Defense Software	Version: 7.0.0 Version: 7.0.0.1 Version: 7.0.1 Version: 7.0.1.1 Version: 7.0.2 Version: 7.0.2.1 Version: 7.0.3 Version: 7.0.4 Version: 7.0.5 Version: 7.0.6 Version: 7.0.6.1 Version: 7.1.0 Version: 7.1.0.1 Version: 7.1.0.2 Version: 7.1.0.3 Version: 7.2.0 Version: 7.2.0.1 Version: 7.2.1 Version: 7.2.2 Version: 7.2.3 Version: 7.2.4 Version: 7.2.4.1 Version: 7.2.5 Version: 7.2.5.1 Version: 7.2.5.2 Version: 7.3.0 Version: 7.3.1 Version: 7.3.1.1 Version: 7.3.1.2 Version: 7.4.0 Version: 7.4.1 Version: 7.4.1.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:cisco:firepower_threat_defense_software:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "firepower_threat_defense_software",
            "vendor": "cisco",
            "versions": [
              {
                "status": "affected",
                "version": "7.0.0"
              },
              {
                "status": "affected",
                "version": "7.0.0.1"
              },
              {
                "status": "affected",
                "version": "7.0.1"
              },
              {
                "status": "affected",
                "version": "7.0.1.1"
              },
              {
                "status": "affected",
                "version": "7.0.2"
              },
              {
                "status": "affected",
                "version": "7.0.2.1"
              },
              {
                "status": "affected",
                "version": "7.0.3"
              },
              {
                "status": "affected",
                "version": "7.0.4"
              },
              {
                "status": "affected",
                "version": "7.0.5"
              },
              {
                "status": "affected",
                "version": "7.0.6"
              },
              {
                "status": "affected",
                "version": "7.0.6.1"
              },
              {
                "status": "affected",
                "version": "7.1.0"
              },
              {
                "status": "affected",
                "version": "7.1.0.1"
              },
              {
                "status": "affected",
                "version": "7.1.0.2"
              },
              {
                "status": "affected",
                "version": "7.1.0.3"
              },
              {
                "status": "affected",
                "version": "7.2.0"
              },
              {
                "status": "affected",
                "version": "7.2.0.1"
              },
              {
                "status": "affected",
                "version": "7.2.1"
              },
              {
                "status": "affected",
                "version": "7.2.2"
              },
              {
                "status": "affected",
                "version": "7.2.3"
              },
              {
                "status": "affected",
                "version": "7.2.4"
              },
              {
                "status": "affected",
                "version": "7.2.4.1"
              },
              {
                "status": "affected",
                "version": "7.2.5"
              },
              {
                "status": "affected",
                "version": "7.2.5.1"
              },
              {
                "status": "affected",
                "version": "7.2.5.2"
              },
              {
                "status": "affected",
                "version": "7.3.0"
              },
              {
                "status": "affected",
                "version": "7.3.1"
              },
              {
                "status": "affected",
                "version": "7.3.1.1"
              },
              {
                "status": "affected",
                "version": "7.3.1.2"
              },
              {
                "status": "affected",
                "version": "7.4.0"
              },
              {
                "status": "affected",
                "version": "7.4.1"
              },
              {
                "status": "affected",
                "version": "7.4.1.1"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-20431",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-24T14:27:04.164014Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-24T14:30:20.299Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "7.0.0"
            },
            {
              "status": "affected",
              "version": "7.0.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1.1"
            },
            {
              "status": "affected",
              "version": "7.0.2"
            },
            {
              "status": "affected",
              "version": "7.0.2.1"
            },
            {
              "status": "affected",
              "version": "7.0.3"
            },
            {
              "status": "affected",
              "version": "7.0.4"
            },
            {
              "status": "affected",
              "version": "7.0.5"
            },
            {
              "status": "affected",
              "version": "7.0.6"
            },
            {
              "status": "affected",
              "version": "7.0.6.1"
            },
            {
              "status": "affected",
              "version": "7.1.0"
            },
            {
              "status": "affected",
              "version": "7.1.0.1"
            },
            {
              "status": "affected",
              "version": "7.1.0.2"
            },
            {
              "status": "affected",
              "version": "7.1.0.3"
            },
            {
              "status": "affected",
              "version": "7.2.0"
            },
            {
              "status": "affected",
              "version": "7.2.0.1"
            },
            {
              "status": "affected",
              "version": "7.2.1"
            },
            {
              "status": "affected",
              "version": "7.2.2"
            },
            {
              "status": "affected",
              "version": "7.2.3"
            },
            {
              "status": "affected",
              "version": "7.2.4"
            },
            {
              "status": "affected",
              "version": "7.2.4.1"
            },
            {
              "status": "affected",
              "version": "7.2.5"
            },
            {
              "status": "affected",
              "version": "7.2.5.1"
            },
            {
              "status": "affected",
              "version": "7.2.5.2"
            },
            {
              "status": "affected",
              "version": "7.3.0"
            },
            {
              "status": "affected",
              "version": "7.3.1"
            },
            {
              "status": "affected",
              "version": "7.3.1.1"
            },
            {
              "status": "affected",
              "version": "7.3.1.2"
            },
            {
              "status": "affected",
              "version": "7.4.0"
            },
            {
              "status": "affected",
              "version": "7.4.1"
            },
            {
              "status": "affected",
              "version": "7.4.1.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the geolocation access control feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass an access control policy.\r\n\r This vulnerability is due to improper assignment of geolocation data. An attacker could exploit this vulnerability by sending traffic through an affected device. A successful exploit could allow the attacker to bypass a geolocation-based access control policy and successfully send traffic to a protected device."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-229",
              "description": "Improper Handling of Values",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-23T17:46:57.243Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-ftd-geoip-bypass-MB4zRDu",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-geoip-bypass-MB4zRDu"
        }
      ],
      "source": {
        "advisory": "cisco-sa-ftd-geoip-bypass-MB4zRDu",
        "defects": [
          "CSCwi38962"
        ],
        "discovery": "EXTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2024-20431",
    "datePublished": "2024-10-23T17:46:57.243Z",
    "dateReserved": "2023-11-08T15:08:07.666Z",
    "dateUpdated": "2024-10-24T14:30:20.299Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-3549 (GCVE-0-2020-3549)

Vulnerability from cvelistv5

Published

2020-10-21 18:35

Modified

2024-11-13 17:50

Severity ?

8.1 (High) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-326

Summary

A vulnerability in the sftunnel functionality of Cisco Firepower Management Center (FMC) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to obtain the device registration hash. The vulnerability is due to insufficient sftunnel negotiation protection during initial device registration. An attacker in a man-in-the-middle position could exploit this vulnerability by intercepting a specific flow of the sftunnel communication between an FMC device and an FTD device. A successful exploit could allow the attacker to decrypt and modify the sftunnel communication between FMC and FTD devices, allowing the attacker to modify configuration data sent from an FMC device to an FTD device or alert data sent from an FTD device to an FMC device.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftdfmc-sft-mitm-tc8AzFs2	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Management Center	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T07:37:54.873Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20201021 Cisco Firepower Management Center Software and Firepower Threat Defense Software sftunnel Pass the Hash Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftdfmc-sft-mitm-tc8AzFs2"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-3549",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-13T17:17:28.775527Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-13T17:50:32.254Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Management Center",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2020-10-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the sftunnel functionality of Cisco Firepower Management Center (FMC) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to obtain the device registration hash. The vulnerability is due to insufficient sftunnel negotiation protection during initial device registration. An attacker in a man-in-the-middle position could exploit this vulnerability by intercepting a specific flow of the sftunnel communication between an FMC device and an FTD device. A successful exploit could allow the attacker to decrypt and modify the sftunnel communication between FMC and FTD devices, allowing the attacker to modify configuration data sent from an FMC device to an FTD device or alert data sent from an FTD device to an FMC device."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-326",
              "description": "CWE-326",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-21T18:35:24",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20201021 Cisco Firepower Management Center Software and Firepower Threat Defense Software sftunnel Pass the Hash Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftdfmc-sft-mitm-tc8AzFs2"
        }
      ],
      "source": {
        "advisory": "cisco-sa-ftdfmc-sft-mitm-tc8AzFs2",
        "defect": [
          [
            "CSCvp56719"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Firepower Management Center Software and Firepower Threat Defense Software sftunnel Pass the Hash Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2020-10-21T16:00:00",
          "ID": "CVE-2020-3549",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Firepower Management Center Software and Firepower Threat Defense Software sftunnel Pass the Hash Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Firepower Management Center",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the sftunnel functionality of Cisco Firepower Management Center (FMC) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to obtain the device registration hash. The vulnerability is due to insufficient sftunnel negotiation protection during initial device registration. An attacker in a man-in-the-middle position could exploit this vulnerability by intercepting a specific flow of the sftunnel communication between an FMC device and an FTD device. A successful exploit could allow the attacker to decrypt and modify the sftunnel communication between FMC and FTD devices, allowing the attacker to modify configuration data sent from an FMC device to an FTD device or alert data sent from an FTD device to an FMC device."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.1",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-326"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20201021 Cisco Firepower Management Center Software and Firepower Threat Defense Software sftunnel Pass the Hash Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftdfmc-sft-mitm-tc8AzFs2"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-ftdfmc-sft-mitm-tc8AzFs2",
          "defect": [
            [
              "CSCvp56719"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2020-3549",
    "datePublished": "2020-10-21T18:35:24.890607Z",
    "dateReserved": "2019-12-12T00:00:00",
    "dateUpdated": "2024-11-13T17:50:32.254Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-20927 (GCVE-0-2022-20927)

Vulnerability from cvelistv5

Published

2022-11-10 17:30

Modified

2024-08-03 02:31

Severity ?

7.7 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Summary

A vulnerability in the SSL/TLS client of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper memory management when a device initiates SSL/TLS connections. An attacker could exploit this vulnerability by ensuring that the device will connect to an SSL/TLS server that is using specific encryption parameters. A successful exploit could allow the attacker to cause the affected device to unexpectedly reload, resulting in a DoS condition.

References

▼	URL	Tags
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ssl-client-dos-cCrQPkA

Impacted products

Vendor

Product

Version

▼

Cisco

Cisco Adaptive Security Appliance (ASA) Software

Version: 9.14.1
Version: 9.14.1.10
Version: 9.14.1.15
Version: 9.14.1.19
Version: 9.14.1.30
Version: 9.14.2
Version: 9.14.2.4
Version: 9.14.2.8
Version: 9.14.2.13
Version: 9.14.2.15
Version: 9.14.3
Version: 9.14.3.1
Version: 9.14.3.9
Version: 9.14.3.11
Version: 9.14.3.13
Version: 9.14.3.18
Version: 9.14.3.15
Version: 9.15.1
Version: 9.15.1.7
Version: 9.15.1.10
Version: 9.15.1.15
Version: 9.15.1.16
Version: 9.15.1.17
Version: 9.15.1.1
Version: 9.15.1.21

	Cisco	Cisco Firepower Threat Defense Software	Version: 6.6.0 Version: 6.6.0.1 Version: 6.6.1 Version: 6.6.3 Version: 6.6.4 Version: 6.6.5 Version: 6.6.5.1 Version: 6.6.5.2 Version: 6.7.0 Version: 6.7.0.1 Version: 6.7.0.2 Version: 6.7.0.3
	Cisco	Cisco FirePOWER Services Software for ASA	Version: N/A

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T02:31:59.588Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "cisco-sa-ssl-client-dos-cCrQPkA",
            "tags": [
              "x_transferred"
            ],
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ssl-client-dos-cCrQPkA"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "9.14.1"
            },
            {
              "status": "affected",
              "version": "9.14.1.10"
            },
            {
              "status": "affected",
              "version": "9.14.1.15"
            },
            {
              "status": "affected",
              "version": "9.14.1.19"
            },
            {
              "status": "affected",
              "version": "9.14.1.30"
            },
            {
              "status": "affected",
              "version": "9.14.2"
            },
            {
              "status": "affected",
              "version": "9.14.2.4"
            },
            {
              "status": "affected",
              "version": "9.14.2.8"
            },
            {
              "status": "affected",
              "version": "9.14.2.13"
            },
            {
              "status": "affected",
              "version": "9.14.2.15"
            },
            {
              "status": "affected",
              "version": "9.14.3"
            },
            {
              "status": "affected",
              "version": "9.14.3.1"
            },
            {
              "status": "affected",
              "version": "9.14.3.9"
            },
            {
              "status": "affected",
              "version": "9.14.3.11"
            },
            {
              "status": "affected",
              "version": "9.14.3.13"
            },
            {
              "status": "affected",
              "version": "9.14.3.18"
            },
            {
              "status": "affected",
              "version": "9.14.3.15"
            },
            {
              "status": "affected",
              "version": "9.15.1"
            },
            {
              "status": "affected",
              "version": "9.15.1.7"
            },
            {
              "status": "affected",
              "version": "9.15.1.10"
            },
            {
              "status": "affected",
              "version": "9.15.1.15"
            },
            {
              "status": "affected",
              "version": "9.15.1.16"
            },
            {
              "status": "affected",
              "version": "9.15.1.17"
            },
            {
              "status": "affected",
              "version": "9.15.1.1"
            },
            {
              "status": "affected",
              "version": "9.15.1.21"
            }
          ]
        },
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "6.6.0"
            },
            {
              "status": "affected",
              "version": "6.6.0.1"
            },
            {
              "status": "affected",
              "version": "6.6.1"
            },
            {
              "status": "affected",
              "version": "6.6.3"
            },
            {
              "status": "affected",
              "version": "6.6.4"
            },
            {
              "status": "affected",
              "version": "6.6.5"
            },
            {
              "status": "affected",
              "version": "6.6.5.1"
            },
            {
              "status": "affected",
              "version": "6.6.5.2"
            },
            {
              "status": "affected",
              "version": "6.7.0"
            },
            {
              "status": "affected",
              "version": "6.7.0.1"
            },
            {
              "status": "affected",
              "version": "6.7.0.2"
            },
            {
              "status": "affected",
              "version": "6.7.0.3"
            }
          ]
        },
        {
          "product": "Cisco FirePOWER Services Software for ASA",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "N/A"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the SSL/TLS client of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\r\n\r This vulnerability is due to improper memory management when a device initiates SSL/TLS connections. An attacker could exploit this vulnerability by ensuring that the device will connect to an SSL/TLS server that is using specific encryption parameters. A successful exploit could allow the attacker to cause the affected device to unexpectedly reload, resulting in a DoS condition."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-120",
              "description": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-25T16:57:14.790Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-ssl-client-dos-cCrQPkA",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ssl-client-dos-cCrQPkA"
        }
      ],
      "source": {
        "advisory": "cisco-sa-ssl-client-dos-cCrQPkA",
        "defects": [
          "CSCvz98540"
        ],
        "discovery": "INTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2022-20927",
    "datePublished": "2022-11-10T17:30:39.182Z",
    "dateReserved": "2021-11-02T13:28:29.191Z",
    "dateUpdated": "2024-08-03T02:31:59.588Z",
    "requesterUserId": "4087f8c1-b21c-479b-99df-de23cb76b743",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-1697 (GCVE-0-2019-1697)

Vulnerability from cvelistv5

Published

2019-05-03 15:15

Modified

2024-11-21 19:35

Severity ?

6.8 (Medium) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-20

Summary

A vulnerability in the implementation of the Lightweight Directory Access Protocol (LDAP) feature in Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerabilities are due to the improper parsing of LDAP packets sent to an affected device. An attacker could exploit these vulnerabilities by sending a crafted LDAP packet, using Basic Encoding Rules (BER), to be processed by an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftds-ldapdos	vendor-advisory, x_refsource_CISCO
	http://www.securityfocus.com/bid/108182	vdb-entry, x_refsource_BID

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Adaptive Security Appliance (ASA) Software	Version: unspecified < 9.6(4.21)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T18:28:41.125Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20190501 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Lightweight Directory Access Protocol Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftds-ldapdos"
          },
          {
            "name": "108182",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/108182"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2019-1697",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-21T18:58:59.257897Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-21T19:35:18.270Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "9.6(4.21)",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2019-05-01T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the implementation of the Lightweight Directory Access Protocol (LDAP) feature in Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerabilities are due to the improper parsing of LDAP packets sent to an affected device. An attacker could exploit these vulnerabilities by sending a crafted LDAP packet, using Basic Encoding Rules (BER), to be processed by an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-05-07T17:06:07",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20190501 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Lightweight Directory Access Protocol Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftds-ldapdos"
        },
        {
          "name": "108182",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/108182"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20190501-asa-ftds-ldapdos",
        "defect": [
          [
            "CSCvn20985"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Lightweight Directory Access Protocol Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2019-05-01T16:00:00-0700",
          "ID": "CVE-2019-1697",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Lightweight Directory Access Protocol Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "9.6(4.21)"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the implementation of the Lightweight Directory Access Protocol (LDAP) feature in Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerabilities are due to the improper parsing of LDAP packets sent to an affected device. An attacker could exploit these vulnerabilities by sending a crafted LDAP packet, using Basic Encoding Rules (BER), to be processed by an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "6.8",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20190501 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Lightweight Directory Access Protocol Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftds-ldapdos"
            },
            {
              "name": "108182",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/108182"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20190501-asa-ftds-ldapdos",
          "defect": [
            [
              "CSCvn20985"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2019-1697",
    "datePublished": "2019-05-03T15:15:22.136902Z",
    "dateReserved": "2018-12-06T00:00:00",
    "dateUpdated": "2024-11-21T19:35:18.270Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-1714 (GCVE-0-2019-1714)

Vulnerability from cvelistv5

Published

2019-05-03 16:15

Modified

2024-11-19 19:08

Severity ?

5.8 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

CWE

CWE-255

Summary

A vulnerability in the implementation of Security Assertion Markup Language (SAML) 2.0 Single Sign-On (SSO) for Clientless SSL VPN (WebVPN) and AnyConnect Remote Access VPN in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to successfully establish a VPN session to an affected device. The vulnerability is due to improper credential management when using NT LAN Manager (NTLM) or basic authentication. An attacker could exploit this vulnerability by opening a VPN session to an affected device after another VPN user has successfully authenticated to the affected device via SAML SSO. A successful exploit could allow the attacker to connect to secured networks behind the affected device.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asaftd-saml-vpn	vendor-advisory, x_refsource_CISCO
	http://www.securityfocus.com/bid/108185	vdb-entry, x_refsource_BID

Impacted products

Vendor

Product

Version

▼

Cisco

Cisco Adaptive Security Appliance (ASA) Software

Version: unspecified   < 9.8.4
Version: unspecified   < 9.9.2.50
Version: unspecified   < 9.10.1.17

Cisco

Cisco Firepower Threat Defense (FTD) Software

Version: unspecified < 6.2.3.12
Version: unspecified < 6.3.0.3

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T18:28:42.818Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20190501 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software VPN SAML Authentication Bypass Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asaftd-saml-vpn"
          },
          {
            "name": "108185",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/108185"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2019-1714",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-19T17:24:19.883643Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-19T19:08:27.857Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "9.8.4",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "9.9.2.50",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "9.10.1.17",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Cisco Firepower Threat Defense (FTD) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "6.2.3.12",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "6.3.0.3",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2019-05-01T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the implementation of Security Assertion Markup Language (SAML) 2.0 Single Sign-On (SSO) for Clientless SSL VPN (WebVPN) and AnyConnect Remote Access VPN in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to successfully establish a VPN session to an affected device. The vulnerability is due to improper credential management when using NT LAN Manager (NTLM) or basic authentication. An attacker could exploit this vulnerability by opening a VPN session to an affected device after another VPN user has successfully authenticated to the affected device via SAML SSO. A successful exploit could allow the attacker to connect to secured networks behind the affected device."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-255",
              "description": "CWE-255",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-05-08T08:05:59",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20190501 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software VPN SAML Authentication Bypass Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asaftd-saml-vpn"
        },
        {
          "name": "108185",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/108185"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20190501-asaftd-saml-vpn",
        "defect": [
          [
            "CSCvn72570"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software VPN SAML Authentication Bypass Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2019-05-01T16:00:00-0700",
          "ID": "CVE-2019-1714",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software VPN SAML Authentication Bypass Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "9.8.4"
                          },
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "9.9.2.50"
                          },
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "9.10.1.17"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Cisco Firepower Threat Defense (FTD) Software",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "6.2.3.12"
                          },
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "6.3.0.3"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the implementation of Security Assertion Markup Language (SAML) 2.0 Single Sign-On (SSO) for Clientless SSL VPN (WebVPN) and AnyConnect Remote Access VPN in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to successfully establish a VPN session to an affected device. The vulnerability is due to improper credential management when using NT LAN Manager (NTLM) or basic authentication. An attacker could exploit this vulnerability by opening a VPN session to an affected device after another VPN user has successfully authenticated to the affected device via SAML SSO. A successful exploit could allow the attacker to connect to secured networks behind the affected device."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "5.8",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-255"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20190501 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software VPN SAML Authentication Bypass Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asaftd-saml-vpn"
            },
            {
              "name": "108185",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/108185"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20190501-asaftd-saml-vpn",
          "defect": [
            [
              "CSCvn72570"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2019-1714",
    "datePublished": "2019-05-03T16:15:18.833510Z",
    "dateReserved": "2018-12-06T00:00:00",
    "dateUpdated": "2024-11-19T19:08:27.857Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-44487 (GCVE-0-2023-44487)

Vulnerability from cvelistv5

Published

2023-10-10 00:00

Modified

2025-07-30 01:37

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

n/a

Summary

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

References

▼	URL	Tags
	https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73
	https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/
	https://aws.amazon.com/security/security-bulletins/AWS-2023-011/
	https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack
	https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/
	https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/
	https://news.ycombinator.com/item?id=37831062
	https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/
	https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack
	https://github.com/envoyproxy/envoy/pull/30055
	https://github.com/haproxy/haproxy/issues/2312
	https://github.com/eclipse/jetty.project/issues/10679
	https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764
	https://github.com/nghttp2/nghttp2/pull/1961
	https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61
	https://github.com/alibaba/tengine/issues/1872
	https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2
	https://news.ycombinator.com/item?id=37830987
	https://news.ycombinator.com/item?id=37830998
	https://github.com/caddyserver/caddy/issues/5877
	https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/
	https://github.com/bcdannyboy/CVE-2023-44487
	https://github.com/grpc/grpc-go/pull/6703
	https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244
	https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0
	https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html
	https://my.f5.com/manage/s/article/K000137106
	https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/
	https://bugzilla.proxmox.com/show_bug.cgi?id=4988
	https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9
	http://www.openwall.com/lists/oss-security/2023/10/10/7	mailing-list
	http://www.openwall.com/lists/oss-security/2023/10/10/6	mailing-list
	https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected
	https://github.com/microsoft/CBL-Mariner/pull/6381
	https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo
	https://github.com/facebook/proxygen/pull/466
	https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088
	https://github.com/micrictor/http2-rst-stream
	https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve
	https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/
	https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf
	https://github.com/h2o/h2o/pull/3291
	https://github.com/nodejs/node/pull/50121
	https://github.com/dotnet/announcements/issues/277
	https://github.com/golang/go/issues/63417
	https://github.com/advisories/GHSA-vx74-f528-fxqg
	https://github.com/apache/trafficserver/pull/10564
	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487
	https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14
	https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q
	https://www.openwall.com/lists/oss-security/2023/10/10/6
	https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487
	https://github.com/opensearch-project/data-prepper/issues/3474
	https://github.com/kubernetes/kubernetes/pull/121120
	https://github.com/oqtane/oqtane.framework/discussions/3367
	https://github.com/advisories/GHSA-xpw8-rcwv-8f8p
	https://netty.io/news/2023/10/10/4-1-100-Final.html
	https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487
	https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
	https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack
	https://news.ycombinator.com/item?id=37837043
	https://github.com/kazu-yamamoto/http2/issues/93
	https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html
	https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1
	https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113
	https://www.debian.org/security/2023/dsa-5522	vendor-advisory
	https://www.debian.org/security/2023/dsa-5521	vendor-advisory
	https://access.redhat.com/security/cve/cve-2023-44487
	https://github.com/ninenines/cowboy/issues/1615
	https://github.com/varnishcache/varnish-cache/issues/3996
	https://github.com/tempesta-tech/tempesta/issues/1986
	https://blog.vespa.ai/cve-2023-44487/
	https://github.com/etcd-io/etcd/issues/16740
	https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event
	https://istio.io/latest/news/security/istio-security-2023-004/
	https://github.com/junkurihara/rust-rpxy/issues/97
	https://bugzilla.suse.com/show_bug.cgi?id=1216123
	https://bugzilla.redhat.com/show_bug.cgi?id=2242803
	https://ubuntu.com/security/CVE-2023-44487
	https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125
	https://github.com/advisories/GHSA-qppj-fm5r-hxr3
	https://github.com/apache/httpd-site/pull/10
	https://github.com/projectcontour/contour/pull/5826
	https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632
	https://github.com/line/armeria/pull/5232
	https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/
	https://security.paloaltonetworks.com/CVE-2023-44487
	https://github.com/akka/akka-http/issues/4323
	https://github.com/openresty/openresty/issues/930
	https://github.com/apache/apisix/issues/10320
	https://github.com/Azure/AKS/issues/3947
	https://github.com/Kong/kong/discussions/11741
	https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487
	https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/
	https://github.com/caddyserver/caddy/releases/tag/v2.7.5
	https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html	mailing-list
	http://www.openwall.com/lists/oss-security/2023/10/13/4	mailing-list
	http://www.openwall.com/lists/oss-security/2023/10/13/9	mailing-list
	https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/
	https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html
	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/	vendor-advisory
	https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/
	https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html	mailing-list
	https://security.netapp.com/advisory/ntap-20231016-0001/
	https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html	mailing-list
	http://www.openwall.com/lists/oss-security/2023/10/18/4	mailing-list
	http://www.openwall.com/lists/oss-security/2023/10/18/8	mailing-list
	http://www.openwall.com/lists/oss-security/2023/10/19/6	mailing-list
	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/	vendor-advisory
	http://www.openwall.com/lists/oss-security/2023/10/20/8	mailing-list
	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/	vendor-advisory
	https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html	mailing-list
	https://www.debian.org/security/2023/dsa-5540	vendor-advisory
	https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html	mailing-list
	https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715
	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/	vendor-advisory
	https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html	mailing-list
	https://www.debian.org/security/2023/dsa-5549	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/	vendor-advisory
	https://www.debian.org/security/2023/dsa-5558	vendor-advisory
	https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html	mailing-list
	https://security.gentoo.org/glsa/202311-09	vendor-advisory
	https://www.debian.org/security/2023/dsa-5570	vendor-advisory
	https://security.netapp.com/advisory/ntap-20240426-0007/
	https://security.netapp.com/advisory/ntap-20240621-0006/
	https://security.netapp.com/advisory/ntap-20240621-0007/
	https://github.com/grpc/grpc/releases/tag/v1.59.2
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http2-reset-d8Kf32vZ

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:ietf:http:2.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "http",
            "vendor": "ietf",
            "versions": [
              {
                "status": "affected",
                "version": "2.0"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 7.5,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-44487",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-23T20:34:21.334116Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2023-10-10",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-44487"
              },
              "type": "kev"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-400",
                "description": "CWE-400 Uncontrolled Resource Consumption",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-30T01:37:14.917Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2023-10-10T00:00:00+00:00",
            "value": "CVE-2023-44487 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-19T07:48:04.546Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://aws.amazon.com/security/security-bulletins/AWS-2023-011/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://news.ycombinator.com/item?id=37831062"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/envoyproxy/envoy/pull/30055"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/haproxy/haproxy/issues/2312"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/eclipse/jetty.project/issues/10679"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/nghttp2/nghttp2/pull/1961"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/alibaba/tengine/issues/1872"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://news.ycombinator.com/item?id=37830987"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://news.ycombinator.com/item?id=37830998"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/caddyserver/caddy/issues/5877"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/bcdannyboy/CVE-2023-44487"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/grpc/grpc-go/pull/6703"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://my.f5.com/manage/s/article/K000137106"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.proxmox.com/show_bug.cgi?id=4988"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/microsoft/CBL-Mariner/pull/6381"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/facebook/proxygen/pull/466"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/micrictor/http2-rst-stream"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/h2o/h2o/pull/3291"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/nodejs/node/pull/50121"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/dotnet/announcements/issues/277"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/golang/go/issues/63417"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/advisories/GHSA-vx74-f528-fxqg"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/apache/trafficserver/pull/10564"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.openwall.com/lists/oss-security/2023/10/10/6"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/opensearch-project/data-prepper/issues/3474"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/kubernetes/kubernetes/pull/121120"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/oqtane/oqtane.framework/discussions/3367"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/advisories/GHSA-xpw8-rcwv-8f8p"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://netty.io/news/2023/10/10/4-1-100-Final.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://news.ycombinator.com/item?id=37837043"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/kazu-yamamoto/http2/issues/93"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113"
          },
          {
            "name": "DSA-5522",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2023/dsa-5522"
          },
          {
            "name": "DSA-5521",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2023/dsa-5521"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/cve-2023-44487"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/ninenines/cowboy/issues/1615"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/varnishcache/varnish-cache/issues/3996"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/tempesta-tech/tempesta/issues/1986"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://blog.vespa.ai/cve-2023-44487/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/etcd-io/etcd/issues/16740"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://istio.io/latest/news/security/istio-security-2023-004/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/junkurihara/rust-rpxy/issues/97"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.suse.com/show_bug.cgi?id=1216123"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://ubuntu.com/security/CVE-2023-44487"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/advisories/GHSA-qppj-fm5r-hxr3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/apache/httpd-site/pull/10"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/projectcontour/contour/pull/5826"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/line/armeria/pull/5232"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2023-44487"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/akka/akka-http/issues/4323"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/openresty/openresty/issues/930"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/apache/apisix/issues/10320"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/Azure/AKS/issues/3947"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/Kong/kong/discussions/11741"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/caddyserver/caddy/releases/tag/v2.7.5"
          },
          {
            "name": "[debian-lts-announce] 20231013 [SECURITY] [DLA 3617-1] tomcat9 security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html"
          },
          {
            "name": "[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/10/13/4"
          },
          {
            "name": "[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/10/13/9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html"
          },
          {
            "name": "FEDORA-2023-ed2642fd58",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/"
          },
          {
            "name": "[debian-lts-announce] 20231016 [SECURITY] [DLA 3621-1] nghttp2 security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20231016-0001/"
          },
          {
            "name": "[debian-lts-announce] 20231016 [SECURITY] [DLA 3617-2] tomcat9 regression update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html"
          },
          {
            "name": "[oss-security] 20231018 Vulnerability in Jenkins",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/10/18/4"
          },
          {
            "name": "[oss-security] 20231018 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/10/18/8"
          },
          {
            "name": "[oss-security] 20231019 CVE-2023-45802: Apache HTTP Server: HTTP/2 stream memory not reclaimed right away on RST",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/10/19/6"
          },
          {
            "name": "FEDORA-2023-54fadada12",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/"
          },
          {
            "name": "FEDORA-2023-5ff7bf1dd8",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/"
          },
          {
            "name": "[oss-security] 20231020 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/10/20/8"
          },
          {
            "name": "FEDORA-2023-17efd3f2cd",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/"
          },
          {
            "name": "FEDORA-2023-d5030c983c",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/"
          },
          {
            "name": "FEDORA-2023-0259c3f26f",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/"
          },
          {
            "name": "FEDORA-2023-2a9214af5f",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/"
          },
          {
            "name": "FEDORA-2023-e9c04d81c1",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/"
          },
          {
            "name": "FEDORA-2023-f66fc0f62a",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/"
          },
          {
            "name": "FEDORA-2023-4d2fd884ea",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/"
          },
          {
            "name": "FEDORA-2023-b2c50535cb",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/"
          },
          {
            "name": "FEDORA-2023-fe53e13b5b",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/"
          },
          {
            "name": "FEDORA-2023-4bf641255e",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/"
          },
          {
            "name": "[debian-lts-announce] 20231030 [SECURITY] [DLA 3641-1] jetty9 security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html"
          },
          {
            "name": "DSA-5540",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2023/dsa-5540"
          },
          {
            "name": "[debian-lts-announce] 20231031 [SECURITY] [DLA 3638-1] h2o security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715"
          },
          {
            "name": "FEDORA-2023-1caffb88af",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/"
          },
          {
            "name": "FEDORA-2023-3f70b8d406",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/"
          },
          {
            "name": "FEDORA-2023-7b52921cae",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/"
          },
          {
            "name": "FEDORA-2023-7934802344",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/"
          },
          {
            "name": "FEDORA-2023-dbe64661af",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/"
          },
          {
            "name": "FEDORA-2023-822aab0a5a",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/"
          },
          {
            "name": "[debian-lts-announce] 20231105 [SECURITY] [DLA 3645-1] trafficserver security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html"
          },
          {
            "name": "DSA-5549",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2023/dsa-5549"
          },
          {
            "name": "FEDORA-2023-c0c6a91330",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/"
          },
          {
            "name": "FEDORA-2023-492b7be466",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/"
          },
          {
            "name": "DSA-5558",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2023/dsa-5558"
          },
          {
            "name": "[debian-lts-announce] 20231119 [SECURITY] [DLA 3656-1] netty security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html"
          },
          {
            "name": "GLSA-202311-09",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202311-09"
          },
          {
            "name": "DSA-5570",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2023/dsa-5570"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20240426-0007/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20240621-0006/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20240621-0007/"
          },
          {
            "url": "https://www.vicarius.io/vsociety/posts/rapid-reset-cve-2023-44487-dos-in-http2-understanding-the-root-cause"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-06-07T20:05:34.376Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73"
        },
        {
          "url": "https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/"
        },
        {
          "url": "https://aws.amazon.com/security/security-bulletins/AWS-2023-011/"
        },
        {
          "url": "https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack"
        },
        {
          "url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
        },
        {
          "url": "https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/"
        },
        {
          "url": "https://news.ycombinator.com/item?id=37831062"
        },
        {
          "url": "https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/"
        },
        {
          "url": "https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack"
        },
        {
          "url": "https://github.com/envoyproxy/envoy/pull/30055"
        },
        {
          "url": "https://github.com/haproxy/haproxy/issues/2312"
        },
        {
          "url": "https://github.com/eclipse/jetty.project/issues/10679"
        },
        {
          "url": "https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764"
        },
        {
          "url": "https://github.com/nghttp2/nghttp2/pull/1961"
        },
        {
          "url": "https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61"
        },
        {
          "url": "https://github.com/alibaba/tengine/issues/1872"
        },
        {
          "url": "https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2"
        },
        {
          "url": "https://news.ycombinator.com/item?id=37830987"
        },
        {
          "url": "https://news.ycombinator.com/item?id=37830998"
        },
        {
          "url": "https://github.com/caddyserver/caddy/issues/5877"
        },
        {
          "url": "https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/"
        },
        {
          "url": "https://github.com/bcdannyboy/CVE-2023-44487"
        },
        {
          "url": "https://github.com/grpc/grpc-go/pull/6703"
        },
        {
          "url": "https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244"
        },
        {
          "url": "https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0"
        },
        {
          "url": "https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html"
        },
        {
          "url": "https://my.f5.com/manage/s/article/K000137106"
        },
        {
          "url": "https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/"
        },
        {
          "url": "https://bugzilla.proxmox.com/show_bug.cgi?id=4988"
        },
        {
          "url": "https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9"
        },
        {
          "name": "[oss-security] 20231010 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2023/10/10/7"
        },
        {
          "name": "[oss-security] 20231010 CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2023/10/10/6"
        },
        {
          "url": "https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected"
        },
        {
          "url": "https://github.com/microsoft/CBL-Mariner/pull/6381"
        },
        {
          "url": "https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo"
        },
        {
          "url": "https://github.com/facebook/proxygen/pull/466"
        },
        {
          "url": "https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088"
        },
        {
          "url": "https://github.com/micrictor/http2-rst-stream"
        },
        {
          "url": "https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve"
        },
        {
          "url": "https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/"
        },
        {
          "url": "https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf"
        },
        {
          "url": "https://github.com/h2o/h2o/pull/3291"
        },
        {
          "url": "https://github.com/nodejs/node/pull/50121"
        },
        {
          "url": "https://github.com/dotnet/announcements/issues/277"
        },
        {
          "url": "https://github.com/golang/go/issues/63417"
        },
        {
          "url": "https://github.com/advisories/GHSA-vx74-f528-fxqg"
        },
        {
          "url": "https://github.com/apache/trafficserver/pull/10564"
        },
        {
          "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487"
        },
        {
          "url": "https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14"
        },
        {
          "url": "https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q"
        },
        {
          "url": "https://www.openwall.com/lists/oss-security/2023/10/10/6"
        },
        {
          "url": "https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487"
        },
        {
          "url": "https://github.com/opensearch-project/data-prepper/issues/3474"
        },
        {
          "url": "https://github.com/kubernetes/kubernetes/pull/121120"
        },
        {
          "url": "https://github.com/oqtane/oqtane.framework/discussions/3367"
        },
        {
          "url": "https://github.com/advisories/GHSA-xpw8-rcwv-8f8p"
        },
        {
          "url": "https://netty.io/news/2023/10/10/4-1-100-Final.html"
        },
        {
          "url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
        },
        {
          "url": "https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/"
        },
        {
          "url": "https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack"
        },
        {
          "url": "https://news.ycombinator.com/item?id=37837043"
        },
        {
          "url": "https://github.com/kazu-yamamoto/http2/issues/93"
        },
        {
          "url": "https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html"
        },
        {
          "url": "https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1"
        },
        {
          "url": "https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113"
        },
        {
          "name": "DSA-5522",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.debian.org/security/2023/dsa-5522"
        },
        {
          "name": "DSA-5521",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.debian.org/security/2023/dsa-5521"
        },
        {
          "url": "https://access.redhat.com/security/cve/cve-2023-44487"
        },
        {
          "url": "https://github.com/ninenines/cowboy/issues/1615"
        },
        {
          "url": "https://github.com/varnishcache/varnish-cache/issues/3996"
        },
        {
          "url": "https://github.com/tempesta-tech/tempesta/issues/1986"
        },
        {
          "url": "https://blog.vespa.ai/cve-2023-44487/"
        },
        {
          "url": "https://github.com/etcd-io/etcd/issues/16740"
        },
        {
          "url": "https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event"
        },
        {
          "url": "https://istio.io/latest/news/security/istio-security-2023-004/"
        },
        {
          "url": "https://github.com/junkurihara/rust-rpxy/issues/97"
        },
        {
          "url": "https://bugzilla.suse.com/show_bug.cgi?id=1216123"
        },
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
        },
        {
          "url": "https://ubuntu.com/security/CVE-2023-44487"
        },
        {
          "url": "https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125"
        },
        {
          "url": "https://github.com/advisories/GHSA-qppj-fm5r-hxr3"
        },
        {
          "url": "https://github.com/apache/httpd-site/pull/10"
        },
        {
          "url": "https://github.com/projectcontour/contour/pull/5826"
        },
        {
          "url": "https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632"
        },
        {
          "url": "https://github.com/line/armeria/pull/5232"
        },
        {
          "url": "https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/"
        },
        {
          "url": "https://security.paloaltonetworks.com/CVE-2023-44487"
        },
        {
          "url": "https://github.com/akka/akka-http/issues/4323"
        },
        {
          "url": "https://github.com/openresty/openresty/issues/930"
        },
        {
          "url": "https://github.com/apache/apisix/issues/10320"
        },
        {
          "url": "https://github.com/Azure/AKS/issues/3947"
        },
        {
          "url": "https://github.com/Kong/kong/discussions/11741"
        },
        {
          "url": "https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487"
        },
        {
          "url": "https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/"
        },
        {
          "url": "https://github.com/caddyserver/caddy/releases/tag/v2.7.5"
        },
        {
          "name": "[debian-lts-announce] 20231013 [SECURITY] [DLA 3617-1] tomcat9 security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html"
        },
        {
          "name": "[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2023/10/13/4"
        },
        {
          "name": "[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2023/10/13/9"
        },
        {
          "url": "https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/"
        },
        {
          "url": "https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html"
        },
        {
          "name": "FEDORA-2023-ed2642fd58",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/"
        },
        {
          "url": "https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/"
        },
        {
          "name": "[debian-lts-announce] 20231016 [SECURITY] [DLA 3621-1] nghttp2 security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20231016-0001/"
        },
        {
          "name": "[debian-lts-announce] 20231016 [SECURITY] [DLA 3617-2] tomcat9 regression update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html"
        },
        {
          "name": "[oss-security] 20231018 Vulnerability in Jenkins",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2023/10/18/4"
        },
        {
          "name": "[oss-security] 20231018 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2023/10/18/8"
        },
        {
          "name": "[oss-security] 20231019 CVE-2023-45802: Apache HTTP Server: HTTP/2 stream memory not reclaimed right away on RST",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2023/10/19/6"
        },
        {
          "name": "FEDORA-2023-54fadada12",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/"
        },
        {
          "name": "FEDORA-2023-5ff7bf1dd8",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/"
        },
        {
          "name": "[oss-security] 20231020 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2023/10/20/8"
        },
        {
          "name": "FEDORA-2023-17efd3f2cd",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/"
        },
        {
          "name": "FEDORA-2023-d5030c983c",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/"
        },
        {
          "name": "FEDORA-2023-0259c3f26f",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/"
        },
        {
          "name": "FEDORA-2023-2a9214af5f",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/"
        },
        {
          "name": "FEDORA-2023-e9c04d81c1",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/"
        },
        {
          "name": "FEDORA-2023-f66fc0f62a",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/"
        },
        {
          "name": "FEDORA-2023-4d2fd884ea",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/"
        },
        {
          "name": "FEDORA-2023-b2c50535cb",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/"
        },
        {
          "name": "FEDORA-2023-fe53e13b5b",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/"
        },
        {
          "name": "FEDORA-2023-4bf641255e",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/"
        },
        {
          "name": "[debian-lts-announce] 20231030 [SECURITY] [DLA 3641-1] jetty9 security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html"
        },
        {
          "name": "DSA-5540",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.debian.org/security/2023/dsa-5540"
        },
        {
          "name": "[debian-lts-announce] 20231031 [SECURITY] [DLA 3638-1] h2o security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html"
        },
        {
          "url": "https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715"
        },
        {
          "name": "FEDORA-2023-1caffb88af",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/"
        },
        {
          "name": "FEDORA-2023-3f70b8d406",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/"
        },
        {
          "name": "FEDORA-2023-7b52921cae",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/"
        },
        {
          "name": "FEDORA-2023-7934802344",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/"
        },
        {
          "name": "FEDORA-2023-dbe64661af",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/"
        },
        {
          "name": "FEDORA-2023-822aab0a5a",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/"
        },
        {
          "name": "[debian-lts-announce] 20231105 [SECURITY] [DLA 3645-1] trafficserver security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html"
        },
        {
          "name": "DSA-5549",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.debian.org/security/2023/dsa-5549"
        },
        {
          "name": "FEDORA-2023-c0c6a91330",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/"
        },
        {
          "name": "FEDORA-2023-492b7be466",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/"
        },
        {
          "name": "DSA-5558",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.debian.org/security/2023/dsa-5558"
        },
        {
          "name": "[debian-lts-announce] 20231119 [SECURITY] [DLA 3656-1] netty security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html"
        },
        {
          "name": "GLSA-202311-09",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.gentoo.org/glsa/202311-09"
        },
        {
          "name": "DSA-5570",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.debian.org/security/2023/dsa-5570"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20240426-0007/"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20240621-0006/"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20240621-0007/"
        },
        {
          "url": "https://github.com/grpc/grpc/releases/tag/v1.59.2"
        },
        {
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http2-reset-d8Kf32vZ"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2023-44487",
    "datePublished": "2023-10-10T00:00:00.000Z",
    "dateReserved": "2023-09-29T00:00:00.000Z",
    "dateUpdated": "2025-07-30T01:37:14.917Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-1488 (GCVE-0-2021-1488)

Vulnerability from cvelistv5

Published

2021-04-29 17:31

Modified

2024-11-08 23:23

Severity ?

6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-77

Summary

A vulnerability in the upgrade process of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to inject commands that could be executed with root privileges on the underlying operating system (OS). This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by uploading a crafted upgrade package file to an affected device. A successful exploit could allow the attacker to inject commands that could be executed with root privileges on the underlying OS.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-cmdinj-TKyQfDcU	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Adaptive Security Appliance (ASA) Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T16:11:17.336Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20210428 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software for Firepower 1000 and 2100 Series Appliances Command Injection Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-cmdinj-TKyQfDcU"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-1488",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-08T20:18:33.901045Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-08T23:23:11.668Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2021-04-28T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the upgrade process of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to inject commands that could be executed with root privileges on the underlying operating system (OS). This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by uploading a crafted upgrade package file to an affected device. A successful exploit could allow the attacker to inject commands that could be executed with root privileges on the underlying OS."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-77",
              "description": "CWE-77",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-04-29T17:31:04",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20210428 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software for Firepower 1000 and 2100 Series Appliances Command Injection Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-cmdinj-TKyQfDcU"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asa-cmdinj-TKyQfDcU",
        "defect": [
          [
            "CSCvw93139"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software for Firepower 1000 and 2100 Series Appliances Command Injection Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2021-04-28T16:00:00",
          "ID": "CVE-2021-1488",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software for Firepower 1000 and 2100 Series Appliances Command Injection Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the upgrade process of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to inject commands that could be executed with root privileges on the underlying operating system (OS). This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by uploading a crafted upgrade package file to an affected device. A successful exploit could allow the attacker to inject commands that could be executed with root privileges on the underlying OS."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "6.7",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-77"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20210428 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software for Firepower 1000 and 2100 Series Appliances Command Injection Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-cmdinj-TKyQfDcU"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-asa-cmdinj-TKyQfDcU",
          "defect": [
            [
              "CSCvw93139"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2021-1488",
    "datePublished": "2021-04-29T17:31:04.869005Z",
    "dateReserved": "2020-11-13T00:00:00",
    "dateUpdated": "2024-11-08T23:23:11.668Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-3304 (GCVE-0-2020-3304)

Vulnerability from cvelistv5

Published

2020-10-21 18:36

Modified

2024-11-13 17:21

Severity ?

8.6 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-400

Summary

A vulnerability in the web interface of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to a lack of proper input validation of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. An exploit could allow the attacker to cause a DoS condition. Note: This vulnerability applies to IP Version 4 (IPv4) and IP Version 6 (IPv6) HTTP traffic.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-webdos-fBzM5Ynw	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Adaptive Security Appliance (ASA) Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T07:30:57.908Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-webdos-fBzM5Ynw"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-3304",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-13T17:21:22.492518Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-13T17:21:32.435Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2020-10-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the web interface of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to a lack of proper input validation of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. An exploit could allow the attacker to cause a DoS condition. Note: This vulnerability applies to IP Version 4 (IPv4) and IP Version 6 (IPv6) HTTP traffic."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-21T18:36:47",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-webdos-fBzM5Ynw"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asaftd-webdos-fBzM5Ynw",
        "defect": [
          [
            "CSCvs10748",
            "CSCvt70322"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2020-10-21T16:00:00",
          "ID": "CVE-2020-3304",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the web interface of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to a lack of proper input validation of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. An exploit could allow the attacker to cause a DoS condition. Note: This vulnerability applies to IP Version 4 (IPv4) and IP Version 6 (IPv6) HTTP traffic."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.6",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-400"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-webdos-fBzM5Ynw"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-asaftd-webdos-fBzM5Ynw",
          "defect": [
            [
              "CSCvs10748",
              "CSCvt70322"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2020-3304",
    "datePublished": "2020-10-21T18:36:47.782306Z",
    "dateReserved": "2019-12-12T00:00:00",
    "dateUpdated": "2024-11-13T17:21:32.435Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-3317 (GCVE-0-2020-3317)

Vulnerability from cvelistv5

Published

2020-10-21 18:36

Modified

2024-11-13 17:47

Severity ?

5.8 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

CWE

CWE-20

Summary

A vulnerability in the ssl_inspection component of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to crash Snort instances. The vulnerability is due to insufficient input validation in the ssl_inspection component. An attacker could exploit this vulnerability by sending a malformed TLS packet through a Cisco Adaptive Security Appliance (ASA). A successful exploit could allow the attacker to crash a Snort instance, resulting in a denial of service (DoS) condition.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-ssl-mf3822Z	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Threat Defense Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T07:30:57.600Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20201021 Cisco Firepower Threat Defense Software SSL Input Validation Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-ssl-mf3822Z"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-3317",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-13T17:12:21.008044Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-13T17:47:57.743Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2020-10-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the ssl_inspection component of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to crash Snort instances. The vulnerability is due to insufficient input validation in the ssl_inspection component. An attacker could exploit this vulnerability by sending a malformed TLS packet through a Cisco Adaptive Security Appliance (ASA). A successful exploit could allow the attacker to crash a Snort instance, resulting in a denial of service (DoS) condition."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-21T18:36:43",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20201021 Cisco Firepower Threat Defense Software SSL Input Validation Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-ssl-mf3822Z"
        }
      ],
      "source": {
        "advisory": "cisco-sa-ftd-ssl-mf3822Z",
        "defect": [
          [
            "CSCvs28290"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Firepower Threat Defense Software SSL Input Validation Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2020-10-21T16:00:00",
          "ID": "CVE-2020-3317",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Firepower Threat Defense Software SSL Input Validation Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Firepower Threat Defense Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the ssl_inspection component of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to crash Snort instances. The vulnerability is due to insufficient input validation in the ssl_inspection component. An attacker could exploit this vulnerability by sending a malformed TLS packet through a Cisco Adaptive Security Appliance (ASA). A successful exploit could allow the attacker to crash a Snort instance, resulting in a denial of service (DoS) condition."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "5.8",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20201021 Cisco Firepower Threat Defense Software SSL Input Validation Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-ssl-mf3822Z"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-ftd-ssl-mf3822Z",
          "defect": [
            [
              "CSCvs28290"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2020-3317",
    "datePublished": "2020-10-21T18:36:43.291735Z",
    "dateReserved": "2019-12-12T00:00:00",
    "dateUpdated": "2024-11-13T17:47:57.743Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2017-3806 (GCVE-0-2017-3806)

Vulnerability from cvelistv5

Published

2017-02-03 07:24

Modified

2024-08-05 14:39

Severity ?

CWE

inject arbitrary shell commands

Summary

A vulnerability in CLI command processing in the Cisco Firepower 4100 Series Next-Generation Firewall and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to inject arbitrary shell commands that are executed by the device. More Information: CSCvb61343. Known Affected Releases: 2.0(1.68). Known Fixed Releases: 2.0(1.118) 2.1(1.47) 92.1(1.1646) 92.1(1.1763) 92.2(1.101).

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-fpw	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/95943	vdb-entry, x_refsource_BID

Impacted products

	Vendor	Product	Version
	n/a	Cisco Firepower 4100 Series Next-Generation Firewall and Cisco Firepower 9300 Security Appliance 2.0(1.68)	Version: Cisco Firepower 4100 Series Next-Generation Firewall and Cisco Firepower 9300 Security Appliance 2.0(1.68)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T14:39:41.075Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-fpw"
          },
          {
            "name": "95943",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/95943"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower 4100 Series Next-Generation Firewall and Cisco Firepower 9300 Security Appliance 2.0(1.68)",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Cisco Firepower 4100 Series Next-Generation Firewall and Cisco Firepower 9300 Security Appliance 2.0(1.68)"
            }
          ]
        }
      ],
      "datePublic": "2017-02-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in CLI command processing in the Cisco Firepower 4100 Series Next-Generation Firewall and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to inject arbitrary shell commands that are executed by the device. More Information: CSCvb61343. Known Affected Releases: 2.0(1.68). Known Fixed Releases: 2.0(1.118) 2.1(1.47) 92.1(1.1646) 92.1(1.1763) 92.2(1.101)."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "inject arbitrary shell commands",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-02-03T10:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-fpw"
        },
        {
          "name": "95943",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/95943"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2017-3806",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Firepower 4100 Series Next-Generation Firewall and Cisco Firepower 9300 Security Appliance 2.0(1.68)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Cisco Firepower 4100 Series Next-Generation Firewall and Cisco Firepower 9300 Security Appliance 2.0(1.68)"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in CLI command processing in the Cisco Firepower 4100 Series Next-Generation Firewall and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to inject arbitrary shell commands that are executed by the device. More Information: CSCvb61343. Known Affected Releases: 2.0(1.68). Known Fixed Releases: 2.0(1.118) 2.1(1.47) 92.1(1.1646) 92.1(1.1763) 92.2(1.101)."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "inject arbitrary shell commands"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-fpw",
              "refsource": "CONFIRM",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-fpw"
            },
            {
              "name": "95943",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/95943"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2017-3806",
    "datePublished": "2017-02-03T07:24:00",
    "dateReserved": "2016-12-21T00:00:00",
    "dateUpdated": "2024-08-05T14:39:41.075Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-3585 (GCVE-0-2020-3585)

Vulnerability from cvelistv5

Published

2020-10-21 18:37

Modified

2024-11-13 17:47

Severity ?

5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CWE

CWE-203

Summary

A vulnerability in the TLS handler of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 1000 Series firewalls could allow an unauthenticated, remote attacker to gain access to sensitive information. The vulnerability is due to improper implementation of countermeasures against the Bleichenbacher attack for cipher suites that rely on RSA for key exchange. An attacker could exploit this vulnerability by sending crafted TLS messages to the device, which would act as an oracle and allow the attacker to carry out a chosen-ciphertext attack. A successful exploit could allow the attacker to perform cryptanalytic operations that may allow decryption of previously captured TLS sessions to the affected device. To exploit this vulnerability, an attacker must be able to perform both of the following actions: Capture TLS traffic that is in transit between clients and the affected device Actively establish a considerable number of TLS connections to the affected device

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-tls-bb-2g9uWkP	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Adaptive Security Appliance (ASA) Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T07:37:55.574Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20201021 Cisco Firepower 1000 Series Bleichenbacher Attack Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-tls-bb-2g9uWkP"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-3585",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-13T17:12:19.819378Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-13T17:47:47.904Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2020-10-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the TLS handler of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 1000 Series firewalls could allow an unauthenticated, remote attacker to gain access to sensitive information. The vulnerability is due to improper implementation of countermeasures against the Bleichenbacher attack for cipher suites that rely on RSA for key exchange. An attacker could exploit this vulnerability by sending crafted TLS messages to the device, which would act as an oracle and allow the attacker to carry out a chosen-ciphertext attack. A successful exploit could allow the attacker to perform cryptanalytic operations that may allow decryption of previously captured TLS sessions to the affected device. To exploit this vulnerability, an attacker must be able to perform both of the following actions: Capture TLS traffic that is in transit between clients and the affected device Actively establish a considerable number of TLS connections to the affected device"
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-203",
              "description": "CWE-203",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-21T18:37:02",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20201021 Cisco Firepower 1000 Series Bleichenbacher Attack Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-tls-bb-2g9uWkP"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asaftd-tls-bb-2g9uWkP",
        "defect": [
          [
            "CSCvv13993"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Firepower 1000 Series Bleichenbacher Attack Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2020-10-21T16:00:00",
          "ID": "CVE-2020-3585",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Firepower 1000 Series Bleichenbacher Attack Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the TLS handler of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 1000 Series firewalls could allow an unauthenticated, remote attacker to gain access to sensitive information. The vulnerability is due to improper implementation of countermeasures against the Bleichenbacher attack for cipher suites that rely on RSA for key exchange. An attacker could exploit this vulnerability by sending crafted TLS messages to the device, which would act as an oracle and allow the attacker to carry out a chosen-ciphertext attack. A successful exploit could allow the attacker to perform cryptanalytic operations that may allow decryption of previously captured TLS sessions to the affected device. To exploit this vulnerability, an attacker must be able to perform both of the following actions: Capture TLS traffic that is in transit between clients and the affected device Actively establish a considerable number of TLS connections to the affected device"
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "5.3",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-203"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20201021 Cisco Firepower 1000 Series Bleichenbacher Attack Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-tls-bb-2g9uWkP"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-asaftd-tls-bb-2g9uWkP",
          "defect": [
            [
              "CSCvv13993"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2020-3585",
    "datePublished": "2020-10-21T18:37:03.053926Z",
    "dateReserved": "2019-12-12T00:00:00",
    "dateUpdated": "2024-11-13T17:47:47.904Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-20083 (GCVE-0-2023-20083)

Vulnerability from cvelistv5

Published

2023-11-01 17:16

Modified

2024-08-02 08:57

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Summary

A vulnerability in ICMPv6 inspection when configured with the Snort 2 detection engine for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the CPU of an affected device to spike to 100 percent, which could stop all traffic processing and result in a denial of service (DoS) condition. FTD management traffic is not affected by this vulnerability. This vulnerability is due to improper error checking when parsing fields within the ICMPv6 header. An attacker could exploit this vulnerability by sending a crafted ICMPv6 packet through an affected device. A successful exploit could allow the attacker to cause the device to exhaust CPU resources and stop processing traffic, resulting in a DoS condition. Note: To recover from the DoS condition, the Snort 2 Detection Engine or the Cisco FTD device may need to be restarted.

References

▼	URL	Tags
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-icmpv6-dos-4eMkLuN

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Threat Defense Software	Version: 6.2.3 Version: 6.2.3.1 Version: 6.2.3.2 Version: 6.2.3.3 Version: 6.2.3.4 Version: 6.2.3.5 Version: 6.2.3.6 Version: 6.2.3.7 Version: 6.2.3.8 Version: 6.2.3.10 Version: 6.2.3.11 Version: 6.2.3.9 Version: 6.2.3.12 Version: 6.2.3.13 Version: 6.2.3.14 Version: 6.2.3.15 Version: 6.2.3.16 Version: 6.2.3.17 Version: 6.2.3.18 Version: 6.6.0 Version: 6.6.0.1 Version: 6.6.1 Version: 6.6.3 Version: 6.6.4 Version: 6.6.5 Version: 6.6.5.1 Version: 6.6.5.2 Version: 6.6.7 Version: 6.6.7.1 Version: 6.4.0 Version: 6.4.0.1 Version: 6.4.0.3 Version: 6.4.0.2 Version: 6.4.0.4 Version: 6.4.0.5 Version: 6.4.0.6 Version: 6.4.0.7 Version: 6.4.0.8 Version: 6.4.0.9 Version: 6.4.0.10 Version: 6.4.0.11 Version: 6.4.0.12 Version: 6.4.0.13 Version: 6.4.0.14 Version: 6.4.0.15 Version: 6.4.0.16 Version: 6.4.0.17 Version: 6.7.0 Version: 6.7.0.1 Version: 6.7.0.2 Version: 6.7.0.3 Version: 7.0.0 Version: 7.0.0.1 Version: 7.0.1 Version: 7.0.1.1 Version: 7.0.2 Version: 7.0.2.1 Version: 7.0.3 Version: 7.0.4 Version: 7.0.5 Version: 7.1.0 Version: 7.1.0.1 Version: 7.1.0.2 Version: 7.1.0.3 Version: 7.2.0 Version: 7.2.0.1 Version: 7.2.1 Version: 7.2.2 Version: 7.2.3 Version: 7.3.0 Version: 7.3.1 Version: 7.3.1.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T08:57:35.550Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "cisco-sa-ftd-icmpv6-dos-4eMkLuN",
            "tags": [
              "x_transferred"
            ],
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-icmpv6-dos-4eMkLuN"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "6.2.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.1"
            },
            {
              "status": "affected",
              "version": "6.2.3.2"
            },
            {
              "status": "affected",
              "version": "6.2.3.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.4"
            },
            {
              "status": "affected",
              "version": "6.2.3.5"
            },
            {
              "status": "affected",
              "version": "6.2.3.6"
            },
            {
              "status": "affected",
              "version": "6.2.3.7"
            },
            {
              "status": "affected",
              "version": "6.2.3.8"
            },
            {
              "status": "affected",
              "version": "6.2.3.10"
            },
            {
              "status": "affected",
              "version": "6.2.3.11"
            },
            {
              "status": "affected",
              "version": "6.2.3.9"
            },
            {
              "status": "affected",
              "version": "6.2.3.12"
            },
            {
              "status": "affected",
              "version": "6.2.3.13"
            },
            {
              "status": "affected",
              "version": "6.2.3.14"
            },
            {
              "status": "affected",
              "version": "6.2.3.15"
            },
            {
              "status": "affected",
              "version": "6.2.3.16"
            },
            {
              "status": "affected",
              "version": "6.2.3.17"
            },
            {
              "status": "affected",
              "version": "6.2.3.18"
            },
            {
              "status": "affected",
              "version": "6.6.0"
            },
            {
              "status": "affected",
              "version": "6.6.0.1"
            },
            {
              "status": "affected",
              "version": "6.6.1"
            },
            {
              "status": "affected",
              "version": "6.6.3"
            },
            {
              "status": "affected",
              "version": "6.6.4"
            },
            {
              "status": "affected",
              "version": "6.6.5"
            },
            {
              "status": "affected",
              "version": "6.6.5.1"
            },
            {
              "status": "affected",
              "version": "6.6.5.2"
            },
            {
              "status": "affected",
              "version": "6.6.7"
            },
            {
              "status": "affected",
              "version": "6.6.7.1"
            },
            {
              "status": "affected",
              "version": "6.4.0"
            },
            {
              "status": "affected",
              "version": "6.4.0.1"
            },
            {
              "status": "affected",
              "version": "6.4.0.3"
            },
            {
              "status": "affected",
              "version": "6.4.0.2"
            },
            {
              "status": "affected",
              "version": "6.4.0.4"
            },
            {
              "status": "affected",
              "version": "6.4.0.5"
            },
            {
              "status": "affected",
              "version": "6.4.0.6"
            },
            {
              "status": "affected",
              "version": "6.4.0.7"
            },
            {
              "status": "affected",
              "version": "6.4.0.8"
            },
            {
              "status": "affected",
              "version": "6.4.0.9"
            },
            {
              "status": "affected",
              "version": "6.4.0.10"
            },
            {
              "status": "affected",
              "version": "6.4.0.11"
            },
            {
              "status": "affected",
              "version": "6.4.0.12"
            },
            {
              "status": "affected",
              "version": "6.4.0.13"
            },
            {
              "status": "affected",
              "version": "6.4.0.14"
            },
            {
              "status": "affected",
              "version": "6.4.0.15"
            },
            {
              "status": "affected",
              "version": "6.4.0.16"
            },
            {
              "status": "affected",
              "version": "6.4.0.17"
            },
            {
              "status": "affected",
              "version": "6.7.0"
            },
            {
              "status": "affected",
              "version": "6.7.0.1"
            },
            {
              "status": "affected",
              "version": "6.7.0.2"
            },
            {
              "status": "affected",
              "version": "6.7.0.3"
            },
            {
              "status": "affected",
              "version": "7.0.0"
            },
            {
              "status": "affected",
              "version": "7.0.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1.1"
            },
            {
              "status": "affected",
              "version": "7.0.2"
            },
            {
              "status": "affected",
              "version": "7.0.2.1"
            },
            {
              "status": "affected",
              "version": "7.0.3"
            },
            {
              "status": "affected",
              "version": "7.0.4"
            },
            {
              "status": "affected",
              "version": "7.0.5"
            },
            {
              "status": "affected",
              "version": "7.1.0"
            },
            {
              "status": "affected",
              "version": "7.1.0.1"
            },
            {
              "status": "affected",
              "version": "7.1.0.2"
            },
            {
              "status": "affected",
              "version": "7.1.0.3"
            },
            {
              "status": "affected",
              "version": "7.2.0"
            },
            {
              "status": "affected",
              "version": "7.2.0.1"
            },
            {
              "status": "affected",
              "version": "7.2.1"
            },
            {
              "status": "affected",
              "version": "7.2.2"
            },
            {
              "status": "affected",
              "version": "7.2.3"
            },
            {
              "status": "affected",
              "version": "7.3.0"
            },
            {
              "status": "affected",
              "version": "7.3.1"
            },
            {
              "status": "affected",
              "version": "7.3.1.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in ICMPv6 inspection when configured with the Snort 2 detection engine for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the CPU of an affected device to spike to 100 percent, which could stop all traffic processing and result in a denial of service (DoS) condition. FTD management traffic is not affected by this vulnerability. This vulnerability is due to improper error checking when parsing fields within the ICMPv6 header. An attacker could exploit this vulnerability by sending a crafted ICMPv6 packet through an affected device. A successful exploit could allow the attacker to cause the device to exhaust CPU resources and stop processing traffic, resulting in a DoS condition. Note: To recover from the DoS condition, the Snort 2 Detection Engine or the Cisco FTD device may need to be restarted."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-835",
              "description": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-25T16:57:42.164Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-ftd-icmpv6-dos-4eMkLuN",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-icmpv6-dos-4eMkLuN"
        }
      ],
      "source": {
        "advisory": "cisco-sa-ftd-icmpv6-dos-4eMkLuN",
        "defects": [
          "CSCwc20635"
        ],
        "discovery": "INTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2023-20083",
    "datePublished": "2023-11-01T17:16:49.598Z",
    "dateReserved": "2022-10-27T18:47:50.334Z",
    "dateUpdated": "2024-08-02T08:57:35.550Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-20293 (GCVE-0-2024-20293)

Vulnerability from cvelistv5

Published

2024-05-22 16:55

Modified

2024-08-01 21:59

Severity ?

5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

CWE

CWE-436 - Interpretation Conflict

Summary

A vulnerability in the activation of an access control list (ACL) on Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the protection that is offered by a configured ACL on an affected device. This vulnerability is due to a logic error that occurs when an ACL changes from inactive to active in the running configuration of an affected device. An attacker could exploit this vulnerability by sending traffic through the affected device that should be denied by the configured ACL. The reverse condition is also true—traffic that should be permitted could be denied by the configured ACL. A successful exploit could allow the attacker to bypass configured ACL protections on the affected device, allowing the attacker to access trusted networks that the device might be protecting. Note: This vulnerability applies to both IPv4 and IPv6 traffic as well as dual-stack ACL configurations in which both IPv4 and IPv6 ACLs are configured on an interface.

References

▼	URL	Tags
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ogsnsg-aclbyp-3XB8q6jX

Impacted products

Vendor

Product

Version

▼

Cisco

Cisco Adaptive Security Appliance (ASA) Software

Version: 9.19.1
Version: 9.19.1.5
Version: 9.19.1.9
Version: 9.19.1.12
Version: 9.19.1.18
Version: 9.19.1.22
Version: 9.19.1.24
Version: 9.20.1
Version: 9.20.1.5

Cisco

Cisco Firepower Threat Defense Software

Version: 7.3.0
Version: 7.3.1
Version: 7.3.1.1
Version: 7.3.1.2
Version: 7.4.0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:h:cisco:firepower_management_center:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "firepower_management_center",
            "vendor": "cisco",
            "versions": [
              {
                "status": "affected",
                "version": "7.3.0"
              },
              {
                "status": "affected",
                "version": "7.3.1"
              },
              {
                "status": "affected",
                "version": "7.3.1.1"
              },
              {
                "status": "affected",
                "version": "7.3.1.2"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:cisco:adaptive_security_appliance:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "adaptive_security_appliance",
            "vendor": "cisco",
            "versions": [
              {
                "status": "affected",
                "version": " 9.19.1"
              },
              {
                "status": "affected",
                "version": " 9.19.1.5"
              },
              {
                "status": "affected",
                "version": " 9.19.1.9"
              },
              {
                "status": "affected",
                "version": " 9.19.1.12"
              },
              {
                "status": "affected",
                "version": " 9.19.1.18"
              },
              {
                "status": "affected",
                "version": " 9.19.1.22"
              },
              {
                "status": "affected",
                "version": " 9.19.1.24"
              },
              {
                "status": "affected",
                "version": " 9.20.1"
              },
              {
                "status": "affected",
                "version": " 9.20.1.5"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-20293",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-23T14:00:49.592975Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-02T15:36:56.903Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T21:59:41.290Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "cisco-sa-asaftd-ogsnsg-aclbyp-3XB8q6jX",
            "tags": [
              "x_transferred"
            ],
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ogsnsg-aclbyp-3XB8q6jX"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "9.19.1"
            },
            {
              "status": "affected",
              "version": "9.19.1.5"
            },
            {
              "status": "affected",
              "version": "9.19.1.9"
            },
            {
              "status": "affected",
              "version": "9.19.1.12"
            },
            {
              "status": "affected",
              "version": "9.19.1.18"
            },
            {
              "status": "affected",
              "version": "9.19.1.22"
            },
            {
              "status": "affected",
              "version": "9.19.1.24"
            },
            {
              "status": "affected",
              "version": "9.20.1"
            },
            {
              "status": "affected",
              "version": "9.20.1.5"
            }
          ]
        },
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "7.3.0"
            },
            {
              "status": "affected",
              "version": "7.3.1"
            },
            {
              "status": "affected",
              "version": "7.3.1.1"
            },
            {
              "status": "affected",
              "version": "7.3.1.2"
            },
            {
              "status": "affected",
              "version": "7.4.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the activation of an access control list (ACL) on Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the protection that is offered by a configured ACL on an affected device. This vulnerability is due to a logic error that occurs when an ACL changes from inactive to active in the running configuration of an affected device. An attacker could exploit this vulnerability by sending traffic through the affected device that should be denied by the configured ACL. The reverse condition is also true\u2014traffic that should be permitted could be denied by the configured ACL. A successful exploit could allow the attacker to bypass configured ACL protections on the affected device, allowing the attacker to access trusted networks that the device might be protecting. Note: This vulnerability applies to both IPv4 and IPv6 traffic as well as dual-stack ACL configurations in which both IPv4 and IPv6 ACLs are configured on an interface."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-436",
              "description": "Interpretation Conflict",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-05-22T16:55:32.309Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-asaftd-ogsnsg-aclbyp-3XB8q6jX",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ogsnsg-aclbyp-3XB8q6jX"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asaftd-ogsnsg-aclbyp-3XB8q6jX",
        "defects": [
          "CSCwi17713"
        ],
        "discovery": "INTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2024-20293",
    "datePublished": "2024-05-22T16:55:23.961Z",
    "dateReserved": "2023-11-08T15:08:07.629Z",
    "dateUpdated": "2024-08-01T21:59:41.290Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-3457 (GCVE-0-2020-3457)

Vulnerability from cvelistv5

Published

2020-10-21 18:36

Modified

2024-11-13 17:49

Severity ?

6.7 (Medium) - CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-78

Summary

A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation of commands supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input to the affected command. A successful exploit could allow the attacker to execute commands on the underlying operating system with root privileges.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-cmdinj-pqZvmXCr	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Adaptive Security Appliance (ASA) Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T07:37:54.092Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20201021 Cisco FXOS Software Command Injection Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-cmdinj-pqZvmXCr"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-3457",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-13T17:17:22.294952Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-13T17:49:07.352Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2020-10-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation of commands supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input to the affected command. A successful exploit could allow the attacker to execute commands on the underlying operating system with root privileges."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "CWE-78",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-21T18:36:09",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20201021 Cisco FXOS Software Command Injection Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-cmdinj-pqZvmXCr"
        }
      ],
      "source": {
        "advisory": "cisco-sa-fxos-cmdinj-pqZvmXCr",
        "defect": [
          [
            "CSCvt69369",
            "CSCvt74037"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco FXOS Software Command Injection Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2020-10-21T16:00:00",
          "ID": "CVE-2020-3457",
          "STATE": "PUBLIC",
          "TITLE": "Cisco FXOS Software Command Injection Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation of commands supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input to the affected command. A successful exploit could allow the attacker to execute commands on the underlying operating system with root privileges."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "6.7",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-78"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20201021 Cisco FXOS Software Command Injection Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-cmdinj-pqZvmXCr"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-fxos-cmdinj-pqZvmXCr",
          "defect": [
            [
              "CSCvt69369",
              "CSCvt74037"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2020-3457",
    "datePublished": "2020-10-21T18:36:10.064433Z",
    "dateReserved": "2019-12-12T00:00:00",
    "dateUpdated": "2024-11-13T17:49:07.352Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-34754 (GCVE-0-2021-34754)

Vulnerability from cvelistv5

Published

2021-10-27 18:55

Modified

2024-11-07 21:46

Severity ?

5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

CWE

CWE-284

Summary

Multiple vulnerabilities in the payload inspection for Ethernet Industrial Protocol (ENIP) traffic for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured rules for ENIP traffic. These vulnerabilities are due to incomplete processing during deep packet inspection for ENIP packets. An attacker could exploit these vulnerabilities by sending a crafted ENIP packet to the targeted interface. A successful exploit could allow the attacker to bypass configured access control and intrusion policies that should be activated for the ENIP packet.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-enip-bypass-eFsxd8KP	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Threat Defense Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T00:19:48.159Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20211027 Cisco Firepower Threat Defense Software Ethernet Industrial Protocol Policy Bypass Vulnerabilities",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-enip-bypass-eFsxd8KP"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-34754",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-07T21:44:35.126748Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-07T21:46:19.292Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2021-10-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple vulnerabilities in the payload inspection for Ethernet Industrial Protocol (ENIP) traffic for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured rules for ENIP traffic. These vulnerabilities are due to incomplete processing during deep packet inspection for ENIP packets. An attacker could exploit these vulnerabilities by sending a crafted ENIP packet to the targeted interface. A successful exploit could allow the attacker to bypass configured access control and intrusion policies that should be activated for the ENIP packet."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-284",
              "description": "CWE-284",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-27T18:55:11",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20211027 Cisco Firepower Threat Defense Software Ethernet Industrial Protocol Policy Bypass Vulnerabilities",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-enip-bypass-eFsxd8KP"
        }
      ],
      "source": {
        "advisory": "cisco-sa-ftd-enip-bypass-eFsxd8KP",
        "defect": [
          [
            "CSCvy02240"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Firepower Threat Defense Software Ethernet Industrial Protocol Policy Bypass Vulnerabilities",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2021-10-27T16:00:00",
          "ID": "CVE-2021-34754",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Firepower Threat Defense Software Ethernet Industrial Protocol Policy Bypass Vulnerabilities"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Firepower Threat Defense Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple vulnerabilities in the payload inspection for Ethernet Industrial Protocol (ENIP) traffic for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured rules for ENIP traffic. These vulnerabilities are due to incomplete processing during deep packet inspection for ENIP packets. An attacker could exploit these vulnerabilities by sending a crafted ENIP packet to the targeted interface. A successful exploit could allow the attacker to bypass configured access control and intrusion policies that should be activated for the ENIP packet."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "5.8",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-284"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20211027 Cisco Firepower Threat Defense Software Ethernet Industrial Protocol Policy Bypass Vulnerabilities",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-enip-bypass-eFsxd8KP"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-ftd-enip-bypass-eFsxd8KP",
          "defect": [
            [
              "CSCvy02240"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2021-34754",
    "datePublished": "2021-10-27T18:55:11.850764Z",
    "dateReserved": "2021-06-15T00:00:00",
    "dateUpdated": "2024-11-07T21:46:19.292Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-34787 (GCVE-0-2021-34787)

Vulnerability from cvelistv5

Published

2021-10-27 18:56

Modified

2024-11-07 21:45

Severity ?

5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

CWE

CWE-183

Summary

A vulnerability in the identity-based firewall (IDFW) rule processing feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass security protections. This vulnerability is due to improper handling of network requests by affected devices configured to use object group search. An attacker could exploit this vulnerability by sending a specially crafted network request to an affected device. A successful exploit could allow the attacker to bypass access control list (ACL) rules on the device, bypass security protections, and send network traffic to unauthorized hosts.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-rule-bypass-ejjOgQEY	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Adaptive Security Appliance (ASA) Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T00:19:48.219Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20211027 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Identity-Based Rule Bypass Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-rule-bypass-ejjOgQEY"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-34787",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-07T21:44:30.622445Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-07T21:45:57.012Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2021-10-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the identity-based firewall (IDFW) rule processing feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass security protections. This vulnerability is due to improper handling of network requests by affected devices configured to use object group search. An attacker could exploit this vulnerability by sending a specially crafted network request to an affected device. A successful exploit could allow the attacker to bypass access control list (ACL) rules on the device, bypass security protections, and send network traffic to unauthorized hosts."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-183",
              "description": "CWE-183",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-27T18:56:03",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20211027 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Identity-Based Rule Bypass Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-rule-bypass-ejjOgQEY"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asaftd-rule-bypass-ejjOgQEY",
        "defect": [
          [
            "CSCvx47895"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Identity-Based Rule Bypass Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2021-10-27T16:00:00",
          "ID": "CVE-2021-34787",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Identity-Based Rule Bypass Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the identity-based firewall (IDFW) rule processing feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass security protections. This vulnerability is due to improper handling of network requests by affected devices configured to use object group search. An attacker could exploit this vulnerability by sending a specially crafted network request to an affected device. A successful exploit could allow the attacker to bypass access control list (ACL) rules on the device, bypass security protections, and send network traffic to unauthorized hosts."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "5.3",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-183"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20211027 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Identity-Based Rule Bypass Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-rule-bypass-ejjOgQEY"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-asaftd-rule-bypass-ejjOgQEY",
          "defect": [
            [
              "CSCvx47895"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2021-34787",
    "datePublished": "2021-10-27T18:56:03.870419Z",
    "dateReserved": "2021-06-15T00:00:00",
    "dateUpdated": "2024-11-07T21:45:57.012Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-3436 (GCVE-0-2020-3436)

Vulnerability from cvelistv5

Published

2020-10-21 18:36

Modified

2024-11-13 17:48

Severity ?

8.6 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-434

Summary

A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to upload arbitrary-sized files to specific folders on an affected device, which could lead to an unexpected device reload. The vulnerability exists because the affected software does not efficiently handle the writing of large files to specific folders on the local file system. An attacker could exploit this vulnerability by uploading files to those specific folders. A successful exploit could allow the attacker to write a file that triggers a watchdog timeout, which would cause the device to unexpectedly reload, causing a denial of service (DoS) condition.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-fileup-dos-zvC7wtys	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Adaptive Security Appliance (ASA) Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T07:37:53.979Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services File Upload Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-fileup-dos-zvC7wtys"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-3436",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-13T17:12:24.015798Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-13T17:48:38.998Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2020-10-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to upload arbitrary-sized files to specific folders on an affected device, which could lead to an unexpected device reload. The vulnerability exists because the affected software does not efficiently handle the writing of large files to specific folders on the local file system. An attacker could exploit this vulnerability by uploading files to those specific folders. A successful exploit could allow the attacker to write a file that triggers a watchdog timeout, which would cause the device to unexpectedly reload, causing a denial of service (DoS) condition."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-434",
              "description": "CWE-434",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-21T18:36:24",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services File Upload Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-fileup-dos-zvC7wtys"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asaftd-fileup-dos-zvC7wtys",
        "defect": [
          [
            "CSCvt60190"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services File Upload Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2020-10-21T16:00:00",
          "ID": "CVE-2020-3436",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services File Upload Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to upload arbitrary-sized files to specific folders on an affected device, which could lead to an unexpected device reload. The vulnerability exists because the affected software does not efficiently handle the writing of large files to specific folders on the local file system. An attacker could exploit this vulnerability by uploading files to those specific folders. A successful exploit could allow the attacker to write a file that triggers a watchdog timeout, which would cause the device to unexpectedly reload, causing a denial of service (DoS) condition."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.6",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-434"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services File Upload Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-fileup-dos-zvC7wtys"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-asaftd-fileup-dos-zvC7wtys",
          "defect": [
            [
              "CSCvt60190"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2020-3436",
    "datePublished": "2020-10-21T18:36:24.103971Z",
    "dateReserved": "2019-12-12T00:00:00",
    "dateUpdated": "2024-11-13T17:48:38.998Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-1982 (GCVE-0-2019-1982)

Vulnerability from cvelistv5

Published

2019-11-05 19:35

Modified

2024-11-19 18:51

Severity ?

5.8 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

CWE

CWE-264

Summary

A vulnerability in the HTTP traffic filtering component of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow an unauthenticated, remote attacker to bypass filtering protections. The vulnerability is due to improper handling of HTTP requests, including those communicated over a secure HTTPS connection, that contain maliciously crafted headers. An attacker could exploit this vulnerability by sending malicious requests to an affected device. An exploit could allow the attacker to bypass filtering and deliver malicious requests to protected systems, allowing attackers to deliver malicious content that would otherwise be blocked.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190816-ftd-http	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Management Center	Version: unspecified < n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T18:35:52.175Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20190816 Cisco Firepower Threat Defense Software HTTP Filtering Bypass Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190816-ftd-http"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2019-1982",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-19T17:22:26.870769Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-19T18:51:53.061Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Management Center",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "n/a",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2019-08-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the HTTP traffic filtering component of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow an unauthenticated, remote attacker to bypass filtering protections. The vulnerability is due to improper handling of HTTP requests, including those communicated over a secure HTTPS connection, that contain maliciously crafted headers. An attacker could exploit this vulnerability by sending malicious requests to an affected device. An exploit could allow the attacker to bypass filtering and deliver malicious requests to protected systems, allowing attackers to deliver malicious content that would otherwise be blocked."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-264",
              "description": "CWE-264",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-11-05T19:35:42",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20190816 Cisco Firepower Threat Defense Software HTTP Filtering Bypass Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190816-ftd-http"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20190816-ftd-http",
        "defect": [
          [
            "CSCvj19544",
            "CSCvq07297"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Firepower Threat Defense Software HTTP Filtering Bypass Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2019-08-16T16:00:00-0700",
          "ID": "CVE-2019-1982",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Firepower Threat Defense Software HTTP Filtering Bypass Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Firepower Management Center",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the HTTP traffic filtering component of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow an unauthenticated, remote attacker to bypass filtering protections. The vulnerability is due to improper handling of HTTP requests, including those communicated over a secure HTTPS connection, that contain maliciously crafted headers. An attacker could exploit this vulnerability by sending malicious requests to an affected device. An exploit could allow the attacker to bypass filtering and deliver malicious requests to protected systems, allowing attackers to deliver malicious content that would otherwise be blocked."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "5.8",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-264"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20190816 Cisco Firepower Threat Defense Software HTTP Filtering Bypass Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190816-ftd-http"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20190816-ftd-http",
          "defect": [
            [
              "CSCvj19544",
              "CSCvq07297"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2019-1982",
    "datePublished": "2019-11-05T19:35:42.343253Z",
    "dateReserved": "2018-12-06T00:00:00",
    "dateUpdated": "2024-11-19T18:51:53.061Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2018-15462 (GCVE-0-2018-15462)

Vulnerability from cvelistv5

Published

2019-05-03 14:45

Modified

2024-11-19 19:10

Severity ?

8.6 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-399

Summary

A vulnerability in the TCP ingress handler for the data interfaces that are configured with management access to Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an increase in CPU and memory usage, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient ingress TCP rate limiting for TCP ports 22 (SSH) and 443 (HTTPS). An attacker could exploit this vulnerability by sending a crafted, steady stream of TCP traffic to port 22 or 443 on the data interfaces that are configured with management access to the affected device.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-firepower-dos	vendor-advisory, x_refsource_CISCO
	http://www.securityfocus.com/bid/108178	vdb-entry, x_refsource_BID

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Threat Defense Software	Version: unspecified < 6.2.3.12 Version: unspecified < 6.3.0.3

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T09:54:03.389Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20190501 Cisco Firepower Threat Defense Software TCP Ingress Handler Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-firepower-dos"
          },
          {
            "name": "108178",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/108178"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2018-15462",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-19T17:24:35.100752Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-19T19:10:03.042Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "6.2.3.12",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "6.3.0.3",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2019-05-01T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the TCP ingress handler for the data interfaces that are configured with management access to Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an increase in CPU and memory usage, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient ingress TCP rate limiting for TCP ports 22 (SSH) and 443 (HTTPS). An attacker could exploit this vulnerability by sending a crafted, steady stream of TCP traffic to port 22 or 443 on the data interfaces that are configured with management access to the affected device."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-399",
              "description": "CWE-399",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-05-07T17:06:06",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20190501 Cisco Firepower Threat Defense Software TCP Ingress Handler Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-firepower-dos"
        },
        {
          "name": "108178",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/108178"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20190501-firepower-dos",
        "defect": [
          [
            "CSCvf95761",
            "CSCvg76064",
            "CSCvk35736",
            "CSCvn51149"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Firepower Threat Defense Software TCP Ingress Handler Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2019-05-01T16:00:00-0700",
          "ID": "CVE-2018-15462",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Firepower Threat Defense Software TCP Ingress Handler Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Firepower Threat Defense Software",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "6.2.3.12"
                          },
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "6.3.0.3"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the TCP ingress handler for the data interfaces that are configured with management access to Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an increase in CPU and memory usage, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient ingress TCP rate limiting for TCP ports 22 (SSH) and 443 (HTTPS). An attacker could exploit this vulnerability by sending a crafted, steady stream of TCP traffic to port 22 or 443 on the data interfaces that are configured with management access to the affected device."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.6",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-399"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20190501 Cisco Firepower Threat Defense Software TCP Ingress Handler Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-firepower-dos"
            },
            {
              "name": "108178",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/108178"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20190501-firepower-dos",
          "defect": [
            [
              "CSCvf95761",
              "CSCvg76064",
              "CSCvk35736",
              "CSCvn51149"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2018-15462",
    "datePublished": "2019-05-03T14:45:32.295663Z",
    "dateReserved": "2018-08-17T00:00:00",
    "dateUpdated": "2024-11-19T19:10:03.042Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-20685 (GCVE-0-2022-20685)

Vulnerability from cvelistv5

Published

2024-11-15 15:36

Modified

2025-01-27 17:48

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-190 - Integer Overflow or Wraparound

Summary

A vulnerability in the Modbus preprocessor of the Snort detection engine could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to an integer overflow while processing Modbus traffic. An attacker could exploit this vulnerability by sending crafted Modbus traffic through an affected device. A successful exploit could allow the attacker to cause the Snort process to hang, causing traffic inspection to stop.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

References

▼	URL	Tags
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-dos-9D3hJLuj
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sna-xss-NXOxDhRQ

Impacted products

Vendor

Product

Version

▼

Cisco

Cisco Cyber Vision

Version: 3.0.0
Version: 3.0.2
Version: 3.0.3
Version: 3.0.1
Version: 3.1.0
Version: 3.0.4
Version: 3.1.1
Version: 3.1.2
Version: 3.2.0
Version: 3.0.5
Version: 3.2.1
Version: 3.0.6
Version: 3.2.2
Version: 3.2.3
Version: 3.2.4
Version: 4.0.0
Version: 4.0.1

	Cisco	Cisco Firepower Threat Defense Software	Version: 6.2.3.14 Version: 6.4.0.1 Version: 6.2.3.7 Version: 6.2.3 Version: 6.4.0.2 Version: 6.2.3.9 Version: 6.2.3.1 Version: 6.2.3.2 Version: 6.4.0.5 Version: 6.2.3.10 Version: 6.4.0 Version: 6.4.0.3 Version: 6.2.3.6 Version: 6.4.0.4 Version: 6.2.3.15 Version: 6.2.3.5 Version: 6.2.3.4 Version: 6.2.3.3 Version: 6.2.3.8 Version: 6.4.0.6 Version: 6.2.3.11 Version: 6.2.3.12 Version: 6.2.3.13 Version: 6.4.0.7 Version: 6.4.0.8 Version: 6.6.0 Version: 6.4.0.9 Version: 6.2.3.16 Version: 6.6.0.1 Version: 6.6.1 Version: 6.4.0.10 Version: 6.7.0 Version: 6.4.0.11 Version: 6.6.3 Version: 6.7.0.1 Version: 6.6.4 Version: 6.4.0.12 Version: 6.7.0.2 Version: 7.0.0 Version: 6.2.3.17 Version: 7.0.0.1 Version: 6.6.5 Version: 6.2.3.18 Version: 6.7.0.3
	Cisco	Cisco UTD SNORT IPS Engine Software	Version: 3.17.1S Version: 16.12.3 Version: Fuji-16.9.5 Version: 16.12.4 Version: 17.3.1a Version: 16.6.6 Version: 16.12.2 Version: Fuji-16.9.6 Version: 3.17.0S Version: Fuji-16.9.3 Version: Denali-16.3.7 Version: Fuji-16.9.2 Version: Fuji-16.9.4 Version: Everest-16.6.4 Version: Everest-16.6.3 Version: 16.6.5 Version: Denali-16.3.5 Version: 17.2.1r Version: 17.1.1 Version: Everest-16.6.2 Version: 16.6.7a Version: Denali-16.3.4 Version: 16.6.1 Version: Denali-16.3.9 Version: Denali-16.3.3 Version: 16.12.1a Version: 17.3.2 Version: 17.4.1a Version: 16.12.5 Version: 17.5.1 Version: Fuji-16.9.7 Version: 16.6.9 Version: 17.3.3 Version: 17.5.1a Version: 17.3.4 Version: 17.3.4a Version: 17.4.2 Version: 17.4.1b Version: 17.6.1a Version: 16.6.10 Version: 17.7.1a Version: 16.12.6 Version: Fuji-16.9.8

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 7.5,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2022-20685",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-15T16:20:05.316414Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-190",
                "description": "CWE-190 Integer Overflow or Wraparound",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-27T17:48:32.910Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "Cisco Cyber Vision",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "3.0.0"
            },
            {
              "status": "affected",
              "version": "3.0.2"
            },
            {
              "status": "affected",
              "version": "3.0.3"
            },
            {
              "status": "affected",
              "version": "3.0.1"
            },
            {
              "status": "affected",
              "version": "3.1.0"
            },
            {
              "status": "affected",
              "version": "3.0.4"
            },
            {
              "status": "affected",
              "version": "3.1.1"
            },
            {
              "status": "affected",
              "version": "3.1.2"
            },
            {
              "status": "affected",
              "version": "3.2.0"
            },
            {
              "status": "affected",
              "version": "3.0.5"
            },
            {
              "status": "affected",
              "version": "3.2.1"
            },
            {
              "status": "affected",
              "version": "3.0.6"
            },
            {
              "status": "affected",
              "version": "3.2.2"
            },
            {
              "status": "affected",
              "version": "3.2.3"
            },
            {
              "status": "affected",
              "version": "3.2.4"
            },
            {
              "status": "affected",
              "version": "4.0.0"
            },
            {
              "status": "affected",
              "version": "4.0.1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "6.2.3.14"
            },
            {
              "status": "affected",
              "version": "6.4.0.1"
            },
            {
              "status": "affected",
              "version": "6.2.3.7"
            },
            {
              "status": "affected",
              "version": "6.2.3"
            },
            {
              "status": "affected",
              "version": "6.4.0.2"
            },
            {
              "status": "affected",
              "version": "6.2.3.9"
            },
            {
              "status": "affected",
              "version": "6.2.3.1"
            },
            {
              "status": "affected",
              "version": "6.2.3.2"
            },
            {
              "status": "affected",
              "version": "6.4.0.5"
            },
            {
              "status": "affected",
              "version": "6.2.3.10"
            },
            {
              "status": "affected",
              "version": "6.4.0"
            },
            {
              "status": "affected",
              "version": "6.4.0.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.6"
            },
            {
              "status": "affected",
              "version": "6.4.0.4"
            },
            {
              "status": "affected",
              "version": "6.2.3.15"
            },
            {
              "status": "affected",
              "version": "6.2.3.5"
            },
            {
              "status": "affected",
              "version": "6.2.3.4"
            },
            {
              "status": "affected",
              "version": "6.2.3.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.8"
            },
            {
              "status": "affected",
              "version": "6.4.0.6"
            },
            {
              "status": "affected",
              "version": "6.2.3.11"
            },
            {
              "status": "affected",
              "version": "6.2.3.12"
            },
            {
              "status": "affected",
              "version": "6.2.3.13"
            },
            {
              "status": "affected",
              "version": "6.4.0.7"
            },
            {
              "status": "affected",
              "version": "6.4.0.8"
            },
            {
              "status": "affected",
              "version": "6.6.0"
            },
            {
              "status": "affected",
              "version": "6.4.0.9"
            },
            {
              "status": "affected",
              "version": "6.2.3.16"
            },
            {
              "status": "affected",
              "version": "6.6.0.1"
            },
            {
              "status": "affected",
              "version": "6.6.1"
            },
            {
              "status": "affected",
              "version": "6.4.0.10"
            },
            {
              "status": "affected",
              "version": "6.7.0"
            },
            {
              "status": "affected",
              "version": "6.4.0.11"
            },
            {
              "status": "affected",
              "version": "6.6.3"
            },
            {
              "status": "affected",
              "version": "6.7.0.1"
            },
            {
              "status": "affected",
              "version": "6.6.4"
            },
            {
              "status": "affected",
              "version": "6.4.0.12"
            },
            {
              "status": "affected",
              "version": "6.7.0.2"
            },
            {
              "status": "affected",
              "version": "7.0.0"
            },
            {
              "status": "affected",
              "version": "6.2.3.17"
            },
            {
              "status": "affected",
              "version": "7.0.0.1"
            },
            {
              "status": "affected",
              "version": "6.6.5"
            },
            {
              "status": "affected",
              "version": "6.2.3.18"
            },
            {
              "status": "affected",
              "version": "6.7.0.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Cisco UTD SNORT IPS Engine Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "3.17.1S"
            },
            {
              "status": "affected",
              "version": "16.12.3"
            },
            {
              "status": "affected",
              "version": "Fuji-16.9.5"
            },
            {
              "status": "affected",
              "version": "16.12.4"
            },
            {
              "status": "affected",
              "version": "17.3.1a"
            },
            {
              "status": "affected",
              "version": "16.6.6"
            },
            {
              "status": "affected",
              "version": "16.12.2"
            },
            {
              "status": "affected",
              "version": "Fuji-16.9.6"
            },
            {
              "status": "affected",
              "version": "3.17.0S"
            },
            {
              "status": "affected",
              "version": "Fuji-16.9.3"
            },
            {
              "status": "affected",
              "version": "Denali-16.3.7"
            },
            {
              "status": "affected",
              "version": "Fuji-16.9.2"
            },
            {
              "status": "affected",
              "version": "Fuji-16.9.4"
            },
            {
              "status": "affected",
              "version": "Everest-16.6.4"
            },
            {
              "status": "affected",
              "version": "Everest-16.6.3"
            },
            {
              "status": "affected",
              "version": "16.6.5"
            },
            {
              "status": "affected",
              "version": "Denali-16.3.5"
            },
            {
              "status": "affected",
              "version": "17.2.1r"
            },
            {
              "status": "affected",
              "version": "17.1.1"
            },
            {
              "status": "affected",
              "version": "Everest-16.6.2"
            },
            {
              "status": "affected",
              "version": "16.6.7a"
            },
            {
              "status": "affected",
              "version": "Denali-16.3.4"
            },
            {
              "status": "affected",
              "version": "16.6.1"
            },
            {
              "status": "affected",
              "version": "Denali-16.3.9"
            },
            {
              "status": "affected",
              "version": "Denali-16.3.3"
            },
            {
              "status": "affected",
              "version": "16.12.1a"
            },
            {
              "status": "affected",
              "version": "17.3.2"
            },
            {
              "status": "affected",
              "version": "17.4.1a"
            },
            {
              "status": "affected",
              "version": "16.12.5"
            },
            {
              "status": "affected",
              "version": "17.5.1"
            },
            {
              "status": "affected",
              "version": "Fuji-16.9.7"
            },
            {
              "status": "affected",
              "version": "16.6.9"
            },
            {
              "status": "affected",
              "version": "17.3.3"
            },
            {
              "status": "affected",
              "version": "17.5.1a"
            },
            {
              "status": "affected",
              "version": "17.3.4"
            },
            {
              "status": "affected",
              "version": "17.3.4a"
            },
            {
              "status": "affected",
              "version": "17.4.2"
            },
            {
              "status": "affected",
              "version": "17.4.1b"
            },
            {
              "status": "affected",
              "version": "17.6.1a"
            },
            {
              "status": "affected",
              "version": "16.6.10"
            },
            {
              "status": "affected",
              "version": "17.7.1a"
            },
            {
              "status": "affected",
              "version": "16.12.6"
            },
            {
              "status": "affected",
              "version": "Fuji-16.9.8"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Modbus preprocessor of the Snort detection engine could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\r\nThis vulnerability is due to an integer overflow while processing Modbus traffic. An attacker could exploit this vulnerability by sending crafted Modbus traffic through an affected device. A successful exploit could allow the attacker to cause the Snort process to hang, causing traffic inspection to stop.Cisco\u0026nbsp;has released software updates that address this vulnerability. There are no workarounds that address this vulnerability."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco\u00a0Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-190",
              "description": "Integer Overflow or Wraparound",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-15T15:36:31.261Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-snort-dos-9D3hJLuj",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-dos-9D3hJLuj"
        },
        {
          "name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sna-xss-NXOxDhRQ\u003c/a\u003e\u003c/p\u003e\u003cp\u003e\u003cstrong\u003eAttention\u003c/strong\u003e: Simplifying the Cisco\u0026nbsp;portfolio includes the renaming of security products under one brand: Cisco\u0026nbsp;Secure. For more information, see \u003ca href=\"https://www.cisco.com/c/en/us/products/security/secure-names.html\"\u003eMeet Cisco\u0026nbsp;Secure",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sna-xss-NXOxDhRQ"
        }
      ],
      "source": {
        "advisory": "cisco-sa-snort-dos-9D3hJLuj",
        "defects": [
          "CSCvz27235"
        ],
        "discovery": "EXTERNAL"
      },
      "title": "Multiple Cisco Products Snort Modbus Denial of Service Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2022-20685",
    "datePublished": "2024-11-15T15:36:31.261Z",
    "dateReserved": "2021-11-02T13:28:29.055Z",
    "dateUpdated": "2025-01-27T17:48:32.910Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-3352 (GCVE-0-2020-3352)

Vulnerability from cvelistv5

Published

2020-10-21 18:36

Modified

2024-11-13 17:48

Severity ?

5.3 (Medium) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

CWE

CWE-912

Summary

A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to access hidden commands. The vulnerability is due to the presence of undocumented configuration commands. An attacker could exploit this vulnerability by performing specific steps that make the hidden commands accessible. A successful exploit could allow the attacker to make configuration changes to various sections of an affected device that should not be exposed to CLI access.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-hidcmd-pFDeWVBd	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Threat Defense Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T07:30:58.147Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20201021 Cisco Firepower Threat Defense Software Hidden Commands Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-hidcmd-pFDeWVBd"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-3352",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-13T17:22:49.430236Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-13T17:48:10.824Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2020-10-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to access hidden commands. The vulnerability is due to the presence of undocumented configuration commands. An attacker could exploit this vulnerability by performing specific steps that make the hidden commands accessible. A successful exploit could allow the attacker to make configuration changes to various sections of an affected device that should not be exposed to CLI access."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-912",
              "description": "CWE-912",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-21T18:36:38",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20201021 Cisco Firepower Threat Defense Software Hidden Commands Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-hidcmd-pFDeWVBd"
        }
      ],
      "source": {
        "advisory": "cisco-sa-ftd-hidcmd-pFDeWVBd",
        "defect": [
          [
            "CSCvq43920"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Firepower Threat Defense Software Hidden Commands Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2020-10-21T16:00:00",
          "ID": "CVE-2020-3352",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Firepower Threat Defense Software Hidden Commands Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Firepower Threat Defense Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to access hidden commands. The vulnerability is due to the presence of undocumented configuration commands. An attacker could exploit this vulnerability by performing specific steps that make the hidden commands accessible. A successful exploit could allow the attacker to make configuration changes to various sections of an affected device that should not be exposed to CLI access."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "5.3",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-912"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20201021 Cisco Firepower Threat Defense Software Hidden Commands Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-hidcmd-pFDeWVBd"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-ftd-hidcmd-pFDeWVBd",
          "defect": [
            [
              "CSCvq43920"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2020-3352",
    "datePublished": "2020-10-21T18:36:38.357424Z",
    "dateReserved": "2019-12-12T00:00:00",
    "dateUpdated": "2024-11-13T17:48:10.824Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-20268 (GCVE-0-2024-20268)

Vulnerability from cvelistv5

Published

2024-10-23 17:06

Modified

2024-10-24 17:51

Severity ?

7.7 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-231 - Improper Handling of Extra Values

Summary

A vulnerability in the Simple Network Management Protocol (SNMP) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause an unexpected reload of the device. This vulnerability is due to insufficient input validation of SNMP packets. An attacker could exploit this vulnerability by sending a crafted SNMP request to an affected device using IPv4 or IPv6. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. This vulnerability affects all versions of SNMP (versions 1, 2c, and 3) and requires a valid SNMP community string or valid SNMPv3 user credentials.

References

▼	URL	Tags
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-snmp-dos-7TcnzxTU
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-M446vbEO
	https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300

Impacted products

Vendor

Product

Version

▼

Cisco

Cisco Adaptive Security Appliance (ASA) Software

Version: 9.14.1
Version: 9.14.1.10
Version: 9.14.1.6
Version: 9.14.1.15
Version: 9.14.1.19
Version: 9.14.1.30
Version: 9.15.1
Version: 9.14.2
Version: 9.14.2.4
Version: 9.15.1.7
Version: 9.14.2.8
Version: 9.15.1.10
Version: 9.14.2.13
Version: 9.15.1.15
Version: 9.14.2.15
Version: 9.16.1
Version: 9.15.1.16
Version: 9.14.3
Version: 9.16.1.28
Version: 9.14.3.1
Version: 9.14.3.9
Version: 9.16.2
Version: 9.16.2.3
Version: 9.14.3.11
Version: 9.15.1.17
Version: 9.15.1.1
Version: 9.14.3.13
Version: 9.16.2.7
Version: 9.14.3.15
Version: 9.17.1
Version: 9.16.2.11
Version: 9.14.3.18
Version: 9.16.2.13
Version: 9.14.4
Version: 9.16.2.14
Version: 9.17.1.7
Version: 9.15.1.21
Version: 9.16.3.3
Version: 9.14.4.6
Version: 9.16.3
Version: 9.16.3.14
Version: 9.17.1.9
Version: 9.14.4.7
Version: 9.17.1.10
Version: 9.18.1
Version: 9.14.4.12
Version: 9.16.3.15
Version: 9.18.1.3
Version: 9.17.1.11
Version: 9.14.4.13
Version: 9.18.2
Version: 9.16.3.19
Version: 9.17.1.13
Version: 9.14.4.14
Version: 9.17.1.15
Version: 9.14.4.15
Version: 9.16.3.23
Version: 9.18.2.5
Version: 9.16.4
Version: 9.14.4.17
Version: 9.17.1.20
Version: 9.18.2.7
Version: 9.19.1
Version: 9.16.4.9
Version: 9.18.2.8
Version: 9.14.4.22
Version: 9.16.4.14
Version: 9.18.3
Version: 9.19.1.5
Version: 9.14.4.23
Version: 9.16.4.18
Version: 9.17.1.30
Version: 9.19.1.9
Version: 9.18.3.39
Version: 9.16.4.19
Version: 9.19.1.12
Version: 9.18.3.46
Version: 9.16.4.27
Version: 9.19.1.18
Version: 9.18.3.53
Version: 9.18.3.55
Version: 9.16.4.38
Version: 9.17.1.33
Version: 9.16.4.39
Version: 9.18.3.56
Version: 9.20.1
Version: 9.16.4.42
Version: 9.19.1.22
Version: 9.18.4
Version: 9.20.1.5
Version: 9.18.4.5
Version: 9.19.1.24
Version: 9.16.4.48
Version: 9.18.4.8
Version: 9.20.2
Version: 9.19.1.27
Version: 9.14.4.24

Cisco

Cisco Firepower Threat Defense Software

Version: 6.6.0
Version: 6.6.0.1
Version: 6.6.1
Version: 6.7.0
Version: 6.6.3
Version: 6.7.0.1
Version: 6.6.4
Version: 6.7.0.2
Version: 7.0.0
Version: 7.0.0.1
Version: 6.6.5
Version: 7.0.1
Version: 7.1.0
Version: 6.6.5.1
Version: 7.0.1.1
Version: 6.7.0.3
Version: 7.1.0.1
Version: 6.6.5.2
Version: 7.0.2
Version: 7.2.0
Version: 7.0.2.1
Version: 7.0.3
Version: 6.6.7
Version: 7.1.0.2
Version: 7.2.0.1
Version: 7.0.4
Version: 7.2.1
Version: 7.0.5
Version: 7.3.0
Version: 7.2.2
Version: 7.2.3
Version: 6.6.7.1
Version: 7.3.1
Version: 7.1.0.3
Version: 7.2.4
Version: 7.0.6
Version: 7.2.5
Version: 7.2.4.1
Version: 7.3.1.1
Version: 7.4.0
Version: 7.0.6.1
Version: 7.2.5.1
Version: 7.4.1
Version: 7.4.1.1
Version: 6.6.7.2
Version: 7.2.5.2
Version: 7.3.1.2

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-20268",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-23T18:40:10.565850Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-24T17:51:17.009Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "9.14.1"
            },
            {
              "status": "affected",
              "version": "9.14.1.10"
            },
            {
              "status": "affected",
              "version": "9.14.1.6"
            },
            {
              "status": "affected",
              "version": "9.14.1.15"
            },
            {
              "status": "affected",
              "version": "9.14.1.19"
            },
            {
              "status": "affected",
              "version": "9.14.1.30"
            },
            {
              "status": "affected",
              "version": "9.15.1"
            },
            {
              "status": "affected",
              "version": "9.14.2"
            },
            {
              "status": "affected",
              "version": "9.14.2.4"
            },
            {
              "status": "affected",
              "version": "9.15.1.7"
            },
            {
              "status": "affected",
              "version": "9.14.2.8"
            },
            {
              "status": "affected",
              "version": "9.15.1.10"
            },
            {
              "status": "affected",
              "version": "9.14.2.13"
            },
            {
              "status": "affected",
              "version": "9.15.1.15"
            },
            {
              "status": "affected",
              "version": "9.14.2.15"
            },
            {
              "status": "affected",
              "version": "9.16.1"
            },
            {
              "status": "affected",
              "version": "9.15.1.16"
            },
            {
              "status": "affected",
              "version": "9.14.3"
            },
            {
              "status": "affected",
              "version": "9.16.1.28"
            },
            {
              "status": "affected",
              "version": "9.14.3.1"
            },
            {
              "status": "affected",
              "version": "9.14.3.9"
            },
            {
              "status": "affected",
              "version": "9.16.2"
            },
            {
              "status": "affected",
              "version": "9.16.2.3"
            },
            {
              "status": "affected",
              "version": "9.14.3.11"
            },
            {
              "status": "affected",
              "version": "9.15.1.17"
            },
            {
              "status": "affected",
              "version": "9.15.1.1"
            },
            {
              "status": "affected",
              "version": "9.14.3.13"
            },
            {
              "status": "affected",
              "version": "9.16.2.7"
            },
            {
              "status": "affected",
              "version": "9.14.3.15"
            },
            {
              "status": "affected",
              "version": "9.17.1"
            },
            {
              "status": "affected",
              "version": "9.16.2.11"
            },
            {
              "status": "affected",
              "version": "9.14.3.18"
            },
            {
              "status": "affected",
              "version": "9.16.2.13"
            },
            {
              "status": "affected",
              "version": "9.14.4"
            },
            {
              "status": "affected",
              "version": "9.16.2.14"
            },
            {
              "status": "affected",
              "version": "9.17.1.7"
            },
            {
              "status": "affected",
              "version": "9.15.1.21"
            },
            {
              "status": "affected",
              "version": "9.16.3.3"
            },
            {
              "status": "affected",
              "version": "9.14.4.6"
            },
            {
              "status": "affected",
              "version": "9.16.3"
            },
            {
              "status": "affected",
              "version": "9.16.3.14"
            },
            {
              "status": "affected",
              "version": "9.17.1.9"
            },
            {
              "status": "affected",
              "version": "9.14.4.7"
            },
            {
              "status": "affected",
              "version": "9.17.1.10"
            },
            {
              "status": "affected",
              "version": "9.18.1"
            },
            {
              "status": "affected",
              "version": "9.14.4.12"
            },
            {
              "status": "affected",
              "version": "9.16.3.15"
            },
            {
              "status": "affected",
              "version": "9.18.1.3"
            },
            {
              "status": "affected",
              "version": "9.17.1.11"
            },
            {
              "status": "affected",
              "version": "9.14.4.13"
            },
            {
              "status": "affected",
              "version": "9.18.2"
            },
            {
              "status": "affected",
              "version": "9.16.3.19"
            },
            {
              "status": "affected",
              "version": "9.17.1.13"
            },
            {
              "status": "affected",
              "version": "9.14.4.14"
            },
            {
              "status": "affected",
              "version": "9.17.1.15"
            },
            {
              "status": "affected",
              "version": "9.14.4.15"
            },
            {
              "status": "affected",
              "version": "9.16.3.23"
            },
            {
              "status": "affected",
              "version": "9.18.2.5"
            },
            {
              "status": "affected",
              "version": "9.16.4"
            },
            {
              "status": "affected",
              "version": "9.14.4.17"
            },
            {
              "status": "affected",
              "version": "9.17.1.20"
            },
            {
              "status": "affected",
              "version": "9.18.2.7"
            },
            {
              "status": "affected",
              "version": "9.19.1"
            },
            {
              "status": "affected",
              "version": "9.16.4.9"
            },
            {
              "status": "affected",
              "version": "9.18.2.8"
            },
            {
              "status": "affected",
              "version": "9.14.4.22"
            },
            {
              "status": "affected",
              "version": "9.16.4.14"
            },
            {
              "status": "affected",
              "version": "9.18.3"
            },
            {
              "status": "affected",
              "version": "9.19.1.5"
            },
            {
              "status": "affected",
              "version": "9.14.4.23"
            },
            {
              "status": "affected",
              "version": "9.16.4.18"
            },
            {
              "status": "affected",
              "version": "9.17.1.30"
            },
            {
              "status": "affected",
              "version": "9.19.1.9"
            },
            {
              "status": "affected",
              "version": "9.18.3.39"
            },
            {
              "status": "affected",
              "version": "9.16.4.19"
            },
            {
              "status": "affected",
              "version": "9.19.1.12"
            },
            {
              "status": "affected",
              "version": "9.18.3.46"
            },
            {
              "status": "affected",
              "version": "9.16.4.27"
            },
            {
              "status": "affected",
              "version": "9.19.1.18"
            },
            {
              "status": "affected",
              "version": "9.18.3.53"
            },
            {
              "status": "affected",
              "version": "9.18.3.55"
            },
            {
              "status": "affected",
              "version": "9.16.4.38"
            },
            {
              "status": "affected",
              "version": "9.17.1.33"
            },
            {
              "status": "affected",
              "version": "9.16.4.39"
            },
            {
              "status": "affected",
              "version": "9.18.3.56"
            },
            {
              "status": "affected",
              "version": "9.20.1"
            },
            {
              "status": "affected",
              "version": "9.16.4.42"
            },
            {
              "status": "affected",
              "version": "9.19.1.22"
            },
            {
              "status": "affected",
              "version": "9.18.4"
            },
            {
              "status": "affected",
              "version": "9.20.1.5"
            },
            {
              "status": "affected",
              "version": "9.18.4.5"
            },
            {
              "status": "affected",
              "version": "9.19.1.24"
            },
            {
              "status": "affected",
              "version": "9.16.4.48"
            },
            {
              "status": "affected",
              "version": "9.18.4.8"
            },
            {
              "status": "affected",
              "version": "9.20.2"
            },
            {
              "status": "affected",
              "version": "9.19.1.27"
            },
            {
              "status": "affected",
              "version": "9.14.4.24"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "6.6.0"
            },
            {
              "status": "affected",
              "version": "6.6.0.1"
            },
            {
              "status": "affected",
              "version": "6.6.1"
            },
            {
              "status": "affected",
              "version": "6.7.0"
            },
            {
              "status": "affected",
              "version": "6.6.3"
            },
            {
              "status": "affected",
              "version": "6.7.0.1"
            },
            {
              "status": "affected",
              "version": "6.6.4"
            },
            {
              "status": "affected",
              "version": "6.7.0.2"
            },
            {
              "status": "affected",
              "version": "7.0.0"
            },
            {
              "status": "affected",
              "version": "7.0.0.1"
            },
            {
              "status": "affected",
              "version": "6.6.5"
            },
            {
              "status": "affected",
              "version": "7.0.1"
            },
            {
              "status": "affected",
              "version": "7.1.0"
            },
            {
              "status": "affected",
              "version": "6.6.5.1"
            },
            {
              "status": "affected",
              "version": "7.0.1.1"
            },
            {
              "status": "affected",
              "version": "6.7.0.3"
            },
            {
              "status": "affected",
              "version": "7.1.0.1"
            },
            {
              "status": "affected",
              "version": "6.6.5.2"
            },
            {
              "status": "affected",
              "version": "7.0.2"
            },
            {
              "status": "affected",
              "version": "7.2.0"
            },
            {
              "status": "affected",
              "version": "7.0.2.1"
            },
            {
              "status": "affected",
              "version": "7.0.3"
            },
            {
              "status": "affected",
              "version": "6.6.7"
            },
            {
              "status": "affected",
              "version": "7.1.0.2"
            },
            {
              "status": "affected",
              "version": "7.2.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.4"
            },
            {
              "status": "affected",
              "version": "7.2.1"
            },
            {
              "status": "affected",
              "version": "7.0.5"
            },
            {
              "status": "affected",
              "version": "7.3.0"
            },
            {
              "status": "affected",
              "version": "7.2.2"
            },
            {
              "status": "affected",
              "version": "7.2.3"
            },
            {
              "status": "affected",
              "version": "6.6.7.1"
            },
            {
              "status": "affected",
              "version": "7.3.1"
            },
            {
              "status": "affected",
              "version": "7.1.0.3"
            },
            {
              "status": "affected",
              "version": "7.2.4"
            },
            {
              "status": "affected",
              "version": "7.0.6"
            },
            {
              "status": "affected",
              "version": "7.2.5"
            },
            {
              "status": "affected",
              "version": "7.2.4.1"
            },
            {
              "status": "affected",
              "version": "7.3.1.1"
            },
            {
              "status": "affected",
              "version": "7.4.0"
            },
            {
              "status": "affected",
              "version": "7.0.6.1"
            },
            {
              "status": "affected",
              "version": "7.2.5.1"
            },
            {
              "status": "affected",
              "version": "7.4.1"
            },
            {
              "status": "affected",
              "version": "7.4.1.1"
            },
            {
              "status": "affected",
              "version": "6.6.7.2"
            },
            {
              "status": "affected",
              "version": "7.2.5.2"
            },
            {
              "status": "affected",
              "version": "7.3.1.2"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Simple Network Management Protocol (SNMP) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause an unexpected reload of the device.\r\n\r\nThis vulnerability is due to insufficient input validation of SNMP packets. An attacker could exploit this vulnerability by sending a crafted SNMP request to an affected device using IPv4 or IPv6. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. This vulnerability affects all versions of SNMP (versions 1, 2c, and 3) and requires a valid SNMP community string or valid SNMPv3 user credentials."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-231",
              "description": "Improper Handling of Extra Values",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-23T17:06:57.460Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-asaftd-snmp-dos-7TcnzxTU",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-snmp-dos-7TcnzxTU"
        },
        {
          "name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-M446vbEO",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-M446vbEO"
        },
        {
          "name": "Cisco Event Response: October 2024 Semiannual Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication",
          "url": "https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asaftd-snmp-dos-7TcnzxTU",
        "defects": [
          "CSCwe90609"
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SNMP Denial of Service Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2024-20268",
    "datePublished": "2024-10-23T17:06:57.460Z",
    "dateReserved": "2023-11-08T15:08:07.624Z",
    "dateUpdated": "2024-10-24T17:51:17.009Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-1715 (GCVE-0-2019-1715)

Vulnerability from cvelistv5

Published

2019-05-03 16:20

Modified

2024-11-19 19:08

Severity ?

5.3 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CWE

CWE-332

Summary

A vulnerability in the Deterministic Random Bit Generator (DRBG), also known as Pseudorandom Number Generator (PRNG), used in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a cryptographic collision, enabling the attacker to discover the private key of an affected device. The vulnerability is due to insufficient entropy in the DRBG when generating cryptographic keys. An attacker could exploit this vulnerability by generating a large number of cryptographic keys on an affected device and looking for collisions with target devices. A successful exploit could allow the attacker to impersonate an affected target device or to decrypt traffic secured by an affected key that is sent to or from an affected target device.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftd-entropy	vendor-advisory, x_refsource_CISCO

Impacted products

Vendor

Product

Version

▼

Cisco

Cisco Adaptive Security Appliance (ASA) Software

Version: unspecified < 9.8.4
Version: unspecified < 9.9.2.50

Cisco

Cisco Firepower Threat Defense (FTD) Software

Version: unspecified < 6.2.3.12
Version: unspecified < 6.3.0.3

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T18:28:42.279Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20190501 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Low-Entropy Keys Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftd-entropy"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2019-1715",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-19T17:24:18.472065Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-19T19:08:18.850Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "9.8.4",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "9.9.2.50",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Cisco Firepower Threat Defense (FTD) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "6.2.3.12",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "6.3.0.3",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2019-05-01T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Deterministic Random Bit Generator (DRBG), also known as Pseudorandom Number Generator (PRNG), used in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a cryptographic collision, enabling the attacker to discover the private key of an affected device. The vulnerability is due to insufficient entropy in the DRBG when generating cryptographic keys. An attacker could exploit this vulnerability by generating a large number of cryptographic keys on an affected device and looking for collisions with target devices. A successful exploit could allow the attacker to impersonate an affected target device or to decrypt traffic secured by an affected key that is sent to or from an affected target device."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-332",
              "description": "CWE-332",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-05-03T16:20:30",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20190501 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Low-Entropy Keys Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftd-entropy"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20190501-asa-ftd-entropy",
        "defect": [
          [
            "CSCvj52266"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Low-Entropy Keys Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2019-05-01T16:00:00-0700",
          "ID": "CVE-2019-1715",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Low-Entropy Keys Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "9.8.4"
                          },
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "9.9.2.50"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Cisco Firepower Threat Defense (FTD) Software",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "6.2.3.12"
                          },
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "6.3.0.3"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the Deterministic Random Bit Generator (DRBG), also known as Pseudorandom Number Generator (PRNG), used in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a cryptographic collision, enabling the attacker to discover the private key of an affected device. The vulnerability is due to insufficient entropy in the DRBG when generating cryptographic keys. An attacker could exploit this vulnerability by generating a large number of cryptographic keys on an affected device and looking for collisions with target devices. A successful exploit could allow the attacker to impersonate an affected target device or to decrypt traffic secured by an affected key that is sent to or from an affected target device."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "5.3",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-332"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20190501 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Low-Entropy Keys Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftd-entropy"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20190501-asa-ftd-entropy",
          "defect": [
            [
              "CSCvj52266"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2019-1715",
    "datePublished": "2019-05-03T16:20:30.170634Z",
    "dateReserved": "2018-12-06T00:00:00",
    "dateUpdated": "2024-11-19T19:08:18.850Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-20256 (GCVE-0-2023-20256)

Vulnerability from cvelistv5

Published

2023-11-01 16:54

Modified

2024-11-21 21:44

Severity ?

5.0 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N

CWE

CWE-290 - Authentication Bypass by Spoofing

Summary

Multiple vulnerabilities in the per-user-override feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should be denied to flow through an affected device. These vulnerabilities are due to a logic error that could occur when the affected software constructs and applies per-user-override rules. An attacker could exploit these vulnerabilities by connecting to a network through an affected device that has a vulnerable configuration. A successful exploit could allow the attacker to bypass the interface ACL and access resources that would should be protected.

References

▼	URL	Tags
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ac-acl-bypass-bwd7q6Gb

Impacted products

Vendor

Product

Version

▼

Cisco

Cisco Adaptive Security Appliance (ASA) Software

Version: 9.8.4.25
Version: 9.8.4.22
Version: 9.8.4.26
Version: 9.8.4.29
Version: 9.8.4.32
Version: 9.8.4.33
Version: 9.8.4.34
Version: 9.8.4.35
Version: 9.8.4.39
Version: 9.8.4.40
Version: 9.8.4.41
Version: 9.8.4.43
Version: 9.8.4.44
Version: 9.8.4.45
Version: 9.8.4.46
Version: 9.8.4.48
Version: 9.12.4.2
Version: 9.12.4.4
Version: 9.12.4.7
Version: 9.12.4.10
Version: 9.12.4.13
Version: 9.12.4.8
Version: 9.12.4.18
Version: 9.12.4.24
Version: 9.12.4.26
Version: 9.12.4.29
Version: 9.12.4.30
Version: 9.12.4.35
Version: 9.12.4.37
Version: 9.12.4.38
Version: 9.12.4.39
Version: 9.12.4.40
Version: 9.12.4.41
Version: 9.12.4.47
Version: 9.12.4.48
Version: 9.12.4.50
Version: 9.12.4.52
Version: 9.12.4.54
Version: 9.12.4.55
Version: 9.12.4.56
Version: 9.14.1.10
Version: 9.14.1.15
Version: 9.14.1.19
Version: 9.14.1.30
Version: 9.14.2
Version: 9.14.2.4
Version: 9.14.2.8
Version: 9.14.2.13
Version: 9.14.2.15
Version: 9.14.3
Version: 9.14.3.1
Version: 9.14.3.9
Version: 9.14.3.11
Version: 9.14.3.13
Version: 9.14.3.18
Version: 9.14.3.15
Version: 9.14.4
Version: 9.14.4.6
Version: 9.14.4.7
Version: 9.14.4.12
Version: 9.14.4.13
Version: 9.14.4.14
Version: 9.14.4.15
Version: 9.14.4.17
Version: 9.14.4.22
Version: 9.14.4.23
Version: 9.15.1
Version: 9.15.1.7
Version: 9.15.1.10
Version: 9.15.1.15
Version: 9.15.1.16
Version: 9.15.1.17
Version: 9.15.1.1
Version: 9.15.1.21
Version: 9.16.1
Version: 9.16.1.28
Version: 9.16.2
Version: 9.16.2.3
Version: 9.16.2.7
Version: 9.16.2.11
Version: 9.16.2.13
Version: 9.16.2.14
Version: 9.16.3
Version: 9.16.3.3
Version: 9.16.3.14
Version: 9.16.3.15
Version: 9.16.3.19
Version: 9.16.3.23
Version: 9.16.4
Version: 9.16.4.9
Version: 9.16.4.14
Version: 9.17.1
Version: 9.17.1.7
Version: 9.17.1.9
Version: 9.17.1.10
Version: 9.17.1.11
Version: 9.17.1.13
Version: 9.17.1.15
Version: 9.17.1.20
Version: 9.17.1.30
Version: 9.18.1
Version: 9.18.1.3
Version: 9.18.2
Version: 9.18.2.5
Version: 9.18.2.7
Version: 9.18.2.8
Version: 9.18.3
Version: 9.19.1
Version: 9.19.1.5

Cisco

Cisco Firepower Threat Defense Software

Version: 6.2.3.16
Version: 6.2.3.17
Version: 6.2.3.18
Version: 6.6.1
Version: 6.6.3
Version: 6.6.4
Version: 6.6.5
Version: 6.6.5.1
Version: 6.6.5.2
Version: 6.6.7
Version: 6.6.7.1
Version: 6.4.0.10
Version: 6.4.0.11
Version: 6.4.0.12
Version: 6.4.0.13
Version: 6.4.0.14
Version: 6.4.0.15
Version: 6.4.0.16
Version: 6.7.0
Version: 6.7.0.1
Version: 6.7.0.2
Version: 6.7.0.3
Version: 7.0.0
Version: 7.0.0.1
Version: 7.0.1
Version: 7.0.1.1
Version: 7.0.2
Version: 7.0.2.1
Version: 7.0.3
Version: 7.0.4
Version: 7.0.5
Version: 7.1.0
Version: 7.1.0.1
Version: 7.1.0.2
Version: 7.1.0.3
Version: 7.2.0
Version: 7.2.0.1
Version: 7.2.1
Version: 7.2.2
Version: 7.2.3
Version: 7.3.0
Version: 7.3.1
Version: 7.3.1.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T09:05:36.885Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "cisco-sa-asaftd-ac-acl-bypass-bwd7q6Gb",
            "tags": [
              "x_transferred"
            ],
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ac-acl-bypass-bwd7q6Gb"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-20256",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-21T21:44:33.524414Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-21T21:44:44.427Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "9.8.4.25"
            },
            {
              "status": "affected",
              "version": "9.8.4.22"
            },
            {
              "status": "affected",
              "version": "9.8.4.26"
            },
            {
              "status": "affected",
              "version": "9.8.4.29"
            },
            {
              "status": "affected",
              "version": "9.8.4.32"
            },
            {
              "status": "affected",
              "version": "9.8.4.33"
            },
            {
              "status": "affected",
              "version": "9.8.4.34"
            },
            {
              "status": "affected",
              "version": "9.8.4.35"
            },
            {
              "status": "affected",
              "version": "9.8.4.39"
            },
            {
              "status": "affected",
              "version": "9.8.4.40"
            },
            {
              "status": "affected",
              "version": "9.8.4.41"
            },
            {
              "status": "affected",
              "version": "9.8.4.43"
            },
            {
              "status": "affected",
              "version": "9.8.4.44"
            },
            {
              "status": "affected",
              "version": "9.8.4.45"
            },
            {
              "status": "affected",
              "version": "9.8.4.46"
            },
            {
              "status": "affected",
              "version": "9.8.4.48"
            },
            {
              "status": "affected",
              "version": "9.12.4.2"
            },
            {
              "status": "affected",
              "version": "9.12.4.4"
            },
            {
              "status": "affected",
              "version": "9.12.4.7"
            },
            {
              "status": "affected",
              "version": "9.12.4.10"
            },
            {
              "status": "affected",
              "version": "9.12.4.13"
            },
            {
              "status": "affected",
              "version": "9.12.4.8"
            },
            {
              "status": "affected",
              "version": "9.12.4.18"
            },
            {
              "status": "affected",
              "version": "9.12.4.24"
            },
            {
              "status": "affected",
              "version": "9.12.4.26"
            },
            {
              "status": "affected",
              "version": "9.12.4.29"
            },
            {
              "status": "affected",
              "version": "9.12.4.30"
            },
            {
              "status": "affected",
              "version": "9.12.4.35"
            },
            {
              "status": "affected",
              "version": "9.12.4.37"
            },
            {
              "status": "affected",
              "version": "9.12.4.38"
            },
            {
              "status": "affected",
              "version": "9.12.4.39"
            },
            {
              "status": "affected",
              "version": "9.12.4.40"
            },
            {
              "status": "affected",
              "version": "9.12.4.41"
            },
            {
              "status": "affected",
              "version": "9.12.4.47"
            },
            {
              "status": "affected",
              "version": "9.12.4.48"
            },
            {
              "status": "affected",
              "version": "9.12.4.50"
            },
            {
              "status": "affected",
              "version": "9.12.4.52"
            },
            {
              "status": "affected",
              "version": "9.12.4.54"
            },
            {
              "status": "affected",
              "version": "9.12.4.55"
            },
            {
              "status": "affected",
              "version": "9.12.4.56"
            },
            {
              "status": "affected",
              "version": "9.14.1.10"
            },
            {
              "status": "affected",
              "version": "9.14.1.15"
            },
            {
              "status": "affected",
              "version": "9.14.1.19"
            },
            {
              "status": "affected",
              "version": "9.14.1.30"
            },
            {
              "status": "affected",
              "version": "9.14.2"
            },
            {
              "status": "affected",
              "version": "9.14.2.4"
            },
            {
              "status": "affected",
              "version": "9.14.2.8"
            },
            {
              "status": "affected",
              "version": "9.14.2.13"
            },
            {
              "status": "affected",
              "version": "9.14.2.15"
            },
            {
              "status": "affected",
              "version": "9.14.3"
            },
            {
              "status": "affected",
              "version": "9.14.3.1"
            },
            {
              "status": "affected",
              "version": "9.14.3.9"
            },
            {
              "status": "affected",
              "version": "9.14.3.11"
            },
            {
              "status": "affected",
              "version": "9.14.3.13"
            },
            {
              "status": "affected",
              "version": "9.14.3.18"
            },
            {
              "status": "affected",
              "version": "9.14.3.15"
            },
            {
              "status": "affected",
              "version": "9.14.4"
            },
            {
              "status": "affected",
              "version": "9.14.4.6"
            },
            {
              "status": "affected",
              "version": "9.14.4.7"
            },
            {
              "status": "affected",
              "version": "9.14.4.12"
            },
            {
              "status": "affected",
              "version": "9.14.4.13"
            },
            {
              "status": "affected",
              "version": "9.14.4.14"
            },
            {
              "status": "affected",
              "version": "9.14.4.15"
            },
            {
              "status": "affected",
              "version": "9.14.4.17"
            },
            {
              "status": "affected",
              "version": "9.14.4.22"
            },
            {
              "status": "affected",
              "version": "9.14.4.23"
            },
            {
              "status": "affected",
              "version": "9.15.1"
            },
            {
              "status": "affected",
              "version": "9.15.1.7"
            },
            {
              "status": "affected",
              "version": "9.15.1.10"
            },
            {
              "status": "affected",
              "version": "9.15.1.15"
            },
            {
              "status": "affected",
              "version": "9.15.1.16"
            },
            {
              "status": "affected",
              "version": "9.15.1.17"
            },
            {
              "status": "affected",
              "version": "9.15.1.1"
            },
            {
              "status": "affected",
              "version": "9.15.1.21"
            },
            {
              "status": "affected",
              "version": "9.16.1"
            },
            {
              "status": "affected",
              "version": "9.16.1.28"
            },
            {
              "status": "affected",
              "version": "9.16.2"
            },
            {
              "status": "affected",
              "version": "9.16.2.3"
            },
            {
              "status": "affected",
              "version": "9.16.2.7"
            },
            {
              "status": "affected",
              "version": "9.16.2.11"
            },
            {
              "status": "affected",
              "version": "9.16.2.13"
            },
            {
              "status": "affected",
              "version": "9.16.2.14"
            },
            {
              "status": "affected",
              "version": "9.16.3"
            },
            {
              "status": "affected",
              "version": "9.16.3.3"
            },
            {
              "status": "affected",
              "version": "9.16.3.14"
            },
            {
              "status": "affected",
              "version": "9.16.3.15"
            },
            {
              "status": "affected",
              "version": "9.16.3.19"
            },
            {
              "status": "affected",
              "version": "9.16.3.23"
            },
            {
              "status": "affected",
              "version": "9.16.4"
            },
            {
              "status": "affected",
              "version": "9.16.4.9"
            },
            {
              "status": "affected",
              "version": "9.16.4.14"
            },
            {
              "status": "affected",
              "version": "9.17.1"
            },
            {
              "status": "affected",
              "version": "9.17.1.7"
            },
            {
              "status": "affected",
              "version": "9.17.1.9"
            },
            {
              "status": "affected",
              "version": "9.17.1.10"
            },
            {
              "status": "affected",
              "version": "9.17.1.11"
            },
            {
              "status": "affected",
              "version": "9.17.1.13"
            },
            {
              "status": "affected",
              "version": "9.17.1.15"
            },
            {
              "status": "affected",
              "version": "9.17.1.20"
            },
            {
              "status": "affected",
              "version": "9.17.1.30"
            },
            {
              "status": "affected",
              "version": "9.18.1"
            },
            {
              "status": "affected",
              "version": "9.18.1.3"
            },
            {
              "status": "affected",
              "version": "9.18.2"
            },
            {
              "status": "affected",
              "version": "9.18.2.5"
            },
            {
              "status": "affected",
              "version": "9.18.2.7"
            },
            {
              "status": "affected",
              "version": "9.18.2.8"
            },
            {
              "status": "affected",
              "version": "9.18.3"
            },
            {
              "status": "affected",
              "version": "9.19.1"
            },
            {
              "status": "affected",
              "version": "9.19.1.5"
            }
          ]
        },
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "6.2.3.16"
            },
            {
              "status": "affected",
              "version": "6.2.3.17"
            },
            {
              "status": "affected",
              "version": "6.2.3.18"
            },
            {
              "status": "affected",
              "version": "6.6.1"
            },
            {
              "status": "affected",
              "version": "6.6.3"
            },
            {
              "status": "affected",
              "version": "6.6.4"
            },
            {
              "status": "affected",
              "version": "6.6.5"
            },
            {
              "status": "affected",
              "version": "6.6.5.1"
            },
            {
              "status": "affected",
              "version": "6.6.5.2"
            },
            {
              "status": "affected",
              "version": "6.6.7"
            },
            {
              "status": "affected",
              "version": "6.6.7.1"
            },
            {
              "status": "affected",
              "version": "6.4.0.10"
            },
            {
              "status": "affected",
              "version": "6.4.0.11"
            },
            {
              "status": "affected",
              "version": "6.4.0.12"
            },
            {
              "status": "affected",
              "version": "6.4.0.13"
            },
            {
              "status": "affected",
              "version": "6.4.0.14"
            },
            {
              "status": "affected",
              "version": "6.4.0.15"
            },
            {
              "status": "affected",
              "version": "6.4.0.16"
            },
            {
              "status": "affected",
              "version": "6.7.0"
            },
            {
              "status": "affected",
              "version": "6.7.0.1"
            },
            {
              "status": "affected",
              "version": "6.7.0.2"
            },
            {
              "status": "affected",
              "version": "6.7.0.3"
            },
            {
              "status": "affected",
              "version": "7.0.0"
            },
            {
              "status": "affected",
              "version": "7.0.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1.1"
            },
            {
              "status": "affected",
              "version": "7.0.2"
            },
            {
              "status": "affected",
              "version": "7.0.2.1"
            },
            {
              "status": "affected",
              "version": "7.0.3"
            },
            {
              "status": "affected",
              "version": "7.0.4"
            },
            {
              "status": "affected",
              "version": "7.0.5"
            },
            {
              "status": "affected",
              "version": "7.1.0"
            },
            {
              "status": "affected",
              "version": "7.1.0.1"
            },
            {
              "status": "affected",
              "version": "7.1.0.2"
            },
            {
              "status": "affected",
              "version": "7.1.0.3"
            },
            {
              "status": "affected",
              "version": "7.2.0"
            },
            {
              "status": "affected",
              "version": "7.2.0.1"
            },
            {
              "status": "affected",
              "version": "7.2.1"
            },
            {
              "status": "affected",
              "version": "7.2.2"
            },
            {
              "status": "affected",
              "version": "7.2.3"
            },
            {
              "status": "affected",
              "version": "7.3.0"
            },
            {
              "status": "affected",
              "version": "7.3.1"
            },
            {
              "status": "affected",
              "version": "7.3.1.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple vulnerabilities in the per-user-override feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should be denied to flow through an affected device. These vulnerabilities are due to a logic error that could occur when the affected software constructs and applies per-user-override rules. An attacker could exploit these vulnerabilities by connecting to a network through an affected device that has a vulnerable configuration. A successful exploit could allow the attacker to bypass the interface ACL and access resources that would should be protected."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-290",
              "description": "Authentication Bypass by Spoofing",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-25T16:58:33.743Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-asaftd-ac-acl-bypass-bwd7q6Gb",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ac-acl-bypass-bwd7q6Gb"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asaftd-ac-acl-bypass-bwd7q6Gb",
        "defects": [
          "CSCwd30856"
        ],
        "discovery": "EXTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2023-20256",
    "datePublished": "2023-11-01T16:54:53.004Z",
    "dateReserved": "2022-10-27T18:47:50.372Z",
    "dateUpdated": "2024-11-21T21:44:44.427Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2017-6625 (GCVE-0-2017-6625)

Vulnerability from cvelistv5

Published

2017-05-03 21:00

Modified

2024-08-05 15:33

Severity ?

CWE

CWE-399

Summary

A "Cisco Firepower Threat Defense 6.0.0 through 6.2.2 and Cisco ASA with FirePOWER Module Denial of Service" vulnerability in the access control policy of Cisco Firepower System Software could allow an authenticated, remote attacker to cause an affected system to stop inspecting and processing packets, resulting in a denial of service (DoS) condition. The vulnerability is due to improper SSL policy handling by the affected software when packets are passed through the sensing interfaces of an affected system. An attacker could exploit this vulnerability by sending crafted packets through a targeted system. This vulnerability affects Cisco Firepower System Software that is configured with the SSL policy feature. Cisco Bug IDs: CSCvc84361.

References

▼	URL	Tags
	http://www.securityfocus.com/bid/98292	vdb-entry, x_refsource_BID
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-ftd	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1038397	vdb-entry, x_refsource_SECTRACK

Impacted products

	Vendor	Product	Version
	n/a	Cisco Firepower Threat Defense and Cisco ASA with FirePOWER Module	Version: Cisco Firepower Threat Defense and Cisco ASA with FirePOWER Module

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T15:33:20.441Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "98292",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/98292"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-ftd"
          },
          {
            "name": "1038397",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1038397"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense and Cisco ASA with FirePOWER Module",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Cisco Firepower Threat Defense and Cisco ASA with FirePOWER Module"
            }
          ]
        }
      ],
      "datePublic": "2017-05-03T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A \"Cisco Firepower Threat Defense 6.0.0 through 6.2.2 and Cisco ASA with FirePOWER Module Denial of Service\" vulnerability in the access control policy of Cisco Firepower System Software could allow an authenticated, remote attacker to cause an affected system to stop inspecting and processing packets, resulting in a denial of service (DoS) condition. The vulnerability is due to improper SSL policy handling by the affected software when packets are passed through the sensing interfaces of an affected system. An attacker could exploit this vulnerability by sending crafted packets through a targeted system. This vulnerability affects Cisco Firepower System Software that is configured with the SSL policy feature. Cisco Bug IDs: CSCvc84361."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-399",
              "description": "CWE-399",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T09:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "98292",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/98292"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-ftd"
        },
        {
          "name": "1038397",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1038397"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2017-6625",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Firepower Threat Defense and Cisco ASA with FirePOWER Module",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Cisco Firepower Threat Defense and Cisco ASA with FirePOWER Module"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A \"Cisco Firepower Threat Defense 6.0.0 through 6.2.2 and Cisco ASA with FirePOWER Module Denial of Service\" vulnerability in the access control policy of Cisco Firepower System Software could allow an authenticated, remote attacker to cause an affected system to stop inspecting and processing packets, resulting in a denial of service (DoS) condition. The vulnerability is due to improper SSL policy handling by the affected software when packets are passed through the sensing interfaces of an affected system. An attacker could exploit this vulnerability by sending crafted packets through a targeted system. This vulnerability affects Cisco Firepower System Software that is configured with the SSL policy feature. Cisco Bug IDs: CSCvc84361."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-399"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "98292",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/98292"
            },
            {
              "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-ftd",
              "refsource": "CONFIRM",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-ftd"
            },
            {
              "name": "1038397",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1038397"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2017-6625",
    "datePublished": "2017-05-03T21:00:00",
    "dateReserved": "2017-03-09T00:00:00",
    "dateUpdated": "2024-08-05T15:33:20.441Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-1978 (GCVE-0-2019-1978)

Vulnerability from cvelistv5

Published

2019-11-05 19:35

Modified

2024-11-19 18:52

Severity ?

5.8 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

CWE

CWE-264

Summary

A vulnerability in the stream reassembly component of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow an unauthenticated, remote attacker to bypass filtering protections. The vulnerability is due to improper reassembly of traffic streams. An attacker could exploit this vulnerability by sending crafted streams through an affected device. An exploit could allow the attacker to bypass filtering and deliver malicious requests to protected systems that would otherwise be blocked.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190816-ftd-srb	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Threat Defense Software	Version: unspecified < n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T18:35:52.426Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20190816 Cisco Firepower Threat Defense Software Stream Reassembly Bypass Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190816-ftd-srb"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2019-1978",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-19T17:22:30.573813Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-19T18:52:18.299Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "n/a",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2019-08-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the stream reassembly component of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow an unauthenticated, remote attacker to bypass filtering protections. The vulnerability is due to improper reassembly of traffic streams. An attacker could exploit this vulnerability by sending crafted streams through an affected device. An exploit could allow the attacker to bypass filtering and deliver malicious requests to protected systems that would otherwise be blocked."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-264",
              "description": "CWE-264",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-11-05T19:35:41",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20190816 Cisco Firepower Threat Defense Software Stream Reassembly Bypass Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190816-ftd-srb"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20190816-ftd-srb",
        "defect": [
          [
            "CSCvq39955"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Firepower Threat Defense Software Stream Reassembly Bypass Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2019-08-16T16:00:00-0700",
          "ID": "CVE-2019-1978",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Firepower Threat Defense Software Stream Reassembly Bypass Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Firepower Threat Defense Software",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the stream reassembly component of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow an unauthenticated, remote attacker to bypass filtering protections. The vulnerability is due to improper reassembly of traffic streams. An attacker could exploit this vulnerability by sending crafted streams through an affected device. An exploit could allow the attacker to bypass filtering and deliver malicious requests to protected systems that would otherwise be blocked."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "5.8",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-264"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20190816 Cisco Firepower Threat Defense Software Stream Reassembly Bypass Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190816-ftd-srb"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20190816-ftd-srb",
          "defect": [
            [
              "CSCvq39955"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2019-1978",
    "datePublished": "2019-11-05T19:35:41.101564Z",
    "dateReserved": "2018-12-06T00:00:00",
    "dateUpdated": "2024-11-19T18:52:18.299Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-3189 (GCVE-0-2020-3189)

Vulnerability from cvelistv5

Published

2020-05-06 16:41

Modified

2024-11-15 17:25

Severity ?

8.6 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-400

Summary

A vulnerability in the VPN System Logging functionality for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a memory leak that can deplete system memory over time, which can cause unexpected system behaviors or device crashes. The vulnerability is due to the system memory not being properly freed for a VPN System Logging event generated when a VPN session is created or deleted. An attacker could exploit this vulnerability by repeatedly creating or deleting a VPN tunnel connection, which could leak a small amount of system memory for each logging event. A successful exploit could allow the attacker to cause system memory depletion, which can lead to a systemwide denial of service (DoS) condition. The attacker does not have any control of whether VPN System Logging is configured or not on the device, but it is enabled by default.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-Rdpe34sd8	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Threat Defense Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T07:24:00.626Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20200506 Cisco Firepower Threat Defense Software VPN System Logging Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-Rdpe34sd8"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-3189",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-15T16:21:43.085551Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-15T17:25:31.383Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2020-05-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the VPN System Logging functionality for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a memory leak that can deplete system memory over time, which can cause unexpected system behaviors or device crashes. The vulnerability is due to the system memory not being properly freed for a VPN System Logging event generated when a VPN session is created or deleted. An attacker could exploit this vulnerability by repeatedly creating or deleting a VPN tunnel connection, which could leak a small amount of system memory for each logging event. A successful exploit could allow the attacker to cause system memory depletion, which can lead to a systemwide denial of service (DoS) condition. The attacker does not have any control of whether VPN System Logging is configured or not on the device, but it is enabled by default."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-05-06T16:41:11",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20200506 Cisco Firepower Threat Defense Software VPN System Logging Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-Rdpe34sd8"
        }
      ],
      "source": {
        "advisory": "cisco-sa-ftd-dos-Rdpe34sd8",
        "defect": [
          [
            "CSCvo62077"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Firepower Threat Defense Software VPN System Logging Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2020-05-06T16:00:00-0700",
          "ID": "CVE-2020-3189",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Firepower Threat Defense Software VPN System Logging Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Firepower Threat Defense Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the VPN System Logging functionality for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a memory leak that can deplete system memory over time, which can cause unexpected system behaviors or device crashes. The vulnerability is due to the system memory not being properly freed for a VPN System Logging event generated when a VPN session is created or deleted. An attacker could exploit this vulnerability by repeatedly creating or deleting a VPN tunnel connection, which could leak a small amount of system memory for each logging event. A successful exploit could allow the attacker to cause system memory depletion, which can lead to a systemwide denial of service (DoS) condition. The attacker does not have any control of whether VPN System Logging is configured or not on the device, but it is enabled by default."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.6",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-400"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20200506 Cisco Firepower Threat Defense Software VPN System Logging Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-Rdpe34sd8"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-ftd-dos-Rdpe34sd8",
          "defect": [
            [
              "CSCvo62077"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2020-3189",
    "datePublished": "2020-05-06T16:41:11.278687Z",
    "dateReserved": "2019-12-12T00:00:00",
    "dateUpdated": "2024-11-15T17:25:31.383Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-3572 (GCVE-0-2020-3572)

Vulnerability from cvelistv5

Published

2020-10-21 18:40

Modified

2024-11-13 17:47

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-400

Summary

A vulnerability in the SSL/TLS session handler of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a memory leak when closing SSL/TLS connections in a specific state. An attacker could exploit this vulnerability by establishing several SSL/TLS sessions and ensuring they are closed under certain conditions. A successful exploit could allow the attacker to exhaust memory resources in the affected device, which would prevent it from processing new SSL/TLS connections, resulting in a DoS. Manual intervention is required to recover an affected device.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-tcp-dos-N3DMnU4T	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Adaptive Security Appliance (ASA) Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T07:37:55.499Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL/TLS Session Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-tcp-dos-N3DMnU4T"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-3572",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-13T17:12:17.463380Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-13T17:47:00.373Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2020-10-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the SSL/TLS session handler of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a memory leak when closing SSL/TLS connections in a specific state. An attacker could exploit this vulnerability by establishing several SSL/TLS sessions and ensuring they are closed under certain conditions. A successful exploit could allow the attacker to exhaust memory resources in the affected device, which would prevent it from processing new SSL/TLS connections, resulting in a DoS. Manual intervention is required to recover an affected device."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-21T18:40:42",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL/TLS Session Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-tcp-dos-N3DMnU4T"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asa-ftd-tcp-dos-N3DMnU4T",
        "defect": [
          [
            "CSCvu46685"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL/TLS Session Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2020-10-21T16:00:00",
          "ID": "CVE-2020-3572",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL/TLS Session Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the SSL/TLS session handler of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a memory leak when closing SSL/TLS connections in a specific state. An attacker could exploit this vulnerability by establishing several SSL/TLS sessions and ensuring they are closed under certain conditions. A successful exploit could allow the attacker to exhaust memory resources in the affected device, which would prevent it from processing new SSL/TLS connections, resulting in a DoS. Manual intervention is required to recover an affected device."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.6",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-400"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL/TLS Session Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-tcp-dos-N3DMnU4T"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-asa-ftd-tcp-dos-N3DMnU4T",
          "defect": [
            [
              "CSCvu46685"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2020-3572",
    "datePublished": "2020-10-21T18:40:42.858255Z",
    "dateReserved": "2019-12-12T00:00:00",
    "dateUpdated": "2024-11-13T17:47:00.373Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-12674 (GCVE-0-2019-12674)

Vulnerability from cvelistv5

Published

2019-10-02 19:06

Modified

2024-11-20 17:08

Severity ?

8.2 (High) - CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

CWE

CWE-216

Summary

Multiple vulnerabilities in the multi-instance feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to escape the container for their FTD instance and execute commands with root privileges in the host namespace. These vulnerabilities are due to insufficient protections on the underlying filesystem. An attacker could exploit these vulnerabilities by modifying critical files on the underlying filesystem. A successful exploit could allow the attacker to execute commands with root privileges within the host namespace. This could allow the attacker to impact other running FTD instances.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-ftd-container-esc	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Threat Defense Software	Version: unspecified < n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T23:24:39.185Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20191002 Cisco Firepower Threat Defense Software Multi-instance Container Escape Vulnerabilities",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-ftd-container-esc"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2019-12674",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-20T16:51:38.594400Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-20T17:08:58.524Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "n/a",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2019-10-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple vulnerabilities in the multi-instance feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to escape the container for their FTD instance and execute commands with root privileges in the host namespace. These vulnerabilities are due to insufficient protections on the underlying filesystem. An attacker could exploit these vulnerabilities by modifying critical files on the underlying filesystem. A successful exploit could allow the attacker to execute commands with root privileges within the host namespace. This could allow the attacker to impact other running FTD instances."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-216",
              "description": "CWE-216",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-10-02T19:06:38",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20191002 Cisco Firepower Threat Defense Software Multi-instance Container Escape Vulnerabilities",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-ftd-container-esc"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20191002-ftd-container-esc",
        "defect": [
          [
            "CSCvm14296",
            "CSCvo83194"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Firepower Threat Defense Software Multi-instance Container Escape Vulnerabilities",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2019-10-02T16:00:00-0700",
          "ID": "CVE-2019-12674",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Firepower Threat Defense Software Multi-instance Container Escape Vulnerabilities"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Firepower Threat Defense Software",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple vulnerabilities in the multi-instance feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to escape the container for their FTD instance and execute commands with root privileges in the host namespace. These vulnerabilities are due to insufficient protections on the underlying filesystem. An attacker could exploit these vulnerabilities by modifying critical files on the underlying filesystem. A successful exploit could allow the attacker to execute commands with root privileges within the host namespace. This could allow the attacker to impact other running FTD instances."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.2",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-216"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20191002 Cisco Firepower Threat Defense Software Multi-instance Container Escape Vulnerabilities",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-ftd-container-esc"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20191002-ftd-container-esc",
          "defect": [
            [
              "CSCvm14296",
              "CSCvo83194"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2019-12674",
    "datePublished": "2019-10-02T19:06:38.169044Z",
    "dateReserved": "2019-06-04T00:00:00",
    "dateUpdated": "2024-11-20T17:08:58.524Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-3255 (GCVE-0-2020-3255)

Vulnerability from cvelistv5

Published

2020-05-06 16:41

Modified

2024-11-15 17:24

Severity ?

7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-400

Summary

A vulnerability in the packet processing functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to inefficient memory management. An attacker could exploit this vulnerability by sending a high rate of IPv4 or IPv6 traffic through an affected device. This traffic would need to match a configured block action in an access control policy. An exploit could allow the attacker to cause a memory exhaustion condition on the affected device, which would result in a DoS for traffic transiting the device, as well as sluggish performance of the management interface. Once the flood is stopped, performance should return to previous states.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-N2vQZASR	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Threat Defense Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T07:30:58.159Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20200506 Cisco Firepower Threat Defense Software Packet Flood Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-N2vQZASR"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-3255",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-15T16:21:29.568873Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-15T17:24:20.616Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2020-05-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the packet processing functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to inefficient memory management. An attacker could exploit this vulnerability by sending a high rate of IPv4 or IPv6 traffic through an affected device. This traffic would need to match a configured block action in an access control policy. An exploit could allow the attacker to cause a memory exhaustion condition on the affected device, which would result in a DoS for traffic transiting the device, as well as sluggish performance of the management interface. Once the flood is stopped, performance should return to previous states."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-05-06T16:41:44",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20200506 Cisco Firepower Threat Defense Software Packet Flood Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-N2vQZASR"
        }
      ],
      "source": {
        "advisory": "cisco-sa-ftd-dos-N2vQZASR",
        "defect": [
          [
            "CSCvo80853"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Firepower Threat Defense Software Packet Flood Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2020-05-06T16:00:00-0700",
          "ID": "CVE-2020-3255",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Firepower Threat Defense Software Packet Flood Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Firepower Threat Defense Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the packet processing functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to inefficient memory management. An attacker could exploit this vulnerability by sending a high rate of IPv4 or IPv6 traffic through an affected device. This traffic would need to match a configured block action in an access control policy. An exploit could allow the attacker to cause a memory exhaustion condition on the affected device, which would result in a DoS for traffic transiting the device, as well as sluggish performance of the management interface. Once the flood is stopped, performance should return to previous states."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "7.5",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-400"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20200506 Cisco Firepower Threat Defense Software Packet Flood Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-N2vQZASR"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-ftd-dos-N2vQZASR",
          "defect": [
            [
              "CSCvo80853"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2020-3255",
    "datePublished": "2020-05-06T16:41:44.426590Z",
    "dateReserved": "2019-12-12T00:00:00",
    "dateUpdated": "2024-11-15T17:24:20.616Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-1495 (GCVE-0-2021-1495)

Vulnerability from cvelistv5

Published

2021-04-29 17:31

Modified

2024-11-08 23:22

Severity ?

5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

CWE

NA

Summary

Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect handling of specific HTTP header parameters. An attacker could exploit this vulnerability by sending crafted HTTP packets through an affected device. A successful exploit could allow the attacker to bypass a configured file policy for HTTP packets and deliver a malicious payload.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http-fp-bp-KfDdcQhc	vendor-advisory
	https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html	mailing-list
	https://www.debian.org/security/2023/dsa-5354	vendor-advisory

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Threat Defense Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T16:11:17.563Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20210428 Multiple Cisco Products Snort HTTP Detection Engine File Policy Bypass Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http-fp-bp-KfDdcQhc"
          },
          {
            "name": "[debian-lts-announce] 20230210 [SECURITY] [DLA 3317-1] snort security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html"
          },
          {
            "name": "DSA-5354",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2023/dsa-5354"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-1495",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-08T20:02:18.238315Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-08T23:22:35.276Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2021-04-28T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect handling of specific HTTP header parameters. An attacker could exploit this vulnerability by sending crafted HTTP packets through an affected device. A successful exploit could allow the attacker to bypass a configured file policy for HTTP packets and deliver a malicious payload."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "NA",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-02-19T00:00:00",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20210428 Multiple Cisco Products Snort HTTP Detection Engine File Policy Bypass Vulnerability",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http-fp-bp-KfDdcQhc"
        },
        {
          "name": "[debian-lts-announce] 20230210 [SECURITY] [DLA 3317-1] snort security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html"
        },
        {
          "name": "DSA-5354",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.debian.org/security/2023/dsa-5354"
        }
      ],
      "source": {
        "advisory": "cisco-sa-http-fp-bp-KfDdcQhc",
        "defect": [
          [
            "CSCvw19272",
            "CSCvw59055"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Multiple Cisco Products Snort HTTP Detection Engine File Policy Bypass Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2021-1495",
    "datePublished": "2021-04-29T17:31:20.004075Z",
    "dateReserved": "2020-11-13T00:00:00",
    "dateUpdated": "2024-11-08T23:22:35.276Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-1501 (GCVE-0-2021-1501)

Vulnerability from cvelistv5

Published

2021-04-29 17:31

Modified

2024-11-08 23:22

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-613

Summary

A vulnerability in the SIP inspection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a crash and reload of an affected device, resulting in a denial of service (DoS) condition.The vulnerability is due to a crash that occurs during a hash lookup for a SIP pinhole connection. An attacker could exploit this vulnerability by sending crafted SIP traffic through an affected device. A successful exploit could allow the attacker to cause a crash and reload of the affected device.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-sipdos-GGwmMerC	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Adaptive Security Appliance (ASA) Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T16:11:17.689Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20210428 Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Software SIP Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-sipdos-GGwmMerC"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-1501",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-08T20:02:11.453144Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-08T23:22:25.071Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2021-04-28T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the SIP inspection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a crash and reload of an affected device, resulting in a denial of service (DoS) condition.The vulnerability is due to a crash that occurs during a hash lookup for a SIP pinhole connection. An attacker could exploit this vulnerability by sending crafted SIP traffic through an affected device. A successful exploit could allow the attacker to cause a crash and reload of the affected device."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-613",
              "description": "CWE-613",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-04-29T17:31:24",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20210428 Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Software SIP Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-sipdos-GGwmMerC"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asa-ftd-sipdos-GGwmMerC",
        "defect": [
          [
            "CSCvw26544"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Software SIP Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2021-04-28T16:00:00",
          "ID": "CVE-2021-1501",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Software SIP Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the SIP inspection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a crash and reload of an affected device, resulting in a denial of service (DoS) condition.The vulnerability is due to a crash that occurs during a hash lookup for a SIP pinhole connection. An attacker could exploit this vulnerability by sending crafted SIP traffic through an affected device. A successful exploit could allow the attacker to cause a crash and reload of the affected device."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.6",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-613"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20210428 Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Software SIP Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-sipdos-GGwmMerC"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-asa-ftd-sipdos-GGwmMerC",
          "defect": [
            [
              "CSCvw26544"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2021-1501",
    "datePublished": "2021-04-29T17:31:24.187869Z",
    "dateReserved": "2020-11-13T00:00:00",
    "dateUpdated": "2024-11-08T23:22:25.071Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-3373 (GCVE-0-2020-3373)

Vulnerability from cvelistv5

Published

2020-10-21 18:36

Modified

2024-11-13 17:48

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-400

Summary

A vulnerability in the IP fragment-handling implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a memory leak on an affected device. This memory leak could prevent traffic from being processed through the device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper error handling when specific failures occur during IP fragment reassembly. An attacker could exploit this vulnerability by sending crafted, fragmented IP traffic to a targeted device. A successful exploit could allow the attacker to continuously consume memory on the affected device and eventually impact traffic, resulting in a DoS condition. The device could require a manual reboot to recover from the DoS condition. Note: This vulnerability applies to both IP Version 4 (IPv4) and IP Version 6 (IPv6) traffic.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-frag-memleak-mCtqdP9n	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Adaptive Security Appliance (ASA) Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T07:30:58.114Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IP Fragment Memory Leak Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-frag-memleak-mCtqdP9n"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-3373",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-13T17:12:22.347628Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-13T17:48:20.262Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2020-10-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the IP fragment-handling implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a memory leak on an affected device. This memory leak could prevent traffic from being processed through the device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper error handling when specific failures occur during IP fragment reassembly. An attacker could exploit this vulnerability by sending crafted, fragmented IP traffic to a targeted device. A successful exploit could allow the attacker to continuously consume memory on the affected device and eventually impact traffic, resulting in a DoS condition. The device could require a manual reboot to recover from the DoS condition. Note: This vulnerability applies to both IP Version 4 (IPv4) and IP Version 6 (IPv6) traffic."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-21T18:36:33",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IP Fragment Memory Leak Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-frag-memleak-mCtqdP9n"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asaftd-frag-memleak-mCtqdP9n",
        "defect": [
          [
            "CSCvu47925"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IP Fragment Memory Leak Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2020-10-21T16:00:00",
          "ID": "CVE-2020-3373",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IP Fragment Memory Leak Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the IP fragment-handling implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a memory leak on an affected device. This memory leak could prevent traffic from being processed through the device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper error handling when specific failures occur during IP fragment reassembly. An attacker could exploit this vulnerability by sending crafted, fragmented IP traffic to a targeted device. A successful exploit could allow the attacker to continuously consume memory on the affected device and eventually impact traffic, resulting in a DoS condition. The device could require a manual reboot to recover from the DoS condition. Note: This vulnerability applies to both IP Version 4 (IPv4) and IP Version 6 (IPv6) traffic."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.6",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-400"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IP Fragment Memory Leak Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-frag-memleak-mCtqdP9n"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-asaftd-frag-memleak-mCtqdP9n",
          "defect": [
            [
              "CSCvu47925"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2020-3373",
    "datePublished": "2020-10-21T18:36:33.741556Z",
    "dateReserved": "2019-12-12T00:00:00",
    "dateUpdated": "2024-11-13T17:48:20.262Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2018-0296 (GCVE-0-2018-0296)

Vulnerability from cvelistv5

Published

2018-06-07 12:00

Modified

2025-07-30 01:46

Severity ?

CWE

CWE-20

Summary

A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. It is also possible on certain software releases that the ASA will not reload, but an attacker could view sensitive system information without authentication by using directory traversal techniques. The vulnerability is due to lack of proper input validation of the HTTP URL. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. An exploit could allow the attacker to cause a DoS condition or unauthenticated disclosure of information. This vulnerability applies to IPv4 and IPv6 HTTP traffic. This vulnerability affects Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software that is running on the following Cisco products: 3000 Series Industrial Security Appliance (ISA), ASA 1000V Cloud Firewall, ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4100 Series Security Appliance, Firepower 9300 ASA Security Module, FTD Virtual (FTDv). Cisco Bug IDs: CSCvi16029.

References

▼	URL	Tags
	http://www.securityfocus.com/bid/104612	vdb-entry, x_refsource_BID
	https://www.exploit-db.com/exploits/44956/	exploit, x_refsource_EXPLOIT-DB
	http://www.securitytracker.com/id/1041076	vdb-entry, x_refsource_SECTRACK
	https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01	x_refsource_MISC
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-asaftd	x_refsource_CONFIRM
	http://packetstormsecurity.com/files/154017/Cisco-Adaptive-Security-Appliance-Path-Traversal.html	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	Cisco Adaptive Security Appliance unknown	Version: Cisco Adaptive Security Appliance unknown

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T03:21:14.828Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "104612",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/104612"
          },
          {
            "name": "44956",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/44956/"
          },
          {
            "name": "1041076",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1041076"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-asaftd"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/154017/Cisco-Adaptive-Security-Appliance-Path-Traversal.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2018-0296",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-08T17:21:09.447686Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2021-11-03",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-0296"
              },
              "type": "kev"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-30T01:46:14.666Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2021-11-03T00:00:00+00:00",
            "value": "CVE-2018-0296 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance unknown",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Cisco Adaptive Security Appliance unknown"
            }
          ]
        }
      ],
      "datePublic": "2018-06-07T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. It is also possible on certain software releases that the ASA will not reload, but an attacker could view sensitive system information without authentication by using directory traversal techniques. The vulnerability is due to lack of proper input validation of the HTTP URL. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. An exploit could allow the attacker to cause a DoS condition or unauthenticated disclosure of information. This vulnerability applies to IPv4 and IPv6 HTTP traffic. This vulnerability affects Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software that is running on the following Cisco products: 3000 Series Industrial Security Appliance (ISA), ASA 1000V Cloud Firewall, ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4100 Series Security Appliance, Firepower 9300 ASA Security Module, FTD Virtual (FTDv). Cisco Bug IDs: CSCvi16029."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-08-12T18:06:11.000Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "104612",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/104612"
        },
        {
          "name": "44956",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/44956/"
        },
        {
          "name": "1041076",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1041076"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-asaftd"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/154017/Cisco-Adaptive-Security-Appliance-Path-Traversal.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2018-0296",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance unknown",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Cisco Adaptive Security Appliance unknown"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. It is also possible on certain software releases that the ASA will not reload, but an attacker could view sensitive system information without authentication by using directory traversal techniques. The vulnerability is due to lack of proper input validation of the HTTP URL. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. An exploit could allow the attacker to cause a DoS condition or unauthenticated disclosure of information. This vulnerability applies to IPv4 and IPv6 HTTP traffic. This vulnerability affects Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software that is running on the following Cisco products: 3000 Series Industrial Security Appliance (ISA), ASA 1000V Cloud Firewall, ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4100 Series Security Appliance, Firepower 9300 ASA Security Module, FTD Virtual (FTDv). Cisco Bug IDs: CSCvi16029."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "104612",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/104612"
            },
            {
              "name": "44956",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/44956/"
            },
            {
              "name": "1041076",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1041076"
            },
            {
              "name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01",
              "refsource": "MISC",
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01"
            },
            {
              "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-asaftd",
              "refsource": "CONFIRM",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-asaftd"
            },
            {
              "name": "http://packetstormsecurity.com/files/154017/Cisco-Adaptive-Security-Appliance-Path-Traversal.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/154017/Cisco-Adaptive-Security-Appliance-Path-Traversal.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2018-0296",
    "datePublished": "2018-06-07T12:00:00.000Z",
    "dateReserved": "2017-11-27T00:00:00.000Z",
    "dateUpdated": "2025-07-30T01:46:14.666Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-1448 (GCVE-0-2021-1448)

Vulnerability from cvelistv5

Published

2021-04-29 17:30

Modified

2024-11-08 23:24

Severity ?

7.8 (High) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-20

Summary

A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges on the underlying operating system of an affected device that is running in multi-instance mode. This vulnerability is due to insufficient validation of user-supplied command arguments. An attacker could exploit this vulnerability by submitting crafted input to the affected command. A successful exploit could allow the attacker to execute commands on the underlying operating system with root privileges.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-cmdinj-vWY5wqZT	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Threat Defense Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T16:11:17.353Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20210428 Cisco Firepower Threat Defense Software Command Injection Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-cmdinj-vWY5wqZT"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-1448",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-08T20:18:37.949107Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-08T23:24:30.811Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2021-04-28T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges on the underlying operating system of an affected device that is running in multi-instance mode. This vulnerability is due to insufficient validation of user-supplied command arguments. An attacker could exploit this vulnerability by submitting crafted input to the affected command. A successful exploit could allow the attacker to execute commands on the underlying operating system with root privileges."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-04-29T17:30:33",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20210428 Cisco Firepower Threat Defense Software Command Injection Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-cmdinj-vWY5wqZT"
        }
      ],
      "source": {
        "advisory": "cisco-sa-ftd-cmdinj-vWY5wqZT",
        "defect": [
          [
            "CSCvt74832",
            "CSCvv78677"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Firepower Threat Defense Software Command Injection Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2021-04-28T16:00:00",
          "ID": "CVE-2021-1448",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Firepower Threat Defense Software Command Injection Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Firepower Threat Defense Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges on the underlying operating system of an affected device that is running in multi-instance mode. This vulnerability is due to insufficient validation of user-supplied command arguments. An attacker could exploit this vulnerability by submitting crafted input to the affected command. A successful exploit could allow the attacker to execute commands on the underlying operating system with root privileges."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "7.8",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20210428 Cisco Firepower Threat Defense Software Command Injection Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-cmdinj-vWY5wqZT"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-ftd-cmdinj-vWY5wqZT",
          "defect": [
            [
              "CSCvt74832",
              "CSCvv78677"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2021-1448",
    "datePublished": "2021-04-29T17:30:33.849115Z",
    "dateReserved": "2020-11-13T00:00:00",
    "dateUpdated": "2024-11-08T23:24:30.811Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2017-3822 (GCVE-0-2017-3822)

Vulnerability from cvelistv5

Published

2017-02-03 07:24

Modified

2024-08-05 14:39

Severity ?

CWE

add arbitrary entries to the audit log

Summary

A vulnerability in the logging subsystem of the Cisco Firepower Threat Defense (FTD) Firepower Device Manager (FDM) could allow an unauthenticated, remote attacker to add arbitrary entries to the audit log. This vulnerability affects Cisco Firepower Threat Defense Software versions 6.1.x on the following vulnerable products that have enabled FDM: ASA5506-X ASA5506W-X ASA5506H-X ASA5508-X ASA5516-X ASA5512-X ASA5515-X ASA5525-X ASA5545-X ASA5555-X. More Information: CSCvb86860. Known Affected Releases: FRANGELICO. Known Fixed Releases: 6.2.0.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-fpw2	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1037775	vdb-entry, x_refsource_SECTRACK
	http://www.securityfocus.com/bid/95944	vdb-entry, x_refsource_BID

Impacted products

	Vendor	Product	Version
	n/a	Cisco Firepower Threat Defense Software versions 6.1.x	Version: Cisco Firepower Threat Defense Software versions 6.1.x

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T14:39:40.563Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-fpw2"
          },
          {
            "name": "1037775",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1037775"
          },
          {
            "name": "95944",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/95944"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software versions 6.1.x",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Cisco Firepower Threat Defense Software versions 6.1.x"
            }
          ]
        }
      ],
      "datePublic": "2017-02-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the logging subsystem of the Cisco Firepower Threat Defense (FTD) Firepower Device Manager (FDM) could allow an unauthenticated, remote attacker to add arbitrary entries to the audit log. This vulnerability affects Cisco Firepower Threat Defense Software versions 6.1.x on the following vulnerable products that have enabled FDM: ASA5506-X ASA5506W-X ASA5506H-X ASA5508-X ASA5516-X ASA5512-X ASA5515-X ASA5525-X ASA5545-X ASA5555-X. More Information: CSCvb86860. Known Affected Releases: FRANGELICO. Known Fixed Releases: 6.2.0."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "add arbitrary entries to the audit log",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-24T12:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-fpw2"
        },
        {
          "name": "1037775",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1037775"
        },
        {
          "name": "95944",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/95944"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2017-3822",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Firepower Threat Defense Software versions 6.1.x",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Cisco Firepower Threat Defense Software versions 6.1.x"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the logging subsystem of the Cisco Firepower Threat Defense (FTD) Firepower Device Manager (FDM) could allow an unauthenticated, remote attacker to add arbitrary entries to the audit log. This vulnerability affects Cisco Firepower Threat Defense Software versions 6.1.x on the following vulnerable products that have enabled FDM: ASA5506-X ASA5506W-X ASA5506H-X ASA5508-X ASA5516-X ASA5512-X ASA5515-X ASA5525-X ASA5545-X ASA5555-X. More Information: CSCvb86860. Known Affected Releases: FRANGELICO. Known Fixed Releases: 6.2.0."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "add arbitrary entries to the audit log"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-fpw2",
              "refsource": "CONFIRM",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-fpw2"
            },
            {
              "name": "1037775",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1037775"
            },
            {
              "name": "95944",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/95944"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2017-3822",
    "datePublished": "2017-02-03T07:24:00",
    "dateReserved": "2016-12-21T00:00:00",
    "dateUpdated": "2024-08-05T14:39:40.563Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-3315 (GCVE-0-2020-3315)

Vulnerability from cvelistv5

Published

2020-05-06 16:40

Modified

2024-11-15 17:26

Severity ?

5.8 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

CWE

CWE-693

Summary

Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass the configured file policies on an affected system. The vulnerability is due to errors in how the Snort detection engine handles specific HTTP responses. An attacker could exploit this vulnerability by sending crafted HTTP packets that would flow through an affected system. A successful exploit could allow the attacker to bypass the configured file policies and deliver a malicious payload to the protected network.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort_filepolbypass-m4X5DgOP	vendor-advisory
	https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html	mailing-list
	https://www.debian.org/security/2023/dsa-5354	vendor-advisory

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Threat Defense Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T07:30:57.819Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20200506 Multiple Cisco Products Snort HTTP Detection Engine File Policy Bypass Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort_filepolbypass-m4X5DgOP"
          },
          {
            "name": "[debian-lts-announce] 20230210 [SECURITY] [DLA 3317-1] snort security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html"
          },
          {
            "name": "DSA-5354",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2023/dsa-5354"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-3315",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-15T16:21:45.962425Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-15T17:26:32.026Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2020-05-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass the configured file policies on an affected system. The vulnerability is due to errors in how the Snort detection engine handles specific HTTP responses. An attacker could exploit this vulnerability by sending crafted HTTP packets that would flow through an affected system. A successful exploit could allow the attacker to bypass the configured file policies and deliver a malicious payload to the protected network."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-693",
              "description": "CWE-693",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-02-19T00:00:00",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20200506 Multiple Cisco Products Snort HTTP Detection Engine File Policy Bypass Vulnerability",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort_filepolbypass-m4X5DgOP"
        },
        {
          "name": "[debian-lts-announce] 20230210 [SECURITY] [DLA 3317-1] snort security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html"
        },
        {
          "name": "DSA-5354",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.debian.org/security/2023/dsa-5354"
        }
      ],
      "source": {
        "advisory": "cisco-sa-snort_filepolbypass-m4X5DgOP",
        "defect": [
          [
            "CSCvr01675",
            "CSCvr82603",
            "CSCvt10151",
            "CSCvt28138"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Multiple Cisco Products Snort HTTP Detection Engine File Policy Bypass Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2020-3315",
    "datePublished": "2020-05-06T16:40:42.180942Z",
    "dateReserved": "2019-12-12T00:00:00",
    "dateUpdated": "2024-11-15T17:26:32.026Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-20267 (GCVE-0-2023-20267)

Vulnerability from cvelistv5

Published

2023-11-01 17:16

Modified

2024-11-21 21:45

Severity ?

4.0 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N

CWE

CWE-284 - Improper Access Control

Summary

A vulnerability in the IP geolocation rules of Snort 3 could allow an unauthenticated, remote attacker to potentially bypass IP address restrictions. This vulnerability exists because the configuration for IP geolocation rules is not parsed properly. An attacker could exploit this vulnerability by spoofing an IP address until they bypass the restriction. A successful exploit could allow the attacker to bypass location-based IP address restrictions.

References

▼	URL	Tags
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftdsnort3sip-bypass-LMz2ThKn

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Threat Defense Software	Version: 6.7.0 Version: 6.7.0.1 Version: 6.7.0.2 Version: 6.7.0.3 Version: 7.0.0 Version: 7.0.0.1 Version: 7.0.1 Version: 7.0.1.1 Version: 7.0.2 Version: 7.0.2.1 Version: 7.0.3 Version: 7.0.4 Version: 7.0.5 Version: 7.1.0 Version: 7.1.0.1 Version: 7.1.0.2 Version: 7.1.0.3 Version: 7.2.0 Version: 7.2.0.1 Version: 7.2.1 Version: 7.2.2 Version: 7.2.3 Version: 7.3.0 Version: 7.3.1 Version: 7.3.1.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T09:05:36.872Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "cisco-sa-ftdsnort3sip-bypass-LMz2ThKn",
            "tags": [
              "x_transferred"
            ],
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftdsnort3sip-bypass-LMz2ThKn"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-20267",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-21T21:45:02.750662Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-21T21:45:42.544Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "6.7.0"
            },
            {
              "status": "affected",
              "version": "6.7.0.1"
            },
            {
              "status": "affected",
              "version": "6.7.0.2"
            },
            {
              "status": "affected",
              "version": "6.7.0.3"
            },
            {
              "status": "affected",
              "version": "7.0.0"
            },
            {
              "status": "affected",
              "version": "7.0.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1.1"
            },
            {
              "status": "affected",
              "version": "7.0.2"
            },
            {
              "status": "affected",
              "version": "7.0.2.1"
            },
            {
              "status": "affected",
              "version": "7.0.3"
            },
            {
              "status": "affected",
              "version": "7.0.4"
            },
            {
              "status": "affected",
              "version": "7.0.5"
            },
            {
              "status": "affected",
              "version": "7.1.0"
            },
            {
              "status": "affected",
              "version": "7.1.0.1"
            },
            {
              "status": "affected",
              "version": "7.1.0.2"
            },
            {
              "status": "affected",
              "version": "7.1.0.3"
            },
            {
              "status": "affected",
              "version": "7.2.0"
            },
            {
              "status": "affected",
              "version": "7.2.0.1"
            },
            {
              "status": "affected",
              "version": "7.2.1"
            },
            {
              "status": "affected",
              "version": "7.2.2"
            },
            {
              "status": "affected",
              "version": "7.2.3"
            },
            {
              "status": "affected",
              "version": "7.3.0"
            },
            {
              "status": "affected",
              "version": "7.3.1"
            },
            {
              "status": "affected",
              "version": "7.3.1.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the IP geolocation rules of Snort 3 could allow an unauthenticated, remote attacker to potentially bypass IP address restrictions. This vulnerability exists because the configuration for IP geolocation rules is not parsed properly. An attacker could exploit this vulnerability by spoofing an IP address until they bypass the restriction. A successful exploit could allow the attacker to bypass location-based IP address restrictions."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-284",
              "description": "Improper Access Control",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-25T16:58:36.206Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-ftdsnort3sip-bypass-LMz2ThKn",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftdsnort3sip-bypass-LMz2ThKn"
        }
      ],
      "source": {
        "advisory": "cisco-sa-ftdsnort3sip-bypass-LMz2ThKn",
        "defects": [
          "CSCwe69833"
        ],
        "discovery": "EXTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2023-20267",
    "datePublished": "2023-11-01T17:16:02.332Z",
    "dateReserved": "2022-10-27T18:47:50.373Z",
    "dateUpdated": "2024-11-21T21:45:42.544Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2018-0254 (GCVE-0-2018-0254)

Vulnerability from cvelistv5

Published

2018-04-19 20:00

Modified

2024-11-29 15:16

Severity ?

CWE

CWE-693

Summary

A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass configured file action policies if an Intelligent Application Bypass (IAB) with a drop percentage threshold is also configured. The vulnerability is due to incorrect counting of the percentage of dropped traffic. An attacker could exploit this vulnerability by sending network traffic to a targeted device. An exploit could allow the attacker to bypass configured file action policies, and traffic that should be dropped could be allowed into the network. Cisco Bug IDs: CSCvf86435.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-fss2	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/103940	vdb-entry, x_refsource_BID

Impacted products

	Vendor	Product	Version
	n/a	Cisco Firepower System Software	Version: Cisco Firepower System Software

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T03:21:14.430Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-fss2"
          },
          {
            "name": "103940",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/103940"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2018-0254",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-29T14:44:20.614528Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-29T15:16:11.647Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower System Software",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Cisco Firepower System Software"
            }
          ]
        }
      ],
      "datePublic": "2018-04-19T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass configured file action policies if an Intelligent Application Bypass (IAB) with a drop percentage threshold is also configured. The vulnerability is due to incorrect counting of the percentage of dropped traffic. An attacker could exploit this vulnerability by sending network traffic to a targeted device. An exploit could allow the attacker to bypass configured file action policies, and traffic that should be dropped could be allowed into the network. Cisco Bug IDs: CSCvf86435."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-693",
              "description": "CWE-693",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-04-24T09:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-fss2"
        },
        {
          "name": "103940",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/103940"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2018-0254",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Firepower System Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Cisco Firepower System Software"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass configured file action policies if an Intelligent Application Bypass (IAB) with a drop percentage threshold is also configured. The vulnerability is due to incorrect counting of the percentage of dropped traffic. An attacker could exploit this vulnerability by sending network traffic to a targeted device. An exploit could allow the attacker to bypass configured file action policies, and traffic that should be dropped could be allowed into the network. Cisco Bug IDs: CSCvf86435."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-693"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-fss2",
              "refsource": "CONFIRM",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-fss2"
            },
            {
              "name": "103940",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/103940"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2018-0254",
    "datePublished": "2018-04-19T20:00:00",
    "dateReserved": "2017-11-27T00:00:00",
    "dateUpdated": "2024-11-29T15:16:11.647Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-12627 (GCVE-0-2019-12627)

Vulnerability from cvelistv5

Published

2019-08-21 18:05

Modified

2024-11-19 19:00

Severity ?

5.8 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N

CWE

CWE-284

Summary

A vulnerability in the application policy configuration of the Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data. The vulnerability is due to insufficient application identification. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to gain unauthorized read access to sensitive data.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-frpwr-td-info	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Threat Defense Software	Version: unspecified < 6.4.0.4

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T23:24:39.109Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20190821 Cisco Firepower Threat Defense Software Information Disclosure Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-frpwr-td-info"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2019-12627",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-19T17:23:26.066761Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-19T19:00:54.288Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "6.4.0.4",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2019-08-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the application policy configuration of the Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data. The vulnerability is due to insufficient application identification. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to gain unauthorized read access to sensitive data."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-284",
              "description": "CWE-284",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-08-21T18:05:21",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20190821 Cisco Firepower Threat Defense Software Information Disclosure Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-frpwr-td-info"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20190821-frpwr-td-info",
        "defect": [
          [
            "CSCvo29989"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Firepower Threat Defense Software Information Disclosure Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2019-08-21T16:00:00-0700",
          "ID": "CVE-2019-12627",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Firepower Threat Defense Software Information Disclosure Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Firepower Threat Defense Software",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "6.4.0.4"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the application policy configuration of the Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data. The vulnerability is due to insufficient application identification. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to gain unauthorized read access to sensitive data."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "5.8",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-284"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20190821 Cisco Firepower Threat Defense Software Information Disclosure Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-frpwr-td-info"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20190821-frpwr-td-info",
          "defect": [
            [
              "CSCvo29989"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2019-12627",
    "datePublished": "2019-08-21T18:05:21.097147Z",
    "dateReserved": "2019-06-04T00:00:00",
    "dateUpdated": "2024-11-19T19:00:54.288Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-3166 (GCVE-0-2020-3166)

Vulnerability from cvelistv5

Published

2020-02-26 16:51

Modified

2024-11-15 17:37

Severity ?

4.2 (Medium) - CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L

CWE

CWE-20

Summary

A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to read or write arbitrary files on the underlying operating system (OS). The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by including crafted arguments to a specific CLI command. A successful exploit could allow the attacker to read or write to arbitrary files on the underlying OS.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-cli-file	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Extensible Operating System (FXOS)	Version: unspecified < n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T07:24:00.654Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20200226 Cisco FXOS Software CLI Arbitrary File Read and Write Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-cli-file"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-3166",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-15T16:29:15.961494Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-15T17:37:05.421Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Extensible Operating System (FXOS)",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "n/a",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2020-02-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to read or write arbitrary files on the underlying operating system (OS). The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by including crafted arguments to a specific CLI command. A successful exploit could allow the attacker to read or write to arbitrary files on the underlying OS."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 4.2,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-02-26T16:51:11",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20200226 Cisco FXOS Software CLI Arbitrary File Read and Write Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-cli-file"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20200226-fxos-cli-file",
        "defect": [
          [
            "CSCvo42637",
            "CSCvr09748"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco FXOS Software CLI Arbitrary File Read and Write Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2020-02-26T16:00:00-0800",
          "ID": "CVE-2020-3166",
          "STATE": "PUBLIC",
          "TITLE": "Cisco FXOS Software CLI Arbitrary File Read and Write Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Firepower Extensible Operating System (FXOS)",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to read or write arbitrary files on the underlying operating system (OS). The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by including crafted arguments to a specific CLI command. A successful exploit could allow the attacker to read or write to arbitrary files on the underlying OS."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "4.2",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20200226 Cisco FXOS Software CLI Arbitrary File Read and Write Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-cli-file"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20200226-fxos-cli-file",
          "defect": [
            [
              "CSCvo42637",
              "CSCvr09748"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2020-3166",
    "datePublished": "2020-02-26T16:51:11.143878Z",
    "dateReserved": "2019-12-12T00:00:00",
    "dateUpdated": "2024-11-15T17:37:05.421Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-20031 (GCVE-0-2023-20031)

Vulnerability from cvelistv5

Published

2023-11-01 17:03

Modified

2024-08-02 08:57

Severity ?

4.0 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N

CWE

CWE-244 - Improper Clearing of Heap Memory Before Release ('Heap Inspection')

Summary

A vulnerability in the SSL/TLS certificate handling of Snort 3 Detection Engine integration with Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the Snort 3 detection engine to restart. This vulnerability is due to a logic error that occurs when an SSL/TLS certificate that is under load is accessed when it is initiating an SSL connection. Under specific, time-based constraints, an attacker could exploit this vulnerability by sending a high rate of SSL/TLS connection requests to be inspected by the Snort 3 detection engine on an affected device. A successful exploit could allow the attacker to cause the Snort 3 detection engine to reload, resulting in either a bypass or a denial of service (DoS) condition, depending on device configuration. The Snort detection engine will restart automatically. No manual intervention is required.

References

▼	URL	Tags
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort3-8U4HHxH8

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Threat Defense Software	Version: 6.7.0 Version: 6.7.0.1 Version: 6.7.0.2 Version: 6.7.0.3 Version: 7.0.0 Version: 7.0.0.1 Version: 7.0.1 Version: 7.0.1.1 Version: 7.0.2 Version: 7.0.2.1 Version: 7.0.3 Version: 7.0.4 Version: 7.0.5 Version: 7.2.0 Version: 7.2.0.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T08:57:35.544Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "cisco-sa-ftd-snort3-8U4HHxH8",
            "tags": [
              "x_transferred"
            ],
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort3-8U4HHxH8"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "6.7.0"
            },
            {
              "status": "affected",
              "version": "6.7.0.1"
            },
            {
              "status": "affected",
              "version": "6.7.0.2"
            },
            {
              "status": "affected",
              "version": "6.7.0.3"
            },
            {
              "status": "affected",
              "version": "7.0.0"
            },
            {
              "status": "affected",
              "version": "7.0.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1.1"
            },
            {
              "status": "affected",
              "version": "7.0.2"
            },
            {
              "status": "affected",
              "version": "7.0.2.1"
            },
            {
              "status": "affected",
              "version": "7.0.3"
            },
            {
              "status": "affected",
              "version": "7.0.4"
            },
            {
              "status": "affected",
              "version": "7.0.5"
            },
            {
              "status": "affected",
              "version": "7.2.0"
            },
            {
              "status": "affected",
              "version": "7.2.0.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the SSL/TLS certificate handling of Snort 3 Detection Engine integration with Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the Snort 3 detection engine to restart. This vulnerability is due to a logic error that occurs when an SSL/TLS certificate that is under load is accessed when it is initiating an SSL connection. Under specific, time-based constraints, an attacker could exploit this vulnerability by sending a high rate of SSL/TLS connection requests to be inspected by the Snort 3 detection engine on an affected device. A successful exploit could allow the attacker to cause the Snort 3 detection engine to reload, resulting in either a bypass or a denial of service (DoS) condition, depending on device configuration. The Snort detection engine will restart automatically. No manual intervention is required."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-244",
              "description": "Improper Clearing of Heap Memory Before Release (\u0027Heap Inspection\u0027)",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-25T16:57:34.231Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-ftd-snort3-8U4HHxH8",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort3-8U4HHxH8"
        }
      ],
      "source": {
        "advisory": "cisco-sa-ftd-snort3-8U4HHxH8",
        "defects": [
          "CSCwc07015"
        ],
        "discovery": "EXTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2023-20031",
    "datePublished": "2023-11-01T17:03:19.911Z",
    "dateReserved": "2022-10-27T18:47:50.312Z",
    "dateUpdated": "2024-08-02T08:57:35.544Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-20353 (GCVE-0-2024-20353)

Vulnerability from cvelistv5

Published

2024-04-24 18:15

Modified

2025-07-30 01:37

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Summary

A vulnerability in the management and VPN web servers for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to incomplete error checking when parsing an HTTP header. An attacker could exploit this vulnerability by sending a crafted HTTP request to a targeted web server on a device. A successful exploit could allow the attacker to cause a DoS condition when the device reloads.

References

▼	URL	Tags
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-websrvs-dos-X8gNucD2

Impacted products

Vendor

Product

Version

▼

Cisco

Cisco Adaptive Security Appliance (ASA) Software

Version: 9.8.1
Version: 9.8.1.5
Version: 9.8.1.7
Version: 9.8.2
Version: 9.8.2.8
Version: 9.8.2.14
Version: 9.8.2.15
Version: 9.8.2.17
Version: 9.8.2.20
Version: 9.8.2.24
Version: 9.8.2.26
Version: 9.8.2.28
Version: 9.8.2.33
Version: 9.8.2.35
Version: 9.8.2.38
Version: 9.8.3.8
Version: 9.8.3.11
Version: 9.8.3.14
Version: 9.8.3.16
Version: 9.8.3.18
Version: 9.8.3.21
Version: 9.8.3
Version: 9.8.3.26
Version: 9.8.3.29
Version: 9.8.4
Version: 9.8.4.3
Version: 9.8.4.7
Version: 9.8.4.8
Version: 9.8.4.10
Version: 9.8.4.12
Version: 9.8.4.15
Version: 9.8.4.17
Version: 9.8.4.25
Version: 9.8.4.20
Version: 9.8.4.22
Version: 9.8.4.26
Version: 9.8.4.29
Version: 9.8.4.32
Version: 9.8.4.33
Version: 9.8.4.34
Version: 9.8.4.35
Version: 9.8.4.39
Version: 9.8.4.40
Version: 9.8.4.41
Version: 9.8.4.43
Version: 9.8.4.44
Version: 9.8.4.45
Version: 9.8.4.46
Version: 9.8.4.48
Version: 9.12.1
Version: 9.12.1.2
Version: 9.12.1.3
Version: 9.12.2
Version: 9.12.2.4
Version: 9.12.2.5
Version: 9.12.2.9
Version: 9.12.3
Version: 9.12.3.2
Version: 9.12.3.7
Version: 9.12.4
Version: 9.12.3.12
Version: 9.12.3.9
Version: 9.12.2.1
Version: 9.12.4.2
Version: 9.12.4.4
Version: 9.12.4.7
Version: 9.12.4.10
Version: 9.12.4.13
Version: 9.12.4.8
Version: 9.12.4.18
Version: 9.12.4.24
Version: 9.12.4.26
Version: 9.12.4.29
Version: 9.12.4.30
Version: 9.12.4.35
Version: 9.12.4.37
Version: 9.12.4.38
Version: 9.12.4.39
Version: 9.12.4.40
Version: 9.12.4.41
Version: 9.12.4.47
Version: 9.12.4.48
Version: 9.12.4.50
Version: 9.12.4.52
Version: 9.12.4.54
Version: 9.12.4.55
Version: 9.12.4.56
Version: 9.12.4.58
Version: 9.12.4.62
Version: 9.12.4.65
Version: 9.14.1
Version: 9.14.1.10
Version: 9.14.1.6
Version: 9.14.1.15
Version: 9.14.1.19
Version: 9.14.1.30
Version: 9.14.2
Version: 9.14.2.4
Version: 9.14.2.8
Version: 9.14.2.13
Version: 9.14.2.15
Version: 9.14.3
Version: 9.14.3.1
Version: 9.14.3.9
Version: 9.14.3.11
Version: 9.14.3.13
Version: 9.14.3.18
Version: 9.14.3.15
Version: 9.14.4
Version: 9.14.4.6
Version: 9.14.4.7
Version: 9.14.4.12
Version: 9.14.4.13
Version: 9.14.4.14
Version: 9.14.4.15
Version: 9.14.4.17
Version: 9.14.4.22
Version: 9.14.4.23
Version: 9.15.1
Version: 9.15.1.7
Version: 9.15.1.10
Version: 9.15.1.15
Version: 9.15.1.16
Version: 9.15.1.17
Version: 9.15.1.1
Version: 9.15.1.21
Version: 9.16.1
Version: 9.16.1.28
Version: 9.16.2
Version: 9.16.2.3
Version: 9.16.2.7
Version: 9.16.2.11
Version: 9.16.2.13
Version: 9.16.2.14
Version: 9.16.3
Version: 9.16.3.3
Version: 9.16.3.14
Version: 9.16.3.15
Version: 9.16.3.19
Version: 9.16.3.23
Version: 9.16.4
Version: 9.16.4.9
Version: 9.16.4.14
Version: 9.16.4.18
Version: 9.16.4.19
Version: 9.16.4.27
Version: 9.16.4.38
Version: 9.16.4.39
Version: 9.16.4.42
Version: 9.16.4.48
Version: 9.16.4.55
Version: 9.17.1
Version: 9.17.1.7
Version: 9.17.1.9
Version: 9.17.1.10
Version: 9.17.1.11
Version: 9.17.1.13
Version: 9.17.1.15
Version: 9.17.1.20
Version: 9.17.1.30
Version: 9.17.1.33
Version: 9.18.1
Version: 9.18.1.3
Version: 9.18.2
Version: 9.18.2.5
Version: 9.18.2.7
Version: 9.18.2.8
Version: 9.18.3
Version: 9.18.3.39
Version: 9.18.3.46
Version: 9.18.3.53
Version: 9.18.3.55
Version: 9.18.3.56
Version: 9.18.4
Version: 9.18.4.5
Version: 9.18.4.8
Version: 9.19.1
Version: 9.19.1.5
Version: 9.19.1.9
Version: 9.19.1.12
Version: 9.19.1.18
Version: 9.19.1.22
Version: 9.19.1.24
Version: 9.19.1.27
Version: 9.20.1
Version: 9.20.1.5
Version: 9.20.2

Cisco

Cisco Firepower Threat Defense Software

Version: 6.2.3
Version: 6.2.3.1
Version: 6.2.3.2
Version: 6.2.3.3
Version: 6.2.3.4
Version: 6.2.3.5
Version: 6.2.3.6
Version: 6.2.3.7
Version: 6.2.3.8
Version: 6.2.3.10
Version: 6.2.3.11
Version: 6.2.3.9
Version: 6.2.3.12
Version: 6.2.3.13
Version: 6.2.3.14
Version: 6.2.3.15
Version: 6.2.3.16
Version: 6.2.3.17
Version: 6.2.3.18
Version: 6.6.0
Version: 6.6.0.1
Version: 6.6.1
Version: 6.6.3
Version: 6.6.4
Version: 6.6.5
Version: 6.6.5.1
Version: 6.6.5.2
Version: 6.6.7
Version: 6.6.7.1
Version: 6.4.0
Version: 6.4.0.1
Version: 6.4.0.3
Version: 6.4.0.2
Version: 6.4.0.4
Version: 6.4.0.5
Version: 6.4.0.6
Version: 6.4.0.7
Version: 6.4.0.8
Version: 6.4.0.9
Version: 6.4.0.10
Version: 6.4.0.11
Version: 6.4.0.12
Version: 6.4.0.13
Version: 6.4.0.14
Version: 6.4.0.15
Version: 6.4.0.16
Version: 6.4.0.17
Version: 6.7.0
Version: 6.7.0.1
Version: 6.7.0.2
Version: 6.7.0.3
Version: 7.0.0
Version: 7.0.0.1
Version: 7.0.1
Version: 7.0.1.1
Version: 7.0.2
Version: 7.0.2.1
Version: 7.0.3
Version: 7.0.4
Version: 7.0.5
Version: 7.0.6
Version: 7.0.6.1
Version: 7.1.0
Version: 7.1.0.1
Version: 7.1.0.2
Version: 7.1.0.3
Version: 7.2.0
Version: 7.2.0.1
Version: 7.2.1
Version: 7.2.2
Version: 7.2.3
Version: 7.2.4
Version: 7.2.4.1
Version: 7.2.5
Version: 7.2.5.1
Version: 7.3.0
Version: 7.3.1
Version: 7.3.1.1
Version: 7.4.0
Version: 7.4.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:cisco:asa:9.8.1:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "asa",
            "vendor": "cisco",
            "versions": [
              {
                "lessThanOrEqual": "9.8.4.48",
                "status": "affected",
                "version": "9.8.1",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:asa:9.12.1:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "asa",
            "vendor": "cisco",
            "versions": [
              {
                "lessThanOrEqual": "9.12.4.65",
                "status": "affected",
                "version": "9.12.1",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:asa:9.14.1:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "asa",
            "vendor": "cisco",
            "versions": [
              {
                "lessThan": "9.14.4.23",
                "status": "affected",
                "version": "9.14.1",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:asa:9.15.1:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "asa",
            "vendor": "cisco",
            "versions": [
              {
                "lessThanOrEqual": "9.15.1.21",
                "status": "affected",
                "version": "9.15.1",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:asa:9.16.1:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "asa",
            "vendor": "cisco",
            "versions": [
              {
                "lessThanOrEqual": "9.16.4.55",
                "status": "affected",
                "version": "9.16.1",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:asa:9.17.1:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "asa",
            "vendor": "cisco",
            "versions": [
              {
                "lessThanOrEqual": "9.17.1.33",
                "status": "affected",
                "version": "9.17.1",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:asa:9.18.1:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "asa",
            "vendor": "cisco",
            "versions": [
              {
                "lessThanOrEqual": "9.18.4.8",
                "status": "affected",
                "version": "9.18.1",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:asa:9.19.1:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "asa",
            "vendor": "cisco",
            "versions": [
              {
                "lessThanOrEqual": "9.19.1.27",
                "status": "affected",
                "version": "9.19.1",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:asa:9.20.1:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "asa",
            "vendor": "cisco",
            "versions": [
              {
                "lessThanOrEqual": "9.20.2",
                "status": "affected",
                "version": "9.20.1",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:firepower_threat_defense_software:6.2.3:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "firepower_threat_defense_software",
            "vendor": "cisco",
            "versions": [
              {
                "lessThanOrEqual": "6.2.3.18",
                "status": "affected",
                "version": "6.2.3",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:firepower_threat_defense_software:6.6.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "firepower_threat_defense_software",
            "vendor": "cisco",
            "versions": [
              {
                "lessThanOrEqual": "6.6.7.1",
                "status": "affected",
                "version": "6.6.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:firepower_threat_defense_software:6.4.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "firepower_threat_defense_software",
            "vendor": "cisco",
            "versions": [
              {
                "lessThanOrEqual": "6.4.0.17",
                "status": "affected",
                "version": "6.4.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:firepower_threat_defense_software:6.7.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "firepower_threat_defense_software",
            "vendor": "cisco",
            "versions": [
              {
                "lessThanOrEqual": "6.7.0.3",
                "status": "affected",
                "version": "6.7.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:firepower_threat_defense_software:7.0.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "firepower_threat_defense_software",
            "vendor": "cisco",
            "versions": [
              {
                "lessThanOrEqual": "7.0.6",
                "status": "affected",
                "version": "7.0.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:firepower_threat_defense_software:7.1.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "firepower_threat_defense_software",
            "vendor": "cisco",
            "versions": [
              {
                "lessThanOrEqual": "7.1.0.3",
                "status": "affected",
                "version": "7.1.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:firepower_threat_defense_software:7.2.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "firepower_threat_defense_software",
            "vendor": "cisco",
            "versions": [
              {
                "lessThanOrEqual": "7.2.4.1",
                "status": "affected",
                "version": "7.2.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:firepower_threat_defense_software:7.3.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "firepower_threat_defense_software",
            "vendor": "cisco",
            "versions": [
              {
                "lessThanOrEqual": "7.3.1.1",
                "status": "affected",
                "version": "7.3.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:firepower_threat_defense_software:7.4.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "firepower_threat_defense_software",
            "vendor": "cisco",
            "versions": [
              {
                "lessThanOrEqual": "7.4.1",
                "status": "affected",
                "version": "7.4.0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-20353",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-04-29T20:02:41.285934Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2024-04-24",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-20353"
              },
              "type": "kev"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-30T01:37:04.331Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://blog.talosintelligence.com/arcanedoor-new-espionage-focused-campaign-found-targeting-perimeter-network-devices/"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2024-04-24T00:00:00+00:00",
            "value": "CVE-2024-20353 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T21:59:41.487Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "cisco-sa-asaftd-websrvs-dos-X8gNucD2",
            "tags": [
              "x_transferred"
            ],
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-websrvs-dos-X8gNucD2"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "9.8.1"
            },
            {
              "status": "affected",
              "version": "9.8.1.5"
            },
            {
              "status": "affected",
              "version": "9.8.1.7"
            },
            {
              "status": "affected",
              "version": "9.8.2"
            },
            {
              "status": "affected",
              "version": "9.8.2.8"
            },
            {
              "status": "affected",
              "version": "9.8.2.14"
            },
            {
              "status": "affected",
              "version": "9.8.2.15"
            },
            {
              "status": "affected",
              "version": "9.8.2.17"
            },
            {
              "status": "affected",
              "version": "9.8.2.20"
            },
            {
              "status": "affected",
              "version": "9.8.2.24"
            },
            {
              "status": "affected",
              "version": "9.8.2.26"
            },
            {
              "status": "affected",
              "version": "9.8.2.28"
            },
            {
              "status": "affected",
              "version": "9.8.2.33"
            },
            {
              "status": "affected",
              "version": "9.8.2.35"
            },
            {
              "status": "affected",
              "version": "9.8.2.38"
            },
            {
              "status": "affected",
              "version": "9.8.3.8"
            },
            {
              "status": "affected",
              "version": "9.8.3.11"
            },
            {
              "status": "affected",
              "version": "9.8.3.14"
            },
            {
              "status": "affected",
              "version": "9.8.3.16"
            },
            {
              "status": "affected",
              "version": "9.8.3.18"
            },
            {
              "status": "affected",
              "version": "9.8.3.21"
            },
            {
              "status": "affected",
              "version": "9.8.3"
            },
            {
              "status": "affected",
              "version": "9.8.3.26"
            },
            {
              "status": "affected",
              "version": "9.8.3.29"
            },
            {
              "status": "affected",
              "version": "9.8.4"
            },
            {
              "status": "affected",
              "version": "9.8.4.3"
            },
            {
              "status": "affected",
              "version": "9.8.4.7"
            },
            {
              "status": "affected",
              "version": "9.8.4.8"
            },
            {
              "status": "affected",
              "version": "9.8.4.10"
            },
            {
              "status": "affected",
              "version": "9.8.4.12"
            },
            {
              "status": "affected",
              "version": "9.8.4.15"
            },
            {
              "status": "affected",
              "version": "9.8.4.17"
            },
            {
              "status": "affected",
              "version": "9.8.4.25"
            },
            {
              "status": "affected",
              "version": "9.8.4.20"
            },
            {
              "status": "affected",
              "version": "9.8.4.22"
            },
            {
              "status": "affected",
              "version": "9.8.4.26"
            },
            {
              "status": "affected",
              "version": "9.8.4.29"
            },
            {
              "status": "affected",
              "version": "9.8.4.32"
            },
            {
              "status": "affected",
              "version": "9.8.4.33"
            },
            {
              "status": "affected",
              "version": "9.8.4.34"
            },
            {
              "status": "affected",
              "version": "9.8.4.35"
            },
            {
              "status": "affected",
              "version": "9.8.4.39"
            },
            {
              "status": "affected",
              "version": "9.8.4.40"
            },
            {
              "status": "affected",
              "version": "9.8.4.41"
            },
            {
              "status": "affected",
              "version": "9.8.4.43"
            },
            {
              "status": "affected",
              "version": "9.8.4.44"
            },
            {
              "status": "affected",
              "version": "9.8.4.45"
            },
            {
              "status": "affected",
              "version": "9.8.4.46"
            },
            {
              "status": "affected",
              "version": "9.8.4.48"
            },
            {
              "status": "affected",
              "version": "9.12.1"
            },
            {
              "status": "affected",
              "version": "9.12.1.2"
            },
            {
              "status": "affected",
              "version": "9.12.1.3"
            },
            {
              "status": "affected",
              "version": "9.12.2"
            },
            {
              "status": "affected",
              "version": "9.12.2.4"
            },
            {
              "status": "affected",
              "version": "9.12.2.5"
            },
            {
              "status": "affected",
              "version": "9.12.2.9"
            },
            {
              "status": "affected",
              "version": "9.12.3"
            },
            {
              "status": "affected",
              "version": "9.12.3.2"
            },
            {
              "status": "affected",
              "version": "9.12.3.7"
            },
            {
              "status": "affected",
              "version": "9.12.4"
            },
            {
              "status": "affected",
              "version": "9.12.3.12"
            },
            {
              "status": "affected",
              "version": "9.12.3.9"
            },
            {
              "status": "affected",
              "version": "9.12.2.1"
            },
            {
              "status": "affected",
              "version": "9.12.4.2"
            },
            {
              "status": "affected",
              "version": "9.12.4.4"
            },
            {
              "status": "affected",
              "version": "9.12.4.7"
            },
            {
              "status": "affected",
              "version": "9.12.4.10"
            },
            {
              "status": "affected",
              "version": "9.12.4.13"
            },
            {
              "status": "affected",
              "version": "9.12.4.8"
            },
            {
              "status": "affected",
              "version": "9.12.4.18"
            },
            {
              "status": "affected",
              "version": "9.12.4.24"
            },
            {
              "status": "affected",
              "version": "9.12.4.26"
            },
            {
              "status": "affected",
              "version": "9.12.4.29"
            },
            {
              "status": "affected",
              "version": "9.12.4.30"
            },
            {
              "status": "affected",
              "version": "9.12.4.35"
            },
            {
              "status": "affected",
              "version": "9.12.4.37"
            },
            {
              "status": "affected",
              "version": "9.12.4.38"
            },
            {
              "status": "affected",
              "version": "9.12.4.39"
            },
            {
              "status": "affected",
              "version": "9.12.4.40"
            },
            {
              "status": "affected",
              "version": "9.12.4.41"
            },
            {
              "status": "affected",
              "version": "9.12.4.47"
            },
            {
              "status": "affected",
              "version": "9.12.4.48"
            },
            {
              "status": "affected",
              "version": "9.12.4.50"
            },
            {
              "status": "affected",
              "version": "9.12.4.52"
            },
            {
              "status": "affected",
              "version": "9.12.4.54"
            },
            {
              "status": "affected",
              "version": "9.12.4.55"
            },
            {
              "status": "affected",
              "version": "9.12.4.56"
            },
            {
              "status": "affected",
              "version": "9.12.4.58"
            },
            {
              "status": "affected",
              "version": "9.12.4.62"
            },
            {
              "status": "affected",
              "version": "9.12.4.65"
            },
            {
              "status": "affected",
              "version": "9.14.1"
            },
            {
              "status": "affected",
              "version": "9.14.1.10"
            },
            {
              "status": "affected",
              "version": "9.14.1.6"
            },
            {
              "status": "affected",
              "version": "9.14.1.15"
            },
            {
              "status": "affected",
              "version": "9.14.1.19"
            },
            {
              "status": "affected",
              "version": "9.14.1.30"
            },
            {
              "status": "affected",
              "version": "9.14.2"
            },
            {
              "status": "affected",
              "version": "9.14.2.4"
            },
            {
              "status": "affected",
              "version": "9.14.2.8"
            },
            {
              "status": "affected",
              "version": "9.14.2.13"
            },
            {
              "status": "affected",
              "version": "9.14.2.15"
            },
            {
              "status": "affected",
              "version": "9.14.3"
            },
            {
              "status": "affected",
              "version": "9.14.3.1"
            },
            {
              "status": "affected",
              "version": "9.14.3.9"
            },
            {
              "status": "affected",
              "version": "9.14.3.11"
            },
            {
              "status": "affected",
              "version": "9.14.3.13"
            },
            {
              "status": "affected",
              "version": "9.14.3.18"
            },
            {
              "status": "affected",
              "version": "9.14.3.15"
            },
            {
              "status": "affected",
              "version": "9.14.4"
            },
            {
              "status": "affected",
              "version": "9.14.4.6"
            },
            {
              "status": "affected",
              "version": "9.14.4.7"
            },
            {
              "status": "affected",
              "version": "9.14.4.12"
            },
            {
              "status": "affected",
              "version": "9.14.4.13"
            },
            {
              "status": "affected",
              "version": "9.14.4.14"
            },
            {
              "status": "affected",
              "version": "9.14.4.15"
            },
            {
              "status": "affected",
              "version": "9.14.4.17"
            },
            {
              "status": "affected",
              "version": "9.14.4.22"
            },
            {
              "status": "affected",
              "version": "9.14.4.23"
            },
            {
              "status": "affected",
              "version": "9.15.1"
            },
            {
              "status": "affected",
              "version": "9.15.1.7"
            },
            {
              "status": "affected",
              "version": "9.15.1.10"
            },
            {
              "status": "affected",
              "version": "9.15.1.15"
            },
            {
              "status": "affected",
              "version": "9.15.1.16"
            },
            {
              "status": "affected",
              "version": "9.15.1.17"
            },
            {
              "status": "affected",
              "version": "9.15.1.1"
            },
            {
              "status": "affected",
              "version": "9.15.1.21"
            },
            {
              "status": "affected",
              "version": "9.16.1"
            },
            {
              "status": "affected",
              "version": "9.16.1.28"
            },
            {
              "status": "affected",
              "version": "9.16.2"
            },
            {
              "status": "affected",
              "version": "9.16.2.3"
            },
            {
              "status": "affected",
              "version": "9.16.2.7"
            },
            {
              "status": "affected",
              "version": "9.16.2.11"
            },
            {
              "status": "affected",
              "version": "9.16.2.13"
            },
            {
              "status": "affected",
              "version": "9.16.2.14"
            },
            {
              "status": "affected",
              "version": "9.16.3"
            },
            {
              "status": "affected",
              "version": "9.16.3.3"
            },
            {
              "status": "affected",
              "version": "9.16.3.14"
            },
            {
              "status": "affected",
              "version": "9.16.3.15"
            },
            {
              "status": "affected",
              "version": "9.16.3.19"
            },
            {
              "status": "affected",
              "version": "9.16.3.23"
            },
            {
              "status": "affected",
              "version": "9.16.4"
            },
            {
              "status": "affected",
              "version": "9.16.4.9"
            },
            {
              "status": "affected",
              "version": "9.16.4.14"
            },
            {
              "status": "affected",
              "version": "9.16.4.18"
            },
            {
              "status": "affected",
              "version": "9.16.4.19"
            },
            {
              "status": "affected",
              "version": "9.16.4.27"
            },
            {
              "status": "affected",
              "version": "9.16.4.38"
            },
            {
              "status": "affected",
              "version": "9.16.4.39"
            },
            {
              "status": "affected",
              "version": "9.16.4.42"
            },
            {
              "status": "affected",
              "version": "9.16.4.48"
            },
            {
              "status": "affected",
              "version": "9.16.4.55"
            },
            {
              "status": "affected",
              "version": "9.17.1"
            },
            {
              "status": "affected",
              "version": "9.17.1.7"
            },
            {
              "status": "affected",
              "version": "9.17.1.9"
            },
            {
              "status": "affected",
              "version": "9.17.1.10"
            },
            {
              "status": "affected",
              "version": "9.17.1.11"
            },
            {
              "status": "affected",
              "version": "9.17.1.13"
            },
            {
              "status": "affected",
              "version": "9.17.1.15"
            },
            {
              "status": "affected",
              "version": "9.17.1.20"
            },
            {
              "status": "affected",
              "version": "9.17.1.30"
            },
            {
              "status": "affected",
              "version": "9.17.1.33"
            },
            {
              "status": "affected",
              "version": "9.18.1"
            },
            {
              "status": "affected",
              "version": "9.18.1.3"
            },
            {
              "status": "affected",
              "version": "9.18.2"
            },
            {
              "status": "affected",
              "version": "9.18.2.5"
            },
            {
              "status": "affected",
              "version": "9.18.2.7"
            },
            {
              "status": "affected",
              "version": "9.18.2.8"
            },
            {
              "status": "affected",
              "version": "9.18.3"
            },
            {
              "status": "affected",
              "version": "9.18.3.39"
            },
            {
              "status": "affected",
              "version": "9.18.3.46"
            },
            {
              "status": "affected",
              "version": "9.18.3.53"
            },
            {
              "status": "affected",
              "version": "9.18.3.55"
            },
            {
              "status": "affected",
              "version": "9.18.3.56"
            },
            {
              "status": "affected",
              "version": "9.18.4"
            },
            {
              "status": "affected",
              "version": "9.18.4.5"
            },
            {
              "status": "affected",
              "version": "9.18.4.8"
            },
            {
              "status": "affected",
              "version": "9.19.1"
            },
            {
              "status": "affected",
              "version": "9.19.1.5"
            },
            {
              "status": "affected",
              "version": "9.19.1.9"
            },
            {
              "status": "affected",
              "version": "9.19.1.12"
            },
            {
              "status": "affected",
              "version": "9.19.1.18"
            },
            {
              "status": "affected",
              "version": "9.19.1.22"
            },
            {
              "status": "affected",
              "version": "9.19.1.24"
            },
            {
              "status": "affected",
              "version": "9.19.1.27"
            },
            {
              "status": "affected",
              "version": "9.20.1"
            },
            {
              "status": "affected",
              "version": "9.20.1.5"
            },
            {
              "status": "affected",
              "version": "9.20.2"
            }
          ]
        },
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "6.2.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.1"
            },
            {
              "status": "affected",
              "version": "6.2.3.2"
            },
            {
              "status": "affected",
              "version": "6.2.3.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.4"
            },
            {
              "status": "affected",
              "version": "6.2.3.5"
            },
            {
              "status": "affected",
              "version": "6.2.3.6"
            },
            {
              "status": "affected",
              "version": "6.2.3.7"
            },
            {
              "status": "affected",
              "version": "6.2.3.8"
            },
            {
              "status": "affected",
              "version": "6.2.3.10"
            },
            {
              "status": "affected",
              "version": "6.2.3.11"
            },
            {
              "status": "affected",
              "version": "6.2.3.9"
            },
            {
              "status": "affected",
              "version": "6.2.3.12"
            },
            {
              "status": "affected",
              "version": "6.2.3.13"
            },
            {
              "status": "affected",
              "version": "6.2.3.14"
            },
            {
              "status": "affected",
              "version": "6.2.3.15"
            },
            {
              "status": "affected",
              "version": "6.2.3.16"
            },
            {
              "status": "affected",
              "version": "6.2.3.17"
            },
            {
              "status": "affected",
              "version": "6.2.3.18"
            },
            {
              "status": "affected",
              "version": "6.6.0"
            },
            {
              "status": "affected",
              "version": "6.6.0.1"
            },
            {
              "status": "affected",
              "version": "6.6.1"
            },
            {
              "status": "affected",
              "version": "6.6.3"
            },
            {
              "status": "affected",
              "version": "6.6.4"
            },
            {
              "status": "affected",
              "version": "6.6.5"
            },
            {
              "status": "affected",
              "version": "6.6.5.1"
            },
            {
              "status": "affected",
              "version": "6.6.5.2"
            },
            {
              "status": "affected",
              "version": "6.6.7"
            },
            {
              "status": "affected",
              "version": "6.6.7.1"
            },
            {
              "status": "affected",
              "version": "6.4.0"
            },
            {
              "status": "affected",
              "version": "6.4.0.1"
            },
            {
              "status": "affected",
              "version": "6.4.0.3"
            },
            {
              "status": "affected",
              "version": "6.4.0.2"
            },
            {
              "status": "affected",
              "version": "6.4.0.4"
            },
            {
              "status": "affected",
              "version": "6.4.0.5"
            },
            {
              "status": "affected",
              "version": "6.4.0.6"
            },
            {
              "status": "affected",
              "version": "6.4.0.7"
            },
            {
              "status": "affected",
              "version": "6.4.0.8"
            },
            {
              "status": "affected",
              "version": "6.4.0.9"
            },
            {
              "status": "affected",
              "version": "6.4.0.10"
            },
            {
              "status": "affected",
              "version": "6.4.0.11"
            },
            {
              "status": "affected",
              "version": "6.4.0.12"
            },
            {
              "status": "affected",
              "version": "6.4.0.13"
            },
            {
              "status": "affected",
              "version": "6.4.0.14"
            },
            {
              "status": "affected",
              "version": "6.4.0.15"
            },
            {
              "status": "affected",
              "version": "6.4.0.16"
            },
            {
              "status": "affected",
              "version": "6.4.0.17"
            },
            {
              "status": "affected",
              "version": "6.7.0"
            },
            {
              "status": "affected",
              "version": "6.7.0.1"
            },
            {
              "status": "affected",
              "version": "6.7.0.2"
            },
            {
              "status": "affected",
              "version": "6.7.0.3"
            },
            {
              "status": "affected",
              "version": "7.0.0"
            },
            {
              "status": "affected",
              "version": "7.0.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1.1"
            },
            {
              "status": "affected",
              "version": "7.0.2"
            },
            {
              "status": "affected",
              "version": "7.0.2.1"
            },
            {
              "status": "affected",
              "version": "7.0.3"
            },
            {
              "status": "affected",
              "version": "7.0.4"
            },
            {
              "status": "affected",
              "version": "7.0.5"
            },
            {
              "status": "affected",
              "version": "7.0.6"
            },
            {
              "status": "affected",
              "version": "7.0.6.1"
            },
            {
              "status": "affected",
              "version": "7.1.0"
            },
            {
              "status": "affected",
              "version": "7.1.0.1"
            },
            {
              "status": "affected",
              "version": "7.1.0.2"
            },
            {
              "status": "affected",
              "version": "7.1.0.3"
            },
            {
              "status": "affected",
              "version": "7.2.0"
            },
            {
              "status": "affected",
              "version": "7.2.0.1"
            },
            {
              "status": "affected",
              "version": "7.2.1"
            },
            {
              "status": "affected",
              "version": "7.2.2"
            },
            {
              "status": "affected",
              "version": "7.2.3"
            },
            {
              "status": "affected",
              "version": "7.2.4"
            },
            {
              "status": "affected",
              "version": "7.2.4.1"
            },
            {
              "status": "affected",
              "version": "7.2.5"
            },
            {
              "status": "affected",
              "version": "7.2.5.1"
            },
            {
              "status": "affected",
              "version": "7.3.0"
            },
            {
              "status": "affected",
              "version": "7.3.1"
            },
            {
              "status": "affected",
              "version": "7.3.1.1"
            },
            {
              "status": "affected",
              "version": "7.4.0"
            },
            {
              "status": "affected",
              "version": "7.4.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the management and VPN web servers for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition.\r\n\r This vulnerability is due to incomplete error checking when parsing an HTTP header. An attacker could exploit this vulnerability by sending a crafted HTTP request to a targeted web server on a device. A successful exploit could allow the attacker to cause a DoS condition when the device reloads."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Cisco has confirmed that this vulnerability has been exploited. Cisco strongly recommends that customers upgrade to fixed software to resolve this vulnerability. Customers are also strongly encouraged to monitor system logs for indicators of undocumented configuration changes, unscheduled reboots, and any anomalous credential activity."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-835",
              "description": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-04-24T18:15:57.646Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-asaftd-websrvs-dos-X8gNucD2",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-websrvs-dos-X8gNucD2"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asaftd-websrvs-dos-X8gNucD2",
        "defects": [
          "CSCwj10955"
        ],
        "discovery": "EXTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2024-20353",
    "datePublished": "2024-04-24T18:15:57.646Z",
    "dateReserved": "2023-11-08T15:08:07.647Z",
    "dateUpdated": "2025-07-30T01:37:04.331Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-3308 (GCVE-0-2020-3308)

Vulnerability from cvelistv5

Published

2020-05-06 16:50

Modified

2024-11-15 17:22

Severity ?

4.9 (Medium) - CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

CWE

CWE-347

Summary

A vulnerability in the Image Signature Verification feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker with administrator-level credentials to install a malicious software patch on an affected device. The vulnerability is due to improper verification of digital signatures for patch images. An attacker could exploit this vulnerability by crafting an unsigned software patch to bypass signature checks and loading it on an affected device. A successful exploit could allow the attacker to boot a malicious software patch image.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sigbypass-FcvPPCeP	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Threat Defense Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T07:30:57.461Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20200506 Cisco Firepower Threat Defense Software Signature Verification Bypass Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sigbypass-FcvPPCeP"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-3308",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-15T16:28:30.808912Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-15T17:22:15.207Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2020-05-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Image Signature Verification feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker with administrator-level credentials to install a malicious software patch on an affected device. The vulnerability is due to improper verification of digital signatures for patch images. An attacker could exploit this vulnerability by crafting an unsigned software patch to bypass signature checks and loading it on an affected device. A successful exploit could allow the attacker to boot a malicious software patch image."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-347",
              "description": "CWE-347",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-05-06T16:50:28",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20200506 Cisco Firepower Threat Defense Software Signature Verification Bypass Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sigbypass-FcvPPCeP"
        }
      ],
      "source": {
        "advisory": "cisco-sa-sigbypass-FcvPPCeP",
        "defect": [
          [
            "CSCvg16015"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Firepower Threat Defense Software Signature Verification Bypass Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2020-05-06T16:00:00-0700",
          "ID": "CVE-2020-3308",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Firepower Threat Defense Software Signature Verification Bypass Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Firepower Threat Defense Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the Image Signature Verification feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker with administrator-level credentials to install a malicious software patch on an affected device. The vulnerability is due to improper verification of digital signatures for patch images. An attacker could exploit this vulnerability by crafting an unsigned software patch to bypass signature checks and loading it on an affected device. A successful exploit could allow the attacker to boot a malicious software patch image."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "4.9",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-347"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20200506 Cisco Firepower Threat Defense Software Signature Verification Bypass Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sigbypass-FcvPPCeP"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-sigbypass-FcvPPCeP",
          "defect": [
            [
              "CSCvg16015"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2020-3308",
    "datePublished": "2020-05-06T16:50:29.053566Z",
    "dateReserved": "2019-12-12T00:00:00",
    "dateUpdated": "2024-11-15T17:22:15.207Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-20746 (GCVE-0-2022-20746)

Vulnerability from cvelistv5

Published

2022-05-03 03:15

Modified

2024-11-06 16:21

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-476

Summary

A vulnerability in the TCP proxy functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. This vulnerability is due to improper handling of TCP flows. An attacker could exploit this vulnerability by sending a crafted stream of TCP traffic through an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tcp-dos-kM9SHhOu	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Threat Defense Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T02:24:49.409Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20220427 Cisco Firepower Threat Defense Software TCP Proxy Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tcp-dos-kM9SHhOu"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-20746",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-06T16:01:38.526660Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-06T16:21:10.971Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2022-04-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the TCP proxy functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. This vulnerability is due to improper handling of TCP flows. An attacker could exploit this vulnerability by sending a crafted stream of TCP traffic through an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-476",
              "description": "CWE-476",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-05-03T03:15:17",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20220427 Cisco Firepower Threat Defense Software TCP Proxy Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tcp-dos-kM9SHhOu"
        }
      ],
      "source": {
        "advisory": "cisco-sa-ftd-tcp-dos-kM9SHhOu",
        "defect": [
          [
            "CSCvz00032"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Firepower Threat Defense Software TCP Proxy Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2022-04-27T16:00:00",
          "ID": "CVE-2022-20746",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Firepower Threat Defense Software TCP Proxy Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Firepower Threat Defense Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the TCP proxy functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. This vulnerability is due to improper handling of TCP flows. An attacker could exploit this vulnerability by sending a crafted stream of TCP traffic through an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.6",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-476"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20220427 Cisco Firepower Threat Defense Software TCP Proxy Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tcp-dos-kM9SHhOu"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-ftd-tcp-dos-kM9SHhOu",
          "defect": [
            [
              "CSCvz00032"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2022-20746",
    "datePublished": "2022-05-03T03:15:17.575803Z",
    "dateReserved": "2021-11-02T00:00:00",
    "dateUpdated": "2024-11-06T16:21:10.971Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-3565 (GCVE-0-2020-3565)

Vulnerability from cvelistv5

Published

2020-10-21 18:40

Modified

2024-11-13 17:46

Severity ?

5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

CWE

CWE-284

Summary

A vulnerability in the TCP Intercept functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured Access Control Policies (including Geolocation) and Service Polices on an affected system. The vulnerability exists because TCP Intercept is invoked when the embryonic connection limit is reached, which can cause the underlying detection engine to process the packet incorrectly. An attacker could exploit this vulnerability by sending a crafted stream of traffic that matches a policy on which TCP Intercept is configured. A successful exploit could allow the attacker to match on an incorrect policy, which could allow the traffic to be forwarded when it should be dropped. In addition, the traffic could incorrectly be dropped.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-tcp-intercept-bypass-xG9M3PbY	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Threat Defense Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T07:37:55.034Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20201021 Cisco Firepower Threat Defense Software TCP Intercept Bypass Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-tcp-intercept-bypass-xG9M3PbY"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-3565",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-13T17:12:14.999470Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-13T17:46:42.462Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2020-10-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the TCP Intercept functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured Access Control Policies (including Geolocation) and Service Polices on an affected system. The vulnerability exists because TCP Intercept is invoked when the embryonic connection limit is reached, which can cause the underlying detection engine to process the packet incorrectly. An attacker could exploit this vulnerability by sending a crafted stream of traffic that matches a policy on which TCP Intercept is configured. A successful exploit could allow the attacker to match on an incorrect policy, which could allow the traffic to be forwarded when it should be dropped. In addition, the traffic could incorrectly be dropped."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-284",
              "description": "CWE-284",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-21T18:40:53",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20201021 Cisco Firepower Threat Defense Software TCP Intercept Bypass Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-tcp-intercept-bypass-xG9M3PbY"
        }
      ],
      "source": {
        "advisory": "cisco-sa-tcp-intercept-bypass-xG9M3PbY",
        "defect": [
          [
            "CSCvr53058"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Firepower Threat Defense Software TCP Intercept Bypass Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2020-10-21T16:00:00",
          "ID": "CVE-2020-3565",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Firepower Threat Defense Software TCP Intercept Bypass Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Firepower Threat Defense Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the TCP Intercept functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured Access Control Policies (including Geolocation) and Service Polices on an affected system. The vulnerability exists because TCP Intercept is invoked when the embryonic connection limit is reached, which can cause the underlying detection engine to process the packet incorrectly. An attacker could exploit this vulnerability by sending a crafted stream of traffic that matches a policy on which TCP Intercept is configured. A successful exploit could allow the attacker to match on an incorrect policy, which could allow the traffic to be forwarded when it should be dropped. In addition, the traffic could incorrectly be dropped."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "5.8",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-284"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20201021 Cisco Firepower Threat Defense Software TCP Intercept Bypass Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-tcp-intercept-bypass-xG9M3PbY"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-tcp-intercept-bypass-xG9M3PbY",
          "defect": [
            [
              "CSCvr53058"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2020-3565",
    "datePublished": "2020-10-21T18:40:53.829732Z",
    "dateReserved": "2019-12-12T00:00:00",
    "dateUpdated": "2024-11-13T17:46:42.462Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2018-0240 (GCVE-0-2018-0240)

Vulnerability from cvelistv5

Published

2018-04-19 20:00

Modified

2024-11-29 15:17

Severity ?

CWE

CWE-399

Summary

Multiple vulnerabilities in the Application Layer Protocol Inspection feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerabilities are due to logical errors during traffic inspection. An attacker could exploit these vulnerabilities by sending a high volume of malicious traffic across an affected device. An exploit could allow the attacker to cause a deadlock condition, resulting in a reload of an affected device. These vulnerabilities affect Cisco ASA Software and Cisco FTD Software configured for Application Layer Protocol Inspection running on the following Cisco products: 3000 Series Industrial Security Appliance (ISA), ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4100 Series Security Appliance, Firepower 9300 ASA Security Module, FTD Virtual (FTDv). Cisco Bug IDs: CSCve61540, CSCvh23085, CSCvh95456.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa_inspect	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1040722	vdb-entry, x_refsource_SECTRACK
	http://www.securityfocus.com/bid/103934	vdb-entry, x_refsource_BID
	https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	Cisco Adaptive Security Appliance	Version: Cisco Adaptive Security Appliance

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T03:21:14.947Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa_inspect"
          },
          {
            "name": "1040722",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1040722"
          },
          {
            "name": "103934",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/103934"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2018-0240",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-29T14:44:25.368518Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-29T15:17:08.486Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Cisco Adaptive Security Appliance"
            }
          ]
        }
      ],
      "datePublic": "2018-04-19T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple vulnerabilities in the Application Layer Protocol Inspection feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerabilities are due to logical errors during traffic inspection. An attacker could exploit these vulnerabilities by sending a high volume of malicious traffic across an affected device. An exploit could allow the attacker to cause a deadlock condition, resulting in a reload of an affected device. These vulnerabilities affect Cisco ASA Software and Cisco FTD Software configured for Application Layer Protocol Inspection running on the following Cisco products: 3000 Series Industrial Security Appliance (ISA), ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4100 Series Security Appliance, Firepower 9300 ASA Security Module, FTD Virtual (FTDv). Cisco Bug IDs: CSCve61540, CSCvh23085, CSCvh95456."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-399",
              "description": "CWE-399",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-07-05T17:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa_inspect"
        },
        {
          "name": "1040722",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1040722"
        },
        {
          "name": "103934",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/103934"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2018-0240",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Cisco Adaptive Security Appliance"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple vulnerabilities in the Application Layer Protocol Inspection feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerabilities are due to logical errors during traffic inspection. An attacker could exploit these vulnerabilities by sending a high volume of malicious traffic across an affected device. An exploit could allow the attacker to cause a deadlock condition, resulting in a reload of an affected device. These vulnerabilities affect Cisco ASA Software and Cisco FTD Software configured for Application Layer Protocol Inspection running on the following Cisco products: 3000 Series Industrial Security Appliance (ISA), ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4100 Series Security Appliance, Firepower 9300 ASA Security Module, FTD Virtual (FTDv). Cisco Bug IDs: CSCve61540, CSCvh23085, CSCvh95456."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-399"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa_inspect",
              "refsource": "CONFIRM",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa_inspect"
            },
            {
              "name": "1040722",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1040722"
            },
            {
              "name": "103934",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/103934"
            },
            {
              "name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01",
              "refsource": "MISC",
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2018-0240",
    "datePublished": "2018-04-19T20:00:00",
    "dateReserved": "2017-11-27T00:00:00",
    "dateUpdated": "2024-11-29T15:17:08.486Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2018-15398 (GCVE-0-2018-15398)

Vulnerability from cvelistv5

Published

2018-10-05 14:00

Modified

2024-11-26 14:32

Severity ?

CWE

CWE-284

Summary

A vulnerability in the per-user-override feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass an access control list (ACL) that is configured for an interface of an affected device. The vulnerability is due to errors that could occur when the affected software constructs and applies per-user-override rules. An attacker could exploit this vulnerability by connecting to a network through an affected device that has a vulnerable configuration. A successful exploit could allow the attacker to access resources that are behind the affected device and would typically be protected by the interface ACL.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-asa-acl-bypass	vendor-advisory, x_refsource_CISCO
	http://www.securitytracker.com/id/1041788	vdb-entry, x_refsource_SECTRACK
	http://www.securityfocus.com/bid/105517	vdb-entry, x_refsource_BID

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Adaptive Security Appliance (ASA) Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T09:54:03.333Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20181003 Cisco Adaptive Security Appliance Access Control List Bypass Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-asa-acl-bypass"
          },
          {
            "name": "1041788",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1041788"
          },
          {
            "name": "105517",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/105517"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2018-15398",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-25T18:48:07.224668Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-26T14:32:55.787Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-10-03T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the per-user-override feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass an access control list (ACL) that is configured for an interface of an affected device. The vulnerability is due to errors that could occur when the affected software constructs and applies per-user-override rules. An attacker could exploit this vulnerability by connecting to a network through an affected device that has a vulnerable configuration. A successful exploit could allow the attacker to access resources that are behind the affected device and would typically be protected by the interface ACL."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-284",
              "description": "CWE-284",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-07T09:57:02",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20181003 Cisco Adaptive Security Appliance Access Control List Bypass Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-asa-acl-bypass"
        },
        {
          "name": "1041788",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1041788"
        },
        {
          "name": "105517",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/105517"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20181003-asa-acl-bypass",
        "defect": [
          [
            "CSCvj91858"
          ]
        ],
        "discovery": "UNKNOWN"
      },
      "title": "Cisco Adaptive Security Appliance Access Control List Bypass Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2018-10-03T16:00:00-0500",
          "ID": "CVE-2018-15398",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance Access Control List Bypass Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the per-user-override feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass an access control list (ACL) that is configured for an interface of an affected device. The vulnerability is due to errors that could occur when the affected software constructs and applies per-user-override rules. An attacker could exploit this vulnerability by connecting to a network through an affected device that has a vulnerable configuration. A successful exploit could allow the attacker to access resources that are behind the affected device and would typically be protected by the interface ACL."
            }
          ]
        },
        "impact": {
          "cvss": {
            "baseScore": "5.8",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-284"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20181003 Cisco Adaptive Security Appliance Access Control List Bypass Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-asa-acl-bypass"
            },
            {
              "name": "1041788",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1041788"
            },
            {
              "name": "105517",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/105517"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20181003-asa-acl-bypass",
          "defect": [
            [
              "CSCvj91858"
            ]
          ],
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2018-15398",
    "datePublished": "2018-10-05T14:00:00Z",
    "dateReserved": "2018-08-17T00:00:00",
    "dateUpdated": "2024-11-26T14:32:55.787Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-1695 (GCVE-0-2019-1695)

Vulnerability from cvelistv5

Published

2019-05-03 15:10

Modified

2024-11-21 19:35

Severity ?

4.3 (Medium) - CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

CWE

CWE-284

Summary

A vulnerability in the detection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent attacker to send data directly to the kernel of an affected device. The vulnerability exists because the software improperly filters Ethernet frames sent to an affected device. An attacker could exploit this vulnerability by sending crafted packets to the management interface of an affected device. A successful exploit could allow the attacker to bypass the Layer 2 (L2) filters and send data directly to the kernel of the affected device. A malicious frame successfully delivered would make the target device generate a specific syslog entry.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftd-bypass	vendor-advisory, x_refsource_CISCO
	http://www.securityfocus.com/bid/108173	vdb-entry, x_refsource_BID

Impacted products

Vendor

Product

Version

▼

Cisco

Cisco Adaptive Security Appliance (ASA) Software

Version: unspecified   < 9.8.4
Version: unspecified   < 9.9.2.50
Version: unspecified   < 9.10.1.17

Cisco

Cisco Firepower Threat Defense (FTD) Software

Version: unspecified < 6.2.3.12
Version: unspecified < 6.3.0.3

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T18:28:41.623Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20190501 Cisco Adaptive Security Appliance and Firepower Threat Defense Software Layer 2 Filtering Bypass Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftd-bypass"
          },
          {
            "name": "108173",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/108173"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2019-1695",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-21T18:59:00.717881Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-21T19:35:34.418Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "9.8.4",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "9.9.2.50",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "9.10.1.17",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Cisco Firepower Threat Defense (FTD) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "6.2.3.12",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "6.3.0.3",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2019-05-01T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the detection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent attacker to send data directly to the kernel of an affected device. The vulnerability exists because the software improperly filters Ethernet frames sent to an affected device. An attacker could exploit this vulnerability by sending crafted packets to the management interface of an affected device. A successful exploit could allow the attacker to bypass the Layer 2 (L2) filters and send data directly to the kernel of the affected device. A malicious frame successfully delivered would make the target device generate a specific syslog entry."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-284",
              "description": "CWE-284",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-05-07T14:06:08",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20190501 Cisco Adaptive Security Appliance and Firepower Threat Defense Software Layer 2 Filtering Bypass Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftd-bypass"
        },
        {
          "name": "108173",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/108173"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20190501-asa-ftd-bypass",
        "defect": [
          [
            "CSCvm75358"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance and Firepower Threat Defense Software Layer 2 Filtering Bypass Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2019-05-01T16:00:00-0700",
          "ID": "CVE-2019-1695",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance and Firepower Threat Defense Software Layer 2 Filtering Bypass Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "9.8.4"
                          },
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "9.9.2.50"
                          },
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "9.10.1.17"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Cisco Firepower Threat Defense (FTD) Software",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "6.2.3.12"
                          },
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "6.3.0.3"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the detection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent attacker to send data directly to the kernel of an affected device. The vulnerability exists because the software improperly filters Ethernet frames sent to an affected device. An attacker could exploit this vulnerability by sending crafted packets to the management interface of an affected device. A successful exploit could allow the attacker to bypass the Layer 2 (L2) filters and send data directly to the kernel of the affected device. A malicious frame successfully delivered would make the target device generate a specific syslog entry."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "4.3",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-284"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20190501 Cisco Adaptive Security Appliance and Firepower Threat Defense Software Layer 2 Filtering Bypass Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftd-bypass"
            },
            {
              "name": "108173",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/108173"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20190501-asa-ftd-bypass",
          "defect": [
            [
              "CSCvm75358"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2019-1695",
    "datePublished": "2019-05-03T15:10:24.007422Z",
    "dateReserved": "2018-12-06T00:00:00",
    "dateUpdated": "2024-11-21T19:35:34.418Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-20244 (GCVE-0-2023-20244)

Vulnerability from cvelistv5

Published

2023-11-01 16:50

Modified

2024-08-02 09:05

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-771 - Missing Reference to Active Allocated Resource

Summary

A vulnerability in the internal packet processing of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Firewalls could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of certain packets when they are sent to the inspection engine. An attacker could exploit this vulnerability by sending a series of crafted packets to an affected device. A successful exploit could allow the attacker to deplete all 9,472 byte blocks on the device, resulting in traffic loss across the device or an unexpected reload of the device. If the device does not reload on its own, a manual reload of the device would be required to recover from this state.

References

▼	URL	Tags
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-intrusion-dos-DfT7wyGC

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Threat Defense Software	Version: 6.2.3 Version: 6.2.3.1 Version: 6.2.3.2 Version: 6.2.3.3 Version: 6.2.3.4 Version: 6.2.3.5 Version: 6.2.3.6 Version: 6.2.3.7 Version: 6.2.3.8 Version: 6.2.3.10 Version: 6.2.3.11 Version: 6.2.3.9 Version: 6.2.3.12 Version: 6.2.3.13 Version: 6.2.3.14 Version: 6.2.3.15 Version: 6.2.3.16 Version: 6.2.3.17 Version: 6.2.3.18 Version: 6.6.0 Version: 6.6.0.1 Version: 6.6.1 Version: 6.6.3 Version: 6.6.4 Version: 6.6.5 Version: 6.6.5.1 Version: 6.6.5.2 Version: 6.6.7 Version: 6.6.7.1 Version: 6.4.0 Version: 6.4.0.1 Version: 6.4.0.3 Version: 6.4.0.2 Version: 6.4.0.4 Version: 6.4.0.5 Version: 6.4.0.6 Version: 6.4.0.7 Version: 6.4.0.8 Version: 6.4.0.9 Version: 6.4.0.10 Version: 6.4.0.11 Version: 6.4.0.12 Version: 6.4.0.13 Version: 6.4.0.14 Version: 6.4.0.15 Version: 6.4.0.16 Version: 6.7.0 Version: 6.7.0.1 Version: 6.7.0.2 Version: 6.7.0.3 Version: 7.0.0 Version: 7.0.0.1 Version: 7.0.1 Version: 7.0.1.1 Version: 7.0.2 Version: 7.0.2.1 Version: 7.0.3 Version: 7.0.4 Version: 7.0.5 Version: 7.1.0 Version: 7.1.0.1 Version: 7.1.0.3 Version: 7.2.0 Version: 7.2.0.1 Version: 7.2.1 Version: 7.2.2 Version: 7.2.3 Version: 7.3.0 Version: 7.3.1 Version: 7.3.1.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T09:05:36.212Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "cisco-sa-ftd-intrusion-dos-DfT7wyGC",
            "tags": [
              "x_transferred"
            ],
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-intrusion-dos-DfT7wyGC"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "6.2.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.1"
            },
            {
              "status": "affected",
              "version": "6.2.3.2"
            },
            {
              "status": "affected",
              "version": "6.2.3.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.4"
            },
            {
              "status": "affected",
              "version": "6.2.3.5"
            },
            {
              "status": "affected",
              "version": "6.2.3.6"
            },
            {
              "status": "affected",
              "version": "6.2.3.7"
            },
            {
              "status": "affected",
              "version": "6.2.3.8"
            },
            {
              "status": "affected",
              "version": "6.2.3.10"
            },
            {
              "status": "affected",
              "version": "6.2.3.11"
            },
            {
              "status": "affected",
              "version": "6.2.3.9"
            },
            {
              "status": "affected",
              "version": "6.2.3.12"
            },
            {
              "status": "affected",
              "version": "6.2.3.13"
            },
            {
              "status": "affected",
              "version": "6.2.3.14"
            },
            {
              "status": "affected",
              "version": "6.2.3.15"
            },
            {
              "status": "affected",
              "version": "6.2.3.16"
            },
            {
              "status": "affected",
              "version": "6.2.3.17"
            },
            {
              "status": "affected",
              "version": "6.2.3.18"
            },
            {
              "status": "affected",
              "version": "6.6.0"
            },
            {
              "status": "affected",
              "version": "6.6.0.1"
            },
            {
              "status": "affected",
              "version": "6.6.1"
            },
            {
              "status": "affected",
              "version": "6.6.3"
            },
            {
              "status": "affected",
              "version": "6.6.4"
            },
            {
              "status": "affected",
              "version": "6.6.5"
            },
            {
              "status": "affected",
              "version": "6.6.5.1"
            },
            {
              "status": "affected",
              "version": "6.6.5.2"
            },
            {
              "status": "affected",
              "version": "6.6.7"
            },
            {
              "status": "affected",
              "version": "6.6.7.1"
            },
            {
              "status": "affected",
              "version": "6.4.0"
            },
            {
              "status": "affected",
              "version": "6.4.0.1"
            },
            {
              "status": "affected",
              "version": "6.4.0.3"
            },
            {
              "status": "affected",
              "version": "6.4.0.2"
            },
            {
              "status": "affected",
              "version": "6.4.0.4"
            },
            {
              "status": "affected",
              "version": "6.4.0.5"
            },
            {
              "status": "affected",
              "version": "6.4.0.6"
            },
            {
              "status": "affected",
              "version": "6.4.0.7"
            },
            {
              "status": "affected",
              "version": "6.4.0.8"
            },
            {
              "status": "affected",
              "version": "6.4.0.9"
            },
            {
              "status": "affected",
              "version": "6.4.0.10"
            },
            {
              "status": "affected",
              "version": "6.4.0.11"
            },
            {
              "status": "affected",
              "version": "6.4.0.12"
            },
            {
              "status": "affected",
              "version": "6.4.0.13"
            },
            {
              "status": "affected",
              "version": "6.4.0.14"
            },
            {
              "status": "affected",
              "version": "6.4.0.15"
            },
            {
              "status": "affected",
              "version": "6.4.0.16"
            },
            {
              "status": "affected",
              "version": "6.7.0"
            },
            {
              "status": "affected",
              "version": "6.7.0.1"
            },
            {
              "status": "affected",
              "version": "6.7.0.2"
            },
            {
              "status": "affected",
              "version": "6.7.0.3"
            },
            {
              "status": "affected",
              "version": "7.0.0"
            },
            {
              "status": "affected",
              "version": "7.0.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1.1"
            },
            {
              "status": "affected",
              "version": "7.0.2"
            },
            {
              "status": "affected",
              "version": "7.0.2.1"
            },
            {
              "status": "affected",
              "version": "7.0.3"
            },
            {
              "status": "affected",
              "version": "7.0.4"
            },
            {
              "status": "affected",
              "version": "7.0.5"
            },
            {
              "status": "affected",
              "version": "7.1.0"
            },
            {
              "status": "affected",
              "version": "7.1.0.1"
            },
            {
              "status": "affected",
              "version": "7.1.0.3"
            },
            {
              "status": "affected",
              "version": "7.2.0"
            },
            {
              "status": "affected",
              "version": "7.2.0.1"
            },
            {
              "status": "affected",
              "version": "7.2.1"
            },
            {
              "status": "affected",
              "version": "7.2.2"
            },
            {
              "status": "affected",
              "version": "7.2.3"
            },
            {
              "status": "affected",
              "version": "7.3.0"
            },
            {
              "status": "affected",
              "version": "7.3.1"
            },
            {
              "status": "affected",
              "version": "7.3.1.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the internal packet processing of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Firewalls could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of certain packets when they are sent to the inspection engine. An attacker could exploit this vulnerability by sending a series of crafted packets to an affected device. A successful exploit could allow the attacker to deplete all 9,472 byte blocks on the device, resulting in traffic loss across the device or an unexpected reload of the device. If the device does not reload on its own, a manual reload of the device would be required to recover from this state."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-771",
              "description": "Missing Reference to Active Allocated Resource",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-25T16:58:30.360Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-ftd-intrusion-dos-DfT7wyGC",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-intrusion-dos-DfT7wyGC"
        }
      ],
      "source": {
        "advisory": "cisco-sa-ftd-intrusion-dos-DfT7wyGC",
        "defects": [
          "CSCwe98687"
        ],
        "discovery": "INTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2023-20244",
    "datePublished": "2023-11-01T16:50:33.517Z",
    "dateReserved": "2022-10-27T18:47:50.371Z",
    "dateUpdated": "2024-08-02T09:05:36.212Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-20760 (GCVE-0-2022-20760)

Vulnerability from cvelistv5

Published

2022-05-03 03:15

Modified

2024-11-06 16:20

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-400

Summary

A vulnerability in the DNS inspection handler of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service condition (DoS) on an affected device. This vulnerability is due to a lack of proper processing of incoming requests. An attacker could exploit this vulnerability by sending crafted DNS requests at a high rate to an affected device. A successful exploit could allow the attacker to cause the device to stop responding, resulting in a DoS condition.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dos-nJVAwOeq	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Adaptive Security Appliance (ASA) Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T02:24:49.624Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20220427 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software DNS Inspection Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dos-nJVAwOeq"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-20760",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-06T16:01:34.487746Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-06T16:20:26.648Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2022-04-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the DNS inspection handler of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service condition (DoS) on an affected device. This vulnerability is due to a lack of proper processing of incoming requests. An attacker could exploit this vulnerability by sending crafted DNS requests at a high rate to an affected device. A successful exploit could allow the attacker to cause the device to stop responding, resulting in a DoS condition."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-05-03T03:15:39",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20220427 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software DNS Inspection Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dos-nJVAwOeq"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asaftd-dos-nJVAwOeq",
        "defect": [
          [
            "CSCvz76966"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software DNS Inspection Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2022-04-27T16:00:00",
          "ID": "CVE-2022-20760",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software DNS Inspection Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the DNS inspection handler of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service condition (DoS) on an affected device. This vulnerability is due to a lack of proper processing of incoming requests. An attacker could exploit this vulnerability by sending crafted DNS requests at a high rate to an affected device. A successful exploit could allow the attacker to cause the device to stop responding, resulting in a DoS condition."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.6",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-400"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20220427 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software DNS Inspection Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dos-nJVAwOeq"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-asaftd-dos-nJVAwOeq",
          "defect": [
            [
              "CSCvz76966"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2022-20760",
    "datePublished": "2022-05-03T03:15:39.696528Z",
    "dateReserved": "2021-11-02T00:00:00",
    "dateUpdated": "2024-11-06T16:20:26.648Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-20006 (GCVE-0-2023-20006)

Vulnerability from cvelistv5

Published

2023-06-28 00:00

Modified

2024-08-02 08:57

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-681 - Incorrect Conversion between Numeric Types

Summary

A vulnerability in the hardware-based SSL/TLS cryptography functionality of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Appliances could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to an implementation error within the cryptographic functions for SSL/TLS traffic processing when they are offloaded to the hardware. An attacker could exploit this vulnerability by sending a crafted stream of SSL/TLS traffic to an affected device. A successful exploit could allow the attacker to cause an unexpected error in the hardware-based cryptography engine, which could cause the device to reload.

References

▼	URL	Tags
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ssl-dos-uu7mV5p6

Impacted products

Vendor

Product

Version

▼

Cisco

Cisco Adaptive Security Appliance (ASA) Software

Version: 9.16.4
Version: 9.18.2
Version: 9.18.2.5

Cisco

Cisco Firepower Threat Defense Software

Version: 7.2.1
Version: 7.2.2
Version: 7.2.3

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T08:57:35.719Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "cisco-sa-asaftd-ssl-dos-uu7mV5p6",
            "tags": [
              "x_transferred"
            ],
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ssl-dos-uu7mV5p6"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "9.16.4"
            },
            {
              "status": "affected",
              "version": "9.18.2"
            },
            {
              "status": "affected",
              "version": "9.18.2.5"
            }
          ]
        },
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "7.2.1"
            },
            {
              "status": "affected",
              "version": "7.2.2"
            },
            {
              "status": "affected",
              "version": "7.2.3"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the hardware-based SSL/TLS cryptography functionality of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Appliances could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition.\r\n\r This vulnerability is due to an implementation error within the cryptographic functions for SSL/TLS traffic processing when they are offloaded to the hardware. An attacker could exploit this vulnerability by sending a crafted stream of SSL/TLS traffic to an affected device. A successful exploit could allow the attacker to cause an unexpected error in the hardware-based cryptography engine, which could cause the device to reload."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-681",
              "description": "Incorrect Conversion between Numeric Types",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-25T16:57:29.395Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-asaftd-ssl-dos-uu7mV5p6",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ssl-dos-uu7mV5p6"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asaftd-ssl-dos-uu7mV5p6",
        "defects": [
          "CSCwc94466"
        ],
        "discovery": "EXTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2023-20006",
    "datePublished": "2023-06-28T00:00:00",
    "dateReserved": "2022-10-27T00:00:00",
    "dateUpdated": "2024-08-02T08:57:35.719Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-34791 (GCVE-0-2021-34791)

Vulnerability from cvelistv5

Published

2021-10-27 18:56

Modified

2024-11-07 21:43

Severity ?

4.7 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N

CWE

CWE-358

Summary

Multiple vulnerabilities in the Application Level Gateway (ALG) for the Network Address Translation (NAT) feature of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the ALG and open unauthorized connections with a host located behind the ALG. For more information about these vulnerabilities, see the Details section of this advisory. Note: These vulnerabilities have been publicly discussed as NAT Slipstreaming.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-natalg-bypass-cpKGqkng	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Adaptive Security Appliance (ASA) Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T00:19:48.252Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20211027 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Application Level Gateway Bypass Vulnerabilities",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-natalg-bypass-cpKGqkng"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-34791",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-07T21:39:44.922495Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-07T21:43:54.507Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2021-10-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple vulnerabilities in the Application Level Gateway (ALG) for the Network Address Translation (NAT) feature of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the ALG and open unauthorized connections with a host located behind the ALG. For more information about these vulnerabilities, see the Details section of this advisory. Note: These vulnerabilities have been publicly discussed as NAT Slipstreaming."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is aware that proof-of-concept exploit code is available for the vulnerabilities described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-358",
              "description": "CWE-358",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-27T18:56:14",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20211027 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Application Level Gateway Bypass Vulnerabilities",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-natalg-bypass-cpKGqkng"
        }
      ],
      "source": {
        "advisory": "cisco-sa-natalg-bypass-cpKGqkng",
        "defect": [
          [
            "CSCvw35444",
            "CSCvx50914"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Application Level Gateway Bypass Vulnerabilities",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2021-10-27T16:00:00",
          "ID": "CVE-2021-34791",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Application Level Gateway Bypass Vulnerabilities"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple vulnerabilities in the Application Level Gateway (ALG) for the Network Address Translation (NAT) feature of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the ALG and open unauthorized connections with a host located behind the ALG. For more information about these vulnerabilities, see the Details section of this advisory. Note: These vulnerabilities have been publicly discussed as NAT Slipstreaming."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco PSIRT is aware that proof-of-concept exploit code is available for the vulnerabilities described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "4.7",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-358"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20211027 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Application Level Gateway Bypass Vulnerabilities",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-natalg-bypass-cpKGqkng"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-natalg-bypass-cpKGqkng",
          "defect": [
            [
              "CSCvw35444",
              "CSCvx50914"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2021-34791",
    "datePublished": "2021-10-27T18:56:15.009931Z",
    "dateReserved": "2021-06-15T00:00:00",
    "dateUpdated": "2024-11-07T21:43:54.507Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-20270 (GCVE-0-2023-20270)

Vulnerability from cvelistv5

Published

2023-11-01 16:51

Modified

2024-08-02 09:05

Severity ?

5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

CWE

CWE-20 - Improper Input Validation

Summary

A vulnerability in the interaction between the Server Message Block (SMB) protocol preprocessor and the Snort 3 detection engine for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the configured policies or cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper error-checking when the Snort 3 detection engine is processing SMB traffic. An attacker could exploit this vulnerability by sending a crafted SMB packet stream through an affected device. A successful exploit could allow the attacker to cause the Snort process to reload, resulting in a DoS condition.

References

▼	URL	Tags
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-smbsnort3-dos-pfOjOYUV

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Threat Defense Software	Version: 7.1.0 Version: 7.1.0.1 Version: 7.1.0.2 Version: 7.1.0.3 Version: 7.2.0 Version: 7.2.0.1 Version: 7.2.1 Version: 7.2.2 Version: 7.2.3 Version: 7.3.0 Version: 7.3.1 Version: 7.3.1.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T09:05:36.263Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "cisco-sa-ftd-smbsnort3-dos-pfOjOYUV",
            "tags": [
              "x_transferred"
            ],
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-smbsnort3-dos-pfOjOYUV"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "7.1.0"
            },
            {
              "status": "affected",
              "version": "7.1.0.1"
            },
            {
              "status": "affected",
              "version": "7.1.0.2"
            },
            {
              "status": "affected",
              "version": "7.1.0.3"
            },
            {
              "status": "affected",
              "version": "7.2.0"
            },
            {
              "status": "affected",
              "version": "7.2.0.1"
            },
            {
              "status": "affected",
              "version": "7.2.1"
            },
            {
              "status": "affected",
              "version": "7.2.2"
            },
            {
              "status": "affected",
              "version": "7.2.3"
            },
            {
              "status": "affected",
              "version": "7.3.0"
            },
            {
              "status": "affected",
              "version": "7.3.1"
            },
            {
              "status": "affected",
              "version": "7.3.1.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the interaction between the Server Message Block (SMB) protocol preprocessor and the Snort 3 detection engine for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the configured policies or cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper error-checking when the Snort 3 detection engine is processing SMB traffic. An attacker could exploit this vulnerability by sending a crafted SMB packet stream through an affected device. A successful exploit could allow the attacker to cause the Snort process to reload, resulting in a DoS condition."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "Improper Input Validation",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-25T16:58:37.172Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-ftd-smbsnort3-dos-pfOjOYUV",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-smbsnort3-dos-pfOjOYUV"
        }
      ],
      "source": {
        "advisory": "cisco-sa-ftd-smbsnort3-dos-pfOjOYUV",
        "defects": [
          "CSCwe19286"
        ],
        "discovery": "EXTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2023-20270",
    "datePublished": "2023-11-01T16:51:13.156Z",
    "dateReserved": "2022-10-27T18:47:50.373Z",
    "dateUpdated": "2024-08-02T09:05:36.263Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-1236 (GCVE-0-2021-1236)

Vulnerability from cvelistv5

Published

2021-01-13 21:17

Modified

2024-11-12 20:48

Severity ?

4.0 (Medium) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N

CWE

CWE-670

Summary

Multiple Cisco products are affected by a vulnerability in the Snort application detection engine that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. The vulnerability is due to a flaw in the detection algorithm. An attacker could exploit this vulnerability by sending crafted packets that would flow through an affected system. A successful exploit could allow the attacker to bypass the configured policies and deliver a malicious payload to the protected network.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-app-bypass-cSBYCATq	vendor-advisory
	https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html	mailing-list
	https://www.debian.org/security/2023/dsa-5354	vendor-advisory

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Threat Defense Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T16:02:56.434Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20210113 Multiple Cisco Products Snort Application Detection Engine Policy Bypass Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-app-bypass-cSBYCATq"
          },
          {
            "name": "[debian-lts-announce] 20230210 [SECURITY] [DLA 3317-1] snort security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html"
          },
          {
            "name": "DSA-5354",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2023/dsa-5354"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-1236",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-08T20:55:08.338945Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-12T20:48:23.581Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2021-01-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple Cisco products are affected by a vulnerability in the Snort application detection engine that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. The vulnerability is due to a flaw in the detection algorithm. An attacker could exploit this vulnerability by sending crafted packets that would flow through an affected system. A successful exploit could allow the attacker to bypass the configured policies and deliver a malicious payload to the protected network."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-670",
              "description": "CWE-670",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-02-19T00:00:00",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20210113 Multiple Cisco Products Snort Application Detection Engine Policy Bypass Vulnerability",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-app-bypass-cSBYCATq"
        },
        {
          "name": "[debian-lts-announce] 20230210 [SECURITY] [DLA 3317-1] snort security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html"
        },
        {
          "name": "DSA-5354",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.debian.org/security/2023/dsa-5354"
        }
      ],
      "source": {
        "advisory": "cisco-sa-snort-app-bypass-cSBYCATq",
        "defect": [
          [
            "CSCvs85467",
            "CSCvu21318"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Multiple Cisco Products Snort Application Detection Engine Policy Bypass Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2021-1236",
    "datePublished": "2021-01-13T21:17:03.406091Z",
    "dateReserved": "2020-11-13T00:00:00",
    "dateUpdated": "2024-11-12T20:48:23.581Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-1701 (GCVE-0-2019-1701)

Vulnerability from cvelistv5

Published

2019-05-03 16:00

Modified

2024-11-21 19:35

Severity ?

4.8 (Medium) - CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

CWE

CWE-79

Summary

Multiple vulnerabilities in the WebVPN service of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the WebVPN portal of an affected device. The vulnerabilities exist because the software insufficiently validates user-supplied input on an affected device. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive browser-based information. An attacker would need administrator privileges on the device to exploit these vulnerabilities.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftd-xss	vendor-advisory, x_refsource_CISCO
	http://www.securityfocus.com/bid/108152	vdb-entry, x_refsource_BID

Impacted products

Vendor

Product

Version

▼

Cisco

Cisco Adaptive Security Appliance (ASA) Software

Version: unspecified   < 9.4.4.34
Version: unspecified   < 9.6.4.25
Version: unspecified   < 9.8.4
Version: unspecified   < 9.9.2.50
Version: unspecified   < 9.10.1.17

Cisco

Cisco Firepower Threat Defense (FTD) Software

Version: unspecified < 6.2.3.12
Version: unspecified < 6.3.0.3

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T18:28:42.735Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20190501 Cisco Adaptive Security Appliance and Firepower Threat Defense Software WebVPN Cross-Site Scripting Vulnerabilities",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftd-xss"
          },
          {
            "name": "108152",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/108152"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2019-1701",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-21T18:58:58.054134Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-21T19:35:04.881Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "9.4.4.34",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "9.6.4.25",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "9.8.4",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "9.9.2.50",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "9.10.1.17",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Cisco Firepower Threat Defense (FTD) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "6.2.3.12",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "6.3.0.3",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2019-05-01T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple vulnerabilities in the WebVPN service of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the WebVPN portal of an affected device. The vulnerabilities exist because the software insufficiently validates user-supplied input on an affected device. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive browser-based information. An attacker would need administrator privileges on the device to exploit these vulnerabilities."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "CWE-79",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-05-06T07:06:03",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20190501 Cisco Adaptive Security Appliance and Firepower Threat Defense Software WebVPN Cross-Site Scripting Vulnerabilities",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftd-xss"
        },
        {
          "name": "108152",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/108152"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20190501-asa-ftd-xss",
        "defect": [
          [
            "CSCvn78674",
            "CSCvo11406",
            "CSCvo11416",
            "CSCvo17033"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance and Firepower Threat Defense Software WebVPN Cross-Site Scripting Vulnerabilities",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2019-05-01T16:00:00-0700",
          "ID": "CVE-2019-1701",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance and Firepower Threat Defense Software WebVPN Cross-Site Scripting Vulnerabilities"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "9.4.4.34"
                          },
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "9.6.4.25"
                          },
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "9.8.4"
                          },
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "9.9.2.50"
                          },
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "9.10.1.17"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Cisco Firepower Threat Defense (FTD) Software",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "6.2.3.12"
                          },
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "6.3.0.3"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple vulnerabilities in the WebVPN service of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the WebVPN portal of an affected device. The vulnerabilities exist because the software insufficiently validates user-supplied input on an affected device. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive browser-based information. An attacker would need administrator privileges on the device to exploit these vulnerabilities."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "4.8",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-79"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20190501 Cisco Adaptive Security Appliance and Firepower Threat Defense Software WebVPN Cross-Site Scripting Vulnerabilities",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftd-xss"
            },
            {
              "name": "108152",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/108152"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20190501-asa-ftd-xss",
          "defect": [
            [
              "CSCvn78674",
              "CSCvo11406",
              "CSCvo11416",
              "CSCvo17033"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2019-1701",
    "datePublished": "2019-05-03T16:00:35.083047Z",
    "dateReserved": "2018-12-06T00:00:00",
    "dateUpdated": "2024-11-21T19:35:04.881Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-20729 (GCVE-0-2022-20729)

Vulnerability from cvelistv5

Published

2022-05-03 03:16

Modified

2024-11-06 16:18

Severity ?

4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

CWE

CWE-91

Summary

A vulnerability in CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to inject XML into the command parser. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by including crafted input in commands. A successful exploit could allow the attacker to inject XML into the command parser, which could result in unexpected processing of the command and unexpected command output.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-xmlinj-8GWjGzKe	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Threat Defense Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T02:24:49.226Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20220427 Cisco Firepower Threat Defense Software XML Injection Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-xmlinj-8GWjGzKe"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-20729",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-06T15:58:37.745503Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-06T16:18:45.044Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2022-04-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to inject XML into the command parser. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by including crafted input in commands. A successful exploit could allow the attacker to inject XML into the command parser, which could result in unexpected processing of the command and unexpected command output."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-91",
              "description": "CWE-91",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-05-03T03:16:23",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20220427 Cisco Firepower Threat Defense Software XML Injection Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-xmlinj-8GWjGzKe"
        }
      ],
      "source": {
        "advisory": "cisco-sa-ftd-xmlinj-8GWjGzKe",
        "defect": [
          [
            "CSCvy41763"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Firepower Threat Defense Software XML Injection Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2022-04-27T16:00:00",
          "ID": "CVE-2022-20729",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Firepower Threat Defense Software XML Injection Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Firepower Threat Defense Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to inject XML into the command parser. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by including crafted input in commands. A successful exploit could allow the attacker to inject XML into the command parser, which could result in unexpected processing of the command and unexpected command output."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "4.4",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-91"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20220427 Cisco Firepower Threat Defense Software XML Injection Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-xmlinj-8GWjGzKe"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-ftd-xmlinj-8GWjGzKe",
          "defect": [
            [
              "CSCvy41763"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2022-20729",
    "datePublished": "2022-05-03T03:16:23.220344Z",
    "dateReserved": "2021-11-02T00:00:00",
    "dateUpdated": "2024-11-06T16:18:45.044Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-3195 (GCVE-0-2020-3195)

Vulnerability from cvelistv5

Published

2020-05-06 16:41

Modified

2024-11-15 17:25

Severity ?

8.6 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-400

Summary

A vulnerability in the Open Shortest Path First (OSPF) implementation in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a memory leak on an affected device. The vulnerability is due to incorrect processing of certain OSPF packets. An attacker could exploit this vulnerability by sending a series of crafted OSPF packets to be processed by an affected device. A successful exploit could allow the attacker to continuously consume memory on an affected device and eventually cause it to reload, resulting in a denial of service (DoS) condition.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-ospf-memleak-DHpsgfnv	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Adaptive Security Appliance (ASA) Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T07:24:00.672Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20200506 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software OSPF Packets Processing Memory Leak Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-ospf-memleak-DHpsgfnv"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-3195",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-15T16:21:39.307576Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-15T17:25:12.331Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2020-05-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Open Shortest Path First (OSPF) implementation in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a memory leak on an affected device. The vulnerability is due to incorrect processing of certain OSPF packets. An attacker could exploit this vulnerability by sending a series of crafted OSPF packets to be processed by an affected device. A successful exploit could allow the attacker to continuously consume memory on an affected device and eventually cause it to reload, resulting in a denial of service (DoS) condition."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-05-06T16:41:20",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20200506 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software OSPF Packets Processing Memory Leak Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-ospf-memleak-DHpsgfnv"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asa-ftd-ospf-memleak-DHpsgfnv",
        "defect": [
          [
            "CSCvr92168"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software OSPF Packets Processing Memory Leak Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2020-05-06T16:00:00-0700",
          "ID": "CVE-2020-3195",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software OSPF Packets Processing Memory Leak Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the Open Shortest Path First (OSPF) implementation in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a memory leak on an affected device. The vulnerability is due to incorrect processing of certain OSPF packets. An attacker could exploit this vulnerability by sending a series of crafted OSPF packets to be processed by an affected device. A successful exploit could allow the attacker to continuously consume memory on an affected device and eventually cause it to reload, resulting in a denial of service (DoS) condition."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.6",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-400"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20200506 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software OSPF Packets Processing Memory Leak Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-ospf-memleak-DHpsgfnv"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-asa-ftd-ospf-memleak-DHpsgfnv",
          "defect": [
            [
              "CSCvr92168"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2020-3195",
    "datePublished": "2020-05-06T16:41:20.907510Z",
    "dateReserved": "2019-12-12T00:00:00",
    "dateUpdated": "2024-11-15T17:25:12.331Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-20081 (GCVE-0-2023-20081)

Vulnerability from cvelistv5

Published

2023-03-23 00:00

Modified

2024-10-25 16:02

Severity ?

6.8 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-122

Summary

A vulnerability in the IPv6 DHCP (DHCPv6) client module of Cisco Adaptive Security Appliance (ASA) Software, Cisco Firepower Threat Defense (FTD) Software, Cisco IOS Software, and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation of DHCPv6 messages. An attacker could exploit this vulnerability by sending crafted DHCPv6 messages to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. Note: To successfully exploit this vulnerability, the attacker would need to either control the DHCPv6 server or be in a man-in-the-middle position.

References

▼	URL	Tags
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftdios-dhcpv6-cli-Zf3zTv	vendor-advisory

Impacted products

	Vendor	Product	Version
	Cisco	Cisco IOS	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T08:57:35.826Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20230322 Cisco Adaptive Security Appliance Software, Firepower Threat Defense Software, IOS Software, and IOS XE Software IPv6 DHCP (DHCPv6) Client Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftdios-dhcpv6-cli-Zf3zTv"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-20081",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-25T14:36:06.950252Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-25T16:02:26.498Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco IOS ",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2023-03-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the IPv6 DHCP (DHCPv6) client module of Cisco Adaptive Security Appliance (ASA) Software, Cisco Firepower Threat Defense (FTD) Software, Cisco IOS Software, and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation of DHCPv6 messages. An attacker could exploit this vulnerability by sending crafted DHCPv6 messages to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. Note: To successfully exploit this vulnerability, the attacker would need to either control the DHCPv6 server or be in a man-in-the-middle position."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. "
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-122",
              "description": "CWE-122",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-03-23T00:00:00",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20230322 Cisco Adaptive Security Appliance Software, Firepower Threat Defense Software, IOS Software, and IOS XE Software IPv6 DHCP (DHCPv6) Client Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftdios-dhcpv6-cli-Zf3zTv"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asaftdios-dhcpv6-cli-Zf3zTv",
        "defect": [
          [
            "CSCwa34291",
            "CSCwa34310"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance Software, Firepower Threat Defense Software, IOS Software, and IOS XE Software IPv6 DHCP (DHCPv6) Client Denial of Service Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2023-20081",
    "datePublished": "2023-03-23T00:00:00",
    "dateReserved": "2022-10-27T00:00:00",
    "dateUpdated": "2024-10-25T16:02:26.498Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-1223 (GCVE-0-2021-1223)

Vulnerability from cvelistv5

Published

2021-01-13 21:16

Modified

2024-11-12 20:48

Severity ?

5.8 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

CWE

CWE-693

Summary

Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect handling of an HTTP range header. An attacker could exploit this vulnerability by sending crafted HTTP packets through an affected device. A successful exploit could allow the attacker to bypass configured file policy for HTTP packets and deliver a malicious payload.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-filepolbypass-67DEwMe2	vendor-advisory
	https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html	mailing-list
	https://www.debian.org/security/2023/dsa-5354	vendor-advisory

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Threat Defense Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T16:02:56.174Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20210113 Multiple Cisco Products Snort HTTP Detection Engine File Policy Bypass Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-filepolbypass-67DEwMe2"
          },
          {
            "name": "[debian-lts-announce] 20230210 [SECURITY] [DLA 3317-1] snort security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html"
          },
          {
            "name": "DSA-5354",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2023/dsa-5354"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-1223",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-08T20:06:16.123523Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-12T20:48:44.825Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2021-01-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect handling of an HTTP range header. An attacker could exploit this vulnerability by sending crafted HTTP packets through an affected device. A successful exploit could allow the attacker to bypass configured file policy for HTTP packets and deliver a malicious payload."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-693",
              "description": "CWE-693",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-02-19T00:00:00",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20210113 Multiple Cisco Products Snort HTTP Detection Engine File Policy Bypass Vulnerability",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-filepolbypass-67DEwMe2"
        },
        {
          "name": "[debian-lts-announce] 20230210 [SECURITY] [DLA 3317-1] snort security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html"
        },
        {
          "name": "DSA-5354",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.debian.org/security/2023/dsa-5354"
        }
      ],
      "source": {
        "advisory": "cisco-sa-snort-filepolbypass-67DEwMe2",
        "defect": [
          [
            "CSCvs71969",
            "CSCvu18635"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Multiple Cisco Products Snort HTTP Detection Engine File Policy Bypass Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2021-1223",
    "datePublished": "2021-01-13T21:16:48.777971Z",
    "dateReserved": "2020-11-13T00:00:00",
    "dateUpdated": "2024-11-12T20:48:44.825Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-15992 (GCVE-0-2019-15992)

Vulnerability from cvelistv5

Published

2020-09-23 00:27

Modified

2024-11-13 18:47

Severity ?

7.2 (High) - CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-119

Summary

A vulnerability in the implementation of the Lua interpreter integrated in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to execute arbitrary code with root privileges on the underlying Linux operating system of an affected device. The vulnerability is due to insufficient restrictions on the allowed Lua function calls within the context of user-supplied Lua scripts. A successful exploit could allow the attacker to trigger a heap overflow condition and execute arbitrary code with root privileges on the underlying Linux operating system of an affected device.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191112-asa-ftd-lua-rce	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Adaptive Security Appliance (ASA) Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T01:03:32.832Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20191112 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Remote Code Execution Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191112-asa-ftd-lua-rce"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2019-15992",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-13T18:46:49.657176Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-13T18:47:14.541Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2019-11-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the implementation of the Lua interpreter integrated in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to execute arbitrary code with root privileges on the underlying Linux operating system of an affected device. The vulnerability is due to insufficient restrictions on the allowed Lua function calls within the context of user-supplied Lua scripts. A successful exploit could allow the attacker to trigger a heap overflow condition and execute arbitrary code with root privileges on the underlying Linux operating system of an affected device."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerability described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-119",
              "description": "CWE-119",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-23T00:27:04",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20191112 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Remote Code Execution Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191112-asa-ftd-lua-rce"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20191112-asa-ftd-lua-rce",
        "defect": [
          [
            "CSCvr85295",
            "CSCvr96680"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Remote Code Execution Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2019-11-12T13:15:00",
          "ID": "CVE-2019-15992",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Remote Code Execution Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the implementation of the Lua interpreter integrated in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to execute arbitrary code with root privileges on the underlying Linux operating system of an affected device. The vulnerability is due to insufficient restrictions on the allowed Lua function calls within the context of user-supplied Lua scripts. A successful exploit could allow the attacker to trigger a heap overflow condition and execute arbitrary code with root privileges on the underlying Linux operating system of an affected device."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerability described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "7.2",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-119"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20191112 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Remote Code Execution Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191112-asa-ftd-lua-rce"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20191112-asa-ftd-lua-rce",
          "defect": [
            [
              "CSCvr85295",
              "CSCvr96680"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2019-15992",
    "datePublished": "2020-09-23T00:27:04.203191Z",
    "dateReserved": "2019-09-06T00:00:00",
    "dateUpdated": "2024-11-13T18:47:14.541Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2018-15383 (GCVE-0-2018-15383)

Vulnerability from cvelistv5

Published

2018-10-05 14:00

Modified

2024-11-26 14:34

Severity ?

CWE

CWE-400

Summary

A vulnerability in the cryptographic hardware accelerator driver of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a temporary denial of service (DoS) condition. The vulnerability exists because the affected devices have a limited amount of Direct Memory Access (DMA) memory and the affected software improperly handles resources in low-memory conditions. An attacker could exploit this vulnerability by sending a sustained, high rate of malicious traffic to an affected device to exhaust memory on the device. A successful exploit could allow the attacker to exhaust DMA memory on the affected device, which could cause the device to reload and result in a temporary DoS condition.

References

▼	URL	Tags
	http://www.securitytracker.com/id/1041787	vdb-entry, x_refsource_SECTRACK
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-asa-dma-dos	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Adaptive Security Appliance (ASA) Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T09:54:02.337Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1041787",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1041787"
          },
          {
            "name": "20181003 Cisco Adaptive Security Appliance Direct Memory Access Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-asa-dma-dos"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2018-15383",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-25T18:53:03.926244Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-26T14:34:37.308Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-10-03T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the cryptographic hardware accelerator driver of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a temporary denial of service (DoS) condition. The vulnerability exists because the affected devices have a limited amount of Direct Memory Access (DMA) memory and the affected software improperly handles resources in low-memory conditions. An attacker could exploit this vulnerability by sending a sustained, high rate of malicious traffic to an affected device to exhaust memory on the device. A successful exploit could allow the attacker to exhaust DMA memory on the affected device, which could cause the device to reload and result in a temporary DoS condition."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-07T09:57:02",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "1041787",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1041787"
        },
        {
          "name": "20181003 Cisco Adaptive Security Appliance Direct Memory Access Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-asa-dma-dos"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20181003-asa-dma-dos",
        "defect": [
          [
            "CSCvj89470"
          ]
        ],
        "discovery": "UNKNOWN"
      },
      "title": "Cisco Adaptive Security Appliance Direct Memory Access Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2018-10-03T16:00:00-0500",
          "ID": "CVE-2018-15383",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance Direct Memory Access Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the cryptographic hardware accelerator driver of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a temporary denial of service (DoS) condition. The vulnerability exists because the affected devices have a limited amount of Direct Memory Access (DMA) memory and the affected software improperly handles resources in low-memory conditions. An attacker could exploit this vulnerability by sending a sustained, high rate of malicious traffic to an affected device to exhaust memory on the device. A successful exploit could allow the attacker to exhaust DMA memory on the affected device, which could cause the device to reload and result in a temporary DoS condition."
            }
          ]
        },
        "impact": {
          "cvss": {
            "baseScore": "8.6",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-400"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1041787",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1041787"
            },
            {
              "name": "20181003 Cisco Adaptive Security Appliance Direct Memory Access Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-asa-dma-dos"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20181003-asa-dma-dos",
          "defect": [
            [
              "CSCvj89470"
            ]
          ],
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2018-15383",
    "datePublished": "2018-10-05T14:00:00Z",
    "dateReserved": "2018-08-17T00:00:00",
    "dateUpdated": "2024-11-26T14:34:37.308Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-3167 (GCVE-0-2020-3167)

Vulnerability from cvelistv5

Published

2020-02-26 16:51

Modified

2024-11-15 17:37

Severity ?

7.8 (High) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-78

Summary

A vulnerability in the CLI of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system (OS). The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by including crafted arguments to specific commands. A successful exploit could allow the attacker to execute arbitrary commands on the underlying OS with the privileges of the currently logged-in user for all affected platforms excluding Cisco UCS 6400 Series Fabric Interconnects. On Cisco UCS 6400 Series Fabric Interconnects, the injected commands are executed with root privileges.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-ucs-cmdinj	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Adaptive Security Appliance (ASA) Software	Version: unspecified < n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T07:24:00.717Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20200226 Cisco FXOS and UCS Manager Software CLI Command Injection Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-ucs-cmdinj"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-3167",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-15T16:24:56.860837Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-15T17:37:18.211Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "n/a",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2020-02-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the CLI of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system (OS). The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by including crafted arguments to specific commands. A successful exploit could allow the attacker to execute arbitrary commands on the underlying OS with the privileges of the currently logged-in user for all affected platforms excluding Cisco UCS 6400 Series Fabric Interconnects. On Cisco UCS 6400 Series Fabric Interconnects, the injected commands are executed with root privileges."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "CWE-78",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-02-26T16:51:05",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20200226 Cisco FXOS and UCS Manager Software CLI Command Injection Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-ucs-cmdinj"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20200226-fxos-ucs-cmdinj",
        "defect": [
          [
            "CSCvo42628",
            "CSCvo42636",
            "CSCvp44264",
            "CSCvp44281",
            "CSCvr49734",
            "CSCvr58699"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco FXOS and UCS Manager Software CLI Command Injection Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2020-02-26T16:00:00-0800",
          "ID": "CVE-2020-3167",
          "STATE": "PUBLIC",
          "TITLE": "Cisco FXOS and UCS Manager Software CLI Command Injection Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the CLI of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system (OS). The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by including crafted arguments to specific commands. A successful exploit could allow the attacker to execute arbitrary commands on the underlying OS with the privileges of the currently logged-in user for all affected platforms excluding Cisco UCS 6400 Series Fabric Interconnects. On Cisco UCS 6400 Series Fabric Interconnects, the injected commands are executed with root privileges."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "7.8",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-78"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20200226 Cisco FXOS and UCS Manager Software CLI Command Injection Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-ucs-cmdinj"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20200226-fxos-ucs-cmdinj",
          "defect": [
            [
              "CSCvo42628",
              "CSCvo42636",
              "CSCvp44264",
              "CSCvp44281",
              "CSCvr49734",
              "CSCvr58699"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2020-3167",
    "datePublished": "2020-02-26T16:51:05.960558Z",
    "dateReserved": "2019-12-12T00:00:00",
    "dateUpdated": "2024-11-15T17:37:18.211Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-3562 (GCVE-0-2020-3562)

Vulnerability from cvelistv5

Published

2020-10-21 18:41

Modified

2024-11-13 17:46

Severity ?

8.6 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-119

Summary

A vulnerability in the SSL/TLS inspection of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series firewalls could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper input validation for certain fields of specific SSL/TLS messages. An attacker could exploit this vulnerability by sending a malformed SSL/TLS message through an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. No manual intervention is needed to recover the device after it has reloaded.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-ssl-dcrpt-dos-RYEkX4yy	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Threat Defense Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T07:37:55.507Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20201021 Cisco Firepower 2100 Series SSL/TLS Inspection Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-ssl-dcrpt-dos-RYEkX4yy"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-3562",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-13T17:12:11.514493Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-13T17:46:10.984Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2020-10-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the SSL/TLS inspection of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series firewalls could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper input validation for certain fields of specific SSL/TLS messages. An attacker could exploit this vulnerability by sending a malformed SSL/TLS message through an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. No manual intervention is needed to recover the device after it has reloaded."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-119",
              "description": "CWE-119",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-21T18:41:09",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20201021 Cisco Firepower 2100 Series SSL/TLS Inspection Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-ssl-dcrpt-dos-RYEkX4yy"
        }
      ],
      "source": {
        "advisory": "cisco-sa-ftd-ssl-dcrpt-dos-RYEkX4yy",
        "defect": [
          [
            "CSCvs56802"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Firepower 2100 Series SSL/TLS Inspection Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2020-10-21T16:00:00",
          "ID": "CVE-2020-3562",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Firepower 2100 Series SSL/TLS Inspection Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Firepower Threat Defense Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the SSL/TLS inspection of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series firewalls could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper input validation for certain fields of specific SSL/TLS messages. An attacker could exploit this vulnerability by sending a malformed SSL/TLS message through an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. No manual intervention is needed to recover the device after it has reloaded."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.6",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-119"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20201021 Cisco Firepower 2100 Series SSL/TLS Inspection Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-ssl-dcrpt-dos-RYEkX4yy"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-ftd-ssl-dcrpt-dos-RYEkX4yy",
          "defect": [
            [
              "CSCvs56802"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2020-3562",
    "datePublished": "2020-10-21T18:41:09.659912Z",
    "dateReserved": "2019-12-12T00:00:00",
    "dateUpdated": "2024-11-13T17:46:10.984Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-20795 (GCVE-0-2022-20795)

Vulnerability from cvelistv5

Published

2022-04-21 18:50

Modified

2024-11-06 16:22

Severity ?

5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

CWE

CWE-345

Summary

A vulnerability in the implementation of the Datagram TLS (DTLS) protocol in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause high CPU utilization, resulting in a denial of service (DoS) condition. This vulnerability is due to suboptimal processing that occurs when establishing a DTLS tunnel as part of an AnyConnect SSL VPN connection. An attacker could exploit this vulnerability by sending a steady stream of crafted DTLS traffic to an affected device. A successful exploit could allow the attacker to exhaust resources on the affected VPN headend device. This could cause existing DTLS tunnels to stop passing traffic and prevent new DTLS tunnels from establishing, resulting in a DoS condition. Note: When the attack traffic stops, the device recovers gracefully.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vpndtls-dos-TunzLEV	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Adaptive Security Appliance (ASA) Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T02:24:49.655Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20220420 Cisco Adaptive Security Appliance and Cisco Firepower Threat Defense Software AnyConnect SSL VPN Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vpndtls-dos-TunzLEV"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-20795",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-06T16:01:40.319401Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-06T16:22:08.505Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2022-04-20T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the implementation of the Datagram TLS (DTLS) protocol in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause high CPU utilization, resulting in a denial of service (DoS) condition. This vulnerability is due to suboptimal processing that occurs when establishing a DTLS tunnel as part of an AnyConnect SSL VPN connection. An attacker could exploit this vulnerability by sending a steady stream of crafted DTLS traffic to an affected device. A successful exploit could allow the attacker to exhaust resources on the affected VPN headend device. This could cause existing DTLS tunnels to stop passing traffic and prevent new DTLS tunnels from establishing, resulting in a DoS condition. Note: When the attack traffic stops, the device recovers gracefully."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerability described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-345",
              "description": "CWE-345",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-04-21T18:50:50",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20220420 Cisco Adaptive Security Appliance and Cisco Firepower Threat Defense Software AnyConnect SSL VPN Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vpndtls-dos-TunzLEV"
        }
      ],
      "source": {
        "advisory": "cisco-sa-vpndtls-dos-TunzLEV",
        "defect": [
          [
            "CSCvz09106"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance and Cisco Firepower Threat Defense Software AnyConnect SSL VPN Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2022-04-20T16:00:00",
          "ID": "CVE-2022-20795",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance and Cisco Firepower Threat Defense Software AnyConnect SSL VPN Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the implementation of the Datagram TLS (DTLS) protocol in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause high CPU utilization, resulting in a denial of service (DoS) condition. This vulnerability is due to suboptimal processing that occurs when establishing a DTLS tunnel as part of an AnyConnect SSL VPN connection. An attacker could exploit this vulnerability by sending a steady stream of crafted DTLS traffic to an affected device. A successful exploit could allow the attacker to exhaust resources on the affected VPN headend device. This could cause existing DTLS tunnels to stop passing traffic and prevent new DTLS tunnels from establishing, resulting in a DoS condition. Note: When the attack traffic stops, the device recovers gracefully."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerability described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "5.8",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-345"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20220420 Cisco Adaptive Security Appliance and Cisco Firepower Threat Defense Software AnyConnect SSL VPN Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vpndtls-dos-TunzLEV"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-vpndtls-dos-TunzLEV",
          "defect": [
            [
              "CSCvz09106"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2022-20795",
    "datePublished": "2022-04-21T18:50:51.145597Z",
    "dateReserved": "2021-11-02T00:00:00",
    "dateUpdated": "2024-11-06T16:22:08.505Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-20063 (GCVE-0-2023-20063)

Vulnerability from cvelistv5

Published

2023-11-01 17:11

Modified

2024-10-23 19:40

Severity ?

8.2 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

CWE

CWE-94 - Improper Control of Generation of Code ('Code Injection')

Summary

A vulnerability in the inter-device communication mechanisms between devices that are running Cisco Firepower Threat Defense (FTD) Software and devices that are running Cisco Firepower Management (FMC) Software could allow an authenticated, local attacker to execute arbitrary commands with root permissions on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by accessing the expert mode of an affected device and submitting specific commands to a connected system. A successful exploit could allow the attacker to execute arbitrary code in the context of an FMC device if the attacker has administrative privileges on an associated FTD device. Alternatively, a successful exploit could allow the attacker to execute arbitrary code in the context of an FTD device if the attacker has administrative privileges on an associated FMC device.

References

▼	URL	Tags
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-fmc-code-inj-wSHrgz8L

Impacted products

Vendor

Product

Version

▼

Cisco

Cisco Firepower Management Center

Version: 6.2.3.12
Version: 6.2.3.1
Version: 6.2.3.10
Version: 6.2.3.8
Version: 6.4.0.6
Version: 6.2.3
Version: 6.4.0.7
Version: 6.2.3.13
Version: 6.2.3.5
Version: 6.4.0.4
Version: 6.2.3.9
Version: 6.2.3.14
Version: 6.4.0.1
Version: 6.2.3.6
Version: 6.2.3.11
Version: 6.4.0.8
Version: 6.2.3.2
Version: 6.4.0.2
Version: 6.2.3.3
Version: 6.4.0.3
Version: 6.2.3.7
Version: 6.2.3.4
Version: 6.4.0.5
Version: 6.4.0
Version: 6.2.3.15
Version: 6.6.0
Version: 6.4.0.9
Version: 6.2.3.16
Version: 6.6.0.1
Version: 6.6.1
Version: 6.4.0.10
Version: 6.7.0
Version: 6.4.0.11
Version: 6.6.3
Version: 6.7.0.1
Version: 6.6.4
Version: 6.4.0.12
Version: 6.7.0.2
Version: 7.0.0
Version: 6.2.3.17
Version: 7.0.0.1
Version: 6.6.5
Version: 7.0.1
Version: 7.1.0
Version: 6.6.5.1
Version: 6.4.0.13
Version: 6.7.0.3
Version: 7.0.1.1
Version: 6.2.3.18
Version: 6.4.0.14
Version: 6.6.5.2
Version: 7.1.0.1
Version: 7.0.2
Version: 6.4.0.15
Version: 7.2.0
Version: 7.0.2.1
Version: 7.0.3
Version: 6.6.7
Version: 7.1.0.2
Version: 7.2.0.1
Version: 7.0.4
Version: 7.2.1
Version: 7.0.5
Version: 6.4.0.16
Version: 7.3.0
Version: 7.2.2
Version: 6.6.7.1
Version: 7.3.1
Version: 7.2.3
Version: 7.1.0.3
Version: 7.2.3.1
Version: 7.2.4
Version: 7.0.6
Version: 7.2.4.1
Version: 7.2.5
Version: 7.3.1.1
Version: 7.4.0
Version: 6.4.0.17
Version: 7.0.6.1
Version: 7.2.5.1
Version: 7.4.1
Version: 7.2.6
Version: 7.4.1.1
Version: 7.0.6.2
Version: 6.4.0.18
Version: 6.6.7.2
Version: 7.2.7
Version: 7.2.5.2
Version: 7.3.1.2
Version: 7.2.8
Version: 7.2.8.1

Cisco

Cisco Firepower Threat Defense Software

Version: 6.2.3.14
Version: 6.4.0.1
Version: 6.2.3.7
Version: 6.2.3
Version: 6.4.0.2
Version: 6.2.3.9
Version: 6.2.3.1
Version: 6.2.3.2
Version: 6.4.0.5
Version: 6.2.3.10
Version: 6.4.0
Version: 6.4.0.3
Version: 6.2.3.6
Version: 6.4.0.4
Version: 6.2.3.15
Version: 6.2.3.5
Version: 6.2.3.4
Version: 6.2.3.3
Version: 6.2.3.8
Version: 6.4.0.6
Version: 6.2.3.11
Version: 6.2.3.12
Version: 6.2.3.13
Version: 6.4.0.7
Version: 6.4.0.8
Version: 6.6.0
Version: 6.4.0.9
Version: 6.2.3.16
Version: 6.6.0.1
Version: 6.6.1
Version: 6.4.0.10
Version: 6.7.0
Version: 6.4.0.11
Version: 6.6.3
Version: 6.7.0.1
Version: 6.6.4
Version: 6.4.0.12
Version: 6.7.0.2
Version: 7.0.0
Version: 6.2.3.17
Version: 7.0.0.1
Version: 6.6.5
Version: 7.0.1
Version: 7.1.0
Version: 6.4.0.13
Version: 6.6.5.1
Version: 6.2.3.18
Version: 7.0.1.1
Version: 6.7.0.3
Version: 6.4.0.14
Version: 7.1.0.1
Version: 6.6.5.2
Version: 7.0.2
Version: 6.4.0.15
Version: 7.2.0
Version: 7.0.2.1
Version: 7.0.3
Version: 6.6.7
Version: 7.1.0.2
Version: 7.2.0.1
Version: 7.0.4
Version: 7.2.1
Version: 7.0.5
Version: 6.4.0.16
Version: 7.3.0
Version: 7.2.2
Version: 7.2.3
Version: 6.6.7.1
Version: 7.3.1
Version: 7.1.0.3
Version: 7.2.4
Version: 7.0.6
Version: 7.2.5
Version: 7.2.4.1
Version: 7.3.1.1
Version: 7.4.0
Version: 6.4.0.17
Version: 7.0.6.1
Version: 7.2.5.1
Version: 7.4.1
Version: 7.2.6
Version: 7.0.6.2
Version: 7.4.1.1
Version: 6.6.7.2
Version: 6.4.0.18
Version: 7.2.7
Version: 7.2.5.2
Version: 7.3.1.2
Version: 7.2.8
Version: 7.2.8.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T08:57:35.628Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "cisco-sa-ftd-fmc-code-inj-wSHrgz8L",
            "tags": [
              "x_transferred"
            ],
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-fmc-code-inj-wSHrgz8L"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-20063",
                "options": [
                  {
                    "Exploitation": "None"
                  },
                  {
                    "Automatable": "No"
                  },
                  {
                    "Technical Impact": "Total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2023-11-15T16:39:52.764967Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-23T19:40:26.769Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "Cisco Firepower Management Center",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "6.2.3.12"
            },
            {
              "status": "affected",
              "version": "6.2.3.1"
            },
            {
              "status": "affected",
              "version": "6.2.3.10"
            },
            {
              "status": "affected",
              "version": "6.2.3.8"
            },
            {
              "status": "affected",
              "version": "6.4.0.6"
            },
            {
              "status": "affected",
              "version": "6.2.3"
            },
            {
              "status": "affected",
              "version": "6.4.0.7"
            },
            {
              "status": "affected",
              "version": "6.2.3.13"
            },
            {
              "status": "affected",
              "version": "6.2.3.5"
            },
            {
              "status": "affected",
              "version": "6.4.0.4"
            },
            {
              "status": "affected",
              "version": "6.2.3.9"
            },
            {
              "status": "affected",
              "version": "6.2.3.14"
            },
            {
              "status": "affected",
              "version": "6.4.0.1"
            },
            {
              "status": "affected",
              "version": "6.2.3.6"
            },
            {
              "status": "affected",
              "version": "6.2.3.11"
            },
            {
              "status": "affected",
              "version": "6.4.0.8"
            },
            {
              "status": "affected",
              "version": "6.2.3.2"
            },
            {
              "status": "affected",
              "version": "6.4.0.2"
            },
            {
              "status": "affected",
              "version": "6.2.3.3"
            },
            {
              "status": "affected",
              "version": "6.4.0.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.7"
            },
            {
              "status": "affected",
              "version": "6.2.3.4"
            },
            {
              "status": "affected",
              "version": "6.4.0.5"
            },
            {
              "status": "affected",
              "version": "6.4.0"
            },
            {
              "status": "affected",
              "version": "6.2.3.15"
            },
            {
              "status": "affected",
              "version": "6.6.0"
            },
            {
              "status": "affected",
              "version": "6.4.0.9"
            },
            {
              "status": "affected",
              "version": "6.2.3.16"
            },
            {
              "status": "affected",
              "version": "6.6.0.1"
            },
            {
              "status": "affected",
              "version": "6.6.1"
            },
            {
              "status": "affected",
              "version": "6.4.0.10"
            },
            {
              "status": "affected",
              "version": "6.7.0"
            },
            {
              "status": "affected",
              "version": "6.4.0.11"
            },
            {
              "status": "affected",
              "version": "6.6.3"
            },
            {
              "status": "affected",
              "version": "6.7.0.1"
            },
            {
              "status": "affected",
              "version": "6.6.4"
            },
            {
              "status": "affected",
              "version": "6.4.0.12"
            },
            {
              "status": "affected",
              "version": "6.7.0.2"
            },
            {
              "status": "affected",
              "version": "7.0.0"
            },
            {
              "status": "affected",
              "version": "6.2.3.17"
            },
            {
              "status": "affected",
              "version": "7.0.0.1"
            },
            {
              "status": "affected",
              "version": "6.6.5"
            },
            {
              "status": "affected",
              "version": "7.0.1"
            },
            {
              "status": "affected",
              "version": "7.1.0"
            },
            {
              "status": "affected",
              "version": "6.6.5.1"
            },
            {
              "status": "affected",
              "version": "6.4.0.13"
            },
            {
              "status": "affected",
              "version": "6.7.0.3"
            },
            {
              "status": "affected",
              "version": "7.0.1.1"
            },
            {
              "status": "affected",
              "version": "6.2.3.18"
            },
            {
              "status": "affected",
              "version": "6.4.0.14"
            },
            {
              "status": "affected",
              "version": "6.6.5.2"
            },
            {
              "status": "affected",
              "version": "7.1.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.2"
            },
            {
              "status": "affected",
              "version": "6.4.0.15"
            },
            {
              "status": "affected",
              "version": "7.2.0"
            },
            {
              "status": "affected",
              "version": "7.0.2.1"
            },
            {
              "status": "affected",
              "version": "7.0.3"
            },
            {
              "status": "affected",
              "version": "6.6.7"
            },
            {
              "status": "affected",
              "version": "7.1.0.2"
            },
            {
              "status": "affected",
              "version": "7.2.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.4"
            },
            {
              "status": "affected",
              "version": "7.2.1"
            },
            {
              "status": "affected",
              "version": "7.0.5"
            },
            {
              "status": "affected",
              "version": "6.4.0.16"
            },
            {
              "status": "affected",
              "version": "7.3.0"
            },
            {
              "status": "affected",
              "version": "7.2.2"
            },
            {
              "status": "affected",
              "version": "6.6.7.1"
            },
            {
              "status": "affected",
              "version": "7.3.1"
            },
            {
              "status": "affected",
              "version": "7.2.3"
            },
            {
              "status": "affected",
              "version": "7.1.0.3"
            },
            {
              "status": "affected",
              "version": "7.2.3.1"
            },
            {
              "status": "affected",
              "version": "7.2.4"
            },
            {
              "status": "affected",
              "version": "7.0.6"
            },
            {
              "status": "affected",
              "version": "7.2.4.1"
            },
            {
              "status": "affected",
              "version": "7.2.5"
            },
            {
              "status": "affected",
              "version": "7.3.1.1"
            },
            {
              "status": "affected",
              "version": "7.4.0"
            },
            {
              "status": "affected",
              "version": "6.4.0.17"
            },
            {
              "status": "affected",
              "version": "7.0.6.1"
            },
            {
              "status": "affected",
              "version": "7.2.5.1"
            },
            {
              "status": "affected",
              "version": "7.4.1"
            },
            {
              "status": "affected",
              "version": "7.2.6"
            },
            {
              "status": "affected",
              "version": "7.4.1.1"
            },
            {
              "status": "affected",
              "version": "7.0.6.2"
            },
            {
              "status": "affected",
              "version": "6.4.0.18"
            },
            {
              "status": "affected",
              "version": "6.6.7.2"
            },
            {
              "status": "affected",
              "version": "7.2.7"
            },
            {
              "status": "affected",
              "version": "7.2.5.2"
            },
            {
              "status": "affected",
              "version": "7.3.1.2"
            },
            {
              "status": "affected",
              "version": "7.2.8"
            },
            {
              "status": "affected",
              "version": "7.2.8.1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "6.2.3.14"
            },
            {
              "status": "affected",
              "version": "6.4.0.1"
            },
            {
              "status": "affected",
              "version": "6.2.3.7"
            },
            {
              "status": "affected",
              "version": "6.2.3"
            },
            {
              "status": "affected",
              "version": "6.4.0.2"
            },
            {
              "status": "affected",
              "version": "6.2.3.9"
            },
            {
              "status": "affected",
              "version": "6.2.3.1"
            },
            {
              "status": "affected",
              "version": "6.2.3.2"
            },
            {
              "status": "affected",
              "version": "6.4.0.5"
            },
            {
              "status": "affected",
              "version": "6.2.3.10"
            },
            {
              "status": "affected",
              "version": "6.4.0"
            },
            {
              "status": "affected",
              "version": "6.4.0.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.6"
            },
            {
              "status": "affected",
              "version": "6.4.0.4"
            },
            {
              "status": "affected",
              "version": "6.2.3.15"
            },
            {
              "status": "affected",
              "version": "6.2.3.5"
            },
            {
              "status": "affected",
              "version": "6.2.3.4"
            },
            {
              "status": "affected",
              "version": "6.2.3.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.8"
            },
            {
              "status": "affected",
              "version": "6.4.0.6"
            },
            {
              "status": "affected",
              "version": "6.2.3.11"
            },
            {
              "status": "affected",
              "version": "6.2.3.12"
            },
            {
              "status": "affected",
              "version": "6.2.3.13"
            },
            {
              "status": "affected",
              "version": "6.4.0.7"
            },
            {
              "status": "affected",
              "version": "6.4.0.8"
            },
            {
              "status": "affected",
              "version": "6.6.0"
            },
            {
              "status": "affected",
              "version": "6.4.0.9"
            },
            {
              "status": "affected",
              "version": "6.2.3.16"
            },
            {
              "status": "affected",
              "version": "6.6.0.1"
            },
            {
              "status": "affected",
              "version": "6.6.1"
            },
            {
              "status": "affected",
              "version": "6.4.0.10"
            },
            {
              "status": "affected",
              "version": "6.7.0"
            },
            {
              "status": "affected",
              "version": "6.4.0.11"
            },
            {
              "status": "affected",
              "version": "6.6.3"
            },
            {
              "status": "affected",
              "version": "6.7.0.1"
            },
            {
              "status": "affected",
              "version": "6.6.4"
            },
            {
              "status": "affected",
              "version": "6.4.0.12"
            },
            {
              "status": "affected",
              "version": "6.7.0.2"
            },
            {
              "status": "affected",
              "version": "7.0.0"
            },
            {
              "status": "affected",
              "version": "6.2.3.17"
            },
            {
              "status": "affected",
              "version": "7.0.0.1"
            },
            {
              "status": "affected",
              "version": "6.6.5"
            },
            {
              "status": "affected",
              "version": "7.0.1"
            },
            {
              "status": "affected",
              "version": "7.1.0"
            },
            {
              "status": "affected",
              "version": "6.4.0.13"
            },
            {
              "status": "affected",
              "version": "6.6.5.1"
            },
            {
              "status": "affected",
              "version": "6.2.3.18"
            },
            {
              "status": "affected",
              "version": "7.0.1.1"
            },
            {
              "status": "affected",
              "version": "6.7.0.3"
            },
            {
              "status": "affected",
              "version": "6.4.0.14"
            },
            {
              "status": "affected",
              "version": "7.1.0.1"
            },
            {
              "status": "affected",
              "version": "6.6.5.2"
            },
            {
              "status": "affected",
              "version": "7.0.2"
            },
            {
              "status": "affected",
              "version": "6.4.0.15"
            },
            {
              "status": "affected",
              "version": "7.2.0"
            },
            {
              "status": "affected",
              "version": "7.0.2.1"
            },
            {
              "status": "affected",
              "version": "7.0.3"
            },
            {
              "status": "affected",
              "version": "6.6.7"
            },
            {
              "status": "affected",
              "version": "7.1.0.2"
            },
            {
              "status": "affected",
              "version": "7.2.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.4"
            },
            {
              "status": "affected",
              "version": "7.2.1"
            },
            {
              "status": "affected",
              "version": "7.0.5"
            },
            {
              "status": "affected",
              "version": "6.4.0.16"
            },
            {
              "status": "affected",
              "version": "7.3.0"
            },
            {
              "status": "affected",
              "version": "7.2.2"
            },
            {
              "status": "affected",
              "version": "7.2.3"
            },
            {
              "status": "affected",
              "version": "6.6.7.1"
            },
            {
              "status": "affected",
              "version": "7.3.1"
            },
            {
              "status": "affected",
              "version": "7.1.0.3"
            },
            {
              "status": "affected",
              "version": "7.2.4"
            },
            {
              "status": "affected",
              "version": "7.0.6"
            },
            {
              "status": "affected",
              "version": "7.2.5"
            },
            {
              "status": "affected",
              "version": "7.2.4.1"
            },
            {
              "status": "affected",
              "version": "7.3.1.1"
            },
            {
              "status": "affected",
              "version": "7.4.0"
            },
            {
              "status": "affected",
              "version": "6.4.0.17"
            },
            {
              "status": "affected",
              "version": "7.0.6.1"
            },
            {
              "status": "affected",
              "version": "7.2.5.1"
            },
            {
              "status": "affected",
              "version": "7.4.1"
            },
            {
              "status": "affected",
              "version": "7.2.6"
            },
            {
              "status": "affected",
              "version": "7.0.6.2"
            },
            {
              "status": "affected",
              "version": "7.4.1.1"
            },
            {
              "status": "affected",
              "version": "6.6.7.2"
            },
            {
              "status": "affected",
              "version": "6.4.0.18"
            },
            {
              "status": "affected",
              "version": "7.2.7"
            },
            {
              "status": "affected",
              "version": "7.2.5.2"
            },
            {
              "status": "affected",
              "version": "7.3.1.2"
            },
            {
              "status": "affected",
              "version": "7.2.8"
            },
            {
              "status": "affected",
              "version": "7.2.8.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the inter-device communication mechanisms between devices that are running Cisco Firepower Threat Defense (FTD) Software and devices that are running Cisco Firepower Management (FMC) Software could allow an authenticated, local attacker to execute arbitrary commands with root permissions on the underlying operating system of an affected device.\r\n\r\nThis vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by accessing the expert mode of an affected device and submitting specific commands to a connected system. A successful exploit could allow the attacker to execute arbitrary code in the context of an FMC device if the attacker has administrative privileges on an associated FTD device. Alternatively, a successful exploit could allow the attacker to execute arbitrary code in the context of an FTD device if the attacker has administrative privileges on an associated FMC device."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-94",
              "description": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-23T17:06:37.547Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-ftd-fmc-code-inj-wSHrgz8L",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-fmc-code-inj-wSHrgz8L"
        }
      ],
      "source": {
        "advisory": "cisco-sa-ftd-fmc-code-inj-wSHrgz8L",
        "defects": [
          "CSCwb42031"
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Cisco Firepower Threat Defense Software and Cisco Firepower Management Center Code Injection Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2023-20063",
    "datePublished": "2023-11-01T17:11:46.268Z",
    "dateReserved": "2022-10-27T18:47:50.321Z",
    "dateUpdated": "2024-10-23T19:40:26.769Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-34781 (GCVE-0-2021-34781)

Vulnerability from cvelistv5

Published

2021-10-27 18:55

Modified

2024-11-07 21:46

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-119

Summary

A vulnerability in the processing of SSH connections for multi-instance deployments of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. This vulnerability is due to a lack of proper error handling when an SSH session fails to be established. An attacker could exploit this vulnerability by sending a high rate of crafted SSH connections to the instance. A successful exploit could allow the attacker to cause resource exhaustion, which causes a DoS condition on the affected device. The device must be manually reloaded to recover.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-rUDseW3r	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Adaptive Security Appliance (ASA) Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T00:19:48.142Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20211027 Cisco Firepower Threat Defense Software SSH Connections Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-rUDseW3r"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-34781",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-07T21:44:33.446840Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-07T21:46:12.549Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2021-10-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the processing of SSH connections for multi-instance deployments of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. This vulnerability is due to a lack of proper error handling when an SSH session fails to be established. An attacker could exploit this vulnerability by sending a high rate of crafted SSH connections to the instance. A successful exploit could allow the attacker to cause resource exhaustion, which causes a DoS condition on the affected device. The device must be manually reloaded to recover."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-119",
              "description": "CWE-119",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-27T18:55:52",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20211027 Cisco Firepower Threat Defense Software SSH Connections Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-rUDseW3r"
        }
      ],
      "source": {
        "advisory": "cisco-sa-ftd-dos-rUDseW3r",
        "defect": [
          [
            "CSCvy13543"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Firepower Threat Defense Software SSH Connections Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2021-10-27T16:00:00",
          "ID": "CVE-2021-34781",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Firepower Threat Defense Software SSH Connections Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the processing of SSH connections for multi-instance deployments of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. This vulnerability is due to a lack of proper error handling when an SSH session fails to be established. An attacker could exploit this vulnerability by sending a high rate of crafted SSH connections to the instance. A successful exploit could allow the attacker to cause resource exhaustion, which causes a DoS condition on the affected device. The device must be manually reloaded to recover."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.6",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-119"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20211027 Cisco Firepower Threat Defense Software SSH Connections Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-rUDseW3r"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-ftd-dos-rUDseW3r",
          "defect": [
            [
              "CSCvy13543"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2021-34781",
    "datePublished": "2021-10-27T18:55:52.320484Z",
    "dateReserved": "2021-06-15T00:00:00",
    "dateUpdated": "2024-11-07T21:46:12.549Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-3452 (GCVE-0-2020-3452)

Vulnerability from cvelistv5

Published

2020-07-22 20:00

Modified

2025-07-30 01:45

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE

CWE-20

Summary

A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct directory traversal attacks and read sensitive files on a targeted system. The vulnerability is due to a lack of proper input validation of URLs in HTTP requests processed by an affected device. An attacker could exploit this vulnerability by sending a crafted HTTP request containing directory traversal character sequences to an affected device. A successful exploit could allow the attacker to view arbitrary files within the web services file system on the targeted device. The web services file system is enabled when the affected device is configured with either WebVPN or AnyConnect features. This vulnerability cannot be used to obtain access to ASA or FTD system files or underlying operating system (OS) files.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ro-path-KJuQhB86	vendor-advisory, x_refsource_CISCO
	http://packetstormsecurity.com/files/158646/Cisco-ASA-FTD-Remote-File-Disclosure.html	x_refsource_MISC
	http://packetstormsecurity.com/files/158647/Cisco-Adaptive-Security-Appliance-Software-9.11-Local-File-Inclusion.html	x_refsource_MISC
	http://packetstormsecurity.com/files/159523/Cisco-ASA-FTD-9.6.4.42-Path-Traversal.html	x_refsource_MISC
	http://packetstormsecurity.com/files/160497/Cisco-ASA-9.14.1.10-FTD-6.6.0.1-Path-Traversal.html	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Adaptive Security Appliance (ASA) Software	Version: unspecified < 9.6.4.42 Version: unspecified < 9.8.4.20 Version: unspecified < 9.9.2.74 Version: unspecified < 9.10.1.42 Version: unspecified < 9.13.1.10 Version: unspecified < 9.14.1.10

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T07:37:54.107Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20200722 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Read-Only Path Traversal Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ro-path-KJuQhB86"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/158646/Cisco-ASA-FTD-Remote-File-Disclosure.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/158647/Cisco-Adaptive-Security-Appliance-Software-9.11-Local-File-Inclusion.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/159523/Cisco-ASA-FTD-9.6.4.42-Path-Traversal.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/160497/Cisco-ASA-9.14.1.10-FTD-6.6.0.1-Path-Traversal.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-3452",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-04T15:34:29.959713Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2021-11-03",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-3452"
              },
              "type": "kev"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-30T01:45:37.610Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2021-11-03T00:00:00+00:00",
            "value": "CVE-2020-3452 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "9.6.4.42",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "9.8.4.20",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "9.9.2.74",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "9.10.1.42",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "9.13.1.10",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "9.14.1.10",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2020-07-22T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct directory traversal attacks and read sensitive files on a targeted system. The vulnerability is due to a lack of proper input validation of URLs in HTTP requests processed by an affected device. An attacker could exploit this vulnerability by sending a crafted HTTP request containing directory traversal character sequences to an affected device. A successful exploit could allow the attacker to view arbitrary files within the web services file system on the targeted device. The web services file system is enabled when the affected device is configured with either WebVPN or AnyConnect features. This vulnerability cannot be used to obtain access to ASA or FTD system files or underlying operating system (OS) files."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-12-15T17:06:12.000Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20200722 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Read-Only Path Traversal Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ro-path-KJuQhB86"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/158646/Cisco-ASA-FTD-Remote-File-Disclosure.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/158647/Cisco-Adaptive-Security-Appliance-Software-9.11-Local-File-Inclusion.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/159523/Cisco-ASA-FTD-9.6.4.42-Path-Traversal.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/160497/Cisco-ASA-9.14.1.10-FTD-6.6.0.1-Path-Traversal.html"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asaftd-ro-path-KJuQhB86",
        "defect": [
          [
            "CSCvt03598"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Read-Only Path Traversal Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2020-07-22T16:00:00",
          "ID": "CVE-2020-3452",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Read-Only Path Traversal Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_value": "9.6.4.42"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_value": "9.8.4.20"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_value": "9.9.2.74"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_value": "9.10.1.42"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_value": "9.13.1.10"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_value": "9.14.1.10"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct directory traversal attacks and read sensitive files on a targeted system. The vulnerability is due to a lack of proper input validation of URLs in HTTP requests processed by an affected device. An attacker could exploit this vulnerability by sending a crafted HTTP request containing directory traversal character sequences to an affected device. A successful exploit could allow the attacker to view arbitrary files within the web services file system on the targeted device. The web services file system is enabled when the affected device is configured with either WebVPN or AnyConnect features. This vulnerability cannot be used to obtain access to ASA or FTD system files or underlying operating system (OS) files."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "7.5",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20200722 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Read-Only Path Traversal Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ro-path-KJuQhB86"
            },
            {
              "name": "http://packetstormsecurity.com/files/158646/Cisco-ASA-FTD-Remote-File-Disclosure.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/158646/Cisco-ASA-FTD-Remote-File-Disclosure.html"
            },
            {
              "name": "http://packetstormsecurity.com/files/158647/Cisco-Adaptive-Security-Appliance-Software-9.11-Local-File-Inclusion.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/158647/Cisco-Adaptive-Security-Appliance-Software-9.11-Local-File-Inclusion.html"
            },
            {
              "name": "http://packetstormsecurity.com/files/159523/Cisco-ASA-FTD-9.6.4.42-Path-Traversal.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/159523/Cisco-ASA-FTD-9.6.4.42-Path-Traversal.html"
            },
            {
              "name": "http://packetstormsecurity.com/files/160497/Cisco-ASA-9.14.1.10-FTD-6.6.0.1-Path-Traversal.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/160497/Cisco-ASA-9.14.1.10-FTD-6.6.0.1-Path-Traversal.html"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-asaftd-ro-path-KJuQhB86",
          "defect": [
            [
              "CSCvt03598"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2020-3452",
    "datePublished": "2020-07-22T20:00:22.049Z",
    "dateReserved": "2019-12-12T00:00:00.000Z",
    "dateUpdated": "2025-07-30T01:45:37.610Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-1669 (GCVE-0-2019-1669)

Vulnerability from cvelistv5

Published

2019-01-24 16:00

Modified

2024-11-19 19:17

Severity ?

8.6 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N

CWE

CWE-693

Summary

A vulnerability in the data acquisition (DAQ) component of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured access control policies or cause a denial of service (DoS) condition. The vulnerability exists because the affected software improperly manages system memory resources when inspecting traffic. An attacker could exploit this vulnerability by generating specific traffic patterns for the software to inspect. A successful exploit could allow the attacker to exhaust system memory resources used for traffic inspection. Depending on the configuration, the FTD Software could fail open and cease to inspect traffic or fail closed and result in a DoS condition. This vulnerability may require manual intervention to restore the software.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-firepowertds-bypass	vendor-advisory, x_refsource_CISCO
	http://www.securityfocus.com/bid/106721	vdb-entry, x_refsource_BID

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Threat Defense Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T18:20:28.366Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20190123 Cisco Firepower Threat Defense Software Packet Inspection and Enforcement Bypass Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-firepowertds-bypass"
          },
          {
            "name": "106721",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/106721"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2019-1669",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-19T17:25:32.987380Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-19T19:17:34.874Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2019-01-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the data acquisition (DAQ) component of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured access control policies or cause a denial of service (DoS) condition. The vulnerability exists because the affected software improperly manages system memory resources when inspecting traffic. An attacker could exploit this vulnerability by generating specific traffic patterns for the software to inspect. A successful exploit could allow the attacker to exhaust system memory resources used for traffic inspection. Depending on the configuration, the FTD Software could fail open and cease to inspect traffic or fail closed and result in a DoS condition. This vulnerability may require manual intervention to restore the software."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-693",
              "description": "CWE-693",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-01-26T10:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20190123 Cisco Firepower Threat Defense Software Packet Inspection and Enforcement Bypass Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-firepowertds-bypass"
        },
        {
          "name": "106721",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/106721"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20190123-firepowertds-bypass",
        "defect": [
          [
            "CSCvo02577"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Firepower Threat Defense Software Packet Inspection and Enforcement Bypass Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2019-01-23T14:00:00-0800",
          "ID": "CVE-2019-1669",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Firepower Threat Defense Software Packet Inspection and Enforcement Bypass Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Firepower Threat Defense Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the data acquisition (DAQ) component of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured access control policies or cause a denial of service (DoS) condition. The vulnerability exists because the affected software improperly manages system memory resources when inspecting traffic. An attacker could exploit this vulnerability by generating specific traffic patterns for the software to inspect. A successful exploit could allow the attacker to exhaust system memory resources used for traffic inspection. Depending on the configuration, the FTD Software could fail open and cease to inspect traffic or fail closed and result in a DoS condition. This vulnerability may require manual intervention to restore the software."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.6",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-693"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20190123 Cisco Firepower Threat Defense Software Packet Inspection and Enforcement Bypass Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-firepowertds-bypass"
            },
            {
              "name": "106721",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/106721"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20190123-firepowertds-bypass",
          "defect": [
            [
              "CSCvo02577"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2019-1669",
    "datePublished": "2019-01-24T16:00:00Z",
    "dateReserved": "2018-12-06T00:00:00",
    "dateUpdated": "2024-11-19T19:17:34.874Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-34783 (GCVE-0-2021-34783)

Vulnerability from cvelistv5

Published

2021-10-27 18:55

Modified

2024-11-07 21:46

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-119

Summary

A vulnerability in the software-based SSL/TLS message handler of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient validation of SSL/TLS messages when the device performs software-based SSL/TLS decryption. An attacker could exploit this vulnerability by sending a crafted SSL/TLS message to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Note: Datagram TLS (DTLS) messages cannot be used to exploit this vulnerability.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tls-decrypt-dos-BMxYjm8M	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Adaptive Security Appliance (ASA) Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T00:19:48.253Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20211027 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Software-Based SSL/TLS Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tls-decrypt-dos-BMxYjm8M"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-34783",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-07T21:44:32.072886Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-07T21:46:04.938Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2021-10-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the software-based SSL/TLS message handler of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient validation of SSL/TLS messages when the device performs software-based SSL/TLS decryption. An attacker could exploit this vulnerability by sending a crafted SSL/TLS message to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Note: Datagram TLS (DTLS) messages cannot be used to exploit this vulnerability."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-119",
              "description": "CWE-119",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-27T18:55:57",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20211027 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Software-Based SSL/TLS Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tls-decrypt-dos-BMxYjm8M"
        }
      ],
      "source": {
        "advisory": "cisco-sa-ftd-tls-decrypt-dos-BMxYjm8M",
        "defect": [
          [
            "CSCvy55054"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Software-Based SSL/TLS Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2021-10-27T16:00:00",
          "ID": "CVE-2021-34783",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Software-Based SSL/TLS Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the software-based SSL/TLS message handler of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient validation of SSL/TLS messages when the device performs software-based SSL/TLS decryption. An attacker could exploit this vulnerability by sending a crafted SSL/TLS message to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Note: Datagram TLS (DTLS) messages cannot be used to exploit this vulnerability."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.6",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-119"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20211027 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Software-Based SSL/TLS Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tls-decrypt-dos-BMxYjm8M"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-ftd-tls-decrypt-dos-BMxYjm8M",
          "defect": [
            [
              "CSCvy55054"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2021-34783",
    "datePublished": "2021-10-27T18:55:57.640344Z",
    "dateReserved": "2021-06-15T00:00:00",
    "dateUpdated": "2024-11-07T21:46:04.938Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-1981 (GCVE-0-2019-1981)

Vulnerability from cvelistv5

Published

2019-11-05 19:35

Modified

2024-11-19 18:52

Severity ?

5.8 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

CWE

CWE-264

Summary

A vulnerability in the normalization functionality of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow an unauthenticated, remote attacker to bypass filtering protections. The vulnerability is due to insufficient normalization of a text-based payload. An attacker could exploit this vulnerability by sending traffic that contains specifically obfuscated payloads through an affected device. An exploit could allow the attacker to bypass filtering and deliver malicious payloads to protected systems that would otherwise be blocked.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190816-ftd-null	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Threat Defense Software	Version: unspecified < n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T18:35:52.366Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20190816 Cisco Firepower Threat Defense Software NULL Character Obfuscation Detection Bypass Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190816-ftd-null"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2019-1981",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-19T17:22:28.026981Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-19T18:52:01.647Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "n/a",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2019-08-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the normalization functionality of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow an unauthenticated, remote attacker to bypass filtering protections. The vulnerability is due to insufficient normalization of a text-based payload. An attacker could exploit this vulnerability by sending traffic that contains specifically obfuscated payloads through an affected device. An exploit could allow the attacker to bypass filtering and deliver malicious payloads to protected systems that would otherwise be blocked."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-264",
              "description": "CWE-264",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-11-05T19:35:41",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20190816 Cisco Firepower Threat Defense Software NULL Character Obfuscation Detection Bypass Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190816-ftd-null"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20190816-ftd-null",
        "defect": [
          [
            "CSCvq39915"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Firepower Threat Defense Software NULL Character Obfuscation Detection Bypass Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2019-08-16T16:00:00-0700",
          "ID": "CVE-2019-1981",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Firepower Threat Defense Software NULL Character Obfuscation Detection Bypass Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Firepower Threat Defense Software",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the normalization functionality of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow an unauthenticated, remote attacker to bypass filtering protections. The vulnerability is due to insufficient normalization of a text-based payload. An attacker could exploit this vulnerability by sending traffic that contains specifically obfuscated payloads through an affected device. An exploit could allow the attacker to bypass filtering and deliver malicious payloads to protected systems that would otherwise be blocked."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "5.8",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-264"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20190816 Cisco Firepower Threat Defense Software NULL Character Obfuscation Detection Bypass Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190816-ftd-null"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20190816-ftd-null",
          "defect": [
            [
              "CSCvq39915"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2019-1981",
    "datePublished": "2019-11-05T19:35:41.940103Z",
    "dateReserved": "2018-12-06T00:00:00",
    "dateUpdated": "2024-11-19T18:52:01.647Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-1980 (GCVE-0-2019-1980)

Vulnerability from cvelistv5

Published

2019-11-05 19:35

Modified

2024-11-19 18:52

Severity ?

5.8 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

CWE

CWE-264

Summary

A vulnerability in the protocol detection component of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow an unauthenticated, remote attacker to bypass filtering protections. The vulnerability is due to improper detection of the initial use of a protocol on a nonstandard port. An attacker could exploit this vulnerability by sending traffic on a nonstandard port for the protocol in use through an affected device. An exploit could allow the attacker to bypass filtering and deliver malicious requests to protected systems that would otherwise be blocked. Once the initial protocol flow on the nonstandard port is detected, future flows on the nonstandard port will be successfully detected and handled as configured by the applied policy.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190816-ftd-nspd	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Threat Defense Software	Version: unspecified < n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T18:35:52.346Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20190816 Cisco Firepower Threat Defense Software Nonstandard Protocol Detection Bypass Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190816-ftd-nspd"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2019-1980",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-19T17:22:29.360474Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-19T18:52:10.436Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "n/a",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2019-08-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the protocol detection component of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow an unauthenticated, remote attacker to bypass filtering protections. The vulnerability is due to improper detection of the initial use of a protocol on a nonstandard port. An attacker could exploit this vulnerability by sending traffic on a nonstandard port for the protocol in use through an affected device. An exploit could allow the attacker to bypass filtering and deliver malicious requests to protected systems that would otherwise be blocked. Once the initial protocol flow on the nonstandard port is detected, future flows on the nonstandard port will be successfully detected and handled as configured by the applied policy."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-264",
              "description": "CWE-264",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-11-05T19:35:41",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20190816 Cisco Firepower Threat Defense Software Nonstandard Protocol Detection Bypass Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190816-ftd-nspd"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20190816-ftd-nspd",
        "defect": [
          [
            "CSCvq39888"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Firepower Threat Defense Software Nonstandard Protocol Detection Bypass Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2019-08-16T16:00:00-0700",
          "ID": "CVE-2019-1980",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Firepower Threat Defense Software Nonstandard Protocol Detection Bypass Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Firepower Threat Defense Software",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the protocol detection component of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow an unauthenticated, remote attacker to bypass filtering protections. The vulnerability is due to improper detection of the initial use of a protocol on a nonstandard port. An attacker could exploit this vulnerability by sending traffic on a nonstandard port for the protocol in use through an affected device. An exploit could allow the attacker to bypass filtering and deliver malicious requests to protected systems that would otherwise be blocked. Once the initial protocol flow on the nonstandard port is detected, future flows on the nonstandard port will be successfully detected and handled as configured by the applied policy."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "5.8",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-264"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20190816 Cisco Firepower Threat Defense Software Nonstandard Protocol Detection Bypass Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190816-ftd-nspd"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20190816-ftd-nspd",
          "defect": [
            [
              "CSCvq39888"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2019-1980",
    "datePublished": "2019-11-05T19:35:41.544096Z",
    "dateReserved": "2018-12-06T00:00:00",
    "dateUpdated": "2024-11-19T18:52:10.436Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-3188 (GCVE-0-2020-3188)

Vulnerability from cvelistv5

Published

2020-05-06 16:41

Modified

2024-11-15 17:25

Severity ?

5.3 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CWE

CWE-399

Summary

A vulnerability in how Cisco Firepower Threat Defense (FTD) Software handles session timeouts for management connections could allow an unauthenticated, remote attacker to cause a buildup of remote management connections to an affected device, which could result in a denial of service (DoS) condition. The vulnerability exists because the default session timeout period for specific to-the-box remote management connections is too long. An attacker could exploit this vulnerability by sending a large and sustained number of crafted remote management connections to an affected device, resulting in a buildup of those connections over time. A successful exploit could allow the attacker to cause the remote management interface or Cisco Firepower Device Manager (FDM) to stop responding and cause other management functions to go offline, resulting in a DoS condition. The user traffic that is flowing through the device would not be affected, and the DoS condition would be isolated to remote management only.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-mgmt-interface-dos-FkG4MuTU	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Threat Defense Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T07:24:00.646Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20200506 Cisco Firepower Threat Defense Software Management Interface Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-mgmt-interface-dos-FkG4MuTU"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-3188",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-15T16:21:44.521244Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-15T17:25:40.691Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2020-05-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in how Cisco Firepower Threat Defense (FTD) Software handles session timeouts for management connections could allow an unauthenticated, remote attacker to cause a buildup of remote management connections to an affected device, which could result in a denial of service (DoS) condition. The vulnerability exists because the default session timeout period for specific to-the-box remote management connections is too long. An attacker could exploit this vulnerability by sending a large and sustained number of crafted remote management connections to an affected device, resulting in a buildup of those connections over time. A successful exploit could allow the attacker to cause the remote management interface or Cisco Firepower Device Manager (FDM) to stop responding and cause other management functions to go offline, resulting in a DoS condition. The user traffic that is flowing through the device would not be affected, and the DoS condition would be isolated to remote management only."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-399",
              "description": "CWE-399",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-05-06T16:41:06",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20200506 Cisco Firepower Threat Defense Software Management Interface Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-mgmt-interface-dos-FkG4MuTU"
        }
      ],
      "source": {
        "advisory": "cisco-sa-ftd-mgmt-interface-dos-FkG4MuTU",
        "defect": [
          [
            "CSCvo31790"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Firepower Threat Defense Software Management Interface Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2020-05-06T16:00:00-0700",
          "ID": "CVE-2020-3188",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Firepower Threat Defense Software Management Interface Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Firepower Threat Defense Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in how Cisco Firepower Threat Defense (FTD) Software handles session timeouts for management connections could allow an unauthenticated, remote attacker to cause a buildup of remote management connections to an affected device, which could result in a denial of service (DoS) condition. The vulnerability exists because the default session timeout period for specific to-the-box remote management connections is too long. An attacker could exploit this vulnerability by sending a large and sustained number of crafted remote management connections to an affected device, resulting in a buildup of those connections over time. A successful exploit could allow the attacker to cause the remote management interface or Cisco Firepower Device Manager (FDM) to stop responding and cause other management functions to go offline, resulting in a DoS condition. The user traffic that is flowing through the device would not be affected, and the DoS condition would be isolated to remote management only."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "5.3",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-399"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20200506 Cisco Firepower Threat Defense Software Management Interface Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-mgmt-interface-dos-FkG4MuTU"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-ftd-mgmt-interface-dos-FkG4MuTU",
          "defect": [
            [
              "CSCvo31790"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2020-3188",
    "datePublished": "2020-05-06T16:41:06.457420Z",
    "dateReserved": "2019-12-12T00:00:00",
    "dateUpdated": "2024-11-15T17:25:40.691Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-34756 (GCVE-0-2021-34756)

Vulnerability from cvelistv5

Published

2021-10-27 18:55

Modified

2024-11-07 21:44

Severity ?

6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-20

Summary

Multiple vulnerabilities in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details section of this advisory.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-cmdinject-FmzsLN8	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Threat Defense Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T00:19:48.202Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20211027 Cisco Firepower Threat Defense Software Command Injection Vulnerabilities",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-cmdinject-FmzsLN8"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-34756",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-07T21:42:47.721605Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-07T21:44:36.768Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2021-10-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple vulnerabilities in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details section of this advisory."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-27T18:55:24",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20211027 Cisco Firepower Threat Defense Software Command Injection Vulnerabilities",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-cmdinject-FmzsLN8"
        }
      ],
      "source": {
        "advisory": "cisco-sa-ftd-cmdinject-FmzsLN8",
        "defect": [
          [
            "CSCvx86283",
            "CSCvy16559",
            "CSCvy16573",
            "CSCvy19225"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Firepower Threat Defense Software Command Injection Vulnerabilities",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2021-10-27T16:00:00",
          "ID": "CVE-2021-34756",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Firepower Threat Defense Software Command Injection Vulnerabilities"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Firepower Threat Defense Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple vulnerabilities in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details section of this advisory."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "7.8",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20211027 Cisco Firepower Threat Defense Software Command Injection Vulnerabilities",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-cmdinject-FmzsLN8"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-ftd-cmdinject-FmzsLN8",
          "defect": [
            [
              "CSCvx86283",
              "CSCvy16559",
              "CSCvy16573",
              "CSCvy19225"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2021-34756",
    "datePublished": "2021-10-27T18:55:25.058754Z",
    "dateReserved": "2021-06-15T00:00:00",
    "dateUpdated": "2024-11-07T21:44:36.768Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-20407 (GCVE-0-2024-20407)

Vulnerability from cvelistv5

Published

2024-10-23 17:36

Modified

2024-10-24 16:09

Severity ?

5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

CWE

CWE-399 - Resource Management Errors

Summary

A vulnerability in the interaction between the TCP Intercept feature and the Snort 3 detection engine on Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured policies on an affected system. Devices that are configured with Snort 2 are not affected by this vulnerability. This vulnerability is due to a logic error when handling embryonic (half-open) TCP connections. An attacker could exploit this vulnerability by sending a crafted traffic pattern through an affected device. A successful exploit could allow unintended traffic to enter the network protected by the affected device.

References

▼	URL	Tags
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-bypass-PTry37fX

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Threat Defense Software	Version: 6.2.3 Version: 6.2.3.1 Version: 6.2.3.2 Version: 6.2.3.3 Version: 6.2.3.4 Version: 6.2.3.5 Version: 6.2.3.6 Version: 6.2.3.7 Version: 6.2.3.8 Version: 6.2.3.10 Version: 6.2.3.11 Version: 6.2.3.9 Version: 6.2.3.12 Version: 6.2.3.13 Version: 6.2.3.14 Version: 6.2.3.15 Version: 6.2.3.16 Version: 6.2.3.17 Version: 6.2.3.18 Version: 6.6.0 Version: 6.6.0.1 Version: 6.6.1 Version: 6.6.3 Version: 6.6.4 Version: 6.6.5 Version: 6.6.5.1 Version: 6.6.5.2 Version: 6.6.7 Version: 6.6.7.1 Version: 6.6.7.2 Version: 6.4.0 Version: 6.4.0.1 Version: 6.4.0.3 Version: 6.4.0.2 Version: 6.4.0.4 Version: 6.4.0.5 Version: 6.4.0.6 Version: 6.4.0.7 Version: 6.4.0.8 Version: 6.4.0.9 Version: 6.4.0.10 Version: 6.4.0.11 Version: 6.4.0.12 Version: 6.4.0.13 Version: 6.4.0.14 Version: 6.4.0.15 Version: 6.4.0.16 Version: 6.4.0.17 Version: 6.4.0.18 Version: 6.7.0 Version: 6.7.0.1 Version: 6.7.0.2 Version: 6.7.0.3 Version: 7.0.0 Version: 7.0.0.1 Version: 7.0.1 Version: 7.0.1.1 Version: 7.0.2 Version: 7.0.2.1 Version: 7.0.3 Version: 7.0.4 Version: 7.0.5 Version: 7.0.6 Version: 7.0.6.1 Version: 7.0.6.2 Version: 7.1.0 Version: 7.1.0.1 Version: 7.1.0.2 Version: 7.1.0.3 Version: 7.2.0 Version: 7.2.0.1 Version: 7.2.1 Version: 7.2.2 Version: 7.2.3 Version: 7.2.4 Version: 7.2.4.1 Version: 7.2.5 Version: 7.2.5.1 Version: 7.2.6 Version: 7.2.7 Version: 7.2.5.2 Version: 7.2.8 Version: 7.2.8.1 Version: 7.3.0 Version: 7.3.1 Version: 7.3.1.1 Version: 7.3.1.2 Version: 7.4.0 Version: 7.4.1 Version: 7.4.1.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:cisco:firepower_threat_defense_software:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "firepower_threat_defense_software",
            "vendor": "cisco",
            "versions": [
              {
                "lessThanOrEqual": "6.2.3.18",
                "status": "affected",
                "version": "6.2.3",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "6.4.0.18",
                "status": "affected",
                "version": "6.4.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "6.6.7.2",
                "status": "affected",
                "version": "6.6.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "6.7.0.3",
                "status": "affected",
                "version": "6.7.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "7.0.6.2",
                "status": "affected",
                "version": "7.0.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "7.1.0.3",
                "status": "affected",
                "version": "7.1.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "7.2.8.1",
                "status": "affected",
                "version": "7.2.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "7.3.1.2",
                "status": "affected",
                "version": "7.3.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "7.4.1.1",
                "status": "affected",
                "version": "7.4.0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-20407",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-23T18:45:15.554948Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-24T16:09:41.083Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "6.2.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.1"
            },
            {
              "status": "affected",
              "version": "6.2.3.2"
            },
            {
              "status": "affected",
              "version": "6.2.3.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.4"
            },
            {
              "status": "affected",
              "version": "6.2.3.5"
            },
            {
              "status": "affected",
              "version": "6.2.3.6"
            },
            {
              "status": "affected",
              "version": "6.2.3.7"
            },
            {
              "status": "affected",
              "version": "6.2.3.8"
            },
            {
              "status": "affected",
              "version": "6.2.3.10"
            },
            {
              "status": "affected",
              "version": "6.2.3.11"
            },
            {
              "status": "affected",
              "version": "6.2.3.9"
            },
            {
              "status": "affected",
              "version": "6.2.3.12"
            },
            {
              "status": "affected",
              "version": "6.2.3.13"
            },
            {
              "status": "affected",
              "version": "6.2.3.14"
            },
            {
              "status": "affected",
              "version": "6.2.3.15"
            },
            {
              "status": "affected",
              "version": "6.2.3.16"
            },
            {
              "status": "affected",
              "version": "6.2.3.17"
            },
            {
              "status": "affected",
              "version": "6.2.3.18"
            },
            {
              "status": "affected",
              "version": "6.6.0"
            },
            {
              "status": "affected",
              "version": "6.6.0.1"
            },
            {
              "status": "affected",
              "version": "6.6.1"
            },
            {
              "status": "affected",
              "version": "6.6.3"
            },
            {
              "status": "affected",
              "version": "6.6.4"
            },
            {
              "status": "affected",
              "version": "6.6.5"
            },
            {
              "status": "affected",
              "version": "6.6.5.1"
            },
            {
              "status": "affected",
              "version": "6.6.5.2"
            },
            {
              "status": "affected",
              "version": "6.6.7"
            },
            {
              "status": "affected",
              "version": "6.6.7.1"
            },
            {
              "status": "affected",
              "version": "6.6.7.2"
            },
            {
              "status": "affected",
              "version": "6.4.0"
            },
            {
              "status": "affected",
              "version": "6.4.0.1"
            },
            {
              "status": "affected",
              "version": "6.4.0.3"
            },
            {
              "status": "affected",
              "version": "6.4.0.2"
            },
            {
              "status": "affected",
              "version": "6.4.0.4"
            },
            {
              "status": "affected",
              "version": "6.4.0.5"
            },
            {
              "status": "affected",
              "version": "6.4.0.6"
            },
            {
              "status": "affected",
              "version": "6.4.0.7"
            },
            {
              "status": "affected",
              "version": "6.4.0.8"
            },
            {
              "status": "affected",
              "version": "6.4.0.9"
            },
            {
              "status": "affected",
              "version": "6.4.0.10"
            },
            {
              "status": "affected",
              "version": "6.4.0.11"
            },
            {
              "status": "affected",
              "version": "6.4.0.12"
            },
            {
              "status": "affected",
              "version": "6.4.0.13"
            },
            {
              "status": "affected",
              "version": "6.4.0.14"
            },
            {
              "status": "affected",
              "version": "6.4.0.15"
            },
            {
              "status": "affected",
              "version": "6.4.0.16"
            },
            {
              "status": "affected",
              "version": "6.4.0.17"
            },
            {
              "status": "affected",
              "version": "6.4.0.18"
            },
            {
              "status": "affected",
              "version": "6.7.0"
            },
            {
              "status": "affected",
              "version": "6.7.0.1"
            },
            {
              "status": "affected",
              "version": "6.7.0.2"
            },
            {
              "status": "affected",
              "version": "6.7.0.3"
            },
            {
              "status": "affected",
              "version": "7.0.0"
            },
            {
              "status": "affected",
              "version": "7.0.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1.1"
            },
            {
              "status": "affected",
              "version": "7.0.2"
            },
            {
              "status": "affected",
              "version": "7.0.2.1"
            },
            {
              "status": "affected",
              "version": "7.0.3"
            },
            {
              "status": "affected",
              "version": "7.0.4"
            },
            {
              "status": "affected",
              "version": "7.0.5"
            },
            {
              "status": "affected",
              "version": "7.0.6"
            },
            {
              "status": "affected",
              "version": "7.0.6.1"
            },
            {
              "status": "affected",
              "version": "7.0.6.2"
            },
            {
              "status": "affected",
              "version": "7.1.0"
            },
            {
              "status": "affected",
              "version": "7.1.0.1"
            },
            {
              "status": "affected",
              "version": "7.1.0.2"
            },
            {
              "status": "affected",
              "version": "7.1.0.3"
            },
            {
              "status": "affected",
              "version": "7.2.0"
            },
            {
              "status": "affected",
              "version": "7.2.0.1"
            },
            {
              "status": "affected",
              "version": "7.2.1"
            },
            {
              "status": "affected",
              "version": "7.2.2"
            },
            {
              "status": "affected",
              "version": "7.2.3"
            },
            {
              "status": "affected",
              "version": "7.2.4"
            },
            {
              "status": "affected",
              "version": "7.2.4.1"
            },
            {
              "status": "affected",
              "version": "7.2.5"
            },
            {
              "status": "affected",
              "version": "7.2.5.1"
            },
            {
              "status": "affected",
              "version": "7.2.6"
            },
            {
              "status": "affected",
              "version": "7.2.7"
            },
            {
              "status": "affected",
              "version": "7.2.5.2"
            },
            {
              "status": "affected",
              "version": "7.2.8"
            },
            {
              "status": "affected",
              "version": "7.2.8.1"
            },
            {
              "status": "affected",
              "version": "7.3.0"
            },
            {
              "status": "affected",
              "version": "7.3.1"
            },
            {
              "status": "affected",
              "version": "7.3.1.1"
            },
            {
              "status": "affected",
              "version": "7.3.1.2"
            },
            {
              "status": "affected",
              "version": "7.4.0"
            },
            {
              "status": "affected",
              "version": "7.4.1"
            },
            {
              "status": "affected",
              "version": "7.4.1.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the interaction between the TCP Intercept feature and the Snort 3 detection engine on Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured policies on an affected system. Devices that are configured with Snort 2 are not affected by this vulnerability. \r\n\r This vulnerability is due to a logic error when handling embryonic (half-open) TCP connections. An attacker could exploit this vulnerability by sending a crafted traffic pattern through an affected device. A successful exploit could allow unintended traffic to enter the network protected by the affected device."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-399",
              "description": "Resource Management Errors",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-23T17:36:40.728Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-snort-bypass-PTry37fX",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-bypass-PTry37fX"
        }
      ],
      "source": {
        "advisory": "cisco-sa-snort-bypass-PTry37fX",
        "defects": [
          "CSCwi42291"
        ],
        "discovery": "EXTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2024-20407",
    "datePublished": "2024-10-23T17:36:40.728Z",
    "dateReserved": "2023-11-08T15:08:07.661Z",
    "dateUpdated": "2024-10-24T16:09:41.083Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-12678 (GCVE-0-2019-12678)

Vulnerability from cvelistv5

Published

2019-10-02 19:06

Modified

2024-11-19 18:54

Severity ?

8.6 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-191

Summary

A vulnerability in the Session Initiation Protocol (SIP) inspection module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper parsing of SIP messages. An attacker could exploit this vulnerability by sending a malicious SIP packet through an affected device. A successful exploit could allow the attacker to trigger an integer underflow, causing the software to try to read unmapped memory and resulting in a crash.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-ftd-sip-dos	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Adaptive Security Appliance (ASA) Software	Version: unspecified < n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T23:24:39.128Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20191002 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SIP Inspection Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-ftd-sip-dos"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2019-12678",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-19T17:22:47.740939Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-19T18:54:30.563Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "n/a",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2019-10-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Session Initiation Protocol (SIP) inspection module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper parsing of SIP messages. An attacker could exploit this vulnerability by sending a malicious SIP packet through an affected device. A successful exploit could allow the attacker to trigger an integer underflow, causing the software to try to read unmapped memory and resulting in a crash."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-191",
              "description": "CWE-191",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-10-02T19:06:39",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20191002 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SIP Inspection Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-ftd-sip-dos"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20191002-asa-ftd-sip-dos",
        "defect": [
          [
            "CSCvp45882"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SIP Inspection Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2019-10-02T16:00:00-0700",
          "ID": "CVE-2019-12678",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SIP Inspection Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the Session Initiation Protocol (SIP) inspection module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper parsing of SIP messages. An attacker could exploit this vulnerability by sending a malicious SIP packet through an affected device. A successful exploit could allow the attacker to trigger an integer underflow, causing the software to try to read unmapped memory and resulting in a crash."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.6",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-191"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20191002 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SIP Inspection Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-ftd-sip-dos"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20191002-asa-ftd-sip-dos",
          "defect": [
            [
              "CSCvp45882"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2019-12678",
    "datePublished": "2019-10-02T19:06:40.050263Z",
    "dateReserved": "2019-06-04T00:00:00",
    "dateUpdated": "2024-11-19T18:54:30.563Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-20297 (GCVE-0-2024-20297)

Vulnerability from cvelistv5

Published

2024-10-23 17:07

Modified

2024-10-24 17:14

Severity ?

5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

CWE

CWE-290 - Authentication Bypass by Spoofing

Summary

A vulnerability in the AnyConnect firewall for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should have been denied to flow through an affected device. This vulnerability is due to a logic error in populating group ACLs when an AnyConnect client establishes a new session toward an affected device. An attacker could exploit this vulnerability by establishing an AnyConnect connection to the affected device. A successful exploit could allow the attacker to bypass configured ACL rules.

References

▼	URL	Tags
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-acl-bypass-VvnLNKqf
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-M446vbEO
	https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300

Impacted products

Vendor

Product

Version

▼

Cisco

Cisco Adaptive Security Appliance (ASA) Software

Version: 9.12.3
Version: 9.8.3
Version: 9.12.1
Version: 9.8.1
Version: 9.12.2
Version: 9.8.2.45
Version: 9.8.2
Version: 9.8.4
Version: 9.14.1
Version: 9.12.4
Version: 9.8.2.26
Version: 9.8.2.24
Version: 9.8.2.15
Version: 9.8.2.14
Version: 9.8.2.35
Version: 9.8.2.20
Version: 9.8.2.8
Version: 9.8.2.17
Version: 9.8.2.28
Version: 9.8.2.33
Version: 9.8.2.38
Version: 9.8.4.25
Version: 9.12.3.2
Version: 9.12.3.7
Version: 9.8.3.18
Version: 9.8.3.14
Version: 9.8.4.15
Version: 9.8.4.8
Version: 9.8.1.7
Version: 9.8.3.29
Version: 9.14.1.10
Version: 9.12.2.5
Version: 9.8.4.22
Version: 9.12.3.12
Version: 9.8.4.7
Version: 9.8.4.17
Version: 9.8.3.16
Version: 9.8.4.20
Version: 9.8.3.11
Version: 9.12.1.3
Version: 9.8.4.3
Version: 9.12.2.4
Version: 9.8.4.12
Version: 9.12.1.2
Version: 9.8.3.26
Version: 9.8.1.5
Version: 9.12.2.9
Version: 9.12.3.9
Version: 9.8.3.21
Version: 9.8.4.10
Version: 9.12.2.1
Version: 9.12.4.2
Version: 9.14.1.6
Version: 9.8.3.8
Version: 9.14.1.15
Version: 9.14.1.19
Version: 9.8.4.26
Version: 9.12.4.4
Version: 9.14.1.30
Version: 9.8.4.29
Version: 9.12.4.7
Version: 9.15.1
Version: 9.14.2
Version: 9.12.4.8
Version: 9.8.4.32
Version: 9.12.4.10
Version: 9.14.2.4
Version: 9.15.1.7
Version: 9.14.2.8
Version: 9.12.4.13
Version: 9.8.4.33
Version: 9.15.1.10
Version: 9.14.2.13
Version: 9.8.4.34
Version: 9.12.4.18
Version: 9.15.1.15
Version: 9.8.4.35
Version: 9.14.2.15
Version: 9.12.4.24
Version: 9.16.1
Version: 9.15.1.16
Version: 9.8.4.39
Version: 9.14.3
Version: 9.12.4.26
Version: 9.16.1.28
Version: 9.14.3.1
Version: 9.12.4.29
Version: 9.14.3.9
Version: 9.16.2
Version: 9.12.4.30
Version: 9.16.2.3
Version: 9.8.4.40
Version: 9.14.3.11
Version: 9.15.1.17
Version: 9.12.4.35
Version: 9.8.4.41
Version: 9.15.1.1
Version: 9.14.3.13
Version: 9.16.2.7
Version: 9.12.4.37
Version: 9.14.3.15
Version: 9.17.1
Version: 9.16.2.11
Version: 9.14.3.18
Version: 9.16.2.13
Version: 9.12.4.39
Version: 9.12.4.38
Version: 9.8.4.43
Version: 9.14.4
Version: 9.16.2.14
Version: 9.17.1.7
Version: 9.12.4.40
Version: 9.15.1.21
Version: 9.16.3.3
Version: 9.14.4.6
Version: 9.16.3
Version: 9.16.3.14
Version: 9.17.1.9
Version: 9.14.4.7
Version: 9.12.4.41
Version: 9.17.1.10
Version: 9.8.4.44
Version: 9.18.1
Version: 9.12.4.47
Version: 9.14.4.12
Version: 9.16.3.15
Version: 9.18.1.3
Version: 9.17.1.11
Version: 9.12.4.48
Version: 9.14.4.13
Version: 9.18.2
Version: 9.16.3.19
Version: 9.17.1.13
Version: 9.12.4.50
Version: 9.14.4.14
Version: 9.17.1.15
Version: 9.8.4.45
Version: 9.12.4.52
Version: 9.14.4.15
Version: 9.16.3.23
Version: 9.18.2.5
Version: 9.16.4
Version: 9.12.4.54
Version: 9.14.4.17
Version: 9.8.4.46
Version: 9.17.1.20
Version: 9.18.2.7
Version: 9.19.1
Version: 9.16.4.9
Version: 9.12.4.55
Version: 9.18.2.8
Version: 9.14.4.22
Version: 9.16.4.14
Version: 9.8.4.48
Version: 9.18.3
Version: 9.19.1.5
Version: 9.14.4.23
Version: 9.12.4.56
Version: 9.16.4.18
Version: 9.17.1.30
Version: 9.19.1.9
Version: 9.18.3.39
Version: 9.16.4.19
Version: 9.12.4.58
Version: 9.19.1.12
Version: 9.18.3.46
Version: 9.16.4.27
Version: 9.18.3.53
Version: 9.16.4.38
Version: 9.17.1.33
Version: 9.12.4.62
Version: 9.16.4.39
Version: 9.16.4.42
Version: 9.16.4.48
Version: 9.12.4.65
Version: 9.16.4.55
Version: 9.17.1.39
Version: 9.12.4.67
Version: 9.14.4.24

Cisco

Cisco Firepower Threat Defense Software

Version: 6.2.3.14
Version: 6.4.0.1
Version: 6.2.3.7
Version: 6.2.3
Version: 6.4.0.2
Version: 6.2.3.9
Version: 6.2.3.1
Version: 6.2.3.2
Version: 6.4.0.5
Version: 6.2.3.10
Version: 6.4.0
Version: 6.4.0.3
Version: 6.2.3.6
Version: 6.4.0.4
Version: 6.2.3.15
Version: 6.2.3.5
Version: 6.2.3.4
Version: 6.2.3.3
Version: 6.2.3.8
Version: 6.4.0.6
Version: 6.2.3.11
Version: 6.2.3.12
Version: 6.2.3.13
Version: 6.4.0.7
Version: 6.4.0.8
Version: 6.6.0
Version: 6.4.0.9
Version: 6.2.3.16
Version: 6.6.0.1
Version: 6.6.1
Version: 6.4.0.10
Version: 6.7.0
Version: 6.4.0.11
Version: 6.6.3
Version: 6.7.0.1
Version: 6.6.4
Version: 6.4.0.12
Version: 6.7.0.2
Version: 7.0.0
Version: 6.2.3.17
Version: 7.0.0.1
Version: 6.6.5
Version: 7.0.1
Version: 7.1.0
Version: 6.4.0.13
Version: 6.6.5.1
Version: 6.2.3.18
Version: 7.0.1.1
Version: 6.7.0.3
Version: 6.4.0.14
Version: 7.1.0.1
Version: 6.6.5.2
Version: 7.0.2
Version: 6.4.0.15
Version: 7.2.0
Version: 7.0.2.1
Version: 7.0.3
Version: 6.6.7
Version: 7.1.0.2
Version: 7.2.0.1
Version: 7.0.4
Version: 7.2.1
Version: 7.0.5
Version: 6.4.0.16
Version: 7.3.0
Version: 7.2.2
Version: 7.2.3
Version: 6.6.7.1
Version: 7.3.1
Version: 7.1.0.3
Version: 7.2.4
Version: 7.0.6
Version: 7.2.5
Version: 7.2.4.1
Version: 7.3.1.1
Version: 6.4.0.17
Version: 7.0.6.1
Version: 6.6.7.2
Version: 6.4.0.18
Version: 7.3.1.2

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "adaptive_security_appliance_software",
            "vendor": "cisco",
            "versions": [
              {
                "lessThanOrEqual": "9.8.4.48",
                "status": "affected",
                "version": "9.8.1",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "9.19.1.12",
                "status": "affected",
                "version": "9.19.1",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "9.18.3.53",
                "status": "affected",
                "version": "9.18.1",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "9.17.1.39",
                "status": "affected",
                "version": "9.17.1",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "9.16.4.55",
                "status": "affected",
                "version": "9.16.1",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "9.15.1.21",
                "status": "affected",
                "version": "9.15.1",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "9.14.4.24",
                "status": "affected",
                "version": "9.14.1",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "9.12.4.67",
                "status": "affected",
                "version": "9.12.1",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:firepower_threat_defense_software:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "firepower_threat_defense_software",
            "vendor": "cisco",
            "versions": [
              {
                "lessThanOrEqual": "6.2.3.18",
                "status": "affected",
                "version": "6.2.3",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "6.4.0.18",
                "status": "affected",
                "version": "6.4.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "6.6.7.2",
                "status": "affected",
                "version": "6.6.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "6.7.0.3",
                "status": "affected",
                "version": "6.7.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "7.0.6.1",
                "status": "affected",
                "version": "7.0.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "7.1.0.3",
                "status": "affected",
                "version": "7.1.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "7.2.5",
                "status": "affected",
                "version": "7.2.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "7.3.1.2",
                "status": "affected",
                "version": "7.3.0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-20297",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-23T18:42:50.764224Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-24T17:14:45.950Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "9.12.3"
            },
            {
              "status": "affected",
              "version": "9.8.3"
            },
            {
              "status": "affected",
              "version": "9.12.1"
            },
            {
              "status": "affected",
              "version": "9.8.1"
            },
            {
              "status": "affected",
              "version": "9.12.2"
            },
            {
              "status": "affected",
              "version": "9.8.2.45"
            },
            {
              "status": "affected",
              "version": "9.8.2"
            },
            {
              "status": "affected",
              "version": "9.8.4"
            },
            {
              "status": "affected",
              "version": "9.14.1"
            },
            {
              "status": "affected",
              "version": "9.12.4"
            },
            {
              "status": "affected",
              "version": "9.8.2.26"
            },
            {
              "status": "affected",
              "version": "9.8.2.24"
            },
            {
              "status": "affected",
              "version": "9.8.2.15"
            },
            {
              "status": "affected",
              "version": "9.8.2.14"
            },
            {
              "status": "affected",
              "version": "9.8.2.35"
            },
            {
              "status": "affected",
              "version": "9.8.2.20"
            },
            {
              "status": "affected",
              "version": "9.8.2.8"
            },
            {
              "status": "affected",
              "version": "9.8.2.17"
            },
            {
              "status": "affected",
              "version": "9.8.2.28"
            },
            {
              "status": "affected",
              "version": "9.8.2.33"
            },
            {
              "status": "affected",
              "version": "9.8.2.38"
            },
            {
              "status": "affected",
              "version": "9.8.4.25"
            },
            {
              "status": "affected",
              "version": "9.12.3.2"
            },
            {
              "status": "affected",
              "version": "9.12.3.7"
            },
            {
              "status": "affected",
              "version": "9.8.3.18"
            },
            {
              "status": "affected",
              "version": "9.8.3.14"
            },
            {
              "status": "affected",
              "version": "9.8.4.15"
            },
            {
              "status": "affected",
              "version": "9.8.4.8"
            },
            {
              "status": "affected",
              "version": "9.8.1.7"
            },
            {
              "status": "affected",
              "version": "9.8.3.29"
            },
            {
              "status": "affected",
              "version": "9.14.1.10"
            },
            {
              "status": "affected",
              "version": "9.12.2.5"
            },
            {
              "status": "affected",
              "version": "9.8.4.22"
            },
            {
              "status": "affected",
              "version": "9.12.3.12"
            },
            {
              "status": "affected",
              "version": "9.8.4.7"
            },
            {
              "status": "affected",
              "version": "9.8.4.17"
            },
            {
              "status": "affected",
              "version": "9.8.3.16"
            },
            {
              "status": "affected",
              "version": "9.8.4.20"
            },
            {
              "status": "affected",
              "version": "9.8.3.11"
            },
            {
              "status": "affected",
              "version": "9.12.1.3"
            },
            {
              "status": "affected",
              "version": "9.8.4.3"
            },
            {
              "status": "affected",
              "version": "9.12.2.4"
            },
            {
              "status": "affected",
              "version": "9.8.4.12"
            },
            {
              "status": "affected",
              "version": "9.12.1.2"
            },
            {
              "status": "affected",
              "version": "9.8.3.26"
            },
            {
              "status": "affected",
              "version": "9.8.1.5"
            },
            {
              "status": "affected",
              "version": "9.12.2.9"
            },
            {
              "status": "affected",
              "version": "9.12.3.9"
            },
            {
              "status": "affected",
              "version": "9.8.3.21"
            },
            {
              "status": "affected",
              "version": "9.8.4.10"
            },
            {
              "status": "affected",
              "version": "9.12.2.1"
            },
            {
              "status": "affected",
              "version": "9.12.4.2"
            },
            {
              "status": "affected",
              "version": "9.14.1.6"
            },
            {
              "status": "affected",
              "version": "9.8.3.8"
            },
            {
              "status": "affected",
              "version": "9.14.1.15"
            },
            {
              "status": "affected",
              "version": "9.14.1.19"
            },
            {
              "status": "affected",
              "version": "9.8.4.26"
            },
            {
              "status": "affected",
              "version": "9.12.4.4"
            },
            {
              "status": "affected",
              "version": "9.14.1.30"
            },
            {
              "status": "affected",
              "version": "9.8.4.29"
            },
            {
              "status": "affected",
              "version": "9.12.4.7"
            },
            {
              "status": "affected",
              "version": "9.15.1"
            },
            {
              "status": "affected",
              "version": "9.14.2"
            },
            {
              "status": "affected",
              "version": "9.12.4.8"
            },
            {
              "status": "affected",
              "version": "9.8.4.32"
            },
            {
              "status": "affected",
              "version": "9.12.4.10"
            },
            {
              "status": "affected",
              "version": "9.14.2.4"
            },
            {
              "status": "affected",
              "version": "9.15.1.7"
            },
            {
              "status": "affected",
              "version": "9.14.2.8"
            },
            {
              "status": "affected",
              "version": "9.12.4.13"
            },
            {
              "status": "affected",
              "version": "9.8.4.33"
            },
            {
              "status": "affected",
              "version": "9.15.1.10"
            },
            {
              "status": "affected",
              "version": "9.14.2.13"
            },
            {
              "status": "affected",
              "version": "9.8.4.34"
            },
            {
              "status": "affected",
              "version": "9.12.4.18"
            },
            {
              "status": "affected",
              "version": "9.15.1.15"
            },
            {
              "status": "affected",
              "version": "9.8.4.35"
            },
            {
              "status": "affected",
              "version": "9.14.2.15"
            },
            {
              "status": "affected",
              "version": "9.12.4.24"
            },
            {
              "status": "affected",
              "version": "9.16.1"
            },
            {
              "status": "affected",
              "version": "9.15.1.16"
            },
            {
              "status": "affected",
              "version": "9.8.4.39"
            },
            {
              "status": "affected",
              "version": "9.14.3"
            },
            {
              "status": "affected",
              "version": "9.12.4.26"
            },
            {
              "status": "affected",
              "version": "9.16.1.28"
            },
            {
              "status": "affected",
              "version": "9.14.3.1"
            },
            {
              "status": "affected",
              "version": "9.12.4.29"
            },
            {
              "status": "affected",
              "version": "9.14.3.9"
            },
            {
              "status": "affected",
              "version": "9.16.2"
            },
            {
              "status": "affected",
              "version": "9.12.4.30"
            },
            {
              "status": "affected",
              "version": "9.16.2.3"
            },
            {
              "status": "affected",
              "version": "9.8.4.40"
            },
            {
              "status": "affected",
              "version": "9.14.3.11"
            },
            {
              "status": "affected",
              "version": "9.15.1.17"
            },
            {
              "status": "affected",
              "version": "9.12.4.35"
            },
            {
              "status": "affected",
              "version": "9.8.4.41"
            },
            {
              "status": "affected",
              "version": "9.15.1.1"
            },
            {
              "status": "affected",
              "version": "9.14.3.13"
            },
            {
              "status": "affected",
              "version": "9.16.2.7"
            },
            {
              "status": "affected",
              "version": "9.12.4.37"
            },
            {
              "status": "affected",
              "version": "9.14.3.15"
            },
            {
              "status": "affected",
              "version": "9.17.1"
            },
            {
              "status": "affected",
              "version": "9.16.2.11"
            },
            {
              "status": "affected",
              "version": "9.14.3.18"
            },
            {
              "status": "affected",
              "version": "9.16.2.13"
            },
            {
              "status": "affected",
              "version": "9.12.4.39"
            },
            {
              "status": "affected",
              "version": "9.12.4.38"
            },
            {
              "status": "affected",
              "version": "9.8.4.43"
            },
            {
              "status": "affected",
              "version": "9.14.4"
            },
            {
              "status": "affected",
              "version": "9.16.2.14"
            },
            {
              "status": "affected",
              "version": "9.17.1.7"
            },
            {
              "status": "affected",
              "version": "9.12.4.40"
            },
            {
              "status": "affected",
              "version": "9.15.1.21"
            },
            {
              "status": "affected",
              "version": "9.16.3.3"
            },
            {
              "status": "affected",
              "version": "9.14.4.6"
            },
            {
              "status": "affected",
              "version": "9.16.3"
            },
            {
              "status": "affected",
              "version": "9.16.3.14"
            },
            {
              "status": "affected",
              "version": "9.17.1.9"
            },
            {
              "status": "affected",
              "version": "9.14.4.7"
            },
            {
              "status": "affected",
              "version": "9.12.4.41"
            },
            {
              "status": "affected",
              "version": "9.17.1.10"
            },
            {
              "status": "affected",
              "version": "9.8.4.44"
            },
            {
              "status": "affected",
              "version": "9.18.1"
            },
            {
              "status": "affected",
              "version": "9.12.4.47"
            },
            {
              "status": "affected",
              "version": "9.14.4.12"
            },
            {
              "status": "affected",
              "version": "9.16.3.15"
            },
            {
              "status": "affected",
              "version": "9.18.1.3"
            },
            {
              "status": "affected",
              "version": "9.17.1.11"
            },
            {
              "status": "affected",
              "version": "9.12.4.48"
            },
            {
              "status": "affected",
              "version": "9.14.4.13"
            },
            {
              "status": "affected",
              "version": "9.18.2"
            },
            {
              "status": "affected",
              "version": "9.16.3.19"
            },
            {
              "status": "affected",
              "version": "9.17.1.13"
            },
            {
              "status": "affected",
              "version": "9.12.4.50"
            },
            {
              "status": "affected",
              "version": "9.14.4.14"
            },
            {
              "status": "affected",
              "version": "9.17.1.15"
            },
            {
              "status": "affected",
              "version": "9.8.4.45"
            },
            {
              "status": "affected",
              "version": "9.12.4.52"
            },
            {
              "status": "affected",
              "version": "9.14.4.15"
            },
            {
              "status": "affected",
              "version": "9.16.3.23"
            },
            {
              "status": "affected",
              "version": "9.18.2.5"
            },
            {
              "status": "affected",
              "version": "9.16.4"
            },
            {
              "status": "affected",
              "version": "9.12.4.54"
            },
            {
              "status": "affected",
              "version": "9.14.4.17"
            },
            {
              "status": "affected",
              "version": "9.8.4.46"
            },
            {
              "status": "affected",
              "version": "9.17.1.20"
            },
            {
              "status": "affected",
              "version": "9.18.2.7"
            },
            {
              "status": "affected",
              "version": "9.19.1"
            },
            {
              "status": "affected",
              "version": "9.16.4.9"
            },
            {
              "status": "affected",
              "version": "9.12.4.55"
            },
            {
              "status": "affected",
              "version": "9.18.2.8"
            },
            {
              "status": "affected",
              "version": "9.14.4.22"
            },
            {
              "status": "affected",
              "version": "9.16.4.14"
            },
            {
              "status": "affected",
              "version": "9.8.4.48"
            },
            {
              "status": "affected",
              "version": "9.18.3"
            },
            {
              "status": "affected",
              "version": "9.19.1.5"
            },
            {
              "status": "affected",
              "version": "9.14.4.23"
            },
            {
              "status": "affected",
              "version": "9.12.4.56"
            },
            {
              "status": "affected",
              "version": "9.16.4.18"
            },
            {
              "status": "affected",
              "version": "9.17.1.30"
            },
            {
              "status": "affected",
              "version": "9.19.1.9"
            },
            {
              "status": "affected",
              "version": "9.18.3.39"
            },
            {
              "status": "affected",
              "version": "9.16.4.19"
            },
            {
              "status": "affected",
              "version": "9.12.4.58"
            },
            {
              "status": "affected",
              "version": "9.19.1.12"
            },
            {
              "status": "affected",
              "version": "9.18.3.46"
            },
            {
              "status": "affected",
              "version": "9.16.4.27"
            },
            {
              "status": "affected",
              "version": "9.18.3.53"
            },
            {
              "status": "affected",
              "version": "9.16.4.38"
            },
            {
              "status": "affected",
              "version": "9.17.1.33"
            },
            {
              "status": "affected",
              "version": "9.12.4.62"
            },
            {
              "status": "affected",
              "version": "9.16.4.39"
            },
            {
              "status": "affected",
              "version": "9.16.4.42"
            },
            {
              "status": "affected",
              "version": "9.16.4.48"
            },
            {
              "status": "affected",
              "version": "9.12.4.65"
            },
            {
              "status": "affected",
              "version": "9.16.4.55"
            },
            {
              "status": "affected",
              "version": "9.17.1.39"
            },
            {
              "status": "affected",
              "version": "9.12.4.67"
            },
            {
              "status": "affected",
              "version": "9.14.4.24"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "6.2.3.14"
            },
            {
              "status": "affected",
              "version": "6.4.0.1"
            },
            {
              "status": "affected",
              "version": "6.2.3.7"
            },
            {
              "status": "affected",
              "version": "6.2.3"
            },
            {
              "status": "affected",
              "version": "6.4.0.2"
            },
            {
              "status": "affected",
              "version": "6.2.3.9"
            },
            {
              "status": "affected",
              "version": "6.2.3.1"
            },
            {
              "status": "affected",
              "version": "6.2.3.2"
            },
            {
              "status": "affected",
              "version": "6.4.0.5"
            },
            {
              "status": "affected",
              "version": "6.2.3.10"
            },
            {
              "status": "affected",
              "version": "6.4.0"
            },
            {
              "status": "affected",
              "version": "6.4.0.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.6"
            },
            {
              "status": "affected",
              "version": "6.4.0.4"
            },
            {
              "status": "affected",
              "version": "6.2.3.15"
            },
            {
              "status": "affected",
              "version": "6.2.3.5"
            },
            {
              "status": "affected",
              "version": "6.2.3.4"
            },
            {
              "status": "affected",
              "version": "6.2.3.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.8"
            },
            {
              "status": "affected",
              "version": "6.4.0.6"
            },
            {
              "status": "affected",
              "version": "6.2.3.11"
            },
            {
              "status": "affected",
              "version": "6.2.3.12"
            },
            {
              "status": "affected",
              "version": "6.2.3.13"
            },
            {
              "status": "affected",
              "version": "6.4.0.7"
            },
            {
              "status": "affected",
              "version": "6.4.0.8"
            },
            {
              "status": "affected",
              "version": "6.6.0"
            },
            {
              "status": "affected",
              "version": "6.4.0.9"
            },
            {
              "status": "affected",
              "version": "6.2.3.16"
            },
            {
              "status": "affected",
              "version": "6.6.0.1"
            },
            {
              "status": "affected",
              "version": "6.6.1"
            },
            {
              "status": "affected",
              "version": "6.4.0.10"
            },
            {
              "status": "affected",
              "version": "6.7.0"
            },
            {
              "status": "affected",
              "version": "6.4.0.11"
            },
            {
              "status": "affected",
              "version": "6.6.3"
            },
            {
              "status": "affected",
              "version": "6.7.0.1"
            },
            {
              "status": "affected",
              "version": "6.6.4"
            },
            {
              "status": "affected",
              "version": "6.4.0.12"
            },
            {
              "status": "affected",
              "version": "6.7.0.2"
            },
            {
              "status": "affected",
              "version": "7.0.0"
            },
            {
              "status": "affected",
              "version": "6.2.3.17"
            },
            {
              "status": "affected",
              "version": "7.0.0.1"
            },
            {
              "status": "affected",
              "version": "6.6.5"
            },
            {
              "status": "affected",
              "version": "7.0.1"
            },
            {
              "status": "affected",
              "version": "7.1.0"
            },
            {
              "status": "affected",
              "version": "6.4.0.13"
            },
            {
              "status": "affected",
              "version": "6.6.5.1"
            },
            {
              "status": "affected",
              "version": "6.2.3.18"
            },
            {
              "status": "affected",
              "version": "7.0.1.1"
            },
            {
              "status": "affected",
              "version": "6.7.0.3"
            },
            {
              "status": "affected",
              "version": "6.4.0.14"
            },
            {
              "status": "affected",
              "version": "7.1.0.1"
            },
            {
              "status": "affected",
              "version": "6.6.5.2"
            },
            {
              "status": "affected",
              "version": "7.0.2"
            },
            {
              "status": "affected",
              "version": "6.4.0.15"
            },
            {
              "status": "affected",
              "version": "7.2.0"
            },
            {
              "status": "affected",
              "version": "7.0.2.1"
            },
            {
              "status": "affected",
              "version": "7.0.3"
            },
            {
              "status": "affected",
              "version": "6.6.7"
            },
            {
              "status": "affected",
              "version": "7.1.0.2"
            },
            {
              "status": "affected",
              "version": "7.2.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.4"
            },
            {
              "status": "affected",
              "version": "7.2.1"
            },
            {
              "status": "affected",
              "version": "7.0.5"
            },
            {
              "status": "affected",
              "version": "6.4.0.16"
            },
            {
              "status": "affected",
              "version": "7.3.0"
            },
            {
              "status": "affected",
              "version": "7.2.2"
            },
            {
              "status": "affected",
              "version": "7.2.3"
            },
            {
              "status": "affected",
              "version": "6.6.7.1"
            },
            {
              "status": "affected",
              "version": "7.3.1"
            },
            {
              "status": "affected",
              "version": "7.1.0.3"
            },
            {
              "status": "affected",
              "version": "7.2.4"
            },
            {
              "status": "affected",
              "version": "7.0.6"
            },
            {
              "status": "affected",
              "version": "7.2.5"
            },
            {
              "status": "affected",
              "version": "7.2.4.1"
            },
            {
              "status": "affected",
              "version": "7.3.1.1"
            },
            {
              "status": "affected",
              "version": "6.4.0.17"
            },
            {
              "status": "affected",
              "version": "7.0.6.1"
            },
            {
              "status": "affected",
              "version": "6.6.7.2"
            },
            {
              "status": "affected",
              "version": "6.4.0.18"
            },
            {
              "status": "affected",
              "version": "7.3.1.2"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the AnyConnect firewall for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should have been denied to flow through an affected device. This vulnerability is due to a logic error in populating group ACLs when an AnyConnect client establishes a new session toward an affected device. An attacker could exploit this vulnerability by establishing an AnyConnect connection to the affected device. A successful exploit could allow the attacker to bypass configured ACL rules."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-290",
              "description": "Authentication Bypass by Spoofing",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-23T17:07:52.657Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-asaftd-acl-bypass-VvnLNKqf",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-acl-bypass-VvnLNKqf"
        },
        {
          "name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-M446vbEO",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-M446vbEO"
        },
        {
          "name": "Cisco Event Response: October 2024 Semiannual Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication",
          "url": "https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asaftd-acl-bypass-VvnLNKqf",
        "defects": [
          "CSCwf23262"
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance and Firepower Threat Defense AnyConnect  Access Control List Bypass Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2024-20297",
    "datePublished": "2024-10-23T17:07:52.657Z",
    "dateReserved": "2023-11-08T15:08:07.629Z",
    "dateUpdated": "2024-10-24T17:14:45.950Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-20042 (GCVE-0-2023-20042)

Vulnerability from cvelistv5

Published

2023-11-01 17:11

Modified

2024-08-02 08:57

Severity ?

6.8 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-404 - Improper Resource Shutdown or Release

Summary

A vulnerability in the AnyConnect SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to an implementation error within the SSL/TLS session handling process that can prevent the release of a session handler under specific conditions. An attacker could exploit this vulnerability by sending crafted SSL/TLS traffic to an affected device, increasing the probability of session handler leaks. A successful exploit could allow the attacker to eventually deplete the available session handler pool, preventing new sessions from being established and causing a DoS condition.

References

▼	URL	Tags
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ssl-dos-kxG8mpUA

Impacted products

Vendor

Product

Version

▼

Cisco

Cisco Adaptive Security Appliance (ASA) Software

Version: 9.16.1
Version: 9.16.1.28
Version: 9.16.2
Version: 9.16.2.3
Version: 9.16.2.7
Version: 9.16.2.11
Version: 9.16.2.13
Version: 9.16.2.14
Version: 9.16.3
Version: 9.16.3.3
Version: 9.16.3.14
Version: 9.16.3.15
Version: 9.16.3.19
Version: 9.16.3.23
Version: 9.16.4
Version: 9.16.4.9
Version: 9.17.1
Version: 9.17.1.7
Version: 9.17.1.9
Version: 9.17.1.10
Version: 9.17.1.11
Version: 9.17.1.13
Version: 9.17.1.15
Version: 9.17.1.20
Version: 9.18.1
Version: 9.18.1.3
Version: 9.18.2
Version: 9.18.2.5
Version: 9.18.2.7
Version: 9.19.1

Cisco

Cisco Firepower Threat Defense Software

Version: 7.0.0
Version: 7.0.0.1
Version: 7.0.1
Version: 7.0.1.1
Version: 7.0.2
Version: 7.0.2.1
Version: 7.0.3
Version: 7.0.4
Version: 7.0.5
Version: 7.1.0
Version: 7.1.0.1
Version: 7.1.0.2
Version: 7.1.0.3
Version: 7.2.0
Version: 7.2.0.1
Version: 7.2.1
Version: 7.2.2
Version: 7.2.3
Version: 7.3.0
Version: 7.3.1
Version: 7.3.1.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T08:57:35.839Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "cisco-sa-asaftd-ssl-dos-kxG8mpUA",
            "tags": [
              "x_transferred"
            ],
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ssl-dos-kxG8mpUA"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "9.16.1"
            },
            {
              "status": "affected",
              "version": "9.16.1.28"
            },
            {
              "status": "affected",
              "version": "9.16.2"
            },
            {
              "status": "affected",
              "version": "9.16.2.3"
            },
            {
              "status": "affected",
              "version": "9.16.2.7"
            },
            {
              "status": "affected",
              "version": "9.16.2.11"
            },
            {
              "status": "affected",
              "version": "9.16.2.13"
            },
            {
              "status": "affected",
              "version": "9.16.2.14"
            },
            {
              "status": "affected",
              "version": "9.16.3"
            },
            {
              "status": "affected",
              "version": "9.16.3.3"
            },
            {
              "status": "affected",
              "version": "9.16.3.14"
            },
            {
              "status": "affected",
              "version": "9.16.3.15"
            },
            {
              "status": "affected",
              "version": "9.16.3.19"
            },
            {
              "status": "affected",
              "version": "9.16.3.23"
            },
            {
              "status": "affected",
              "version": "9.16.4"
            },
            {
              "status": "affected",
              "version": "9.16.4.9"
            },
            {
              "status": "affected",
              "version": "9.17.1"
            },
            {
              "status": "affected",
              "version": "9.17.1.7"
            },
            {
              "status": "affected",
              "version": "9.17.1.9"
            },
            {
              "status": "affected",
              "version": "9.17.1.10"
            },
            {
              "status": "affected",
              "version": "9.17.1.11"
            },
            {
              "status": "affected",
              "version": "9.17.1.13"
            },
            {
              "status": "affected",
              "version": "9.17.1.15"
            },
            {
              "status": "affected",
              "version": "9.17.1.20"
            },
            {
              "status": "affected",
              "version": "9.18.1"
            },
            {
              "status": "affected",
              "version": "9.18.1.3"
            },
            {
              "status": "affected",
              "version": "9.18.2"
            },
            {
              "status": "affected",
              "version": "9.18.2.5"
            },
            {
              "status": "affected",
              "version": "9.18.2.7"
            },
            {
              "status": "affected",
              "version": "9.19.1"
            }
          ]
        },
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "7.0.0"
            },
            {
              "status": "affected",
              "version": "7.0.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1.1"
            },
            {
              "status": "affected",
              "version": "7.0.2"
            },
            {
              "status": "affected",
              "version": "7.0.2.1"
            },
            {
              "status": "affected",
              "version": "7.0.3"
            },
            {
              "status": "affected",
              "version": "7.0.4"
            },
            {
              "status": "affected",
              "version": "7.0.5"
            },
            {
              "status": "affected",
              "version": "7.1.0"
            },
            {
              "status": "affected",
              "version": "7.1.0.1"
            },
            {
              "status": "affected",
              "version": "7.1.0.2"
            },
            {
              "status": "affected",
              "version": "7.1.0.3"
            },
            {
              "status": "affected",
              "version": "7.2.0"
            },
            {
              "status": "affected",
              "version": "7.2.0.1"
            },
            {
              "status": "affected",
              "version": "7.2.1"
            },
            {
              "status": "affected",
              "version": "7.2.2"
            },
            {
              "status": "affected",
              "version": "7.2.3"
            },
            {
              "status": "affected",
              "version": "7.3.0"
            },
            {
              "status": "affected",
              "version": "7.3.1"
            },
            {
              "status": "affected",
              "version": "7.3.1.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the AnyConnect SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to an implementation error within the SSL/TLS session handling process that can prevent the release of a session handler under specific conditions. An attacker could exploit this vulnerability by sending crafted SSL/TLS traffic to an affected device, increasing the probability of session handler leaks. A successful exploit could allow the attacker to eventually deplete the available session handler pool, preventing new sessions from being established and causing a DoS condition."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-404",
              "description": "Improper Resource Shutdown or Release",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-25T16:57:36.733Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-asaftd-ssl-dos-kxG8mpUA",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ssl-dos-kxG8mpUA"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asaftd-ssl-dos-kxG8mpUA",
        "defects": [
          "CSCwd62859"
        ],
        "discovery": "EXTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2023-20042",
    "datePublished": "2023-11-01T17:11:08.109Z",
    "dateReserved": "2022-10-27T18:47:50.316Z",
    "dateUpdated": "2024-08-02T08:57:35.839Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-40125 (GCVE-0-2021-40125)

Vulnerability from cvelistv5

Published

2021-10-27 18:50

Modified

2024-11-07 21:46

Severity ?

5.3 (Medium) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-416

Summary

A vulnerability in the Internet Key Exchange Version 2 (IKEv2) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to trigger a denial of service (DoS) condition on an affected device. This vulnerability is due to improper control of a resource. An attacker with the ability to spoof a trusted IKEv2 site-to-site VPN peer and in possession of valid IKEv2 credentials for that peer could exploit this vulnerability by sending malformed, authenticated IKEv2 messages to an affected device. A successful exploit could allow the attacker to trigger a reload of the device.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ikev2-dos-g4cmrr7C	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Adaptive Security Appliance (ASA) Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T02:27:31.867Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20211027 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IKEv2 Site-to-Site VPN Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ikev2-dos-g4cmrr7C"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-40125",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-07T21:39:51.828851Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-07T21:46:26.254Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2021-10-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Internet Key Exchange Version 2 (IKEv2) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to trigger a denial of service (DoS) condition on an affected device. This vulnerability is due to improper control of a resource. An attacker with the ability to spoof a trusted IKEv2 site-to-site VPN peer and in possession of valid IKEv2 credentials for that peer could exploit this vulnerability by sending malformed, authenticated IKEv2 messages to an affected device. A successful exploit could allow the attacker to trigger a reload of the device."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-416",
              "description": "CWE-416",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-27T18:50:09",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20211027 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IKEv2 Site-to-Site VPN Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ikev2-dos-g4cmrr7C"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asaftd-ikev2-dos-g4cmrr7C",
        "defect": [
          [
            "CSCvy93480"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IKEv2 Site-to-Site VPN Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2021-10-27T16:00:00",
          "ID": "CVE-2021-40125",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IKEv2 Site-to-Site VPN Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the Internet Key Exchange Version 2 (IKEv2) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to trigger a denial of service (DoS) condition on an affected device. This vulnerability is due to improper control of a resource. An attacker with the ability to spoof a trusted IKEv2 site-to-site VPN peer and in possession of valid IKEv2 credentials for that peer could exploit this vulnerability by sending malformed, authenticated IKEv2 messages to an affected device. A successful exploit could allow the attacker to trigger a reload of the device."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "5.3",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-416"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20211027 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IKEv2 Site-to-Site VPN Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ikev2-dos-g4cmrr7C"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-asaftd-ikev2-dos-g4cmrr7C",
          "defect": [
            [
              "CSCvy93480"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2021-40125",
    "datePublished": "2021-10-27T18:50:09.794256Z",
    "dateReserved": "2021-08-25T00:00:00",
    "dateUpdated": "2024-11-07T21:46:26.254Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-20363 (GCVE-0-2025-20363)

Vulnerability from cvelistv5

Published

2025-09-25 16:12

Modified

2025-09-26 03:55

Severity ?

9.0 (Critical) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

CWE

CWE-122 - Heap-based Buffer Overflow

Summary

A vulnerability in the web services of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software, Cisco Secure Firewall Threat Defense (FTD) Software, Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, remote attacker (Cisco ASA and FTD Software) or authenticated, remote attacker (Cisco IOS, IOS XE, and IOS XR Software) with low user privileges to execute arbitrary code on an affected device. This vulnerability is due to improper validation of user-supplied input in HTTP requests. An attacker could exploit this vulnerability by sending crafted HTTP requests to a targeted web service on an affected device after obtaining additional information about the system, overcoming exploit mitigations, or both. A successful exploit could allow the attacker to execute arbitrary code as root, which may lead to the complete compromise of the affected device. For more information about this vulnerability, see the Details ["#details"] section of this advisory.

References

▼	URL	Tags
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http-code-exec-WmfP3h3O

Impacted products

Vendor

Product

Version

▼

Cisco

IOS

Version: 12.2(15)B
Version: 12.2(16)B1
Version: 12.2(16)B2
Version: 12.2(16)B
Version: 12.2(15)BC2a
Version: 12.2(15)BC1a
Version: 12.2(15)BC1b
Version: 12.2(15)BC2d
Version: 12.2(15)BC2g
Version: 12.2(15)BC1g
Version: 12.2(15)BC2i
Version: 12.2(15)BC1c
Version: 12.2(15)BC2c
Version: 12.2(15)BC2f
Version: 12.2(15)BC1d
Version: 12.2(15)BC1
Version: 12.2(15)BC2
Version: 12.2(15)BC2e
Version: 12.2(15)BC1e
Version: 12.2(15)BC2h
Version: 12.2(15)BC1f
Version: 12.2(15)BC2b
Version: 12.2(15)BX
Version: 12.2(16)BX
Version: 12.2(16)BX2
Version: 12.2(16)BX3
Version: 12.2(16)BX1
Version: 12.2(15)BZ2
Version: 12.2(15)CX
Version: 12.2(15)CX1
Version: 12.2(33)CX
Version: 12.2(33)CY
Version: 12.2(33)CY1
Version: 12.2(33)CY2
Version: 12.2(15)MC1c
Version: 12.2(15)MC2g
Version: 12.2(15)MC2k
Version: 12.2(15)MC1b
Version: 12.2(15)MC2b
Version: 12.2(15)MC2a
Version: 12.2(15)MC2m
Version: 12.2(15)MC1
Version: 12.2(15)MC2
Version: 12.2(15)MC2f
Version: 12.2(15)MC2j
Version: 12.2(15)MC2e
Version: 12.2(15)MC1a
Version: 12.2(15)MC2c
Version: 12.2(15)MC2i
Version: 12.2(15)MC2h
Version: 12.2(15)MC2l
Version: 12.2(11)YU
Version: 12.2(11)YV
Version: 12.2(11)YV1
Version: 12.2(13)ZD
Version: 12.2(13)ZD3
Version: 12.2(13)ZD2
Version: 12.2(13)ZD1
Version: 12.2(13)ZD4
Version: 12.2(13)ZE
Version: 12.2(13)ZF
Version: 12.2(13)ZF2
Version: 12.2(13)ZF1
Version: 12.2(13)ZG
Version: 12.2(13)ZH
Version: 12.2(13)ZH5
Version: 12.2(13)ZH9
Version: 12.2(13)ZH2
Version: 12.2(13)ZH8
Version: 12.2(13)ZH10
Version: 12.2(13)ZH4
Version: 12.2(13)ZH3
Version: 12.2(13)ZH7
Version: 12.2(13)ZH6
Version: 12.2(13)ZH1
Version: 12.2(15)ZJ
Version: 12.2(15)ZJ2
Version: 12.2(15)ZJ1
Version: 12.2(15)ZJ3
Version: 12.2(15)ZJ5
Version: 12.2(15)ZL
Version: 12.2(15)ZL1
Version: 12.3(9a)
Version: 12.3(15)
Version: 12.3(19)
Version: 12.3(10f)
Version: 12.3(10a)
Version: 12.3(1)
Version: 12.3(1a)
Version: 12.3(10)
Version: 12.3(10b)
Version: 12.3(10c)
Version: 12.3(10d)
Version: 12.3(10e)
Version: 12.3(12b)
Version: 12.3(12a)
Version: 12.3(12c)
Version: 12.3(12d)
Version: 12.3(12e)
Version: 12.3(12)
Version: 12.3(13)
Version: 12.3(13a)
Version: 12.3(13b)
Version: 12.3(15a)
Version: 12.3(16)
Version: 12.3(17)
Version: 12.3(17a)
Version: 12.3(17b)
Version: 12.3(18)
Version: 12.3(20)
Version: 12.3(3f)
Version: 12.3(3e)
Version: 12.3(3g)
Version: 12.3(3c)
Version: 12.3(3b)
Version: 12.3(3a)
Version: 12.3(3)
Version: 12.3(3i)
Version: 12.3(3h)
Version: 12.3(5c)
Version: 12.3(5b)
Version: 12.3(5a)
Version: 12.3(5)
Version: 12.3(5f)
Version: 12.3(5e)
Version: 12.3(5d)
Version: 12.3(6f)
Version: 12.3(6e)
Version: 12.3(6c)
Version: 12.3(6b)
Version: 12.3(6a)
Version: 12.3(6)
Version: 12.3(9d)
Version: 12.3(9e)
Version: 12.3(9)
Version: 12.3(9b)
Version: 12.3(9c)
Version: 12.3(16a)
Version: 12.3(15b)
Version: 12.3(21)
Version: 12.3(22)
Version: 12.3(21b)
Version: 12.3(23)
Version: 12.3(26)
Version: 12.3(20a)
Version: 12.3(22a)
Version: 12.3(25)
Version: 12.3(17c)
Version: 12.3(24)
Version: 12.3(19a)
Version: 12.3(24a)
Version: 12.3(18a)
Version: 12.3(1a)B
Version: 12.3(3)B
Version: 12.3(5a)B
Version: 12.3(3)B1
Version: 12.3(5a)B3
Version: 12.3(5a)B2
Version: 12.3(5a)B5
Version: 12.3(5a)B4
Version: 12.3(5a)B1
Version: 12.3(11)T
Version: 12.3(7)T12
Version: 12.3(11)T11
Version: 12.3(11)T10
Version: 12.3(14)T7
Version: 12.3(14)T
Version: 12.3(8)T
Version: 12.3(2)T
Version: 12.3(4)T
Version: 12.3(7)T
Version: 12.3(8)T9
Version: 12.3(2)T9
Version: 12.3(8)T6
Version: 12.3(4)T2a
Version: 12.3(4)T9
Version: 12.3(4)T4
Version: 12.3(2)T1
Version: 12.3(11)T5
Version: 12.3(7)T3
Version: 12.3(2)T2
Version: 12.3(8)T3
Version: 12.3(4)T7
Version: 12.3(8)T7
Version: 12.3(11)T8
Version: 12.3(7)T2
Version: 12.3(8)T4
Version: 12.3(8)T8
Version: 12.3(14)T5
Version: 12.3(11)T3
Version: 12.3(4)T10
Version: 12.3(2)T4
Version: 12.3(8)T10
Version: 12.3(14)T2
Version: 12.3(4)T2
Version: 12.3(7)T7
Version: 12.3(7)T10
Version: 12.3(7)T4
Version: 12.3(11)T6
Version: 12.3(7)T11
Version: 12.3(4)T6
Version: 12.3(2)T3
Version: 12.3(2)T5
Version: 12.3(2)T6
Version: 12.3(4)T3
Version: 12.3(14)T3
Version: 12.3(2)T8
Version: 12.3(11)T4
Version: 12.3(7)T9
Version: 12.3(8)T11
Version: 12.3(11)T9
Version: 12.3(7)T8
Version: 12.3(4)T1
Version: 12.3(8)T5
Version: 12.3(4)T11
Version: 12.3(4)T8
Version: 12.3(14)T1
Version: 12.3(11)T2
Version: 12.3(7)T6
Version: 12.3(2)T7
Version: 12.3(11)T7
Version: 12.3(7)T1
Version: 12.3(14)T6
Version: 12.3(8)T1
Version: 12.2(15)CZ
Version: 12.2(15)CZ1
Version: 12.2(15)CZ3
Version: 12.2(15)CZ2
Version: 12.3(2)XA
Version: 12.3(2)XA4
Version: 12.3(2)XA7
Version: 12.3(2)XA1
Version: 12.3(2)XA3
Version: 12.3(2)XA6
Version: 12.3(2)XA2
Version: 12.3(2)XA5
Version: 12.3(4)XQ
Version: 12.3(4)XQ1
Version: 12.3(11)XL
Version: 12.3(11)XL1
Version: 12.3(4)XK3
Version: 12.3(4)XK1
Version: 12.3(4)XK4
Version: 12.3(4)XK
Version: 12.3(4)XK2
Version: 12.3(7)XJ
Version: 12.3(7)XJ1
Version: 12.3(7)XJ2
Version: 12.3(7)XI8
Version: 12.3(7)XI7
Version: 12.3(7)XI8d
Version: 12.3(7)XI10a
Version: 12.3(7)XI8a
Version: 12.3(7)XI4
Version: 12.3(7)XI1b
Version: 12.3(7)XI7a
Version: 12.3(7)XI2a
Version: 12.3(7)XI10
Version: 12.3(7)XI7b
Version: 12.3(7)XI1c
Version: 12.3(7)XI9
Version: 12.3(7)XI3
Version: 12.3(7)XI6
Version: 12.3(7)XI8c
Version: 12.3(7)XI2
Version: 12.3(7)XI5
Version: 12.3(4)XG
Version: 12.3(4)XG3
Version: 12.3(4)XG1
Version: 12.3(4)XG4
Version: 12.3(4)XG2
Version: 12.3(4)XG5
Version: 12.3(2)XF
Version: 12.3(2)XE
Version: 12.3(2)XE5
Version: 12.3(2)XE2
Version: 12.3(2)XE1
Version: 12.3(2)XE4
Version: 12.3(2)XE3
Version: 12.3(4)XD
Version: 12.3(4)XD4
Version: 12.3(4)XD1
Version: 12.3(4)XD3
Version: 12.3(4)XD2
Version: 12.3(2)XC
Version: 12.3(2)XC4
Version: 12.3(2)XC3
Version: 12.3(2)XC2
Version: 12.3(2)XC1
Version: 12.3(2)XC5
Version: 12.3(2)XB2
Version: 12.3(2)XB
Version: 12.3(2)XB3
Version: 12.3(2)XB1
Version: 12.2(25)EW
Version: 12.2(25)EWA
Version: 12.2(25)EWA6
Version: 12.2(25)EWA5
Version: 12.2(25)EWA1
Version: 12.2(25)EWA10
Version: 12.2(25)EWA8
Version: 12.2(25)EWA11
Version: 12.2(25)EWA9
Version: 12.2(25)EWA2
Version: 12.2(25)EWA14
Version: 12.2(25)EWA4
Version: 12.2(25)EWA3
Version: 12.2(25)EWA7
Version: 12.2(25)EWA12
Version: 12.2(25)EWA13
Version: 12.2(35)SE
Version: 12.2(25)SE
Version: 12.2(37)SE
Version: 12.2(53)SE1
Version: 12.2(55)SE
Version: 12.2(25)SE2
Version: 12.2(40)SE2
Version: 12.2(46)SE
Version: 12.2(46)SE2
Version: 12.2(50)SE2
Version: 12.2(35)SE5
Version: 12.2(50)SE1
Version: 12.2(44)SE2
Version: 12.2(35)SE1
Version: 12.2(50)SE5
Version: 12.2(35)SE4
Version: 12.2(44)SE1
Version: 12.2(53)SE
Version: 12.2(37)SE1
Version: 12.2(25)SE3
Version: 12.2(35)SE3
Version: 12.2(44)SE4
Version: 12.2(55)SE3
Version: 12.2(55)SE2
Version: 12.2(40)SE
Version: 12.2(44)SE
Version: 12.2(52)SE
Version: 12.2(58)SE
Version: 12.2(50)SE3
Version: 12.2(55)SE1
Version: 12.2(35)SE2
Version: 12.2(40)SE1
Version: 12.2(44)SE6
Version: 12.2(44)SE3
Version: 12.2(53)SE2
Version: 12.2(52)SE1
Version: 12.2(46)SE1
Version: 12.2(54)SE
Version: 12.2(44)SE5
Version: 12.2(50)SE4
Version: 12.2(50)SE
Version: 12.2(58)SE1
Version: 12.2(55)SE4
Version: 12.2(58)SE2
Version: 12.2(55)SE5
Version: 12.2(55)SE6
Version: 12.2(55)SE7
Version: 12.2(55)SE8
Version: 12.2(55)SE9
Version: 12.2(55)SE10
Version: 12.2(55)SE11
Version: 12.2(55)SE12
Version: 12.2(55)SE13
Version: 12.3(7)XR
Version: 12.3(7)XR4
Version: 12.3(7)XR3
Version: 12.3(7)XR5
Version: 12.3(7)XR6
Version: 12.3(7)XR2
Version: 12.3(7)XR7
Version: 12.3(7)XS
Version: 12.3(7)XS2
Version: 12.3(7)XS1
Version: 12.3(8)XU
Version: 12.3(8)XU5
Version: 12.3(8)XU2
Version: 12.3(8)XU1
Version: 12.3(8)XU4
Version: 12.3(8)XU3
Version: 12.3(8)XX
Version: 12.3(8)XX1
Version: 12.3(8)XX2d
Version: 12.3(8)XW
Version: 12.3(8)XW2
Version: 12.3(8)XW3
Version: 12.3(8)XW1
Version: 12.3(8)XY
Version: 12.3(8)XY3
Version: 12.3(8)XY5
Version: 12.3(8)XY4
Version: 12.3(8)XY1
Version: 12.3(8)XY7
Version: 12.3(8)XY2
Version: 12.3(8)XY6
Version: 12.3(2)XZ1
Version: 12.3(2)XZ2
Version: 12.3(8)YA
Version: 12.3(8)YA1
Version: 12.3(8)YD
Version: 12.3(8)YD1
Version: 12.3(11)YF
Version: 12.3(11)YF2
Version: 12.3(11)YF3
Version: 12.3(11)YF4
Version: 12.3(11)YF1
Version: 12.3(8)YH
Version: 12.3(8)YG
Version: 12.3(8)YG5
Version: 12.3(8)YG3
Version: 12.3(8)YG6
Version: 12.3(8)YG2
Version: 12.3(8)YG1
Version: 12.3(8)YG4
Version: 12.3(13a)BC6
Version: 12.3(17a)BC2
Version: 12.3(17a)BC
Version: 12.3(13a)BC
Version: 12.3(21)BC
Version: 12.3(9a)BC
Version: 12.3(21a)BC9
Version: 12.3(21a)BC4
Version: 12.3(9a)BC9
Version: 12.3(17b)BC6
Version: 12.3(13a)BC2
Version: 12.3(23)BC
Version: 12.3(17b)BC3
Version: 12.3(9a)BC2
Version: 12.3(17b)BC9
Version: 12.3(23)BC8
Version: 12.3(23)BC10
Version: 12.3(23)BC1
Version: 12.3(9a)BC1
Version: 12.3(17b)BC8
Version: 12.3(9a)BC3
Version: 12.3(23)BC9
Version: 12.3(21a)BC6
Version: 12.3(9a)BC6
Version: 12.3(9a)BC5
Version: 12.3(23)BC7
Version: 12.3(13a)BC3
Version: 12.3(23)BC6
Version: 12.3(23)BC4
Version: 12.3(13a)BC1
Version: 12.3(17b)BC5
Version: 12.3(21a)BC8
Version: 12.3(9a)BC8
Version: 12.3(21a)BC3
Version: 12.3(21a)BC7
Version: 12.3(9a)BC7
Version: 12.3(23)BC5
Version: 12.3(13a)BC5
Version: 12.3(9a)BC4
Version: 12.3(21a)BC2
Version: 12.3(13a)BC4
Version: 12.3(17b)BC7
Version: 12.3(23)BC3
Version: 12.3(21a)BC1
Version: 12.3(17a)BC1
Version: 12.3(17b)BC4
Version: 12.3(23)BC2
Version: 12.3(21a)BC5
Version: 12.3(1a)BW
Version: 12.3(11)YJ
Version: 12.3(8)YI2
Version: 12.3(8)YI3
Version: 12.3(8)YI1
Version: 12.3(11)YK
Version: 12.3(11)YK1
Version: 12.3(11)YK2
Version: 12.3(11)YK3
Version: 12.2(25)EX
Version: 12.2(35)EX
Version: 12.2(44)EX
Version: 12.2(35)EX2
Version: 12.2(40)EX3
Version: 12.2(40)EX
Version: 12.2(53)EX
Version: 12.2(37)EX
Version: 12.2(52)EX
Version: 12.2(44)EX1
Version: 12.2(35)EX1
Version: 12.2(25)EX1
Version: 12.2(40)EX2
Version: 12.2(40)EX1
Version: 12.2(55)EX
Version: 12.2(46)EX
Version: 12.2(52)EX1
Version: 12.2(55)EX1
Version: 12.2(55)EX2
Version: 12.2(55)EX3
Version: 12.2(58)EX
Version: 12.2(25)SEB
Version: 12.2(25)SEB2
Version: 12.2(25)SEB1
Version: 12.2(25)SEB4
Version: 12.2(25)SEB3
Version: 12.2(25)SEA
Version: 12.2(25)EY
Version: 12.2(46)EY
Version: 12.2(55)EY
Version: 12.2(52)EY1
Version: 12.2(25)EY1
Version: 12.2(44)EY
Version: 12.2(52)EY
Version: 12.2(53)EY
Version: 12.2(25)EY3
Version: 12.2(52)EY2
Version: 12.2(37)EY
Version: 12.2(25)EY2
Version: 12.2(25)EY4
Version: 12.2(52)EY1b
Version: 12.2(52)EY1c
Version: 12.2(58)EY
Version: 12.2(52)EY3
Version: 12.2(52)EY2a
Version: 12.2(58)EY1
Version: 12.2(52)EY4
Version: 12.2(52)EY3a
Version: 12.2(58)EY2
Version: 12.3(2)JA
Version: 12.3(2)JA1
Version: 12.3(2)JA2
Version: 12.3(2)JA3
Version: 12.3(2)JA4
Version: 12.3(2)JA5
Version: 12.3(4)JA1
Version: 12.3(4)JA
Version: 12.3(7)JA1
Version: 12.3(7)JA
Version: 12.3(8)JA
Version: 12.3(8)JA1
Version: 12.3(8)JA2
Version: 12.3(11)JA
Version: 12.3(7)JA4
Version: 12.3(4)JA2
Version: 12.3(7)JA5
Version: 12.3(11)JA3
Version: 12.3(11)JA4
Version: 12.3(2)JA6
Version: 12.3(11)JA2
Version: 12.3(11)JA1
Version: 12.3(7)JA3
Version: 12.3(7)JA2
Version: 12.3(14)YQ8
Version: 12.3(14)YQ
Version: 12.3(14)YQ5
Version: 12.3(14)YQ4
Version: 12.3(14)YQ7
Version: 12.3(14)YQ1
Version: 12.3(14)YQ6
Version: 12.3(14)YQ3
Version: 12.3(14)YQ2
Version: 12.3(11)YS
Version: 12.3(11)YS1
Version: 12.3(11)YS2
Version: 12.4(3e)
Version: 12.4(7b)
Version: 12.4(8)
Version: 12.4(5b)
Version: 12.4(7a)
Version: 12.4(3d)
Version: 12.4(1)
Version: 12.4(1a)
Version: 12.4(1b)
Version: 12.4(1c)
Version: 12.4(10)
Version: 12.4(3)
Version: 12.4(3a)
Version: 12.4(3b)
Version: 12.4(3c)
Version: 12.4(3f)
Version: 12.4(5)
Version: 12.4(5a)
Version: 12.4(7c)
Version: 12.4(7)
Version: 12.4(8a)
Version: 12.4(8b)
Version: 12.4(7d)
Version: 12.4(3g)
Version: 12.4(8c)
Version: 12.4(10b)
Version: 12.4(12)
Version: 12.4(12a)
Version: 12.4(12b)
Version: 12.4(13)
Version: 12.4(13a)
Version: 12.4(13b)
Version: 12.4(13c)
Version: 12.4(7e)
Version: 12.4(17)
Version: 12.4(25e)
Version: 12.4(18b)
Version: 12.4(18e)
Version: 12.4(25g)
Version: 12.4(3i)
Version: 12.4(3j)
Version: 12.4(23b)
Version: 12.4(3h)
Version: 12.4(7h)
Version: 12.4(25a)
Version: 12.4(16)
Version: 12.4(13d)
Version: 12.4(25)
Version: 12.4(25c)
Version: 12.4(19)
Version: 12.4(13e)
Version: 12.4(25b)
Version: 12.4(23)
Version: 12.4(10c)
Version: 12.4(21)
Version: 12.4(16b)
Version: 12.4(16a)
Version: 12.4(23a)
Version: 12.4(25d)
Version: 12.4(7f)
Version: 12.4(18)
Version: 12.4(21a)
Version: 12.4(13f)
Version: 12.4(25f)
Version: 12.4(18c)
Version: 12.4(5c)
Version: 12.4(8d)
Version: 12.4(12c)
Version: 12.4(17a)
Version: 12.4(18a)
Version: 12.4(17b)
Version: 12.4(7g)
Version: 12.2(25)EZ
Version: 12.2(25)EZ1
Version: 12.2(58)EZ
Version: 12.2(53)EZ
Version: 12.2(55)EZ
Version: 12.2(60)EZ
Version: 12.2(60)EZ1
Version: 12.2(60)EZ2
Version: 12.2(60)EZ3
Version: 12.2(60)EZ4
Version: 12.2(60)EZ5
Version: 12.2(60)EZ6
Version: 12.2(60)EZ7
Version: 12.2(60)EZ8
Version: 12.2(60)EZ9
Version: 12.2(60)EZ10
Version: 12.2(60)EZ11
Version: 12.2(60)EZ12
Version: 12.2(60)EZ13
Version: 12.2(60)EZ14
Version: 12.2(60)EZ15
Version: 12.2(25)SEC
Version: 12.2(25)SEC2
Version: 12.2(25)SEC1
Version: 12.3(2)JK
Version: 12.3(2)JK1
Version: 12.3(2)JK2
Version: 12.3(8)JK
Version: 12.3(8)JK1
Version: 12.3(2)JK3
Version: 12.3(14)YU
Version: 12.3(14)YU1
Version: 12.4(6)MR1
Version: 12.4(11)MR
Version: 12.4(2)MR
Version: 12.4(4)MR
Version: 12.4(6)MR
Version: 12.4(9)MR
Version: 12.4(12)MR
Version: 12.4(16)MR
Version: 12.4(16)MR1
Version: 12.4(19)MR2
Version: 12.4(19)MR1
Version: 12.4(19)MR
Version: 12.4(20)MR
Version: 12.4(4)MR1
Version: 12.4(19)MR3
Version: 12.4(12)MR1
Version: 12.4(20)MR2
Version: 12.4(16)MR2
Version: 12.4(12)MR2
Version: 12.4(2)MR1
Version: 12.4(20)MR1
Version: 12.4(4)T
Version: 12.4(4)T1
Version: 12.4(4)T2
Version: 12.4(4)T3
Version: 12.4(6)T
Version: 12.4(6)T1
Version: 12.4(6)T2
Version: 12.4(9)T
Version: 12.4(4)T4
Version: 12.4(2)T5
Version: 12.4(6)T3
Version: 12.4(2)T
Version: 12.4(11)T
Version: 12.4(15)T
Version: 12.4(20)T
Version: 12.4(24)T
Version: 12.4(24)T3
Version: 12.4(4)T8
Version: 12.4(20)T1
Version: 12.4(22)T1
Version: 12.4(15)T9
Version: 12.4(11)T4
Version: 12.4(15)T8
Version: 12.4(6)T5
Version: 12.4(15)T15
Version: 12.4(24)T5
Version: 12.4(15)T2
Version: 12.4(6)T8
Version: 12.4(15)T12
Version: 12.4(24)T4
Version: 12.4(6)T11
Version: 12.4(9)T5
Version: 12.4(20)T3
Version: 12.4(6)T4
Version: 12.4(4)T6
Version: 12.4(22)T
Version: 12.4(20)T6
Version: 12.4(9)T3
Version: 12.4(24)T8
Version: 12.4(6)T7
Version: 12.4(15)T13
Version: 12.4(6)T10
Version: 12.4(15)T3
Version: 12.4(24)T2
Version: 12.4(22)T5
Version: 12.4(2)T3
Version: 12.4(15)T10
Version: 12.4(22)T4
Version: 12.4(20)T5
Version: 12.4(9)T6
Version: 12.4(15)T4
Version: 12.4(2)T4
Version: 12.4(24)T1
Version: 12.4(9)T4
Version: 12.4(24)T7
Version: 12.4(22)T3
Version: 12.4(9)T1
Version: 12.4(24)T6
Version: 12.4(6)T9
Version: 12.4(15)T5
Version: 12.4(4)T7
Version: 12.4(20)T2
Version: 12.4(2)T1
Version: 12.4(11)T1
Version: 12.4(15)T11
Version: 12.4(2)T6
Version: 12.4(2)T2
Version: 12.4(15)T7
Version: 12.4(11)T2
Version: 12.4(9)T7
Version: 12.4(15)T14
Version: 12.4(11)T3
Version: 12.4(15)T6
Version: 12.4(15)T16
Version: 12.4(15)T1
Version: 12.4(9)T2
Version: 12.4(6)T6
Version: 12.4(22)T2
Version: 12.4(4)T5
Version: 12.4(20)T4
Version: 12.4(24)T4a
Version: 12.4(24)T4b
Version: 12.4(24)T3e
Version: 12.4(24)T4c
Version: 12.4(15)T17
Version: 12.4(24)T4d
Version: 12.4(24)T4e
Version: 12.4(24)T3f
Version: 12.4(24)T4f
Version: 12.4(24)T4l
Version: 12.3(14)YT
Version: 12.3(14)YT1
Version: 12.2(31)SG
Version: 12.2(25)SG
Version: 12.2(37)SG
Version: 12.2(44)SG
Version: 12.2(50)SG3
Version: 12.2(31)SG1
Version: 12.2(53)SG
Version: 12.2(31)SG3
Version: 12.2(50)SG6
Version: 12.2(53)SG1
Version: 12.2(46)SG
Version: 12.2(25)SG1
Version: 12.2(53)SG2
Version: 12.2(50)SG5
Version: 12.2(37)SG1
Version: 12.2(53)SG3
Version: 12.2(50)SG8
Version: 12.2(25)SG3
Version: 12.2(50)SG2
Version: 12.2(40)SG
Version: 12.2(25)SG2
Version: 12.2(54)SG1
Version: 12.2(44)SG1
Version: 12.2(50)SG1
Version: 12.2(52)SG
Version: 12.2(54)SG
Version: 12.2(31)SG2
Version: 12.2(50)SG
Version: 12.2(25)SG4
Version: 12.2(50)SG7
Version: 12.2(53)SG4
Version: 12.2(50)SG4
Version: 12.2(46)SG1
Version: 12.2(53)SG5
Version: 12.2(53)SG6
Version: 12.2(53)SG7
Version: 12.2(53)SG8
Version: 12.2(53)SG9
Version: 12.2(53)SG10
Version: 12.2(53)SG11
Version: 12.2(25)FX
Version: 12.2(25)FY
Version: 12.3(7)JX2
Version: 12.3(7)JX
Version: 12.3(7)JX1
Version: 12.3(7)JX4
Version: 12.3(11)JX
Version: 12.3(7)JX7
Version: 12.3(7)JX12
Version: 12.3(7)JX9
Version: 12.3(7)JX10
Version: 12.3(11)JX1
Version: 12.3(7)JX6
Version: 12.3(7)JX5
Version: 12.3(7)JX3
Version: 12.3(7)JX11
Version: 12.3(7)JX8
Version: 12.3(4)TPC11b
Version: 12.3(4)TPC11a
Version: 12.4(2)XB
Version: 12.4(2)XB1
Version: 12.4(2)XB6
Version: 12.4(2)XB7
Version: 12.4(2)XB11
Version: 12.4(2)XB3
Version: 12.4(2)XB9
Version: 12.4(2)XB8
Version: 12.4(2)XB2
Version: 12.4(2)XB10
Version: 12.4(2)XB4
Version: 12.4(2)XB5
Version: 12.4(2)XB12
Version: 12.4(2)XA
Version: 12.4(2)XA1
Version: 12.4(2)XA2
Version: 12.3(14)YM8
Version: 12.3(14)YM12
Version: 12.3(14)YM4
Version: 12.3(14)YM3
Version: 12.3(14)YM7
Version: 12.3(14)YM11
Version: 12.3(14)YM9
Version: 12.3(14)YM6
Version: 12.3(14)YM10
Version: 12.3(14)YM13
Version: 12.3(14)YM5
Version: 12.3(14)YM2
Version: 12.2(31)SB3x
Version: 12.2(33)SB3
Version: 12.2(31)SB5
Version: 12.2(31)SB10
Version: 12.2(33)SB9
Version: 12.2(31)SB15
Version: 12.2(33)SB10
Version: 12.2(33)SB6
Version: 12.2(31)SB11
Version: 12.2(31)SB7
Version: 12.2(33)SB5
Version: 12.2(31)SB6
Version: 12.2(33)SB8
Version: 12.2(31)SB17
Version: 12.2(31)SB13
Version: 12.2(31)SB9
Version: 12.2(31)SB16
Version: 12.2(31)SB12
Version: 12.2(31)SB20
Version: 12.2(33)SB2
Version: 12.2(31)SB8
Version: 12.2(31)SB3
Version: 12.2(31)SB18
Version: 12.2(31)SB2
Version: 12.2(31)SB14
Version: 12.2(31)SB19
Version: 12.2(33)SB
Version: 12.2(33)SB7
Version: 12.2(33)SB1
Version: 12.2(33)SB4
Version: 12.2(33)SB11
Version: 12.2(31)SB21
Version: 12.2(33)SB12
Version: 12.2(33)SB13
Version: 12.2(33)SB14
Version: 12.2(33)SB15
Version: 12.2(33)SB16
Version: 12.2(33)SB17
Version: 12.2(33)SB8a
Version: 12.2(33)SRA
Version: 12.2(33)SRA6
Version: 12.2(33)SRA7
Version: 12.2(33)SRA2
Version: 12.2(33)SRA3
Version: 12.2(33)SRA1
Version: 12.2(33)SRA4
Version: 12.2(33)SRA5
Version: 12.4(4)XC
Version: 12.4(4)XC1
Version: 12.4(4)XC5
Version: 12.4(4)XC7
Version: 12.4(4)XC3
Version: 12.4(4)XC4
Version: 12.4(4)XC2
Version: 12.4(4)XC6
Version: 12.4(4)XD
Version: 12.4(4)XD4
Version: 12.4(4)XD10
Version: 12.4(4)XD12
Version: 12.4(4)XD2
Version: 12.4(4)XD8
Version: 12.4(4)XD11
Version: 12.4(4)XD1
Version: 12.4(4)XD5
Version: 12.4(4)XD7
Version: 12.4(4)XD9
Version: 12.4(6)XE
Version: 12.4(6)XE2
Version: 12.4(6)XE1
Version: 12.2(25)SEF1
Version: 12.2(25)SEF2
Version: 12.2(25)SEF3
Version: 12.2(25)SEE
Version: 12.2(25)SEE1
Version: 12.2(25)SEE3
Version: 12.2(25)SEE4
Version: 12.2(25)SEE2
Version: 12.2(25)SED
Version: 12.2(25)SED1
Version: 12.3(11)YZ1
Version: 12.3(11)YZ
Version: 12.3(11)YZ2
Version: 12.4(11)SW
Version: 12.4(15)SW6
Version: 12.4(15)SW
Version: 12.4(11)SW1
Version: 12.4(15)SW5
Version: 12.4(15)SW1
Version: 12.4(15)SW4
Version: 12.4(11)SW3
Version: 12.4(11)SW2
Version: 12.4(15)SW3
Version: 12.4(15)SW2
Version: 12.4(15)SW7
Version: 12.4(15)SW8
Version: 12.4(15)SW8a
Version: 12.4(15)SW9
Version: 12.4(9)XG
Version: 12.4(9)XG3
Version: 12.4(9)XG5
Version: 12.4(9)XG2
Version: 12.4(9)XG1
Version: 12.4(9)XG4
Version: 12.4(11)XJ
Version: 12.4(11)XJ3
Version: 12.4(11)XJ2
Version: 12.4(11)XJ4
Version: 12.4(6)XT
Version: 12.4(6)XT1
Version: 12.4(6)XT2
Version: 12.4(6)XP
Version: 12.2(31)SGA
Version: 12.2(31)SGA3
Version: 12.2(31)SGA2
Version: 12.2(31)SGA10
Version: 12.2(31)SGA5
Version: 12.2(31)SGA4
Version: 12.2(31)SGA11
Version: 12.2(31)SGA6
Version: 12.2(31)SGA1
Version: 12.2(31)SGA7
Version: 12.2(31)SGA8
Version: 12.2(31)SGA9
Version: 12.2(25)SEG
Version: 12.2(25)SEG5
Version: 12.2(25)SEG2
Version: 12.2(25)SEG4
Version: 12.2(25)SEG1
Version: 12.2(25)SEG3
Version: 12.2(25)SEG6
Version: 12.3(8)JEA
Version: 12.3(8)JEA1
Version: 12.3(8)JEA3
Version: 12.3(8)JEA2
Version: 12.4(11)MD
Version: 12.4(11)MD2
Version: 12.4(24)MD1
Version: 12.4(11)MD1
Version: 12.4(24)MD
Version: 12.4(11)MD10
Version: 12.4(15)MD3
Version: 12.4(24)MD3
Version: 12.4(15)MD2
Version: 12.4(11)MD5
Version: 12.4(24)MD2
Version: 12.4(11)MD9
Version: 12.4(22)MD1
Version: 12.4(15)MD5
Version: 12.4(15)MD4
Version: 12.4(22)MD2
Version: 12.4(11)MD8
Version: 12.4(11)MD7
Version: 12.4(24)MD5
Version: 12.4(15)MD
Version: 12.4(15)MD1
Version: 12.4(11)MD6
Version: 12.4(22)MD
Version: 12.4(11)MD4
Version: 12.4(11)MD3
Version: 12.4(24)MD4
Version: 12.4(24)MD6
Version: 12.4(24)MD7
Version: 12.4(14)XK
Version: 12.4(11)XV
Version: 12.4(11)XV1
Version: 12.4(11)XW
Version: 12.4(11)XW3
Version: 12.4(11)XW7
Version: 12.4(11)XW10
Version: 12.4(11)XW8
Version: 12.4(11)XW9
Version: 12.4(11)XW6
Version: 12.4(11)XW4
Version: 12.4(11)XW1
Version: 12.4(11)XW5
Version: 12.4(11)XW2
Version: 12.2(33)SRB
Version: 12.2(33)SRB4
Version: 12.2(33)SRB5a
Version: 12.2(33)SRB3
Version: 12.2(33)SRB1
Version: 12.2(33)SRB7
Version: 12.2(33)SRB6
Version: 12.2(33)SRB5
Version: 12.2(33)SRB2
Version: 12.4(3g)JMA1
Version: 12.3(8)JEB
Version: 12.3(8)JEB1
Version: 12.3(8)JEC2
Version: 12.3(8)JEC1
Version: 12.3(8)JEC3
Version: 12.3(8)JEC
Version: 12.2(25)FZ
Version: 12.4(15)XF
Version: 12.3(2)JL
Version: 12.3(2)JL3
Version: 12.3(2)JL1
Version: 12.3(2)JL4
Version: 12.3(2)JL2
Version: 12.2(33)SCA2
Version: 12.2(33)SCA1
Version: 12.2(33)SCA
Version: 12.2(33)SRC2
Version: 12.2(33)SRC
Version: 12.2(33)SRC3
Version: 12.2(33)SRC5
Version: 12.2(33)SRC6
Version: 12.2(33)SRC4
Version: 12.2(33)SRC1
Version: 12.2(33)SXH3a
Version: 12.2(33)SXH8a
Version: 12.2(33)SXH3
Version: 12.2(33)SXH4
Version: 12.2(33)SXH7
Version: 12.2(33)SXH
Version: 12.2(33)SXH8
Version: 12.2(33)SXH2a
Version: 12.2(33)SXH2
Version: 12.2(33)SXH1
Version: 12.2(33)SXH5
Version: 12.2(33)SXH6
Version: 12.2(33)SXH8b
Version: 12.4(15)XQ4
Version: 12.4(15)XQ1
Version: 12.4(15)XQ7
Version: 12.4(15)XQ2a
Version: 12.4(15)XQ6
Version: 12.4(15)XQ2
Version: 12.4(15)XQ
Version: 12.4(15)XQ3
Version: 12.4(15)XQ5
Version: 12.4(15)XQ2b
Version: 12.4(15)XQ8
Version: 12.4(15)XY4
Version: 12.4(15)XY5
Version: 12.4(15)XY1
Version: 12.4(15)XY
Version: 12.4(15)XY2
Version: 12.4(15)XY3
Version: 12.4(15)XZ
Version: 12.4(15)XZ2
Version: 12.4(15)XZ1
Version: 12.4(15)XL3
Version: 12.4(15)XL1
Version: 12.4(15)XL2
Version: 12.4(15)XL4
Version: 12.4(15)XL5
Version: 12.4(15)XL
Version: 12.3(8)ZA
Version: 12.4(15)XM3
Version: 12.4(15)XM1
Version: 12.4(15)XM2
Version: 12.4(15)XM
Version: 12.4(15)XN
Version: 12.4(22)XR5
Version: 12.4(22)XR4
Version: 12.4(15)XR5
Version: 12.4(15)XR2
Version: 12.4(22)XR7
Version: 12.4(15)XR4
Version: 12.4(15)XR1
Version: 12.4(15)XR7
Version: 12.4(22)XR2
Version: 12.4(15)XR9
Version: 12.4(15)XR6
Version: 12.4(15)XR3
Version: 12.4(15)XR
Version: 12.4(22)XR6
Version: 12.4(22)XR10
Version: 12.4(15)XR8
Version: 12.4(22)XR1
Version: 12.4(22)XR9
Version: 12.4(22)XR3
Version: 12.4(22)XR8
Version: 12.4(22)XR11
Version: 12.4(15)XR10
Version: 12.4(22)XR12
Version: 12.2(33)IRA
Version: 12.2(33)IRB
Version: 12.2(33)SCB9
Version: 12.2(33)SCB
Version: 12.2(33)SCB6
Version: 12.2(33)SCB3
Version: 12.2(33)SCB10
Version: 12.2(33)SCB4
Version: 12.2(33)SCB2
Version: 12.2(33)SCB7
Version: 12.2(33)SCB1
Version: 12.2(33)SCB5
Version: 12.2(33)SCB8
Version: 12.2(33)SCB11
Version: 12.2(33)SRD7
Version: 12.2(33)SRD6
Version: 12.2(33)SRD2a
Version: 12.2(33)SRD4
Version: 12.2(33)SRD5
Version: 12.2(33)SRD3
Version: 12.2(33)SRD2
Version: 12.2(33)SRD1
Version: 12.2(33)SRD
Version: 12.2(33)SRD8
Version: 12.2(33)STE0
Version: 12.2(33)SXI2
Version: 12.2(33)SXI3
Version: 12.2(33)SXI5
Version: 12.2(33)SXI4a
Version: 12.2(33)SXI4
Version: 12.2(33)SXI2a
Version: 12.2(33)SXI
Version: 12.2(33)SXI6
Version: 12.2(33)SXI7
Version: 12.2(33)SXI1
Version: 12.2(33)SXI8
Version: 12.2(33)SXI9
Version: 12.2(33)SXI8a
Version: 12.2(33)SXI10
Version: 12.2(33)SXI11
Version: 12.2(33)SXI12
Version: 12.2(33)SXI13
Version: 12.2(33)SXI14
Version: 12.2(52)XO
Version: 12.2(54)XO
Version: 12.2(40)XO
Version: 12.4(10b)JDA3
Version: 12.4(10b)JDA
Version: 12.4(10b)JDA2
Version: 12.4(10b)JDA1
Version: 12.4(3)JL
Version: 12.4(3)JL2
Version: 12.4(3)JL1
Version: 12.4(3g)JMB
Version: 12.4(3g)JX
Version: 12.4(3g)JX1
Version: 12.4(25e)JX
Version: 12.4(10b)JY
Version: 12.4(21a)JY
Version: 12.4(23c)JY
Version: 12.2(44)SQ
Version: 12.2(44)SQ2
Version: 12.2(50)SQ2
Version: 12.2(50)SQ1
Version: 12.2(50)SQ
Version: 12.2(50)SQ3
Version: 12.2(50)SQ4
Version: 12.2(50)SQ5
Version: 12.2(50)SQ6
Version: 12.2(50)SQ7
Version: 12.4(10b)JDC
Version: 12.4(10b)JDD
Version: 12.2(33)IRC
Version: 12.4(22)MDA3
Version: 12.4(24)MDA5
Version: 12.4(22)MDA5
Version: 12.4(24)MDA3
Version: 12.4(22)MDA4
Version: 12.4(24)MDA4
Version: 12.4(24)MDA1
Version: 12.4(22)MDA
Version: 12.4(22)MDA2
Version: 12.4(22)MDA1
Version: 12.4(24)MDA2
Version: 12.4(22)MDA6
Version: 12.4(24)MDA6
Version: 12.4(24)MDA7
Version: 12.4(24)MDA8
Version: 12.4(24)MDA10
Version: 12.4(24)MDA9
Version: 12.4(24)MDA11
Version: 12.4(24)MDA12
Version: 12.4(24)MDA13
Version: 12.2(33)SCC
Version: 12.2(33)SCC2
Version: 12.2(33)SCC6
Version: 12.2(33)SCC7
Version: 12.2(33)SCC5
Version: 12.2(33)SCC4
Version: 12.2(33)SCC3
Version: 12.2(33)SCC1
Version: 12.2(33)SCD5
Version: 12.2(33)SCD1
Version: 12.2(33)SCD7
Version: 12.2(33)SCD4
Version: 12.2(33)SCD
Version: 12.2(33)SCD6
Version: 12.2(33)SCD3
Version: 12.2(33)SCD2
Version: 12.2(33)SCD8
Version: 12.3(8)JED
Version: 12.3(8)JED1
Version: 12.4(24)YG3
Version: 12.4(24)YG4
Version: 12.4(24)YG1
Version: 12.4(24)YG2
Version: 12.4(24)YG
Version: 15.0(1)M1
Version: 15.0(1)M5
Version: 15.0(1)M4
Version: 15.0(1)M3
Version: 15.0(1)M2
Version: 15.0(1)M6
Version: 15.0(1)M
Version: 15.0(1)M7
Version: 15.0(1)M10
Version: 15.0(1)M9
Version: 15.0(1)M8
Version: 15.0(1)XA2
Version: 15.0(1)XA4
Version: 15.0(1)XA1
Version: 15.0(1)XA3
Version: 15.0(1)XA
Version: 15.0(1)XA5
Version: 15.1(2)T
Version: 15.1(1)T4
Version: 15.1(3)T2
Version: 15.1(1)T1
Version: 15.1(2)T0a
Version: 15.1(3)T3
Version: 15.1(1)T3
Version: 15.1(2)T3
Version: 15.1(2)T4
Version: 15.1(1)T2
Version: 15.1(3)T
Version: 15.1(2)T2a
Version: 15.1(3)T1
Version: 15.1(1)T
Version: 15.1(2)T2
Version: 15.1(2)T1
Version: 15.1(2)T5
Version: 15.1(3)T4
Version: 15.1(1)T5
Version: 15.1(1)XB
Version: 12.2(33)SRE1
Version: 12.2(33)SRE2
Version: 12.2(33)SRE3
Version: 12.2(33)SRE4
Version: 12.2(33)SRE
Version: 12.2(33)SRE0a
Version: 12.2(33)SRE5
Version: 12.2(33)SRE6
Version: 12.2(33)SRE8
Version: 12.2(33)SRE7
Version: 12.2(33)SRE9
Version: 12.2(33)SRE7a
Version: 12.2(33)SRE10
Version: 12.2(33)SRE11
Version: 12.2(33)SRE9a
Version: 12.2(33)SRE12
Version: 12.2(33)SRE13
Version: 12.2(33)SRE14
Version: 12.2(33)SRE15
Version: 12.2(33)SRE15a
Version: 15.0(1)XO1
Version: 15.0(1)XO
Version: 15.0(2)XO
Version: 15.0(1)S2
Version: 15.0(1)S1
Version: 15.0(1)S
Version: 15.0(1)S3a
Version: 15.0(1)S4
Version: 15.0(1)S5
Version: 15.0(1)S4a
Version: 15.0(1)S6
Version: 12.2(33)IRD
Version: 12.2(33)IRE
Version: 12.2(33)IRE2
Version: 12.2(33)IRE1
Version: 12.2(33)MRA
Version: 12.2(33)MRB5
Version: 12.2(33)MRB2
Version: 12.2(33)MRB1
Version: 12.2(33)MRB4
Version: 12.2(33)MRB
Version: 12.2(33)MRB3
Version: 12.2(33)MRB6
Version: 12.4(21a)JHA
Version: 15.2(1)S
Version: 15.2(2)S
Version: 15.2(1)S1
Version: 15.2(4)S
Version: 15.2(1)S2
Version: 15.2(2)S1
Version: 15.2(2)S2
Version: 15.2(2)S0a
Version: 15.2(2)S0c
Version: 15.2(4)S1
Version: 15.2(4)S4
Version: 15.2(4)S6
Version: 15.2(4)S2
Version: 15.2(4)S5
Version: 15.2(4)S3
Version: 15.2(4)S3a
Version: 15.2(4)S4a
Version: 15.2(4)S7
Version: 15.3(1)T
Version: 15.3(2)T
Version: 15.3(1)T1
Version: 15.3(1)T2
Version: 15.3(1)T3
Version: 15.3(1)T4
Version: 15.3(2)T1
Version: 15.3(2)T2
Version: 15.3(2)T3
Version: 15.3(2)T4
Version: 12.4(10b)JDE
Version: 15.0(1)EY
Version: 15.0(1)EY1
Version: 15.0(1)EY2
Version: 15.0(2)EY
Version: 15.0(2)EY1
Version: 15.0(2)EY2
Version: 15.0(2)EY3
Version: 12.4(20)MRB
Version: 12.4(20)MRB1
Version: 12.3(8)JEE
Version: 12.2(54)WO
Version: 15.1(2)S
Version: 15.1(1)S
Version: 15.1(1)S1
Version: 15.1(3)S
Version: 15.1(1)S2
Version: 15.1(2)S1
Version: 15.1(2)S2
Version: 15.1(3)S1
Version: 15.1(3)S0a
Version: 15.1(3)S2
Version: 15.1(3)S4
Version: 15.1(3)S3
Version: 15.1(3)S5
Version: 15.1(3)S6
Version: 15.1(3)S5a
Version: 15.1(4)M3
Version: 15.1(4)M
Version: 15.1(4)M1
Version: 15.1(4)M2
Version: 15.1(4)M6
Version: 15.1(4)M5
Version: 15.1(4)M4
Version: 15.1(4)M7
Version: 15.1(4)M3a
Version: 15.1(4)M10
Version: 15.1(4)M8
Version: 15.1(4)M9
Version: 12.2(33)IRF
Version: 12.4(3g)JMC1
Version: 12.4(3g)JMC
Version: 12.4(3g)JMC2
Version: 15.0(1)SE
Version: 15.0(2)SE
Version: 15.0(1)SE1
Version: 15.0(1)SE2
Version: 15.0(1)SE3
Version: 15.0(2)SE1
Version: 15.0(2)SE2
Version: 15.0(2)SE3
Version: 15.0(2)SE4
Version: 15.0(2)SE5
Version: 15.0(2)SE6
Version: 15.0(2)SE7
Version: 15.0(2)SE8
Version: 15.0(2)SE9
Version: 15.0(2)SE10
Version: 15.0(2)SE11
Version: 15.0(2)SE10a
Version: 15.0(2)SE12
Version: 15.0(2)SE13
Version: 15.1(2)GC
Version: 15.1(2)GC1
Version: 15.1(2)GC2
Version: 15.1(4)GC
Version: 15.1(4)GC1
Version: 15.1(4)GC2
Version: 15.0(1)SY
Version: 15.0(1)SY1
Version: 15.0(1)SY2
Version: 15.0(1)SY3
Version: 15.0(1)SY4
Version: 15.0(1)SY5
Version: 15.0(1)SY6
Version: 15.0(1)SY7
Version: 15.0(1)SY8
Version: 15.0(1)SY7a
Version: 15.0(1)SY9
Version: 15.0(1)SY10
Version: 12.2(33)SXJ
Version: 12.2(33)SXJ1
Version: 12.2(33)SXJ2
Version: 12.2(33)SXJ3
Version: 12.2(33)SXJ4
Version: 12.2(33)SXJ5
Version: 12.2(33)SXJ6
Version: 12.2(33)SXJ7
Version: 12.2(33)SXJ8
Version: 12.2(33)SXJ9
Version: 12.2(33)SXJ10
Version: 15.1(1)SG
Version: 15.1(2)SG
Version: 15.1(1)SG1
Version: 15.1(1)SG2
Version: 15.1(2)SG1
Version: 15.1(2)SG2
Version: 15.1(2)SG3
Version: 15.1(2)SG4
Version: 15.1(2)SG5
Version: 15.1(2)SG6
Version: 15.1(2)SG7
Version: 15.1(2)SG8
Version: 15.0(1)MR
Version: 15.0(2)MR
Version: 12.2(33)SCF
Version: 12.2(33)SCF1
Version: 12.2(33)SCF2
Version: 12.2(33)SCF3
Version: 12.2(33)SCF4
Version: 12.2(33)SCF5
Version: 15.2(4)M
Version: 15.2(4)M1
Version: 15.2(4)M2
Version: 15.2(4)M4
Version: 15.2(4)M3
Version: 15.2(4)M5
Version: 15.2(4)M8
Version: 15.2(4)M10
Version: 15.2(4)M7
Version: 15.2(4)M6
Version: 15.2(4)M9
Version: 15.2(4)M6a
Version: 15.2(4)M11
Version: 12.2(33)SCE
Version: 12.2(33)SCE1
Version: 12.2(33)SCE2
Version: 12.2(33)SCE3
Version: 12.2(33)SCE4
Version: 12.2(33)SCE5
Version: 12.2(33)SCE6
Version: 15.0(2)SG
Version: 15.0(2)SG1
Version: 15.0(2)SG2
Version: 15.0(2)SG3
Version: 15.0(2)SG4
Version: 15.0(2)SG5
Version: 15.0(2)SG6
Version: 15.0(2)SG7
Version: 15.0(2)SG8
Version: 15.0(2)SG9
Version: 15.0(2)SG10
Version: 15.0(2)SG11
Version: 12.4(24)MDB
Version: 12.4(24)MDB1
Version: 12.4(24)MDB3
Version: 12.4(24)MDB4
Version: 12.4(24)MDB5
Version: 12.4(24)MDB6
Version: 12.4(24)MDB7
Version: 12.4(24)MDB5a
Version: 12.4(24)MDB8
Version: 12.4(24)MDB9
Version: 12.4(24)MDB10
Version: 12.4(24)MDB11
Version: 12.4(24)MDB12
Version: 12.4(24)MDB13
Version: 12.4(24)MDB14
Version: 12.4(24)MDB15
Version: 12.4(24)MDB16
Version: 12.4(24)MDB17
Version: 12.4(24)MDB18
Version: 12.4(24)MDB19
Version: 12.2(33)IRG
Version: 12.2(33)IRG1
Version: 12.4(21a)JHC
Version: 15.0(1)EX
Version: 15.0(2)EX
Version: 15.0(2)EX1
Version: 15.0(2)EX2
Version: 15.0(2)EX3
Version: 15.0(2)EX4
Version: 15.0(2)EX5
Version: 15.0(2)EX8
Version: 15.0(2a)EX5
Version: 15.0(2)EX10
Version: 15.0(2)EX11
Version: 15.0(2)EX13
Version: 15.0(2)EX12
Version: 15.2(1)GC
Version: 15.2(1)GC1
Version: 15.2(1)GC2
Version: 15.2(2)GC
Version: 15.2(3)GC
Version: 15.2(3)GC1
Version: 15.2(4)GC
Version: 15.2(4)GC1
Version: 15.2(4)GC2
Version: 15.2(4)GC3
Version: 12.2(33)SCG
Version: 12.2(33)SCG1
Version: 12.2(33)SCG2
Version: 12.2(33)SCG3
Version: 12.2(33)SCG4
Version: 12.2(33)SCG5
Version: 12.2(33)SCG6
Version: 12.2(33)SCG7
Version: 12.2(33)IRH
Version: 12.2(33)IRH1
Version: 15.1(1)SY
Version: 15.1(1)SY1
Version: 15.1(2)SY
Version: 15.1(2)SY1
Version: 15.1(2)SY2
Version: 15.1(1)SY2
Version: 15.1(1)SY3
Version: 15.1(2)SY3
Version: 15.1(1)SY4
Version: 15.1(2)SY4
Version: 15.1(1)SY5
Version: 15.1(2)SY5
Version: 15.1(2)SY4a
Version: 15.1(1)SY6
Version: 15.1(2)SY6
Version: 15.1(2)SY7
Version: 15.1(2)SY8
Version: 15.1(2)SY9
Version: 15.1(2)SY10
Version: 15.1(2)SY11
Version: 15.1(2)SY12
Version: 15.1(2)SY13
Version: 15.1(2)SY14
Version: 15.1(2)SY15
Version: 15.1(2)SY16
Version: 15.3(1)S
Version: 15.3(2)S
Version: 15.3(3)S
Version: 15.3(1)S2
Version: 15.3(1)S1
Version: 15.3(2)S2
Version: 15.3(2)S1
Version: 15.3(3)S1
Version: 15.3(3)S2
Version: 15.3(3)S3
Version: 15.3(3)S6
Version: 15.3(3)S4
Version: 15.3(3)S1a
Version: 15.3(3)S5
Version: 15.3(3)S7
Version: 15.3(3)S8
Version: 15.3(3)S9
Version: 15.3(3)S10
Version: 15.3(3)S8a
Version: 15.4(1)T
Version: 15.4(2)T
Version: 15.4(1)T2
Version: 15.4(1)T1
Version: 15.4(1)T3
Version: 15.4(2)T1
Version: 15.4(2)T3
Version: 15.4(2)T2
Version: 15.4(1)T4
Version: 15.4(2)T4
Version: 12.2(33)SCH
Version: 12.2(33)SCH1
Version: 12.2(33)SCH2
Version: 12.2(33)SCH0a
Version: 12.2(33)SCH3
Version: 12.2(33)SCH2a
Version: 12.2(33)SCH4
Version: 12.2(33)SCH5
Version: 12.2(33)SCH6
Version: 12.4(25e)JAL
Version: 12.4(25e)JAL2
Version: 15.0(2)EA
Version: 15.0(2)EA1
Version: 15.2(1)E
Version: 15.2(2)E
Version: 15.2(1)E1
Version: 15.2(3)E
Version: 15.2(1)E2
Version: 15.2(1)E3
Version: 15.2(2)E1
Version: 15.2(4)E
Version: 15.2(3)E1
Version: 15.2(2)E2
Version: 15.2(2a)E1
Version: 15.2(2)E3
Version: 15.2(2a)E2
Version: 15.2(3)E2
Version: 15.2(3a)E
Version: 15.2(3)E3
Version: 15.2(4)E1
Version: 15.2(2)E4
Version: 15.2(2)E5
Version: 15.2(4)E2
Version: 15.2(3)E4
Version: 15.2(5)E
Version: 15.2(4)E3
Version: 15.2(2)E6
Version: 15.2(5a)E
Version: 15.2(5)E1
Version: 15.2(5b)E
Version: 15.2(2)E5a
Version: 15.2(5c)E
Version: 15.2(2)E5b
Version: 15.2(5a)E1
Version: 15.2(4)E4
Version: 15.2(2)E7
Version: 15.2(5)E2
Version: 15.2(6)E
Version: 15.2(4)E5
Version: 15.2(5)E2c
Version: 15.2(2)E8
Version: 15.2(6)E0a
Version: 15.2(6)E1
Version: 15.2(6)E0c
Version: 15.2(4)E6
Version: 15.2(6)E2
Version: 15.2(2)E9
Version: 15.2(4)E7
Version: 15.2(7)E
Version: 15.2(2)E10
Version: 15.2(4)E8
Version: 15.2(6)E2a
Version: 15.2(6)E2b
Version: 15.2(7)E1
Version: 15.2(7)E0a
Version: 15.2(7)E0b
Version: 15.2(7)E0s
Version: 15.2(6)E3
Version: 15.2(4)E9
Version: 15.2(7)E2
Version: 15.2(7a)E0b
Version: 15.2(4)E10
Version: 15.2(7)E3
Version: 15.2(7)E1a
Version: 15.2(7b)E0b
Version: 15.2(7)E2a
Version: 15.2(4)E10a
Version: 15.2(7)E4
Version: 15.2(7)E3k
Version: 15.2(8)E
Version: 15.2(8)E1
Version: 15.2(7)E5
Version: 15.2(7)E6
Version: 15.2(8)E2
Version: 15.2(4)E10d
Version: 15.2(7)E7
Version: 15.2(8)E3
Version: 15.2(7)E8
Version: 15.2(8)E4
Version: 15.2(7)E9
Version: 15.2(8)E5
Version: 15.2(8)E6
Version: 15.2(7)E10
Version: 15.2(7)E11
Version: 15.2(8)E7
Version: 15.2(7)E12
Version: 15.1(3)MRA
Version: 15.1(3)MRA1
Version: 15.1(3)MRA2
Version: 15.1(3)MRA3
Version: 15.1(3)MRA4
Version: 15.1(3)SVB1
Version: 15.1(3)SVB2
Version: 15.2(4)JB5h
Version: 15.4(1)S
Version: 15.4(2)S
Version: 15.4(3)S
Version: 15.4(1)S1
Version: 15.4(1)S2
Version: 15.4(2)S1
Version: 15.4(1)S3
Version: 15.4(3)S1
Version: 15.4(2)S2
Version: 15.4(3)S2
Version: 15.4(3)S3
Version: 15.4(1)S4
Version: 15.4(2)S3
Version: 15.4(2)S4
Version: 15.4(3)S4
Version: 15.4(3)S5
Version: 15.4(3)S6
Version: 15.4(3)S7
Version: 15.4(3)S6a
Version: 15.4(3)S8
Version: 15.4(3)S9
Version: 15.4(3)S10
Version: 15.3(3)M
Version: 15.3(3)M1
Version: 15.3(3)M2
Version: 15.3(3)M3
Version: 15.3(3)M5
Version: 15.3(3)M4
Version: 15.3(3)M6
Version: 15.3(3)M7
Version: 15.3(3)M8
Version: 15.3(3)M9
Version: 15.3(3)M10
Version: 15.3(3)M8a
Version: 15.0(2)EZ
Version: 15.1(3)SVD
Version: 15.1(3)SVD1
Version: 15.1(3)SVD2
Version: 15.2(1)EY
Version: 15.0(2)EJ
Version: 15.0(2)EJ1
Version: 15.2(1)SY
Version: 15.2(1)SY1
Version: 15.2(1)SY0a
Version: 15.2(1)SY2
Version: 15.2(2)SY
Version: 15.2(1)SY1a
Version: 15.2(2)SY1
Version: 15.2(2)SY2
Version: 15.2(1)SY3
Version: 15.2(1)SY4
Version: 15.2(2)SY3
Version: 15.2(1)SY5
Version: 15.2(1)SY6
Version: 15.2(1)SY7
Version: 15.2(1)SY8
Version: 15.2(5)EX
Version: 15.1(3)SVF
Version: 15.1(3)SVF1
Version: 15.1(3)SVE
Version: 15.0(2)EK
Version: 15.0(2)EK1
Version: 15.4(1)CG
Version: 15.4(1)CG1
Version: 15.4(2)CG
Version: 15.5(1)S
Version: 15.5(2)S
Version: 15.5(1)S1
Version: 15.5(3)S
Version: 15.5(1)S2
Version: 15.5(1)S3
Version: 15.5(2)S1
Version: 15.5(2)S2
Version: 15.5(3)S1
Version: 15.5(3)S1a
Version: 15.5(2)S3
Version: 15.5(3)S2
Version: 15.5(3)S0a
Version: 15.5(3)S3
Version: 15.5(1)S4
Version: 15.5(2)S4
Version: 15.5(3)S4
Version: 15.5(3)S5
Version: 15.5(3)S6
Version: 15.5(3)S6a
Version: 15.5(3)S7
Version: 15.5(3)S6b
Version: 15.5(3)S8
Version: 15.5(3)S9
Version: 15.5(3)S10
Version: 15.5(3)S9a
Version: 15.1(3)SVG
Version: 15.2(2)EB
Version: 15.2(2)EB1
Version: 15.2(2)EB2
Version: 15.2(6)EB
Version: 15.5(1)T
Version: 15.5(1)T1
Version: 15.5(2)T
Version: 15.5(1)T2
Version: 15.5(1)T3
Version: 15.5(2)T1
Version: 15.5(2)T2
Version: 15.5(2)T3
Version: 15.5(2)T4
Version: 15.5(1)T4
Version: 15.2(2)EA
Version: 15.2(2)EA1
Version: 15.2(2)EA2
Version: 15.2(3)EA
Version: 15.2(4)EA
Version: 15.2(4)EA1
Version: 15.2(2)EA3
Version: 15.2(4)EA3
Version: 15.2(5)EA
Version: 15.2(4)EA4
Version: 15.2(4)EA5
Version: 15.2(4)EA6
Version: 15.2(4)EA7
Version: 15.2(4)EA8
Version: 15.2(4)EA9
Version: 15.2(4)EA9a
Version: 15.5(3)M
Version: 15.5(3)M1
Version: 15.5(3)M0a
Version: 15.5(3)M2
Version: 15.5(3)M3
Version: 15.5(3)M4
Version: 15.5(3)M4a
Version: 15.5(3)M5
Version: 15.5(3)M6
Version: 15.5(3)M7
Version: 15.5(3)M6a
Version: 15.5(3)M8
Version: 15.5(3)M9
Version: 15.5(3)M10
Version: 12.2(33)SCI
Version: 12.2(33)SCI1
Version: 12.2(33)SCI1a
Version: 12.2(33)SCI2
Version: 12.2(33)SCI3
Version: 12.2(33)SCI2a
Version: 15.5(3)SN
Version: 15.0(2)SQD
Version: 15.0(2)SQD1
Version: 15.0(2)SQD2
Version: 15.0(2)SQD3
Version: 15.0(2)SQD4
Version: 15.0(2)SQD5
Version: 15.0(2)SQD6
Version: 15.0(2)SQD7
Version: 15.0(2)SQD8
Version: 15.6(1)S
Version: 15.6(2)S
Version: 15.6(2)S1
Version: 15.6(1)S1
Version: 15.6(1)S2
Version: 15.6(2)S2
Version: 15.6(1)S3
Version: 15.6(2)S3
Version: 15.6(1)S4
Version: 15.6(2)S4
Version: 15.6(1)T
Version: 15.6(2)T
Version: 15.6(1)T0a
Version: 15.6(1)T1
Version: 15.6(2)T1
Version: 15.6(1)T2
Version: 15.6(2)T2
Version: 15.6(1)T3
Version: 15.6(2)T3
Version: 15.3(1)SY
Version: 15.3(1)SY1
Version: 15.3(1)SY2
Version: 15.3(3)JNC2
Version: 15.3(3)JNC3
Version: 12.2(33)SCJ
Version: 12.2(33)SCJ1a
Version: 12.2(33)SCJ2
Version: 12.2(33)SCJ2a
Version: 12.2(33)SCJ2b
Version: 12.2(33)SCJ2c
Version: 12.2(33)SCJ3
Version: 12.2(33)SCJ4
Version: 15.6(2)SP
Version: 15.6(2)SP1
Version: 15.6(2)SP2
Version: 15.6(2)SP3
Version: 15.6(2)SP4
Version: 15.6(2)SP5
Version: 15.6(2)SP6
Version: 15.6(2)SP7
Version: 15.6(2)SP8
Version: 15.6(2)SP9
Version: 15.6(2)SN
Version: 15.6(3)M
Version: 15.6(3)M1
Version: 15.6(3)M0a
Version: 15.6(3)M1b
Version: 15.6(3)M2
Version: 15.6(3)M2a
Version: 15.6(3)M3
Version: 15.6(3)M3a
Version: 15.6(3)M4
Version: 15.6(3)M5
Version: 15.6(3)M6
Version: 15.6(3)M7
Version: 15.6(3)M6a
Version: 15.6(3)M6b
Version: 15.6(3)M8
Version: 15.6(3)M9
Version: 15.1(3)SVJ2
Version: 15.2(4)EC1
Version: 15.2(4)EC2
Version: 15.3(3)JPC100
Version: 15.4(1)SY
Version: 15.4(1)SY1
Version: 15.4(1)SY2
Version: 15.4(1)SY3
Version: 15.4(1)SY4
Version: 15.5(1)SY
Version: 15.5(1)SY1
Version: 15.5(1)SY2
Version: 15.5(1)SY3
Version: 15.5(1)SY4
Version: 15.5(1)SY5
Version: 15.5(1)SY6
Version: 15.5(1)SY7
Version: 15.5(1)SY8
Version: 15.5(1)SY9
Version: 15.5(1)SY10
Version: 15.5(1)SY11
Version: 15.5(1)SY12
Version: 15.5(1)SY13
Version: 15.5(1)SY14
Version: 15.5(1)SY15
Version: 15.7(3)M
Version: 15.7(3)M1
Version: 15.7(3)M0a
Version: 15.7(3)M3
Version: 15.7(3)M2
Version: 15.7(3)M4
Version: 15.7(3)M5
Version: 15.7(3)M4a
Version: 15.7(3)M4b
Version: 15.7(3)M6
Version: 15.7(3)M7
Version: 15.7(3)M8
Version: 15.7(3)M9
Version: 15.8(3)M
Version: 15.8(3)M1
Version: 15.8(3)M0a
Version: 15.8(3)M0b
Version: 15.8(3)M2
Version: 15.8(3)M1a
Version: 15.8(3)M3
Version: 15.8(3)M2a
Version: 15.8(3)M4
Version: 15.8(3)M3a
Version: 15.8(3)M3b
Version: 15.8(3)M5
Version: 15.8(3)M6
Version: 15.8(3)M7
Version: 15.8(3)M8
Version: 15.8(3)M9
Version: 15.9(3)M
Version: 15.9(3)M1
Version: 15.9(3)M0a
Version: 15.9(3)M2
Version: 15.9(3)M3
Version: 15.9(3)M2a
Version: 15.9(3)M3a
Version: 15.9(3)M4
Version: 15.9(3)M3b
Version: 15.9(3)M5
Version: 15.9(3)M4a
Version: 15.9(3)M6
Version: 15.9(3)M7
Version: 15.9(3)M6a
Version: 15.9(3)M6b
Version: 15.9(3)M8
Version: 15.9(3)M7a
Version: 15.9(3)M9
Version: 15.9(3)M8b
Version: 15.9(3)M10
Version: 15.9(3)M11

Cisco	Cisco IOS XR Software	Version: 6.5.1 Version: 6.5.2 Version: 6.5.3 Version: 6.6.2 Version: 6.6.3 Version: 6.6.25 Version: 6.7.1 Version: 6.7.2 Version: 6.7.3 Version: 6.8.1 Version: 6.8.2 Version: 6.9.1 Version: 6.9.2
Cisco	Cisco Adaptive Security Appliance (ASA) Software	Version: 9.8.1 Version: 9.8.1.5 Version: 9.8.1.7 Version: 9.8.2 Version: 9.8.2.8 Version: 9.8.2.14 Version: 9.8.2.15 Version: 9.8.2.17 Version: 9.8.2.20 Version: 9.8.2.24 Version: 9.8.2.26 Version: 9.8.2.28 Version: 9.8.2.33 Version: 9.8.2.35 Version: 9.8.2.38 Version: 9.8.3.8 Version: 9.8.3.11 Version: 9.8.3.14 Version: 9.8.3.16 Version: 9.8.3.18 Version: 9.8.3.21 Version: 9.8.3 Version: 9.8.3.26 Version: 9.8.3.29 Version: 9.8.4 Version: 9.8.4.3 Version: 9.8.4.7 Version: 9.8.4.8 Version: 9.8.4.10 Version: 9.8.4.12 Version: 9.8.4.15 Version: 9.8.4.17 Version: 9.8.2.45 Version: 9.8.4.25 Version: 9.8.4.20 Version: 9.8.4.22 Version: 9.8.4.26 Version: 9.8.4.29 Version: 9.8.4.32 Version: 9.8.4.33 Version: 9.8.4.34 Version: 9.8.4.35 Version: 9.8.4.39 Version: 9.8.4.40 Version: 9.8.4.41 Version: 9.8.4.43 Version: 9.8.4.44 Version: 9.8.4.45 Version: 9.8.4.46 Version: 9.8.4.48 Version: 9.12.1 Version: 9.12.1.2 Version: 9.12.1.3 Version: 9.12.2 Version: 9.12.2.4 Version: 9.12.2.5 Version: 9.12.2.9 Version: 9.12.3 Version: 9.12.3.2 Version: 9.12.3.7 Version: 9.12.4 Version: 9.12.3.12 Version: 9.12.3.9 Version: 9.12.2.1 Version: 9.12.4.2 Version: 9.12.4.4 Version: 9.12.4.7 Version: 9.12.4.10 Version: 9.12.4.13 Version: 9.12.4.8 Version: 9.12.4.18 Version: 9.12.4.24 Version: 9.12.4.26 Version: 9.12.4.29 Version: 9.12.4.30 Version: 9.12.4.35 Version: 9.12.4.37 Version: 9.12.4.38 Version: 9.12.4.39 Version: 9.12.4.40 Version: 9.12.4.41 Version: 9.12.4.47 Version: 9.12.4.48 Version: 9.12.4.50 Version: 9.12.4.52 Version: 9.12.4.54 Version: 9.12.4.55 Version: 9.12.4.56 Version: 9.12.4.58 Version: 9.12.4.62 Version: 9.12.4.65 Version: 9.12.4.67 Version: 9.14.1 Version: 9.14.1.10 Version: 9.14.1.6 Version: 9.14.1.15 Version: 9.14.1.19 Version: 9.14.1.30 Version: 9.14.2 Version: 9.14.2.4 Version: 9.14.2.8 Version: 9.14.2.13 Version: 9.14.2.15 Version: 9.14.3 Version: 9.14.3.1 Version: 9.14.3.9 Version: 9.14.3.11 Version: 9.14.3.13 Version: 9.14.3.18 Version: 9.14.3.15 Version: 9.14.4 Version: 9.14.4.6 Version: 9.14.4.7 Version: 9.14.4.12 Version: 9.14.4.13 Version: 9.14.4.14 Version: 9.14.4.15 Version: 9.14.4.17 Version: 9.14.4.22 Version: 9.14.4.23 Version: 9.14.4.24 Version: 9.16.1 Version: 9.16.1.28 Version: 9.16.2 Version: 9.16.2.3 Version: 9.16.2.7 Version: 9.16.2.11 Version: 9.16.2.13 Version: 9.16.2.14 Version: 9.16.3 Version: 9.16.3.3 Version: 9.16.3.14 Version: 9.16.3.15 Version: 9.16.3.19 Version: 9.16.3.23 Version: 9.16.4 Version: 9.16.4.9 Version: 9.16.4.14 Version: 9.16.4.18 Version: 9.16.4.19 Version: 9.16.4.27 Version: 9.16.4.38 Version: 9.16.4.39 Version: 9.16.4.42 Version: 9.16.4.48 Version: 9.16.4.55 Version: 9.16.4.57 Version: 9.16.4.61 Version: 9.16.4.62 Version: 9.16.4.67 Version: 9.16.4.70 Version: 9.16.4.71 Version: 9.16.4.76 Version: 9.16.4.82 Version: 9.17.1 Version: 9.17.1.7 Version: 9.17.1.9 Version: 9.17.1.10 Version: 9.17.1.11 Version: 9.17.1.13 Version: 9.17.1.15 Version: 9.17.1.20 Version: 9.17.1.30 Version: 9.17.1.33 Version: 9.17.1.39 Version: 9.17.1.45 Version: 9.17.1.46 Version: 9.18.1 Version: 9.18.1.3 Version: 9.18.2 Version: 9.18.2.5 Version: 9.18.2.7 Version: 9.18.2.8 Version: 9.18.3 Version: 9.18.3.39 Version: 9.18.3.46 Version: 9.18.3.53 Version: 9.18.3.55 Version: 9.18.3.56 Version: 9.18.4 Version: 9.18.4.5 Version: 9.18.4.8 Version: 9.18.4.22 Version: 9.18.4.24 Version: 9.18.4.29 Version: 9.18.4.34 Version: 9.18.4.40 Version: 9.18.4.47 Version: 9.18.4.50 Version: 9.18.4.52 Version: 9.18.4.53 Version: 9.19.1 Version: 9.19.1.5 Version: 9.19.1.9 Version: 9.19.1.12 Version: 9.19.1.18 Version: 9.19.1.22 Version: 9.19.1.24 Version: 9.19.1.27 Version: 9.19.1.28 Version: 9.19.1.31 Version: 9.19.1.37 Version: 9.19.1.38 Version: 9.20.1 Version: 9.20.1.5 Version: 9.20.2 Version: 9.20.2.10 Version: 9.20.2.21 Version: 9.20.2.22 Version: 9.20.3 Version: 9.20.3.4 Version: 9.20.3.7 Version: 9.20.3.9 Version: 9.20.3.10 Version: 9.20.3.13 Version: 9.22.1.1 Version: 9.22.1.3 Version: 9.22.1.2 Version: 9.22.1.6 Version: 9.23.1
Cisco	Cisco IOS XE Software	Version: 3.2.0SG Version: 3.2.1SG Version: 3.2.2SG Version: 3.2.3SG Version: 3.2.4SG Version: 3.2.5SG Version: 3.2.6SG Version: 3.2.7SG Version: 3.2.8SG Version: 3.2.9SG Version: 3.2.10SG Version: 3.2.11SG Version: 3.7.0S Version: 3.7.1S Version: 3.7.2S Version: 3.7.3S Version: 3.7.4S Version: 3.7.5S Version: 3.7.6S Version: 3.7.7S Version: 3.7.4aS Version: 3.7.2tS Version: 3.7.0bS Version: 3.7.1aS Version: 3.3.0SG Version: 3.3.2SG Version: 3.3.1SG Version: 3.8.0S Version: 3.8.1S Version: 3.8.2S Version: 3.9.1S Version: 3.9.0S Version: 3.9.2S Version: 3.9.1aS Version: 3.9.0aS Version: 3.2.0SE Version: 3.2.1SE Version: 3.2.2SE Version: 3.2.3SE Version: 3.3.0SE Version: 3.3.1SE Version: 3.3.2SE Version: 3.3.3SE Version: 3.3.4SE Version: 3.3.5SE Version: 3.4.0SG Version: 3.4.2SG Version: 3.4.1SG Version: 3.4.3SG Version: 3.4.4SG Version: 3.4.5SG Version: 3.4.6SG Version: 3.4.7SG Version: 3.4.8SG Version: 3.5.0E Version: 3.5.1E Version: 3.5.2E Version: 3.5.3E Version: 3.11.1S Version: 3.11.2S Version: 3.11.0S Version: 3.11.3S Version: 3.11.4S Version: 3.12.0S Version: 3.12.1S Version: 3.12.2S Version: 3.12.3S Version: 3.12.0aS Version: 3.12.4S Version: 3.13.0S Version: 3.13.1S Version: 3.13.2S Version: 3.13.3S Version: 3.13.4S Version: 3.13.5S Version: 3.13.2aS Version: 3.13.0aS Version: 3.13.5aS Version: 3.13.6S Version: 3.13.7S Version: 3.13.6aS Version: 3.13.7aS Version: 3.13.8S Version: 3.13.9S Version: 3.13.10S Version: 3.6.0E Version: 3.6.1E Version: 3.6.2aE Version: 3.6.2E Version: 3.6.3E Version: 3.6.4E Version: 3.6.5E Version: 3.6.6E Version: 3.6.5aE Version: 3.6.5bE Version: 3.6.7E Version: 3.6.8E Version: 3.6.7bE Version: 3.6.9E Version: 3.6.10E Version: 3.14.0S Version: 3.14.1S Version: 3.14.2S Version: 3.14.3S Version: 3.14.4S Version: 3.15.0S Version: 3.15.1S Version: 3.15.2S Version: 3.15.1cS Version: 3.15.3S Version: 3.15.4S Version: 3.3.0SQ Version: 3.3.1SQ Version: 3.4.0SQ Version: 3.4.1SQ Version: 3.7.0E Version: 3.7.1E Version: 3.7.2E Version: 3.7.3E Version: 3.7.4E Version: 3.7.5E Version: 3.5.0SQ Version: 3.5.1SQ Version: 3.5.2SQ Version: 3.5.3SQ Version: 3.5.4SQ Version: 3.5.5SQ Version: 3.5.6SQ Version: 3.5.7SQ Version: 3.5.8SQ Version: 3.16.0S Version: 3.16.1S Version: 3.16.1aS Version: 3.16.2S Version: 3.16.2aS Version: 3.16.0cS Version: 3.16.3S Version: 3.16.2bS Version: 3.16.3aS Version: 3.16.4S Version: 3.16.4aS Version: 3.16.4bS Version: 3.16.5S Version: 3.16.4dS Version: 3.16.6S Version: 3.16.7S Version: 3.16.6bS Version: 3.16.7aS Version: 3.16.7bS Version: 3.16.8S Version: 3.16.9S Version: 3.16.10S Version: 3.17.0S Version: 3.17.1S Version: 3.17.2S Version: 3.17.1aS Version: 3.17.3S Version: 3.17.4S Version: 16.1.1 Version: 16.1.2 Version: 16.1.3 Version: 16.2.1 Version: 16.2.2 Version: 3.8.0E Version: 3.8.1E Version: 3.8.2E Version: 3.8.3E Version: 3.8.4E Version: 3.8.5E Version: 3.8.5aE Version: 3.8.6E Version: 3.8.7E Version: 3.8.8E Version: 3.8.9E Version: 3.8.10E Version: 16.3.1 Version: 16.3.2 Version: 16.3.3 Version: 16.3.1a Version: 16.3.4 Version: 16.3.5 Version: 16.3.5b Version: 16.3.6 Version: 16.3.7 Version: 16.3.8 Version: 16.3.9 Version: 16.3.10 Version: 16.3.11 Version: 16.4.1 Version: 16.4.2 Version: 16.4.3 Version: 16.5.1 Version: 16.5.1a Version: 16.5.1b Version: 16.5.2 Version: 16.5.3 Version: 3.18.0aS Version: 3.18.0S Version: 3.18.1S Version: 3.18.2S Version: 3.18.3S Version: 3.18.4S Version: 3.18.0SP Version: 3.18.1SP Version: 3.18.1aSP Version: 3.18.1bSP Version: 3.18.1cSP Version: 3.18.2SP Version: 3.18.2aSP Version: 3.18.3SP Version: 3.18.4SP Version: 3.18.3aSP Version: 3.18.3bSP Version: 3.18.5SP Version: 3.18.6SP Version: 3.18.7SP Version: 3.18.8aSP Version: 3.18.9SP Version: 3.9.0E Version: 3.9.1E Version: 3.9.2E Version: 16.6.1 Version: 16.6.2 Version: 16.6.3 Version: 16.6.4 Version: 16.6.5 Version: 16.6.4a Version: 16.6.5a Version: 16.6.6 Version: 16.6.7 Version: 16.6.8 Version: 16.6.9 Version: 16.6.10 Version: 16.7.1 Version: 16.7.1a Version: 16.7.1b Version: 16.7.2 Version: 16.7.3 Version: 16.7.4 Version: 16.8.1 Version: 16.8.1a Version: 16.8.1b Version: 16.8.1s Version: 16.8.1c Version: 16.8.1d Version: 16.8.2 Version: 16.8.1e Version: 16.8.3 Version: 16.9.1 Version: 16.9.2 Version: 16.9.1a Version: 16.9.1b Version: 16.9.1s Version: 16.9.3 Version: 16.9.4 Version: 16.9.3a Version: 16.9.5 Version: 16.9.5f Version: 16.9.6 Version: 16.9.7 Version: 16.9.8 Version: 16.10.1 Version: 16.10.1a Version: 16.10.1b Version: 16.10.1s Version: 16.10.1c Version: 16.10.1e Version: 16.10.1d Version: 16.10.2 Version: 16.10.1f Version: 16.10.1g Version: 16.10.3 Version: 3.10.0E Version: 3.10.1E Version: 3.10.0cE Version: 3.10.2E Version: 3.10.3E Version: 16.11.1 Version: 16.11.1a Version: 16.11.1b Version: 16.11.2 Version: 16.11.1s Version: 16.12.1 Version: 16.12.1s Version: 16.12.1a Version: 16.12.1c Version: 16.12.1w Version: 16.12.2 Version: 16.12.1y Version: 16.12.2a Version: 16.12.3 Version: 16.12.8 Version: 16.12.2s Version: 16.12.1x Version: 16.12.1t Version: 16.12.4 Version: 16.12.3s Version: 16.12.3a Version: 16.12.4a Version: 16.12.5 Version: 16.12.6 Version: 16.12.1z1 Version: 16.12.5a Version: 16.12.5b Version: 16.12.1z2 Version: 16.12.6a Version: 16.12.7 Version: 16.12.9 Version: 16.12.10 Version: 16.12.10a Version: 16.12.11 Version: 16.12.12 Version: 16.12.13 Version: 3.11.0E Version: 3.11.1E Version: 3.11.2E Version: 3.11.3E Version: 3.11.1aE Version: 3.11.4E Version: 3.11.3aE Version: 3.11.5E Version: 3.11.6E Version: 3.11.7E Version: 3.11.8E Version: 3.11.9E Version: 3.11.10E Version: 3.11.11E Version: 3.11.12E Version: 17.1.1 Version: 17.1.1a Version: 17.1.1s Version: 17.1.1t Version: 17.1.3 Version: 17.2.1 Version: 17.2.1r Version: 17.2.1a Version: 17.2.1v Version: 17.2.2 Version: 17.2.3 Version: 17.3.1 Version: 17.3.2 Version: 17.3.3 Version: 17.3.1a Version: 17.3.1w Version: 17.3.2a Version: 17.3.1x Version: 17.3.1z Version: 17.3.4 Version: 17.3.5 Version: 17.3.4a Version: 17.3.6 Version: 17.3.4b Version: 17.3.4c Version: 17.3.5a Version: 17.3.5b Version: 17.3.7 Version: 17.3.8 Version: 17.3.8a Version: 17.4.1 Version: 17.4.2 Version: 17.4.1a Version: 17.4.1b Version: 17.4.2a Version: 17.5.1 Version: 17.5.1a Version: 17.6.1 Version: 17.6.2 Version: 17.6.1w Version: 17.6.1a Version: 17.6.1x Version: 17.6.3 Version: 17.6.1y Version: 17.6.1z Version: 17.6.3a Version: 17.6.4 Version: 17.6.1z1 Version: 17.6.5 Version: 17.6.6 Version: 17.6.6a Version: 17.6.5a Version: 17.6.7 Version: 17.6.8 Version: 17.6.8a Version: 17.7.1 Version: 17.7.1a Version: 17.7.1b Version: 17.7.2 Version: 17.10.1 Version: 17.10.1a Version: 17.10.1b Version: 17.8.1 Version: 17.8.1a Version: 17.9.1 Version: 17.9.1w Version: 17.9.2 Version: 17.9.1a Version: 17.9.1x Version: 17.9.1y Version: 17.9.3 Version: 17.9.2a Version: 17.9.1x1 Version: 17.9.3a Version: 17.9.4 Version: 17.9.1y1 Version: 17.9.5 Version: 17.9.4a Version: 17.9.5a Version: 17.9.5b Version: 17.9.6 Version: 17.9.6a Version: 17.9.7 Version: 17.9.5e Version: 17.9.5f Version: 17.9.7b Version: 17.11.1 Version: 17.11.1a Version: 17.12.1 Version: 17.12.1w Version: 17.12.1a Version: 17.12.1x Version: 17.12.2 Version: 17.12.3 Version: 17.12.2a Version: 17.12.1y Version: 17.12.1z Version: 17.12.4 Version: 17.12.3a Version: 17.12.1z1 Version: 17.12.1z2 Version: 17.12.4a Version: 17.12.5 Version: 17.12.4b Version: 17.12.1z3 Version: 17.12.5a Version: 17.12.1z4 Version: 17.12.5c Version: 17.13.1 Version: 17.13.1a Version: 17.14.1 Version: 17.14.1a Version: 17.11.99SW Version: 17.15.1 Version: 17.15.1w Version: 17.15.1a Version: 17.15.2 Version: 17.15.1b Version: 17.15.1x Version: 17.15.1z Version: 17.15.3 Version: 17.15.2c Version: 17.15.2a Version: 17.15.1y Version: 17.15.2b Version: 17.16.1 Version: 17.16.1a Version: 17.17.1
Cisco	Cisco Firepower Threat Defense Software	Version: 6.2.3 Version: 6.2.3.1 Version: 6.2.3.2 Version: 6.2.3.3 Version: 6.2.3.4 Version: 6.2.3.5 Version: 6.2.3.6 Version: 6.2.3.7 Version: 6.2.3.8 Version: 6.2.3.10 Version: 6.2.3.11 Version: 6.2.3.9 Version: 6.2.3.12 Version: 6.2.3.13 Version: 6.2.3.14 Version: 6.2.3.15 Version: 6.2.3.16 Version: 6.2.3.17 Version: 6.2.3.18 Version: 6.6.0 Version: 6.6.0.1 Version: 6.6.1 Version: 6.6.3 Version: 6.6.4 Version: 6.6.5 Version: 6.6.5.1 Version: 6.6.5.2 Version: 6.6.7 Version: 6.6.7.1 Version: 6.6.7.2 Version: 6.4.0 Version: 6.4.0.1 Version: 6.4.0.3 Version: 6.4.0.2 Version: 6.4.0.4 Version: 6.4.0.5 Version: 6.4.0.6 Version: 6.4.0.7 Version: 6.4.0.8 Version: 6.4.0.9 Version: 6.4.0.10 Version: 6.4.0.11 Version: 6.4.0.12 Version: 6.4.0.13 Version: 6.4.0.14 Version: 6.4.0.15 Version: 6.4.0.16 Version: 6.4.0.17 Version: 6.4.0.18 Version: 7.0.0 Version: 7.0.0.1 Version: 7.0.1 Version: 7.0.1.1 Version: 7.0.2 Version: 7.0.2.1 Version: 7.0.3 Version: 7.0.4 Version: 7.0.5 Version: 7.0.6 Version: 7.0.6.1 Version: 7.0.6.2 Version: 7.0.6.3 Version: 7.0.7 Version: 7.1.0 Version: 7.1.0.1 Version: 7.1.0.2 Version: 7.1.0.3 Version: 7.2.0 Version: 7.2.0.1 Version: 7.2.1 Version: 7.2.2 Version: 7.2.3 Version: 7.2.4 Version: 7.2.4.1 Version: 7.2.5 Version: 7.2.5.1 Version: 7.2.6 Version: 7.2.7 Version: 7.2.5.2 Version: 7.2.8 Version: 7.2.8.1 Version: 7.2.9 Version: 7.3.0 Version: 7.3.1 Version: 7.3.1.1 Version: 7.3.1.2 Version: 7.4.0 Version: 7.4.1 Version: 7.4.1.1 Version: 7.4.2 Version: 7.4.2.1 Version: 7.4.2.2 Version: 7.6.0 Version: 7.7.0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-20363",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-09-25T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-09-26T03:55:14.410Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "IOS",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "12.2(15)B"
            },
            {
              "status": "affected",
              "version": "12.2(16)B1"
            },
            {
              "status": "affected",
              "version": "12.2(16)B2"
            },
            {
              "status": "affected",
              "version": "12.2(16)B"
            },
            {
              "status": "affected",
              "version": "12.2(15)BC2a"
            },
            {
              "status": "affected",
              "version": "12.2(15)BC1a"
            },
            {
              "status": "affected",
              "version": "12.2(15)BC1b"
            },
            {
              "status": "affected",
              "version": "12.2(15)BC2d"
            },
            {
              "status": "affected",
              "version": "12.2(15)BC2g"
            },
            {
              "status": "affected",
              "version": "12.2(15)BC1g"
            },
            {
              "status": "affected",
              "version": "12.2(15)BC2i"
            },
            {
              "status": "affected",
              "version": "12.2(15)BC1c"
            },
            {
              "status": "affected",
              "version": "12.2(15)BC2c"
            },
            {
              "status": "affected",
              "version": "12.2(15)BC2f"
            },
            {
              "status": "affected",
              "version": "12.2(15)BC1d"
            },
            {
              "status": "affected",
              "version": "12.2(15)BC1"
            },
            {
              "status": "affected",
              "version": "12.2(15)BC2"
            },
            {
              "status": "affected",
              "version": "12.2(15)BC2e"
            },
            {
              "status": "affected",
              "version": "12.2(15)BC1e"
            },
            {
              "status": "affected",
              "version": "12.2(15)BC2h"
            },
            {
              "status": "affected",
              "version": "12.2(15)BC1f"
            },
            {
              "status": "affected",
              "version": "12.2(15)BC2b"
            },
            {
              "status": "affected",
              "version": "12.2(15)BX"
            },
            {
              "status": "affected",
              "version": "12.2(16)BX"
            },
            {
              "status": "affected",
              "version": "12.2(16)BX2"
            },
            {
              "status": "affected",
              "version": "12.2(16)BX3"
            },
            {
              "status": "affected",
              "version": "12.2(16)BX1"
            },
            {
              "status": "affected",
              "version": "12.2(15)BZ2"
            },
            {
              "status": "affected",
              "version": "12.2(15)CX"
            },
            {
              "status": "affected",
              "version": "12.2(15)CX1"
            },
            {
              "status": "affected",
              "version": "12.2(33)CX"
            },
            {
              "status": "affected",
              "version": "12.2(33)CY"
            },
            {
              "status": "affected",
              "version": "12.2(33)CY1"
            },
            {
              "status": "affected",
              "version": "12.2(33)CY2"
            },
            {
              "status": "affected",
              "version": "12.2(15)MC1c"
            },
            {
              "status": "affected",
              "version": "12.2(15)MC2g"
            },
            {
              "status": "affected",
              "version": "12.2(15)MC2k"
            },
            {
              "status": "affected",
              "version": "12.2(15)MC1b"
            },
            {
              "status": "affected",
              "version": "12.2(15)MC2b"
            },
            {
              "status": "affected",
              "version": "12.2(15)MC2a"
            },
            {
              "status": "affected",
              "version": "12.2(15)MC2m"
            },
            {
              "status": "affected",
              "version": "12.2(15)MC1"
            },
            {
              "status": "affected",
              "version": "12.2(15)MC2"
            },
            {
              "status": "affected",
              "version": "12.2(15)MC2f"
            },
            {
              "status": "affected",
              "version": "12.2(15)MC2j"
            },
            {
              "status": "affected",
              "version": "12.2(15)MC2e"
            },
            {
              "status": "affected",
              "version": "12.2(15)MC1a"
            },
            {
              "status": "affected",
              "version": "12.2(15)MC2c"
            },
            {
              "status": "affected",
              "version": "12.2(15)MC2i"
            },
            {
              "status": "affected",
              "version": "12.2(15)MC2h"
            },
            {
              "status": "affected",
              "version": "12.2(15)MC2l"
            },
            {
              "status": "affected",
              "version": "12.2(11)YU"
            },
            {
              "status": "affected",
              "version": "12.2(11)YV"
            },
            {
              "status": "affected",
              "version": "12.2(11)YV1"
            },
            {
              "status": "affected",
              "version": "12.2(13)ZD"
            },
            {
              "status": "affected",
              "version": "12.2(13)ZD3"
            },
            {
              "status": "affected",
              "version": "12.2(13)ZD2"
            },
            {
              "status": "affected",
              "version": "12.2(13)ZD1"
            },
            {
              "status": "affected",
              "version": "12.2(13)ZD4"
            },
            {
              "status": "affected",
              "version": "12.2(13)ZE"
            },
            {
              "status": "affected",
              "version": "12.2(13)ZF"
            },
            {
              "status": "affected",
              "version": "12.2(13)ZF2"
            },
            {
              "status": "affected",
              "version": "12.2(13)ZF1"
            },
            {
              "status": "affected",
              "version": "12.2(13)ZG"
            },
            {
              "status": "affected",
              "version": "12.2(13)ZH"
            },
            {
              "status": "affected",
              "version": "12.2(13)ZH5"
            },
            {
              "status": "affected",
              "version": "12.2(13)ZH9"
            },
            {
              "status": "affected",
              "version": "12.2(13)ZH2"
            },
            {
              "status": "affected",
              "version": "12.2(13)ZH8"
            },
            {
              "status": "affected",
              "version": "12.2(13)ZH10"
            },
            {
              "status": "affected",
              "version": "12.2(13)ZH4"
            },
            {
              "status": "affected",
              "version": "12.2(13)ZH3"
            },
            {
              "status": "affected",
              "version": "12.2(13)ZH7"
            },
            {
              "status": "affected",
              "version": "12.2(13)ZH6"
            },
            {
              "status": "affected",
              "version": "12.2(13)ZH1"
            },
            {
              "status": "affected",
              "version": "12.2(15)ZJ"
            },
            {
              "status": "affected",
              "version": "12.2(15)ZJ2"
            },
            {
              "status": "affected",
              "version": "12.2(15)ZJ1"
            },
            {
              "status": "affected",
              "version": "12.2(15)ZJ3"
            },
            {
              "status": "affected",
              "version": "12.2(15)ZJ5"
            },
            {
              "status": "affected",
              "version": "12.2(15)ZL"
            },
            {
              "status": "affected",
              "version": "12.2(15)ZL1"
            },
            {
              "status": "affected",
              "version": "12.3(9a)"
            },
            {
              "status": "affected",
              "version": "12.3(15)"
            },
            {
              "status": "affected",
              "version": "12.3(19)"
            },
            {
              "status": "affected",
              "version": "12.3(10f)"
            },
            {
              "status": "affected",
              "version": "12.3(10a)"
            },
            {
              "status": "affected",
              "version": "12.3(1)"
            },
            {
              "status": "affected",
              "version": "12.3(1a)"
            },
            {
              "status": "affected",
              "version": "12.3(10)"
            },
            {
              "status": "affected",
              "version": "12.3(10b)"
            },
            {
              "status": "affected",
              "version": "12.3(10c)"
            },
            {
              "status": "affected",
              "version": "12.3(10d)"
            },
            {
              "status": "affected",
              "version": "12.3(10e)"
            },
            {
              "status": "affected",
              "version": "12.3(12b)"
            },
            {
              "status": "affected",
              "version": "12.3(12a)"
            },
            {
              "status": "affected",
              "version": "12.3(12c)"
            },
            {
              "status": "affected",
              "version": "12.3(12d)"
            },
            {
              "status": "affected",
              "version": "12.3(12e)"
            },
            {
              "status": "affected",
              "version": "12.3(12)"
            },
            {
              "status": "affected",
              "version": "12.3(13)"
            },
            {
              "status": "affected",
              "version": "12.3(13a)"
            },
            {
              "status": "affected",
              "version": "12.3(13b)"
            },
            {
              "status": "affected",
              "version": "12.3(15a)"
            },
            {
              "status": "affected",
              "version": "12.3(16)"
            },
            {
              "status": "affected",
              "version": "12.3(17)"
            },
            {
              "status": "affected",
              "version": "12.3(17a)"
            },
            {
              "status": "affected",
              "version": "12.3(17b)"
            },
            {
              "status": "affected",
              "version": "12.3(18)"
            },
            {
              "status": "affected",
              "version": "12.3(20)"
            },
            {
              "status": "affected",
              "version": "12.3(3f)"
            },
            {
              "status": "affected",
              "version": "12.3(3e)"
            },
            {
              "status": "affected",
              "version": "12.3(3g)"
            },
            {
              "status": "affected",
              "version": "12.3(3c)"
            },
            {
              "status": "affected",
              "version": "12.3(3b)"
            },
            {
              "status": "affected",
              "version": "12.3(3a)"
            },
            {
              "status": "affected",
              "version": "12.3(3)"
            },
            {
              "status": "affected",
              "version": "12.3(3i)"
            },
            {
              "status": "affected",
              "version": "12.3(3h)"
            },
            {
              "status": "affected",
              "version": "12.3(5c)"
            },
            {
              "status": "affected",
              "version": "12.3(5b)"
            },
            {
              "status": "affected",
              "version": "12.3(5a)"
            },
            {
              "status": "affected",
              "version": "12.3(5)"
            },
            {
              "status": "affected",
              "version": "12.3(5f)"
            },
            {
              "status": "affected",
              "version": "12.3(5e)"
            },
            {
              "status": "affected",
              "version": "12.3(5d)"
            },
            {
              "status": "affected",
              "version": "12.3(6f)"
            },
            {
              "status": "affected",
              "version": "12.3(6e)"
            },
            {
              "status": "affected",
              "version": "12.3(6c)"
            },
            {
              "status": "affected",
              "version": "12.3(6b)"
            },
            {
              "status": "affected",
              "version": "12.3(6a)"
            },
            {
              "status": "affected",
              "version": "12.3(6)"
            },
            {
              "status": "affected",
              "version": "12.3(9d)"
            },
            {
              "status": "affected",
              "version": "12.3(9e)"
            },
            {
              "status": "affected",
              "version": "12.3(9)"
            },
            {
              "status": "affected",
              "version": "12.3(9b)"
            },
            {
              "status": "affected",
              "version": "12.3(9c)"
            },
            {
              "status": "affected",
              "version": "12.3(16a)"
            },
            {
              "status": "affected",
              "version": "12.3(15b)"
            },
            {
              "status": "affected",
              "version": "12.3(21)"
            },
            {
              "status": "affected",
              "version": "12.3(22)"
            },
            {
              "status": "affected",
              "version": "12.3(21b)"
            },
            {
              "status": "affected",
              "version": "12.3(23)"
            },
            {
              "status": "affected",
              "version": "12.3(26)"
            },
            {
              "status": "affected",
              "version": "12.3(20a)"
            },
            {
              "status": "affected",
              "version": "12.3(22a)"
            },
            {
              "status": "affected",
              "version": "12.3(25)"
            },
            {
              "status": "affected",
              "version": "12.3(17c)"
            },
            {
              "status": "affected",
              "version": "12.3(24)"
            },
            {
              "status": "affected",
              "version": "12.3(19a)"
            },
            {
              "status": "affected",
              "version": "12.3(24a)"
            },
            {
              "status": "affected",
              "version": "12.3(18a)"
            },
            {
              "status": "affected",
              "version": "12.3(1a)B"
            },
            {
              "status": "affected",
              "version": "12.3(3)B"
            },
            {
              "status": "affected",
              "version": "12.3(5a)B"
            },
            {
              "status": "affected",
              "version": "12.3(3)B1"
            },
            {
              "status": "affected",
              "version": "12.3(5a)B3"
            },
            {
              "status": "affected",
              "version": "12.3(5a)B2"
            },
            {
              "status": "affected",
              "version": "12.3(5a)B5"
            },
            {
              "status": "affected",
              "version": "12.3(5a)B4"
            },
            {
              "status": "affected",
              "version": "12.3(5a)B1"
            },
            {
              "status": "affected",
              "version": "12.3(11)T"
            },
            {
              "status": "affected",
              "version": "12.3(7)T12"
            },
            {
              "status": "affected",
              "version": "12.3(11)T11"
            },
            {
              "status": "affected",
              "version": "12.3(11)T10"
            },
            {
              "status": "affected",
              "version": "12.3(14)T7"
            },
            {
              "status": "affected",
              "version": "12.3(14)T"
            },
            {
              "status": "affected",
              "version": "12.3(8)T"
            },
            {
              "status": "affected",
              "version": "12.3(2)T"
            },
            {
              "status": "affected",
              "version": "12.3(4)T"
            },
            {
              "status": "affected",
              "version": "12.3(7)T"
            },
            {
              "status": "affected",
              "version": "12.3(8)T9"
            },
            {
              "status": "affected",
              "version": "12.3(2)T9"
            },
            {
              "status": "affected",
              "version": "12.3(8)T6"
            },
            {
              "status": "affected",
              "version": "12.3(4)T2a"
            },
            {
              "status": "affected",
              "version": "12.3(4)T9"
            },
            {
              "status": "affected",
              "version": "12.3(4)T4"
            },
            {
              "status": "affected",
              "version": "12.3(2)T1"
            },
            {
              "status": "affected",
              "version": "12.3(11)T5"
            },
            {
              "status": "affected",
              "version": "12.3(7)T3"
            },
            {
              "status": "affected",
              "version": "12.3(2)T2"
            },
            {
              "status": "affected",
              "version": "12.3(8)T3"
            },
            {
              "status": "affected",
              "version": "12.3(4)T7"
            },
            {
              "status": "affected",
              "version": "12.3(8)T7"
            },
            {
              "status": "affected",
              "version": "12.3(11)T8"
            },
            {
              "status": "affected",
              "version": "12.3(7)T2"
            },
            {
              "status": "affected",
              "version": "12.3(8)T4"
            },
            {
              "status": "affected",
              "version": "12.3(8)T8"
            },
            {
              "status": "affected",
              "version": "12.3(14)T5"
            },
            {
              "status": "affected",
              "version": "12.3(11)T3"
            },
            {
              "status": "affected",
              "version": "12.3(4)T10"
            },
            {
              "status": "affected",
              "version": "12.3(2)T4"
            },
            {
              "status": "affected",
              "version": "12.3(8)T10"
            },
            {
              "status": "affected",
              "version": "12.3(14)T2"
            },
            {
              "status": "affected",
              "version": "12.3(4)T2"
            },
            {
              "status": "affected",
              "version": "12.3(7)T7"
            },
            {
              "status": "affected",
              "version": "12.3(7)T10"
            },
            {
              "status": "affected",
              "version": "12.3(7)T4"
            },
            {
              "status": "affected",
              "version": "12.3(11)T6"
            },
            {
              "status": "affected",
              "version": "12.3(7)T11"
            },
            {
              "status": "affected",
              "version": "12.3(4)T6"
            },
            {
              "status": "affected",
              "version": "12.3(2)T3"
            },
            {
              "status": "affected",
              "version": "12.3(2)T5"
            },
            {
              "status": "affected",
              "version": "12.3(2)T6"
            },
            {
              "status": "affected",
              "version": "12.3(4)T3"
            },
            {
              "status": "affected",
              "version": "12.3(14)T3"
            },
            {
              "status": "affected",
              "version": "12.3(2)T8"
            },
            {
              "status": "affected",
              "version": "12.3(11)T4"
            },
            {
              "status": "affected",
              "version": "12.3(7)T9"
            },
            {
              "status": "affected",
              "version": "12.3(8)T11"
            },
            {
              "status": "affected",
              "version": "12.3(11)T9"
            },
            {
              "status": "affected",
              "version": "12.3(7)T8"
            },
            {
              "status": "affected",
              "version": "12.3(4)T1"
            },
            {
              "status": "affected",
              "version": "12.3(8)T5"
            },
            {
              "status": "affected",
              "version": "12.3(4)T11"
            },
            {
              "status": "affected",
              "version": "12.3(4)T8"
            },
            {
              "status": "affected",
              "version": "12.3(14)T1"
            },
            {
              "status": "affected",
              "version": "12.3(11)T2"
            },
            {
              "status": "affected",
              "version": "12.3(7)T6"
            },
            {
              "status": "affected",
              "version": "12.3(2)T7"
            },
            {
              "status": "affected",
              "version": "12.3(11)T7"
            },
            {
              "status": "affected",
              "version": "12.3(7)T1"
            },
            {
              "status": "affected",
              "version": "12.3(14)T6"
            },
            {
              "status": "affected",
              "version": "12.3(8)T1"
            },
            {
              "status": "affected",
              "version": "12.2(15)CZ"
            },
            {
              "status": "affected",
              "version": "12.2(15)CZ1"
            },
            {
              "status": "affected",
              "version": "12.2(15)CZ3"
            },
            {
              "status": "affected",
              "version": "12.2(15)CZ2"
            },
            {
              "status": "affected",
              "version": "12.3(2)XA"
            },
            {
              "status": "affected",
              "version": "12.3(2)XA4"
            },
            {
              "status": "affected",
              "version": "12.3(2)XA7"
            },
            {
              "status": "affected",
              "version": "12.3(2)XA1"
            },
            {
              "status": "affected",
              "version": "12.3(2)XA3"
            },
            {
              "status": "affected",
              "version": "12.3(2)XA6"
            },
            {
              "status": "affected",
              "version": "12.3(2)XA2"
            },
            {
              "status": "affected",
              "version": "12.3(2)XA5"
            },
            {
              "status": "affected",
              "version": "12.3(4)XQ"
            },
            {
              "status": "affected",
              "version": "12.3(4)XQ1"
            },
            {
              "status": "affected",
              "version": "12.3(11)XL"
            },
            {
              "status": "affected",
              "version": "12.3(11)XL1"
            },
            {
              "status": "affected",
              "version": "12.3(4)XK3"
            },
            {
              "status": "affected",
              "version": "12.3(4)XK1"
            },
            {
              "status": "affected",
              "version": "12.3(4)XK4"
            },
            {
              "status": "affected",
              "version": "12.3(4)XK"
            },
            {
              "status": "affected",
              "version": "12.3(4)XK2"
            },
            {
              "status": "affected",
              "version": "12.3(7)XJ"
            },
            {
              "status": "affected",
              "version": "12.3(7)XJ1"
            },
            {
              "status": "affected",
              "version": "12.3(7)XJ2"
            },
            {
              "status": "affected",
              "version": "12.3(7)XI8"
            },
            {
              "status": "affected",
              "version": "12.3(7)XI7"
            },
            {
              "status": "affected",
              "version": "12.3(7)XI8d"
            },
            {
              "status": "affected",
              "version": "12.3(7)XI10a"
            },
            {
              "status": "affected",
              "version": "12.3(7)XI8a"
            },
            {
              "status": "affected",
              "version": "12.3(7)XI4"
            },
            {
              "status": "affected",
              "version": "12.3(7)XI1b"
            },
            {
              "status": "affected",
              "version": "12.3(7)XI7a"
            },
            {
              "status": "affected",
              "version": "12.3(7)XI2a"
            },
            {
              "status": "affected",
              "version": "12.3(7)XI10"
            },
            {
              "status": "affected",
              "version": "12.3(7)XI7b"
            },
            {
              "status": "affected",
              "version": "12.3(7)XI1c"
            },
            {
              "status": "affected",
              "version": "12.3(7)XI9"
            },
            {
              "status": "affected",
              "version": "12.3(7)XI3"
            },
            {
              "status": "affected",
              "version": "12.3(7)XI6"
            },
            {
              "status": "affected",
              "version": "12.3(7)XI8c"
            },
            {
              "status": "affected",
              "version": "12.3(7)XI2"
            },
            {
              "status": "affected",
              "version": "12.3(7)XI5"
            },
            {
              "status": "affected",
              "version": "12.3(4)XG"
            },
            {
              "status": "affected",
              "version": "12.3(4)XG3"
            },
            {
              "status": "affected",
              "version": "12.3(4)XG1"
            },
            {
              "status": "affected",
              "version": "12.3(4)XG4"
            },
            {
              "status": "affected",
              "version": "12.3(4)XG2"
            },
            {
              "status": "affected",
              "version": "12.3(4)XG5"
            },
            {
              "status": "affected",
              "version": "12.3(2)XF"
            },
            {
              "status": "affected",
              "version": "12.3(2)XE"
            },
            {
              "status": "affected",
              "version": "12.3(2)XE5"
            },
            {
              "status": "affected",
              "version": "12.3(2)XE2"
            },
            {
              "status": "affected",
              "version": "12.3(2)XE1"
            },
            {
              "status": "affected",
              "version": "12.3(2)XE4"
            },
            {
              "status": "affected",
              "version": "12.3(2)XE3"
            },
            {
              "status": "affected",
              "version": "12.3(4)XD"
            },
            {
              "status": "affected",
              "version": "12.3(4)XD4"
            },
            {
              "status": "affected",
              "version": "12.3(4)XD1"
            },
            {
              "status": "affected",
              "version": "12.3(4)XD3"
            },
            {
              "status": "affected",
              "version": "12.3(4)XD2"
            },
            {
              "status": "affected",
              "version": "12.3(2)XC"
            },
            {
              "status": "affected",
              "version": "12.3(2)XC4"
            },
            {
              "status": "affected",
              "version": "12.3(2)XC3"
            },
            {
              "status": "affected",
              "version": "12.3(2)XC2"
            },
            {
              "status": "affected",
              "version": "12.3(2)XC1"
            },
            {
              "status": "affected",
              "version": "12.3(2)XC5"
            },
            {
              "status": "affected",
              "version": "12.3(2)XB2"
            },
            {
              "status": "affected",
              "version": "12.3(2)XB"
            },
            {
              "status": "affected",
              "version": "12.3(2)XB3"
            },
            {
              "status": "affected",
              "version": "12.3(2)XB1"
            },
            {
              "status": "affected",
              "version": "12.2(25)EW"
            },
            {
              "status": "affected",
              "version": "12.2(25)EWA"
            },
            {
              "status": "affected",
              "version": "12.2(25)EWA6"
            },
            {
              "status": "affected",
              "version": "12.2(25)EWA5"
            },
            {
              "status": "affected",
              "version": "12.2(25)EWA1"
            },
            {
              "status": "affected",
              "version": "12.2(25)EWA10"
            },
            {
              "status": "affected",
              "version": "12.2(25)EWA8"
            },
            {
              "status": "affected",
              "version": "12.2(25)EWA11"
            },
            {
              "status": "affected",
              "version": "12.2(25)EWA9"
            },
            {
              "status": "affected",
              "version": "12.2(25)EWA2"
            },
            {
              "status": "affected",
              "version": "12.2(25)EWA14"
            },
            {
              "status": "affected",
              "version": "12.2(25)EWA4"
            },
            {
              "status": "affected",
              "version": "12.2(25)EWA3"
            },
            {
              "status": "affected",
              "version": "12.2(25)EWA7"
            },
            {
              "status": "affected",
              "version": "12.2(25)EWA12"
            },
            {
              "status": "affected",
              "version": "12.2(25)EWA13"
            },
            {
              "status": "affected",
              "version": "12.2(35)SE"
            },
            {
              "status": "affected",
              "version": "12.2(25)SE"
            },
            {
              "status": "affected",
              "version": "12.2(37)SE"
            },
            {
              "status": "affected",
              "version": "12.2(53)SE1"
            },
            {
              "status": "affected",
              "version": "12.2(55)SE"
            },
            {
              "status": "affected",
              "version": "12.2(25)SE2"
            },
            {
              "status": "affected",
              "version": "12.2(40)SE2"
            },
            {
              "status": "affected",
              "version": "12.2(46)SE"
            },
            {
              "status": "affected",
              "version": "12.2(46)SE2"
            },
            {
              "status": "affected",
              "version": "12.2(50)SE2"
            },
            {
              "status": "affected",
              "version": "12.2(35)SE5"
            },
            {
              "status": "affected",
              "version": "12.2(50)SE1"
            },
            {
              "status": "affected",
              "version": "12.2(44)SE2"
            },
            {
              "status": "affected",
              "version": "12.2(35)SE1"
            },
            {
              "status": "affected",
              "version": "12.2(50)SE5"
            },
            {
              "status": "affected",
              "version": "12.2(35)SE4"
            },
            {
              "status": "affected",
              "version": "12.2(44)SE1"
            },
            {
              "status": "affected",
              "version": "12.2(53)SE"
            },
            {
              "status": "affected",
              "version": "12.2(37)SE1"
            },
            {
              "status": "affected",
              "version": "12.2(25)SE3"
            },
            {
              "status": "affected",
              "version": "12.2(35)SE3"
            },
            {
              "status": "affected",
              "version": "12.2(44)SE4"
            },
            {
              "status": "affected",
              "version": "12.2(55)SE3"
            },
            {
              "status": "affected",
              "version": "12.2(55)SE2"
            },
            {
              "status": "affected",
              "version": "12.2(40)SE"
            },
            {
              "status": "affected",
              "version": "12.2(44)SE"
            },
            {
              "status": "affected",
              "version": "12.2(52)SE"
            },
            {
              "status": "affected",
              "version": "12.2(58)SE"
            },
            {
              "status": "affected",
              "version": "12.2(50)SE3"
            },
            {
              "status": "affected",
              "version": "12.2(55)SE1"
            },
            {
              "status": "affected",
              "version": "12.2(35)SE2"
            },
            {
              "status": "affected",
              "version": "12.2(40)SE1"
            },
            {
              "status": "affected",
              "version": "12.2(44)SE6"
            },
            {
              "status": "affected",
              "version": "12.2(44)SE3"
            },
            {
              "status": "affected",
              "version": "12.2(53)SE2"
            },
            {
              "status": "affected",
              "version": "12.2(52)SE1"
            },
            {
              "status": "affected",
              "version": "12.2(46)SE1"
            },
            {
              "status": "affected",
              "version": "12.2(54)SE"
            },
            {
              "status": "affected",
              "version": "12.2(44)SE5"
            },
            {
              "status": "affected",
              "version": "12.2(50)SE4"
            },
            {
              "status": "affected",
              "version": "12.2(50)SE"
            },
            {
              "status": "affected",
              "version": "12.2(58)SE1"
            },
            {
              "status": "affected",
              "version": "12.2(55)SE4"
            },
            {
              "status": "affected",
              "version": "12.2(58)SE2"
            },
            {
              "status": "affected",
              "version": "12.2(55)SE5"
            },
            {
              "status": "affected",
              "version": "12.2(55)SE6"
            },
            {
              "status": "affected",
              "version": "12.2(55)SE7"
            },
            {
              "status": "affected",
              "version": "12.2(55)SE8"
            },
            {
              "status": "affected",
              "version": "12.2(55)SE9"
            },
            {
              "status": "affected",
              "version": "12.2(55)SE10"
            },
            {
              "status": "affected",
              "version": "12.2(55)SE11"
            },
            {
              "status": "affected",
              "version": "12.2(55)SE12"
            },
            {
              "status": "affected",
              "version": "12.2(55)SE13"
            },
            {
              "status": "affected",
              "version": "12.3(7)XR"
            },
            {
              "status": "affected",
              "version": "12.3(7)XR4"
            },
            {
              "status": "affected",
              "version": "12.3(7)XR3"
            },
            {
              "status": "affected",
              "version": "12.3(7)XR5"
            },
            {
              "status": "affected",
              "version": "12.3(7)XR6"
            },
            {
              "status": "affected",
              "version": "12.3(7)XR2"
            },
            {
              "status": "affected",
              "version": "12.3(7)XR7"
            },
            {
              "status": "affected",
              "version": "12.3(7)XS"
            },
            {
              "status": "affected",
              "version": "12.3(7)XS2"
            },
            {
              "status": "affected",
              "version": "12.3(7)XS1"
            },
            {
              "status": "affected",
              "version": "12.3(8)XU"
            },
            {
              "status": "affected",
              "version": "12.3(8)XU5"
            },
            {
              "status": "affected",
              "version": "12.3(8)XU2"
            },
            {
              "status": "affected",
              "version": "12.3(8)XU1"
            },
            {
              "status": "affected",
              "version": "12.3(8)XU4"
            },
            {
              "status": "affected",
              "version": "12.3(8)XU3"
            },
            {
              "status": "affected",
              "version": "12.3(8)XX"
            },
            {
              "status": "affected",
              "version": "12.3(8)XX1"
            },
            {
              "status": "affected",
              "version": "12.3(8)XX2d"
            },
            {
              "status": "affected",
              "version": "12.3(8)XW"
            },
            {
              "status": "affected",
              "version": "12.3(8)XW2"
            },
            {
              "status": "affected",
              "version": "12.3(8)XW3"
            },
            {
              "status": "affected",
              "version": "12.3(8)XW1"
            },
            {
              "status": "affected",
              "version": "12.3(8)XY"
            },
            {
              "status": "affected",
              "version": "12.3(8)XY3"
            },
            {
              "status": "affected",
              "version": "12.3(8)XY5"
            },
            {
              "status": "affected",
              "version": "12.3(8)XY4"
            },
            {
              "status": "affected",
              "version": "12.3(8)XY1"
            },
            {
              "status": "affected",
              "version": "12.3(8)XY7"
            },
            {
              "status": "affected",
              "version": "12.3(8)XY2"
            },
            {
              "status": "affected",
              "version": "12.3(8)XY6"
            },
            {
              "status": "affected",
              "version": "12.3(2)XZ1"
            },
            {
              "status": "affected",
              "version": "12.3(2)XZ2"
            },
            {
              "status": "affected",
              "version": "12.3(8)YA"
            },
            {
              "status": "affected",
              "version": "12.3(8)YA1"
            },
            {
              "status": "affected",
              "version": "12.3(8)YD"
            },
            {
              "status": "affected",
              "version": "12.3(8)YD1"
            },
            {
              "status": "affected",
              "version": "12.3(11)YF"
            },
            {
              "status": "affected",
              "version": "12.3(11)YF2"
            },
            {
              "status": "affected",
              "version": "12.3(11)YF3"
            },
            {
              "status": "affected",
              "version": "12.3(11)YF4"
            },
            {
              "status": "affected",
              "version": "12.3(11)YF1"
            },
            {
              "status": "affected",
              "version": "12.3(8)YH"
            },
            {
              "status": "affected",
              "version": "12.3(8)YG"
            },
            {
              "status": "affected",
              "version": "12.3(8)YG5"
            },
            {
              "status": "affected",
              "version": "12.3(8)YG3"
            },
            {
              "status": "affected",
              "version": "12.3(8)YG6"
            },
            {
              "status": "affected",
              "version": "12.3(8)YG2"
            },
            {
              "status": "affected",
              "version": "12.3(8)YG1"
            },
            {
              "status": "affected",
              "version": "12.3(8)YG4"
            },
            {
              "status": "affected",
              "version": "12.3(13a)BC6"
            },
            {
              "status": "affected",
              "version": "12.3(17a)BC2"
            },
            {
              "status": "affected",
              "version": "12.3(17a)BC"
            },
            {
              "status": "affected",
              "version": "12.3(13a)BC"
            },
            {
              "status": "affected",
              "version": "12.3(21)BC"
            },
            {
              "status": "affected",
              "version": "12.3(9a)BC"
            },
            {
              "status": "affected",
              "version": "12.3(21a)BC9"
            },
            {
              "status": "affected",
              "version": "12.3(21a)BC4"
            },
            {
              "status": "affected",
              "version": "12.3(9a)BC9"
            },
            {
              "status": "affected",
              "version": "12.3(17b)BC6"
            },
            {
              "status": "affected",
              "version": "12.3(13a)BC2"
            },
            {
              "status": "affected",
              "version": "12.3(23)BC"
            },
            {
              "status": "affected",
              "version": "12.3(17b)BC3"
            },
            {
              "status": "affected",
              "version": "12.3(9a)BC2"
            },
            {
              "status": "affected",
              "version": "12.3(17b)BC9"
            },
            {
              "status": "affected",
              "version": "12.3(23)BC8"
            },
            {
              "status": "affected",
              "version": "12.3(23)BC10"
            },
            {
              "status": "affected",
              "version": "12.3(23)BC1"
            },
            {
              "status": "affected",
              "version": "12.3(9a)BC1"
            },
            {
              "status": "affected",
              "version": "12.3(17b)BC8"
            },
            {
              "status": "affected",
              "version": "12.3(9a)BC3"
            },
            {
              "status": "affected",
              "version": "12.3(23)BC9"
            },
            {
              "status": "affected",
              "version": "12.3(21a)BC6"
            },
            {
              "status": "affected",
              "version": "12.3(9a)BC6"
            },
            {
              "status": "affected",
              "version": "12.3(9a)BC5"
            },
            {
              "status": "affected",
              "version": "12.3(23)BC7"
            },
            {
              "status": "affected",
              "version": "12.3(13a)BC3"
            },
            {
              "status": "affected",
              "version": "12.3(23)BC6"
            },
            {
              "status": "affected",
              "version": "12.3(23)BC4"
            },
            {
              "status": "affected",
              "version": "12.3(13a)BC1"
            },
            {
              "status": "affected",
              "version": "12.3(17b)BC5"
            },
            {
              "status": "affected",
              "version": "12.3(21a)BC8"
            },
            {
              "status": "affected",
              "version": "12.3(9a)BC8"
            },
            {
              "status": "affected",
              "version": "12.3(21a)BC3"
            },
            {
              "status": "affected",
              "version": "12.3(21a)BC7"
            },
            {
              "status": "affected",
              "version": "12.3(9a)BC7"
            },
            {
              "status": "affected",
              "version": "12.3(23)BC5"
            },
            {
              "status": "affected",
              "version": "12.3(13a)BC5"
            },
            {
              "status": "affected",
              "version": "12.3(9a)BC4"
            },
            {
              "status": "affected",
              "version": "12.3(21a)BC2"
            },
            {
              "status": "affected",
              "version": "12.3(13a)BC4"
            },
            {
              "status": "affected",
              "version": "12.3(17b)BC7"
            },
            {
              "status": "affected",
              "version": "12.3(23)BC3"
            },
            {
              "status": "affected",
              "version": "12.3(21a)BC1"
            },
            {
              "status": "affected",
              "version": "12.3(17a)BC1"
            },
            {
              "status": "affected",
              "version": "12.3(17b)BC4"
            },
            {
              "status": "affected",
              "version": "12.3(23)BC2"
            },
            {
              "status": "affected",
              "version": "12.3(21a)BC5"
            },
            {
              "status": "affected",
              "version": "12.3(1a)BW"
            },
            {
              "status": "affected",
              "version": "12.3(11)YJ"
            },
            {
              "status": "affected",
              "version": "12.3(8)YI2"
            },
            {
              "status": "affected",
              "version": "12.3(8)YI3"
            },
            {
              "status": "affected",
              "version": "12.3(8)YI1"
            },
            {
              "status": "affected",
              "version": "12.3(11)YK"
            },
            {
              "status": "affected",
              "version": "12.3(11)YK1"
            },
            {
              "status": "affected",
              "version": "12.3(11)YK2"
            },
            {
              "status": "affected",
              "version": "12.3(11)YK3"
            },
            {
              "status": "affected",
              "version": "12.2(25)EX"
            },
            {
              "status": "affected",
              "version": "12.2(35)EX"
            },
            {
              "status": "affected",
              "version": "12.2(44)EX"
            },
            {
              "status": "affected",
              "version": "12.2(35)EX2"
            },
            {
              "status": "affected",
              "version": "12.2(40)EX3"
            },
            {
              "status": "affected",
              "version": "12.2(40)EX"
            },
            {
              "status": "affected",
              "version": "12.2(53)EX"
            },
            {
              "status": "affected",
              "version": "12.2(37)EX"
            },
            {
              "status": "affected",
              "version": "12.2(52)EX"
            },
            {
              "status": "affected",
              "version": "12.2(44)EX1"
            },
            {
              "status": "affected",
              "version": "12.2(35)EX1"
            },
            {
              "status": "affected",
              "version": "12.2(25)EX1"
            },
            {
              "status": "affected",
              "version": "12.2(40)EX2"
            },
            {
              "status": "affected",
              "version": "12.2(40)EX1"
            },
            {
              "status": "affected",
              "version": "12.2(55)EX"
            },
            {
              "status": "affected",
              "version": "12.2(46)EX"
            },
            {
              "status": "affected",
              "version": "12.2(52)EX1"
            },
            {
              "status": "affected",
              "version": "12.2(55)EX1"
            },
            {
              "status": "affected",
              "version": "12.2(55)EX2"
            },
            {
              "status": "affected",
              "version": "12.2(55)EX3"
            },
            {
              "status": "affected",
              "version": "12.2(58)EX"
            },
            {
              "status": "affected",
              "version": "12.2(25)SEB"
            },
            {
              "status": "affected",
              "version": "12.2(25)SEB2"
            },
            {
              "status": "affected",
              "version": "12.2(25)SEB1"
            },
            {
              "status": "affected",
              "version": "12.2(25)SEB4"
            },
            {
              "status": "affected",
              "version": "12.2(25)SEB3"
            },
            {
              "status": "affected",
              "version": "12.2(25)SEA"
            },
            {
              "status": "affected",
              "version": "12.2(25)EY"
            },
            {
              "status": "affected",
              "version": "12.2(46)EY"
            },
            {
              "status": "affected",
              "version": "12.2(55)EY"
            },
            {
              "status": "affected",
              "version": "12.2(52)EY1"
            },
            {
              "status": "affected",
              "version": "12.2(25)EY1"
            },
            {
              "status": "affected",
              "version": "12.2(44)EY"
            },
            {
              "status": "affected",
              "version": "12.2(52)EY"
            },
            {
              "status": "affected",
              "version": "12.2(53)EY"
            },
            {
              "status": "affected",
              "version": "12.2(25)EY3"
            },
            {
              "status": "affected",
              "version": "12.2(52)EY2"
            },
            {
              "status": "affected",
              "version": "12.2(37)EY"
            },
            {
              "status": "affected",
              "version": "12.2(25)EY2"
            },
            {
              "status": "affected",
              "version": "12.2(25)EY4"
            },
            {
              "status": "affected",
              "version": "12.2(52)EY1b"
            },
            {
              "status": "affected",
              "version": "12.2(52)EY1c"
            },
            {
              "status": "affected",
              "version": "12.2(58)EY"
            },
            {
              "status": "affected",
              "version": "12.2(52)EY3"
            },
            {
              "status": "affected",
              "version": "12.2(52)EY2a"
            },
            {
              "status": "affected",
              "version": "12.2(58)EY1"
            },
            {
              "status": "affected",
              "version": "12.2(52)EY4"
            },
            {
              "status": "affected",
              "version": "12.2(52)EY3a"
            },
            {
              "status": "affected",
              "version": "12.2(58)EY2"
            },
            {
              "status": "affected",
              "version": "12.3(2)JA"
            },
            {
              "status": "affected",
              "version": "12.3(2)JA1"
            },
            {
              "status": "affected",
              "version": "12.3(2)JA2"
            },
            {
              "status": "affected",
              "version": "12.3(2)JA3"
            },
            {
              "status": "affected",
              "version": "12.3(2)JA4"
            },
            {
              "status": "affected",
              "version": "12.3(2)JA5"
            },
            {
              "status": "affected",
              "version": "12.3(4)JA1"
            },
            {
              "status": "affected",
              "version": "12.3(4)JA"
            },
            {
              "status": "affected",
              "version": "12.3(7)JA1"
            },
            {
              "status": "affected",
              "version": "12.3(7)JA"
            },
            {
              "status": "affected",
              "version": "12.3(8)JA"
            },
            {
              "status": "affected",
              "version": "12.3(8)JA1"
            },
            {
              "status": "affected",
              "version": "12.3(8)JA2"
            },
            {
              "status": "affected",
              "version": "12.3(11)JA"
            },
            {
              "status": "affected",
              "version": "12.3(7)JA4"
            },
            {
              "status": "affected",
              "version": "12.3(4)JA2"
            },
            {
              "status": "affected",
              "version": "12.3(7)JA5"
            },
            {
              "status": "affected",
              "version": "12.3(11)JA3"
            },
            {
              "status": "affected",
              "version": "12.3(11)JA4"
            },
            {
              "status": "affected",
              "version": "12.3(2)JA6"
            },
            {
              "status": "affected",
              "version": "12.3(11)JA2"
            },
            {
              "status": "affected",
              "version": "12.3(11)JA1"
            },
            {
              "status": "affected",
              "version": "12.3(7)JA3"
            },
            {
              "status": "affected",
              "version": "12.3(7)JA2"
            },
            {
              "status": "affected",
              "version": "12.3(14)YQ8"
            },
            {
              "status": "affected",
              "version": "12.3(14)YQ"
            },
            {
              "status": "affected",
              "version": "12.3(14)YQ5"
            },
            {
              "status": "affected",
              "version": "12.3(14)YQ4"
            },
            {
              "status": "affected",
              "version": "12.3(14)YQ7"
            },
            {
              "status": "affected",
              "version": "12.3(14)YQ1"
            },
            {
              "status": "affected",
              "version": "12.3(14)YQ6"
            },
            {
              "status": "affected",
              "version": "12.3(14)YQ3"
            },
            {
              "status": "affected",
              "version": "12.3(14)YQ2"
            },
            {
              "status": "affected",
              "version": "12.3(11)YS"
            },
            {
              "status": "affected",
              "version": "12.3(11)YS1"
            },
            {
              "status": "affected",
              "version": "12.3(11)YS2"
            },
            {
              "status": "affected",
              "version": "12.4(3e)"
            },
            {
              "status": "affected",
              "version": "12.4(7b)"
            },
            {
              "status": "affected",
              "version": "12.4(8)"
            },
            {
              "status": "affected",
              "version": "12.4(5b)"
            },
            {
              "status": "affected",
              "version": "12.4(7a)"
            },
            {
              "status": "affected",
              "version": "12.4(3d)"
            },
            {
              "status": "affected",
              "version": "12.4(1)"
            },
            {
              "status": "affected",
              "version": "12.4(1a)"
            },
            {
              "status": "affected",
              "version": "12.4(1b)"
            },
            {
              "status": "affected",
              "version": "12.4(1c)"
            },
            {
              "status": "affected",
              "version": "12.4(10)"
            },
            {
              "status": "affected",
              "version": "12.4(3)"
            },
            {
              "status": "affected",
              "version": "12.4(3a)"
            },
            {
              "status": "affected",
              "version": "12.4(3b)"
            },
            {
              "status": "affected",
              "version": "12.4(3c)"
            },
            {
              "status": "affected",
              "version": "12.4(3f)"
            },
            {
              "status": "affected",
              "version": "12.4(5)"
            },
            {
              "status": "affected",
              "version": "12.4(5a)"
            },
            {
              "status": "affected",
              "version": "12.4(7c)"
            },
            {
              "status": "affected",
              "version": "12.4(7)"
            },
            {
              "status": "affected",
              "version": "12.4(8a)"
            },
            {
              "status": "affected",
              "version": "12.4(8b)"
            },
            {
              "status": "affected",
              "version": "12.4(7d)"
            },
            {
              "status": "affected",
              "version": "12.4(3g)"
            },
            {
              "status": "affected",
              "version": "12.4(8c)"
            },
            {
              "status": "affected",
              "version": "12.4(10b)"
            },
            {
              "status": "affected",
              "version": "12.4(12)"
            },
            {
              "status": "affected",
              "version": "12.4(12a)"
            },
            {
              "status": "affected",
              "version": "12.4(12b)"
            },
            {
              "status": "affected",
              "version": "12.4(13)"
            },
            {
              "status": "affected",
              "version": "12.4(13a)"
            },
            {
              "status": "affected",
              "version": "12.4(13b)"
            },
            {
              "status": "affected",
              "version": "12.4(13c)"
            },
            {
              "status": "affected",
              "version": "12.4(7e)"
            },
            {
              "status": "affected",
              "version": "12.4(17)"
            },
            {
              "status": "affected",
              "version": "12.4(25e)"
            },
            {
              "status": "affected",
              "version": "12.4(18b)"
            },
            {
              "status": "affected",
              "version": "12.4(18e)"
            },
            {
              "status": "affected",
              "version": "12.4(25g)"
            },
            {
              "status": "affected",
              "version": "12.4(3i)"
            },
            {
              "status": "affected",
              "version": "12.4(3j)"
            },
            {
              "status": "affected",
              "version": "12.4(23b)"
            },
            {
              "status": "affected",
              "version": "12.4(3h)"
            },
            {
              "status": "affected",
              "version": "12.4(7h)"
            },
            {
              "status": "affected",
              "version": "12.4(25a)"
            },
            {
              "status": "affected",
              "version": "12.4(16)"
            },
            {
              "status": "affected",
              "version": "12.4(13d)"
            },
            {
              "status": "affected",
              "version": "12.4(25)"
            },
            {
              "status": "affected",
              "version": "12.4(25c)"
            },
            {
              "status": "affected",
              "version": "12.4(19)"
            },
            {
              "status": "affected",
              "version": "12.4(13e)"
            },
            {
              "status": "affected",
              "version": "12.4(25b)"
            },
            {
              "status": "affected",
              "version": "12.4(23)"
            },
            {
              "status": "affected",
              "version": "12.4(10c)"
            },
            {
              "status": "affected",
              "version": "12.4(21)"
            },
            {
              "status": "affected",
              "version": "12.4(16b)"
            },
            {
              "status": "affected",
              "version": "12.4(16a)"
            },
            {
              "status": "affected",
              "version": "12.4(23a)"
            },
            {
              "status": "affected",
              "version": "12.4(25d)"
            },
            {
              "status": "affected",
              "version": "12.4(7f)"
            },
            {
              "status": "affected",
              "version": "12.4(18)"
            },
            {
              "status": "affected",
              "version": "12.4(21a)"
            },
            {
              "status": "affected",
              "version": "12.4(13f)"
            },
            {
              "status": "affected",
              "version": "12.4(25f)"
            },
            {
              "status": "affected",
              "version": "12.4(18c)"
            },
            {
              "status": "affected",
              "version": "12.4(5c)"
            },
            {
              "status": "affected",
              "version": "12.4(8d)"
            },
            {
              "status": "affected",
              "version": "12.4(12c)"
            },
            {
              "status": "affected",
              "version": "12.4(17a)"
            },
            {
              "status": "affected",
              "version": "12.4(18a)"
            },
            {
              "status": "affected",
              "version": "12.4(17b)"
            },
            {
              "status": "affected",
              "version": "12.4(7g)"
            },
            {
              "status": "affected",
              "version": "12.2(25)EZ"
            },
            {
              "status": "affected",
              "version": "12.2(25)EZ1"
            },
            {
              "status": "affected",
              "version": "12.2(58)EZ"
            },
            {
              "status": "affected",
              "version": "12.2(53)EZ"
            },
            {
              "status": "affected",
              "version": "12.2(55)EZ"
            },
            {
              "status": "affected",
              "version": "12.2(60)EZ"
            },
            {
              "status": "affected",
              "version": "12.2(60)EZ1"
            },
            {
              "status": "affected",
              "version": "12.2(60)EZ2"
            },
            {
              "status": "affected",
              "version": "12.2(60)EZ3"
            },
            {
              "status": "affected",
              "version": "12.2(60)EZ4"
            },
            {
              "status": "affected",
              "version": "12.2(60)EZ5"
            },
            {
              "status": "affected",
              "version": "12.2(60)EZ6"
            },
            {
              "status": "affected",
              "version": "12.2(60)EZ7"
            },
            {
              "status": "affected",
              "version": "12.2(60)EZ8"
            },
            {
              "status": "affected",
              "version": "12.2(60)EZ9"
            },
            {
              "status": "affected",
              "version": "12.2(60)EZ10"
            },
            {
              "status": "affected",
              "version": "12.2(60)EZ11"
            },
            {
              "status": "affected",
              "version": "12.2(60)EZ12"
            },
            {
              "status": "affected",
              "version": "12.2(60)EZ13"
            },
            {
              "status": "affected",
              "version": "12.2(60)EZ14"
            },
            {
              "status": "affected",
              "version": "12.2(60)EZ15"
            },
            {
              "status": "affected",
              "version": "12.2(25)SEC"
            },
            {
              "status": "affected",
              "version": "12.2(25)SEC2"
            },
            {
              "status": "affected",
              "version": "12.2(25)SEC1"
            },
            {
              "status": "affected",
              "version": "12.3(2)JK"
            },
            {
              "status": "affected",
              "version": "12.3(2)JK1"
            },
            {
              "status": "affected",
              "version": "12.3(2)JK2"
            },
            {
              "status": "affected",
              "version": "12.3(8)JK"
            },
            {
              "status": "affected",
              "version": "12.3(8)JK1"
            },
            {
              "status": "affected",
              "version": "12.3(2)JK3"
            },
            {
              "status": "affected",
              "version": "12.3(14)YU"
            },
            {
              "status": "affected",
              "version": "12.3(14)YU1"
            },
            {
              "status": "affected",
              "version": "12.4(6)MR1"
            },
            {
              "status": "affected",
              "version": "12.4(11)MR"
            },
            {
              "status": "affected",
              "version": "12.4(2)MR"
            },
            {
              "status": "affected",
              "version": "12.4(4)MR"
            },
            {
              "status": "affected",
              "version": "12.4(6)MR"
            },
            {
              "status": "affected",
              "version": "12.4(9)MR"
            },
            {
              "status": "affected",
              "version": "12.4(12)MR"
            },
            {
              "status": "affected",
              "version": "12.4(16)MR"
            },
            {
              "status": "affected",
              "version": "12.4(16)MR1"
            },
            {
              "status": "affected",
              "version": "12.4(19)MR2"
            },
            {
              "status": "affected",
              "version": "12.4(19)MR1"
            },
            {
              "status": "affected",
              "version": "12.4(19)MR"
            },
            {
              "status": "affected",
              "version": "12.4(20)MR"
            },
            {
              "status": "affected",
              "version": "12.4(4)MR1"
            },
            {
              "status": "affected",
              "version": "12.4(19)MR3"
            },
            {
              "status": "affected",
              "version": "12.4(12)MR1"
            },
            {
              "status": "affected",
              "version": "12.4(20)MR2"
            },
            {
              "status": "affected",
              "version": "12.4(16)MR2"
            },
            {
              "status": "affected",
              "version": "12.4(12)MR2"
            },
            {
              "status": "affected",
              "version": "12.4(2)MR1"
            },
            {
              "status": "affected",
              "version": "12.4(20)MR1"
            },
            {
              "status": "affected",
              "version": "12.4(4)T"
            },
            {
              "status": "affected",
              "version": "12.4(4)T1"
            },
            {
              "status": "affected",
              "version": "12.4(4)T2"
            },
            {
              "status": "affected",
              "version": "12.4(4)T3"
            },
            {
              "status": "affected",
              "version": "12.4(6)T"
            },
            {
              "status": "affected",
              "version": "12.4(6)T1"
            },
            {
              "status": "affected",
              "version": "12.4(6)T2"
            },
            {
              "status": "affected",
              "version": "12.4(9)T"
            },
            {
              "status": "affected",
              "version": "12.4(4)T4"
            },
            {
              "status": "affected",
              "version": "12.4(2)T5"
            },
            {
              "status": "affected",
              "version": "12.4(6)T3"
            },
            {
              "status": "affected",
              "version": "12.4(2)T"
            },
            {
              "status": "affected",
              "version": "12.4(11)T"
            },
            {
              "status": "affected",
              "version": "12.4(15)T"
            },
            {
              "status": "affected",
              "version": "12.4(20)T"
            },
            {
              "status": "affected",
              "version": "12.4(24)T"
            },
            {
              "status": "affected",
              "version": "12.4(24)T3"
            },
            {
              "status": "affected",
              "version": "12.4(4)T8"
            },
            {
              "status": "affected",
              "version": "12.4(20)T1"
            },
            {
              "status": "affected",
              "version": "12.4(22)T1"
            },
            {
              "status": "affected",
              "version": "12.4(15)T9"
            },
            {
              "status": "affected",
              "version": "12.4(11)T4"
            },
            {
              "status": "affected",
              "version": "12.4(15)T8"
            },
            {
              "status": "affected",
              "version": "12.4(6)T5"
            },
            {
              "status": "affected",
              "version": "12.4(15)T15"
            },
            {
              "status": "affected",
              "version": "12.4(24)T5"
            },
            {
              "status": "affected",
              "version": "12.4(15)T2"
            },
            {
              "status": "affected",
              "version": "12.4(6)T8"
            },
            {
              "status": "affected",
              "version": "12.4(15)T12"
            },
            {
              "status": "affected",
              "version": "12.4(24)T4"
            },
            {
              "status": "affected",
              "version": "12.4(6)T11"
            },
            {
              "status": "affected",
              "version": "12.4(9)T5"
            },
            {
              "status": "affected",
              "version": "12.4(20)T3"
            },
            {
              "status": "affected",
              "version": "12.4(6)T4"
            },
            {
              "status": "affected",
              "version": "12.4(4)T6"
            },
            {
              "status": "affected",
              "version": "12.4(22)T"
            },
            {
              "status": "affected",
              "version": "12.4(20)T6"
            },
            {
              "status": "affected",
              "version": "12.4(9)T3"
            },
            {
              "status": "affected",
              "version": "12.4(24)T8"
            },
            {
              "status": "affected",
              "version": "12.4(6)T7"
            },
            {
              "status": "affected",
              "version": "12.4(15)T13"
            },
            {
              "status": "affected",
              "version": "12.4(6)T10"
            },
            {
              "status": "affected",
              "version": "12.4(15)T3"
            },
            {
              "status": "affected",
              "version": "12.4(24)T2"
            },
            {
              "status": "affected",
              "version": "12.4(22)T5"
            },
            {
              "status": "affected",
              "version": "12.4(2)T3"
            },
            {
              "status": "affected",
              "version": "12.4(15)T10"
            },
            {
              "status": "affected",
              "version": "12.4(22)T4"
            },
            {
              "status": "affected",
              "version": "12.4(20)T5"
            },
            {
              "status": "affected",
              "version": "12.4(9)T6"
            },
            {
              "status": "affected",
              "version": "12.4(15)T4"
            },
            {
              "status": "affected",
              "version": "12.4(2)T4"
            },
            {
              "status": "affected",
              "version": "12.4(24)T1"
            },
            {
              "status": "affected",
              "version": "12.4(9)T4"
            },
            {
              "status": "affected",
              "version": "12.4(24)T7"
            },
            {
              "status": "affected",
              "version": "12.4(22)T3"
            },
            {
              "status": "affected",
              "version": "12.4(9)T1"
            },
            {
              "status": "affected",
              "version": "12.4(24)T6"
            },
            {
              "status": "affected",
              "version": "12.4(6)T9"
            },
            {
              "status": "affected",
              "version": "12.4(15)T5"
            },
            {
              "status": "affected",
              "version": "12.4(4)T7"
            },
            {
              "status": "affected",
              "version": "12.4(20)T2"
            },
            {
              "status": "affected",
              "version": "12.4(2)T1"
            },
            {
              "status": "affected",
              "version": "12.4(11)T1"
            },
            {
              "status": "affected",
              "version": "12.4(15)T11"
            },
            {
              "status": "affected",
              "version": "12.4(2)T6"
            },
            {
              "status": "affected",
              "version": "12.4(2)T2"
            },
            {
              "status": "affected",
              "version": "12.4(15)T7"
            },
            {
              "status": "affected",
              "version": "12.4(11)T2"
            },
            {
              "status": "affected",
              "version": "12.4(9)T7"
            },
            {
              "status": "affected",
              "version": "12.4(15)T14"
            },
            {
              "status": "affected",
              "version": "12.4(11)T3"
            },
            {
              "status": "affected",
              "version": "12.4(15)T6"
            },
            {
              "status": "affected",
              "version": "12.4(15)T16"
            },
            {
              "status": "affected",
              "version": "12.4(15)T1"
            },
            {
              "status": "affected",
              "version": "12.4(9)T2"
            },
            {
              "status": "affected",
              "version": "12.4(6)T6"
            },
            {
              "status": "affected",
              "version": "12.4(22)T2"
            },
            {
              "status": "affected",
              "version": "12.4(4)T5"
            },
            {
              "status": "affected",
              "version": "12.4(20)T4"
            },
            {
              "status": "affected",
              "version": "12.4(24)T4a"
            },
            {
              "status": "affected",
              "version": "12.4(24)T4b"
            },
            {
              "status": "affected",
              "version": "12.4(24)T3e"
            },
            {
              "status": "affected",
              "version": "12.4(24)T4c"
            },
            {
              "status": "affected",
              "version": "12.4(15)T17"
            },
            {
              "status": "affected",
              "version": "12.4(24)T4d"
            },
            {
              "status": "affected",
              "version": "12.4(24)T4e"
            },
            {
              "status": "affected",
              "version": "12.4(24)T3f"
            },
            {
              "status": "affected",
              "version": "12.4(24)T4f"
            },
            {
              "status": "affected",
              "version": "12.4(24)T4l"
            },
            {
              "status": "affected",
              "version": "12.3(14)YT"
            },
            {
              "status": "affected",
              "version": "12.3(14)YT1"
            },
            {
              "status": "affected",
              "version": "12.2(31)SG"
            },
            {
              "status": "affected",
              "version": "12.2(25)SG"
            },
            {
              "status": "affected",
              "version": "12.2(37)SG"
            },
            {
              "status": "affected",
              "version": "12.2(44)SG"
            },
            {
              "status": "affected",
              "version": "12.2(50)SG3"
            },
            {
              "status": "affected",
              "version": "12.2(31)SG1"
            },
            {
              "status": "affected",
              "version": "12.2(53)SG"
            },
            {
              "status": "affected",
              "version": "12.2(31)SG3"
            },
            {
              "status": "affected",
              "version": "12.2(50)SG6"
            },
            {
              "status": "affected",
              "version": "12.2(53)SG1"
            },
            {
              "status": "affected",
              "version": "12.2(46)SG"
            },
            {
              "status": "affected",
              "version": "12.2(25)SG1"
            },
            {
              "status": "affected",
              "version": "12.2(53)SG2"
            },
            {
              "status": "affected",
              "version": "12.2(50)SG5"
            },
            {
              "status": "affected",
              "version": "12.2(37)SG1"
            },
            {
              "status": "affected",
              "version": "12.2(53)SG3"
            },
            {
              "status": "affected",
              "version": "12.2(50)SG8"
            },
            {
              "status": "affected",
              "version": "12.2(25)SG3"
            },
            {
              "status": "affected",
              "version": "12.2(50)SG2"
            },
            {
              "status": "affected",
              "version": "12.2(40)SG"
            },
            {
              "status": "affected",
              "version": "12.2(25)SG2"
            },
            {
              "status": "affected",
              "version": "12.2(54)SG1"
            },
            {
              "status": "affected",
              "version": "12.2(44)SG1"
            },
            {
              "status": "affected",
              "version": "12.2(50)SG1"
            },
            {
              "status": "affected",
              "version": "12.2(52)SG"
            },
            {
              "status": "affected",
              "version": "12.2(54)SG"
            },
            {
              "status": "affected",
              "version": "12.2(31)SG2"
            },
            {
              "status": "affected",
              "version": "12.2(50)SG"
            },
            {
              "status": "affected",
              "version": "12.2(25)SG4"
            },
            {
              "status": "affected",
              "version": "12.2(50)SG7"
            },
            {
              "status": "affected",
              "version": "12.2(53)SG4"
            },
            {
              "status": "affected",
              "version": "12.2(50)SG4"
            },
            {
              "status": "affected",
              "version": "12.2(46)SG1"
            },
            {
              "status": "affected",
              "version": "12.2(53)SG5"
            },
            {
              "status": "affected",
              "version": "12.2(53)SG6"
            },
            {
              "status": "affected",
              "version": "12.2(53)SG7"
            },
            {
              "status": "affected",
              "version": "12.2(53)SG8"
            },
            {
              "status": "affected",
              "version": "12.2(53)SG9"
            },
            {
              "status": "affected",
              "version": "12.2(53)SG10"
            },
            {
              "status": "affected",
              "version": "12.2(53)SG11"
            },
            {
              "status": "affected",
              "version": "12.2(25)FX"
            },
            {
              "status": "affected",
              "version": "12.2(25)FY"
            },
            {
              "status": "affected",
              "version": "12.3(7)JX2"
            },
            {
              "status": "affected",
              "version": "12.3(7)JX"
            },
            {
              "status": "affected",
              "version": "12.3(7)JX1"
            },
            {
              "status": "affected",
              "version": "12.3(7)JX4"
            },
            {
              "status": "affected",
              "version": "12.3(11)JX"
            },
            {
              "status": "affected",
              "version": "12.3(7)JX7"
            },
            {
              "status": "affected",
              "version": "12.3(7)JX12"
            },
            {
              "status": "affected",
              "version": "12.3(7)JX9"
            },
            {
              "status": "affected",
              "version": "12.3(7)JX10"
            },
            {
              "status": "affected",
              "version": "12.3(11)JX1"
            },
            {
              "status": "affected",
              "version": "12.3(7)JX6"
            },
            {
              "status": "affected",
              "version": "12.3(7)JX5"
            },
            {
              "status": "affected",
              "version": "12.3(7)JX3"
            },
            {
              "status": "affected",
              "version": "12.3(7)JX11"
            },
            {
              "status": "affected",
              "version": "12.3(7)JX8"
            },
            {
              "status": "affected",
              "version": "12.3(4)TPC11b"
            },
            {
              "status": "affected",
              "version": "12.3(4)TPC11a"
            },
            {
              "status": "affected",
              "version": "12.4(2)XB"
            },
            {
              "status": "affected",
              "version": "12.4(2)XB1"
            },
            {
              "status": "affected",
              "version": "12.4(2)XB6"
            },
            {
              "status": "affected",
              "version": "12.4(2)XB7"
            },
            {
              "status": "affected",
              "version": "12.4(2)XB11"
            },
            {
              "status": "affected",
              "version": "12.4(2)XB3"
            },
            {
              "status": "affected",
              "version": "12.4(2)XB9"
            },
            {
              "status": "affected",
              "version": "12.4(2)XB8"
            },
            {
              "status": "affected",
              "version": "12.4(2)XB2"
            },
            {
              "status": "affected",
              "version": "12.4(2)XB10"
            },
            {
              "status": "affected",
              "version": "12.4(2)XB4"
            },
            {
              "status": "affected",
              "version": "12.4(2)XB5"
            },
            {
              "status": "affected",
              "version": "12.4(2)XB12"
            },
            {
              "status": "affected",
              "version": "12.4(2)XA"
            },
            {
              "status": "affected",
              "version": "12.4(2)XA1"
            },
            {
              "status": "affected",
              "version": "12.4(2)XA2"
            },
            {
              "status": "affected",
              "version": "12.3(14)YM8"
            },
            {
              "status": "affected",
              "version": "12.3(14)YM12"
            },
            {
              "status": "affected",
              "version": "12.3(14)YM4"
            },
            {
              "status": "affected",
              "version": "12.3(14)YM3"
            },
            {
              "status": "affected",
              "version": "12.3(14)YM7"
            },
            {
              "status": "affected",
              "version": "12.3(14)YM11"
            },
            {
              "status": "affected",
              "version": "12.3(14)YM9"
            },
            {
              "status": "affected",
              "version": "12.3(14)YM6"
            },
            {
              "status": "affected",
              "version": "12.3(14)YM10"
            },
            {
              "status": "affected",
              "version": "12.3(14)YM13"
            },
            {
              "status": "affected",
              "version": "12.3(14)YM5"
            },
            {
              "status": "affected",
              "version": "12.3(14)YM2"
            },
            {
              "status": "affected",
              "version": "12.2(31)SB3x"
            },
            {
              "status": "affected",
              "version": "12.2(33)SB3"
            },
            {
              "status": "affected",
              "version": "12.2(31)SB5"
            },
            {
              "status": "affected",
              "version": "12.2(31)SB10"
            },
            {
              "status": "affected",
              "version": "12.2(33)SB9"
            },
            {
              "status": "affected",
              "version": "12.2(31)SB15"
            },
            {
              "status": "affected",
              "version": "12.2(33)SB10"
            },
            {
              "status": "affected",
              "version": "12.2(33)SB6"
            },
            {
              "status": "affected",
              "version": "12.2(31)SB11"
            },
            {
              "status": "affected",
              "version": "12.2(31)SB7"
            },
            {
              "status": "affected",
              "version": "12.2(33)SB5"
            },
            {
              "status": "affected",
              "version": "12.2(31)SB6"
            },
            {
              "status": "affected",
              "version": "12.2(33)SB8"
            },
            {
              "status": "affected",
              "version": "12.2(31)SB17"
            },
            {
              "status": "affected",
              "version": "12.2(31)SB13"
            },
            {
              "status": "affected",
              "version": "12.2(31)SB9"
            },
            {
              "status": "affected",
              "version": "12.2(31)SB16"
            },
            {
              "status": "affected",
              "version": "12.2(31)SB12"
            },
            {
              "status": "affected",
              "version": "12.2(31)SB20"
            },
            {
              "status": "affected",
              "version": "12.2(33)SB2"
            },
            {
              "status": "affected",
              "version": "12.2(31)SB8"
            },
            {
              "status": "affected",
              "version": "12.2(31)SB3"
            },
            {
              "status": "affected",
              "version": "12.2(31)SB18"
            },
            {
              "status": "affected",
              "version": "12.2(31)SB2"
            },
            {
              "status": "affected",
              "version": "12.2(31)SB14"
            },
            {
              "status": "affected",
              "version": "12.2(31)SB19"
            },
            {
              "status": "affected",
              "version": "12.2(33)SB"
            },
            {
              "status": "affected",
              "version": "12.2(33)SB7"
            },
            {
              "status": "affected",
              "version": "12.2(33)SB1"
            },
            {
              "status": "affected",
              "version": "12.2(33)SB4"
            },
            {
              "status": "affected",
              "version": "12.2(33)SB11"
            },
            {
              "status": "affected",
              "version": "12.2(31)SB21"
            },
            {
              "status": "affected",
              "version": "12.2(33)SB12"
            },
            {
              "status": "affected",
              "version": "12.2(33)SB13"
            },
            {
              "status": "affected",
              "version": "12.2(33)SB14"
            },
            {
              "status": "affected",
              "version": "12.2(33)SB15"
            },
            {
              "status": "affected",
              "version": "12.2(33)SB16"
            },
            {
              "status": "affected",
              "version": "12.2(33)SB17"
            },
            {
              "status": "affected",
              "version": "12.2(33)SB8a"
            },
            {
              "status": "affected",
              "version": "12.2(33)SRA"
            },
            {
              "status": "affected",
              "version": "12.2(33)SRA6"
            },
            {
              "status": "affected",
              "version": "12.2(33)SRA7"
            },
            {
              "status": "affected",
              "version": "12.2(33)SRA2"
            },
            {
              "status": "affected",
              "version": "12.2(33)SRA3"
            },
            {
              "status": "affected",
              "version": "12.2(33)SRA1"
            },
            {
              "status": "affected",
              "version": "12.2(33)SRA4"
            },
            {
              "status": "affected",
              "version": "12.2(33)SRA5"
            },
            {
              "status": "affected",
              "version": "12.4(4)XC"
            },
            {
              "status": "affected",
              "version": "12.4(4)XC1"
            },
            {
              "status": "affected",
              "version": "12.4(4)XC5"
            },
            {
              "status": "affected",
              "version": "12.4(4)XC7"
            },
            {
              "status": "affected",
              "version": "12.4(4)XC3"
            },
            {
              "status": "affected",
              "version": "12.4(4)XC4"
            },
            {
              "status": "affected",
              "version": "12.4(4)XC2"
            },
            {
              "status": "affected",
              "version": "12.4(4)XC6"
            },
            {
              "status": "affected",
              "version": "12.4(4)XD"
            },
            {
              "status": "affected",
              "version": "12.4(4)XD4"
            },
            {
              "status": "affected",
              "version": "12.4(4)XD10"
            },
            {
              "status": "affected",
              "version": "12.4(4)XD12"
            },
            {
              "status": "affected",
              "version": "12.4(4)XD2"
            },
            {
              "status": "affected",
              "version": "12.4(4)XD8"
            },
            {
              "status": "affected",
              "version": "12.4(4)XD11"
            },
            {
              "status": "affected",
              "version": "12.4(4)XD1"
            },
            {
              "status": "affected",
              "version": "12.4(4)XD5"
            },
            {
              "status": "affected",
              "version": "12.4(4)XD7"
            },
            {
              "status": "affected",
              "version": "12.4(4)XD9"
            },
            {
              "status": "affected",
              "version": "12.4(6)XE"
            },
            {
              "status": "affected",
              "version": "12.4(6)XE2"
            },
            {
              "status": "affected",
              "version": "12.4(6)XE1"
            },
            {
              "status": "affected",
              "version": "12.2(25)SEF1"
            },
            {
              "status": "affected",
              "version": "12.2(25)SEF2"
            },
            {
              "status": "affected",
              "version": "12.2(25)SEF3"
            },
            {
              "status": "affected",
              "version": "12.2(25)SEE"
            },
            {
              "status": "affected",
              "version": "12.2(25)SEE1"
            },
            {
              "status": "affected",
              "version": "12.2(25)SEE3"
            },
            {
              "status": "affected",
              "version": "12.2(25)SEE4"
            },
            {
              "status": "affected",
              "version": "12.2(25)SEE2"
            },
            {
              "status": "affected",
              "version": "12.2(25)SED"
            },
            {
              "status": "affected",
              "version": "12.2(25)SED1"
            },
            {
              "status": "affected",
              "version": "12.3(11)YZ1"
            },
            {
              "status": "affected",
              "version": "12.3(11)YZ"
            },
            {
              "status": "affected",
              "version": "12.3(11)YZ2"
            },
            {
              "status": "affected",
              "version": "12.4(11)SW"
            },
            {
              "status": "affected",
              "version": "12.4(15)SW6"
            },
            {
              "status": "affected",
              "version": "12.4(15)SW"
            },
            {
              "status": "affected",
              "version": "12.4(11)SW1"
            },
            {
              "status": "affected",
              "version": "12.4(15)SW5"
            },
            {
              "status": "affected",
              "version": "12.4(15)SW1"
            },
            {
              "status": "affected",
              "version": "12.4(15)SW4"
            },
            {
              "status": "affected",
              "version": "12.4(11)SW3"
            },
            {
              "status": "affected",
              "version": "12.4(11)SW2"
            },
            {
              "status": "affected",
              "version": "12.4(15)SW3"
            },
            {
              "status": "affected",
              "version": "12.4(15)SW2"
            },
            {
              "status": "affected",
              "version": "12.4(15)SW7"
            },
            {
              "status": "affected",
              "version": "12.4(15)SW8"
            },
            {
              "status": "affected",
              "version": "12.4(15)SW8a"
            },
            {
              "status": "affected",
              "version": "12.4(15)SW9"
            },
            {
              "status": "affected",
              "version": "12.4(9)XG"
            },
            {
              "status": "affected",
              "version": "12.4(9)XG3"
            },
            {
              "status": "affected",
              "version": "12.4(9)XG5"
            },
            {
              "status": "affected",
              "version": "12.4(9)XG2"
            },
            {
              "status": "affected",
              "version": "12.4(9)XG1"
            },
            {
              "status": "affected",
              "version": "12.4(9)XG4"
            },
            {
              "status": "affected",
              "version": "12.4(11)XJ"
            },
            {
              "status": "affected",
              "version": "12.4(11)XJ3"
            },
            {
              "status": "affected",
              "version": "12.4(11)XJ2"
            },
            {
              "status": "affected",
              "version": "12.4(11)XJ4"
            },
            {
              "status": "affected",
              "version": "12.4(6)XT"
            },
            {
              "status": "affected",
              "version": "12.4(6)XT1"
            },
            {
              "status": "affected",
              "version": "12.4(6)XT2"
            },
            {
              "status": "affected",
              "version": "12.4(6)XP"
            },
            {
              "status": "affected",
              "version": "12.2(31)SGA"
            },
            {
              "status": "affected",
              "version": "12.2(31)SGA3"
            },
            {
              "status": "affected",
              "version": "12.2(31)SGA2"
            },
            {
              "status": "affected",
              "version": "12.2(31)SGA10"
            },
            {
              "status": "affected",
              "version": "12.2(31)SGA5"
            },
            {
              "status": "affected",
              "version": "12.2(31)SGA4"
            },
            {
              "status": "affected",
              "version": "12.2(31)SGA11"
            },
            {
              "status": "affected",
              "version": "12.2(31)SGA6"
            },
            {
              "status": "affected",
              "version": "12.2(31)SGA1"
            },
            {
              "status": "affected",
              "version": "12.2(31)SGA7"
            },
            {
              "status": "affected",
              "version": "12.2(31)SGA8"
            },
            {
              "status": "affected",
              "version": "12.2(31)SGA9"
            },
            {
              "status": "affected",
              "version": "12.2(25)SEG"
            },
            {
              "status": "affected",
              "version": "12.2(25)SEG5"
            },
            {
              "status": "affected",
              "version": "12.2(25)SEG2"
            },
            {
              "status": "affected",
              "version": "12.2(25)SEG4"
            },
            {
              "status": "affected",
              "version": "12.2(25)SEG1"
            },
            {
              "status": "affected",
              "version": "12.2(25)SEG3"
            },
            {
              "status": "affected",
              "version": "12.2(25)SEG6"
            },
            {
              "status": "affected",
              "version": "12.3(8)JEA"
            },
            {
              "status": "affected",
              "version": "12.3(8)JEA1"
            },
            {
              "status": "affected",
              "version": "12.3(8)JEA3"
            },
            {
              "status": "affected",
              "version": "12.3(8)JEA2"
            },
            {
              "status": "affected",
              "version": "12.4(11)MD"
            },
            {
              "status": "affected",
              "version": "12.4(11)MD2"
            },
            {
              "status": "affected",
              "version": "12.4(24)MD1"
            },
            {
              "status": "affected",
              "version": "12.4(11)MD1"
            },
            {
              "status": "affected",
              "version": "12.4(24)MD"
            },
            {
              "status": "affected",
              "version": "12.4(11)MD10"
            },
            {
              "status": "affected",
              "version": "12.4(15)MD3"
            },
            {
              "status": "affected",
              "version": "12.4(24)MD3"
            },
            {
              "status": "affected",
              "version": "12.4(15)MD2"
            },
            {
              "status": "affected",
              "version": "12.4(11)MD5"
            },
            {
              "status": "affected",
              "version": "12.4(24)MD2"
            },
            {
              "status": "affected",
              "version": "12.4(11)MD9"
            },
            {
              "status": "affected",
              "version": "12.4(22)MD1"
            },
            {
              "status": "affected",
              "version": "12.4(15)MD5"
            },
            {
              "status": "affected",
              "version": "12.4(15)MD4"
            },
            {
              "status": "affected",
              "version": "12.4(22)MD2"
            },
            {
              "status": "affected",
              "version": "12.4(11)MD8"
            },
            {
              "status": "affected",
              "version": "12.4(11)MD7"
            },
            {
              "status": "affected",
              "version": "12.4(24)MD5"
            },
            {
              "status": "affected",
              "version": "12.4(15)MD"
            },
            {
              "status": "affected",
              "version": "12.4(15)MD1"
            },
            {
              "status": "affected",
              "version": "12.4(11)MD6"
            },
            {
              "status": "affected",
              "version": "12.4(22)MD"
            },
            {
              "status": "affected",
              "version": "12.4(11)MD4"
            },
            {
              "status": "affected",
              "version": "12.4(11)MD3"
            },
            {
              "status": "affected",
              "version": "12.4(24)MD4"
            },
            {
              "status": "affected",
              "version": "12.4(24)MD6"
            },
            {
              "status": "affected",
              "version": "12.4(24)MD7"
            },
            {
              "status": "affected",
              "version": "12.4(14)XK"
            },
            {
              "status": "affected",
              "version": "12.4(11)XV"
            },
            {
              "status": "affected",
              "version": "12.4(11)XV1"
            },
            {
              "status": "affected",
              "version": "12.4(11)XW"
            },
            {
              "status": "affected",
              "version": "12.4(11)XW3"
            },
            {
              "status": "affected",
              "version": "12.4(11)XW7"
            },
            {
              "status": "affected",
              "version": "12.4(11)XW10"
            },
            {
              "status": "affected",
              "version": "12.4(11)XW8"
            },
            {
              "status": "affected",
              "version": "12.4(11)XW9"
            },
            {
              "status": "affected",
              "version": "12.4(11)XW6"
            },
            {
              "status": "affected",
              "version": "12.4(11)XW4"
            },
            {
              "status": "affected",
              "version": "12.4(11)XW1"
            },
            {
              "status": "affected",
              "version": "12.4(11)XW5"
            },
            {
              "status": "affected",
              "version": "12.4(11)XW2"
            },
            {
              "status": "affected",
              "version": "12.2(33)SRB"
            },
            {
              "status": "affected",
              "version": "12.2(33)SRB4"
            },
            {
              "status": "affected",
              "version": "12.2(33)SRB5a"
            },
            {
              "status": "affected",
              "version": "12.2(33)SRB3"
            },
            {
              "status": "affected",
              "version": "12.2(33)SRB1"
            },
            {
              "status": "affected",
              "version": "12.2(33)SRB7"
            },
            {
              "status": "affected",
              "version": "12.2(33)SRB6"
            },
            {
              "status": "affected",
              "version": "12.2(33)SRB5"
            },
            {
              "status": "affected",
              "version": "12.2(33)SRB2"
            },
            {
              "status": "affected",
              "version": "12.4(3g)JMA1"
            },
            {
              "status": "affected",
              "version": "12.3(8)JEB"
            },
            {
              "status": "affected",
              "version": "12.3(8)JEB1"
            },
            {
              "status": "affected",
              "version": "12.3(8)JEC2"
            },
            {
              "status": "affected",
              "version": "12.3(8)JEC1"
            },
            {
              "status": "affected",
              "version": "12.3(8)JEC3"
            },
            {
              "status": "affected",
              "version": "12.3(8)JEC"
            },
            {
              "status": "affected",
              "version": "12.2(25)FZ"
            },
            {
              "status": "affected",
              "version": "12.4(15)XF"
            },
            {
              "status": "affected",
              "version": "12.3(2)JL"
            },
            {
              "status": "affected",
              "version": "12.3(2)JL3"
            },
            {
              "status": "affected",
              "version": "12.3(2)JL1"
            },
            {
              "status": "affected",
              "version": "12.3(2)JL4"
            },
            {
              "status": "affected",
              "version": "12.3(2)JL2"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCA2"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCA1"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCA"
            },
            {
              "status": "affected",
              "version": "12.2(33)SRC2"
            },
            {
              "status": "affected",
              "version": "12.2(33)SRC"
            },
            {
              "status": "affected",
              "version": "12.2(33)SRC3"
            },
            {
              "status": "affected",
              "version": "12.2(33)SRC5"
            },
            {
              "status": "affected",
              "version": "12.2(33)SRC6"
            },
            {
              "status": "affected",
              "version": "12.2(33)SRC4"
            },
            {
              "status": "affected",
              "version": "12.2(33)SRC1"
            },
            {
              "status": "affected",
              "version": "12.2(33)SXH3a"
            },
            {
              "status": "affected",
              "version": "12.2(33)SXH8a"
            },
            {
              "status": "affected",
              "version": "12.2(33)SXH3"
            },
            {
              "status": "affected",
              "version": "12.2(33)SXH4"
            },
            {
              "status": "affected",
              "version": "12.2(33)SXH7"
            },
            {
              "status": "affected",
              "version": "12.2(33)SXH"
            },
            {
              "status": "affected",
              "version": "12.2(33)SXH8"
            },
            {
              "status": "affected",
              "version": "12.2(33)SXH2a"
            },
            {
              "status": "affected",
              "version": "12.2(33)SXH2"
            },
            {
              "status": "affected",
              "version": "12.2(33)SXH1"
            },
            {
              "status": "affected",
              "version": "12.2(33)SXH5"
            },
            {
              "status": "affected",
              "version": "12.2(33)SXH6"
            },
            {
              "status": "affected",
              "version": "12.2(33)SXH8b"
            },
            {
              "status": "affected",
              "version": "12.4(15)XQ4"
            },
            {
              "status": "affected",
              "version": "12.4(15)XQ1"
            },
            {
              "status": "affected",
              "version": "12.4(15)XQ7"
            },
            {
              "status": "affected",
              "version": "12.4(15)XQ2a"
            },
            {
              "status": "affected",
              "version": "12.4(15)XQ6"
            },
            {
              "status": "affected",
              "version": "12.4(15)XQ2"
            },
            {
              "status": "affected",
              "version": "12.4(15)XQ"
            },
            {
              "status": "affected",
              "version": "12.4(15)XQ3"
            },
            {
              "status": "affected",
              "version": "12.4(15)XQ5"
            },
            {
              "status": "affected",
              "version": "12.4(15)XQ2b"
            },
            {
              "status": "affected",
              "version": "12.4(15)XQ8"
            },
            {
              "status": "affected",
              "version": "12.4(15)XY4"
            },
            {
              "status": "affected",
              "version": "12.4(15)XY5"
            },
            {
              "status": "affected",
              "version": "12.4(15)XY1"
            },
            {
              "status": "affected",
              "version": "12.4(15)XY"
            },
            {
              "status": "affected",
              "version": "12.4(15)XY2"
            },
            {
              "status": "affected",
              "version": "12.4(15)XY3"
            },
            {
              "status": "affected",
              "version": "12.4(15)XZ"
            },
            {
              "status": "affected",
              "version": "12.4(15)XZ2"
            },
            {
              "status": "affected",
              "version": "12.4(15)XZ1"
            },
            {
              "status": "affected",
              "version": "12.4(15)XL3"
            },
            {
              "status": "affected",
              "version": "12.4(15)XL1"
            },
            {
              "status": "affected",
              "version": "12.4(15)XL2"
            },
            {
              "status": "affected",
              "version": "12.4(15)XL4"
            },
            {
              "status": "affected",
              "version": "12.4(15)XL5"
            },
            {
              "status": "affected",
              "version": "12.4(15)XL"
            },
            {
              "status": "affected",
              "version": "12.3(8)ZA"
            },
            {
              "status": "affected",
              "version": "12.4(15)XM3"
            },
            {
              "status": "affected",
              "version": "12.4(15)XM1"
            },
            {
              "status": "affected",
              "version": "12.4(15)XM2"
            },
            {
              "status": "affected",
              "version": "12.4(15)XM"
            },
            {
              "status": "affected",
              "version": "12.4(15)XN"
            },
            {
              "status": "affected",
              "version": "12.4(22)XR5"
            },
            {
              "status": "affected",
              "version": "12.4(22)XR4"
            },
            {
              "status": "affected",
              "version": "12.4(15)XR5"
            },
            {
              "status": "affected",
              "version": "12.4(15)XR2"
            },
            {
              "status": "affected",
              "version": "12.4(22)XR7"
            },
            {
              "status": "affected",
              "version": "12.4(15)XR4"
            },
            {
              "status": "affected",
              "version": "12.4(15)XR1"
            },
            {
              "status": "affected",
              "version": "12.4(15)XR7"
            },
            {
              "status": "affected",
              "version": "12.4(22)XR2"
            },
            {
              "status": "affected",
              "version": "12.4(15)XR9"
            },
            {
              "status": "affected",
              "version": "12.4(15)XR6"
            },
            {
              "status": "affected",
              "version": "12.4(15)XR3"
            },
            {
              "status": "affected",
              "version": "12.4(15)XR"
            },
            {
              "status": "affected",
              "version": "12.4(22)XR6"
            },
            {
              "status": "affected",
              "version": "12.4(22)XR10"
            },
            {
              "status": "affected",
              "version": "12.4(15)XR8"
            },
            {
              "status": "affected",
              "version": "12.4(22)XR1"
            },
            {
              "status": "affected",
              "version": "12.4(22)XR9"
            },
            {
              "status": "affected",
              "version": "12.4(22)XR3"
            },
            {
              "status": "affected",
              "version": "12.4(22)XR8"
            },
            {
              "status": "affected",
              "version": "12.4(22)XR11"
            },
            {
              "status": "affected",
              "version": "12.4(15)XR10"
            },
            {
              "status": "affected",
              "version": "12.4(22)XR12"
            },
            {
              "status": "affected",
              "version": "12.2(33)IRA"
            },
            {
              "status": "affected",
              "version": "12.2(33)IRB"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCB9"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCB"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCB6"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCB3"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCB10"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCB4"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCB2"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCB7"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCB1"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCB5"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCB8"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCB11"
            },
            {
              "status": "affected",
              "version": "12.2(33)SRD7"
            },
            {
              "status": "affected",
              "version": "12.2(33)SRD6"
            },
            {
              "status": "affected",
              "version": "12.2(33)SRD2a"
            },
            {
              "status": "affected",
              "version": "12.2(33)SRD4"
            },
            {
              "status": "affected",
              "version": "12.2(33)SRD5"
            },
            {
              "status": "affected",
              "version": "12.2(33)SRD3"
            },
            {
              "status": "affected",
              "version": "12.2(33)SRD2"
            },
            {
              "status": "affected",
              "version": "12.2(33)SRD1"
            },
            {
              "status": "affected",
              "version": "12.2(33)SRD"
            },
            {
              "status": "affected",
              "version": "12.2(33)SRD8"
            },
            {
              "status": "affected",
              "version": "12.2(33)STE0"
            },
            {
              "status": "affected",
              "version": "12.2(33)SXI2"
            },
            {
              "status": "affected",
              "version": "12.2(33)SXI3"
            },
            {
              "status": "affected",
              "version": "12.2(33)SXI5"
            },
            {
              "status": "affected",
              "version": "12.2(33)SXI4a"
            },
            {
              "status": "affected",
              "version": "12.2(33)SXI4"
            },
            {
              "status": "affected",
              "version": "12.2(33)SXI2a"
            },
            {
              "status": "affected",
              "version": "12.2(33)SXI"
            },
            {
              "status": "affected",
              "version": "12.2(33)SXI6"
            },
            {
              "status": "affected",
              "version": "12.2(33)SXI7"
            },
            {
              "status": "affected",
              "version": "12.2(33)SXI1"
            },
            {
              "status": "affected",
              "version": "12.2(33)SXI8"
            },
            {
              "status": "affected",
              "version": "12.2(33)SXI9"
            },
            {
              "status": "affected",
              "version": "12.2(33)SXI8a"
            },
            {
              "status": "affected",
              "version": "12.2(33)SXI10"
            },
            {
              "status": "affected",
              "version": "12.2(33)SXI11"
            },
            {
              "status": "affected",
              "version": "12.2(33)SXI12"
            },
            {
              "status": "affected",
              "version": "12.2(33)SXI13"
            },
            {
              "status": "affected",
              "version": "12.2(33)SXI14"
            },
            {
              "status": "affected",
              "version": "12.2(52)XO"
            },
            {
              "status": "affected",
              "version": "12.2(54)XO"
            },
            {
              "status": "affected",
              "version": "12.2(40)XO"
            },
            {
              "status": "affected",
              "version": "12.4(10b)JDA3"
            },
            {
              "status": "affected",
              "version": "12.4(10b)JDA"
            },
            {
              "status": "affected",
              "version": "12.4(10b)JDA2"
            },
            {
              "status": "affected",
              "version": "12.4(10b)JDA1"
            },
            {
              "status": "affected",
              "version": "12.4(3)JL"
            },
            {
              "status": "affected",
              "version": "12.4(3)JL2"
            },
            {
              "status": "affected",
              "version": "12.4(3)JL1"
            },
            {
              "status": "affected",
              "version": "12.4(3g)JMB"
            },
            {
              "status": "affected",
              "version": "12.4(3g)JX"
            },
            {
              "status": "affected",
              "version": "12.4(3g)JX1"
            },
            {
              "status": "affected",
              "version": "12.4(25e)JX"
            },
            {
              "status": "affected",
              "version": "12.4(10b)JY"
            },
            {
              "status": "affected",
              "version": "12.4(21a)JY"
            },
            {
              "status": "affected",
              "version": "12.4(23c)JY"
            },
            {
              "status": "affected",
              "version": "12.2(44)SQ"
            },
            {
              "status": "affected",
              "version": "12.2(44)SQ2"
            },
            {
              "status": "affected",
              "version": "12.2(50)SQ2"
            },
            {
              "status": "affected",
              "version": "12.2(50)SQ1"
            },
            {
              "status": "affected",
              "version": "12.2(50)SQ"
            },
            {
              "status": "affected",
              "version": "12.2(50)SQ3"
            },
            {
              "status": "affected",
              "version": "12.2(50)SQ4"
            },
            {
              "status": "affected",
              "version": "12.2(50)SQ5"
            },
            {
              "status": "affected",
              "version": "12.2(50)SQ6"
            },
            {
              "status": "affected",
              "version": "12.2(50)SQ7"
            },
            {
              "status": "affected",
              "version": "12.4(10b)JDC"
            },
            {
              "status": "affected",
              "version": "12.4(10b)JDD"
            },
            {
              "status": "affected",
              "version": "12.2(33)IRC"
            },
            {
              "status": "affected",
              "version": "12.4(22)MDA3"
            },
            {
              "status": "affected",
              "version": "12.4(24)MDA5"
            },
            {
              "status": "affected",
              "version": "12.4(22)MDA5"
            },
            {
              "status": "affected",
              "version": "12.4(24)MDA3"
            },
            {
              "status": "affected",
              "version": "12.4(22)MDA4"
            },
            {
              "status": "affected",
              "version": "12.4(24)MDA4"
            },
            {
              "status": "affected",
              "version": "12.4(24)MDA1"
            },
            {
              "status": "affected",
              "version": "12.4(22)MDA"
            },
            {
              "status": "affected",
              "version": "12.4(22)MDA2"
            },
            {
              "status": "affected",
              "version": "12.4(22)MDA1"
            },
            {
              "status": "affected",
              "version": "12.4(24)MDA2"
            },
            {
              "status": "affected",
              "version": "12.4(22)MDA6"
            },
            {
              "status": "affected",
              "version": "12.4(24)MDA6"
            },
            {
              "status": "affected",
              "version": "12.4(24)MDA7"
            },
            {
              "status": "affected",
              "version": "12.4(24)MDA8"
            },
            {
              "status": "affected",
              "version": "12.4(24)MDA10"
            },
            {
              "status": "affected",
              "version": "12.4(24)MDA9"
            },
            {
              "status": "affected",
              "version": "12.4(24)MDA11"
            },
            {
              "status": "affected",
              "version": "12.4(24)MDA12"
            },
            {
              "status": "affected",
              "version": "12.4(24)MDA13"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCC"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCC2"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCC6"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCC7"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCC5"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCC4"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCC3"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCC1"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCD5"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCD1"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCD7"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCD4"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCD"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCD6"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCD3"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCD2"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCD8"
            },
            {
              "status": "affected",
              "version": "12.3(8)JED"
            },
            {
              "status": "affected",
              "version": "12.3(8)JED1"
            },
            {
              "status": "affected",
              "version": "12.4(24)YG3"
            },
            {
              "status": "affected",
              "version": "12.4(24)YG4"
            },
            {
              "status": "affected",
              "version": "12.4(24)YG1"
            },
            {
              "status": "affected",
              "version": "12.4(24)YG2"
            },
            {
              "status": "affected",
              "version": "12.4(24)YG"
            },
            {
              "status": "affected",
              "version": "15.0(1)M1"
            },
            {
              "status": "affected",
              "version": "15.0(1)M5"
            },
            {
              "status": "affected",
              "version": "15.0(1)M4"
            },
            {
              "status": "affected",
              "version": "15.0(1)M3"
            },
            {
              "status": "affected",
              "version": "15.0(1)M2"
            },
            {
              "status": "affected",
              "version": "15.0(1)M6"
            },
            {
              "status": "affected",
              "version": "15.0(1)M"
            },
            {
              "status": "affected",
              "version": "15.0(1)M7"
            },
            {
              "status": "affected",
              "version": "15.0(1)M10"
            },
            {
              "status": "affected",
              "version": "15.0(1)M9"
            },
            {
              "status": "affected",
              "version": "15.0(1)M8"
            },
            {
              "status": "affected",
              "version": "15.0(1)XA2"
            },
            {
              "status": "affected",
              "version": "15.0(1)XA4"
            },
            {
              "status": "affected",
              "version": "15.0(1)XA1"
            },
            {
              "status": "affected",
              "version": "15.0(1)XA3"
            },
            {
              "status": "affected",
              "version": "15.0(1)XA"
            },
            {
              "status": "affected",
              "version": "15.0(1)XA5"
            },
            {
              "status": "affected",
              "version": "15.1(2)T"
            },
            {
              "status": "affected",
              "version": "15.1(1)T4"
            },
            {
              "status": "affected",
              "version": "15.1(3)T2"
            },
            {
              "status": "affected",
              "version": "15.1(1)T1"
            },
            {
              "status": "affected",
              "version": "15.1(2)T0a"
            },
            {
              "status": "affected",
              "version": "15.1(3)T3"
            },
            {
              "status": "affected",
              "version": "15.1(1)T3"
            },
            {
              "status": "affected",
              "version": "15.1(2)T3"
            },
            {
              "status": "affected",
              "version": "15.1(2)T4"
            },
            {
              "status": "affected",
              "version": "15.1(1)T2"
            },
            {
              "status": "affected",
              "version": "15.1(3)T"
            },
            {
              "status": "affected",
              "version": "15.1(2)T2a"
            },
            {
              "status": "affected",
              "version": "15.1(3)T1"
            },
            {
              "status": "affected",
              "version": "15.1(1)T"
            },
            {
              "status": "affected",
              "version": "15.1(2)T2"
            },
            {
              "status": "affected",
              "version": "15.1(2)T1"
            },
            {
              "status": "affected",
              "version": "15.1(2)T5"
            },
            {
              "status": "affected",
              "version": "15.1(3)T4"
            },
            {
              "status": "affected",
              "version": "15.1(1)T5"
            },
            {
              "status": "affected",
              "version": "15.1(1)XB"
            },
            {
              "status": "affected",
              "version": "12.2(33)SRE1"
            },
            {
              "status": "affected",
              "version": "12.2(33)SRE2"
            },
            {
              "status": "affected",
              "version": "12.2(33)SRE3"
            },
            {
              "status": "affected",
              "version": "12.2(33)SRE4"
            },
            {
              "status": "affected",
              "version": "12.2(33)SRE"
            },
            {
              "status": "affected",
              "version": "12.2(33)SRE0a"
            },
            {
              "status": "affected",
              "version": "12.2(33)SRE5"
            },
            {
              "status": "affected",
              "version": "12.2(33)SRE6"
            },
            {
              "status": "affected",
              "version": "12.2(33)SRE8"
            },
            {
              "status": "affected",
              "version": "12.2(33)SRE7"
            },
            {
              "status": "affected",
              "version": "12.2(33)SRE9"
            },
            {
              "status": "affected",
              "version": "12.2(33)SRE7a"
            },
            {
              "status": "affected",
              "version": "12.2(33)SRE10"
            },
            {
              "status": "affected",
              "version": "12.2(33)SRE11"
            },
            {
              "status": "affected",
              "version": "12.2(33)SRE9a"
            },
            {
              "status": "affected",
              "version": "12.2(33)SRE12"
            },
            {
              "status": "affected",
              "version": "12.2(33)SRE13"
            },
            {
              "status": "affected",
              "version": "12.2(33)SRE14"
            },
            {
              "status": "affected",
              "version": "12.2(33)SRE15"
            },
            {
              "status": "affected",
              "version": "12.2(33)SRE15a"
            },
            {
              "status": "affected",
              "version": "15.0(1)XO1"
            },
            {
              "status": "affected",
              "version": "15.0(1)XO"
            },
            {
              "status": "affected",
              "version": "15.0(2)XO"
            },
            {
              "status": "affected",
              "version": "15.0(1)S2"
            },
            {
              "status": "affected",
              "version": "15.0(1)S1"
            },
            {
              "status": "affected",
              "version": "15.0(1)S"
            },
            {
              "status": "affected",
              "version": "15.0(1)S3a"
            },
            {
              "status": "affected",
              "version": "15.0(1)S4"
            },
            {
              "status": "affected",
              "version": "15.0(1)S5"
            },
            {
              "status": "affected",
              "version": "15.0(1)S4a"
            },
            {
              "status": "affected",
              "version": "15.0(1)S6"
            },
            {
              "status": "affected",
              "version": "12.2(33)IRD"
            },
            {
              "status": "affected",
              "version": "12.2(33)IRE"
            },
            {
              "status": "affected",
              "version": "12.2(33)IRE2"
            },
            {
              "status": "affected",
              "version": "12.2(33)IRE1"
            },
            {
              "status": "affected",
              "version": "12.2(33)MRA"
            },
            {
              "status": "affected",
              "version": "12.2(33)MRB5"
            },
            {
              "status": "affected",
              "version": "12.2(33)MRB2"
            },
            {
              "status": "affected",
              "version": "12.2(33)MRB1"
            },
            {
              "status": "affected",
              "version": "12.2(33)MRB4"
            },
            {
              "status": "affected",
              "version": "12.2(33)MRB"
            },
            {
              "status": "affected",
              "version": "12.2(33)MRB3"
            },
            {
              "status": "affected",
              "version": "12.2(33)MRB6"
            },
            {
              "status": "affected",
              "version": "12.4(21a)JHA"
            },
            {
              "status": "affected",
              "version": "15.2(1)S"
            },
            {
              "status": "affected",
              "version": "15.2(2)S"
            },
            {
              "status": "affected",
              "version": "15.2(1)S1"
            },
            {
              "status": "affected",
              "version": "15.2(4)S"
            },
            {
              "status": "affected",
              "version": "15.2(1)S2"
            },
            {
              "status": "affected",
              "version": "15.2(2)S1"
            },
            {
              "status": "affected",
              "version": "15.2(2)S2"
            },
            {
              "status": "affected",
              "version": "15.2(2)S0a"
            },
            {
              "status": "affected",
              "version": "15.2(2)S0c"
            },
            {
              "status": "affected",
              "version": "15.2(4)S1"
            },
            {
              "status": "affected",
              "version": "15.2(4)S4"
            },
            {
              "status": "affected",
              "version": "15.2(4)S6"
            },
            {
              "status": "affected",
              "version": "15.2(4)S2"
            },
            {
              "status": "affected",
              "version": "15.2(4)S5"
            },
            {
              "status": "affected",
              "version": "15.2(4)S3"
            },
            {
              "status": "affected",
              "version": "15.2(4)S3a"
            },
            {
              "status": "affected",
              "version": "15.2(4)S4a"
            },
            {
              "status": "affected",
              "version": "15.2(4)S7"
            },
            {
              "status": "affected",
              "version": "15.3(1)T"
            },
            {
              "status": "affected",
              "version": "15.3(2)T"
            },
            {
              "status": "affected",
              "version": "15.3(1)T1"
            },
            {
              "status": "affected",
              "version": "15.3(1)T2"
            },
            {
              "status": "affected",
              "version": "15.3(1)T3"
            },
            {
              "status": "affected",
              "version": "15.3(1)T4"
            },
            {
              "status": "affected",
              "version": "15.3(2)T1"
            },
            {
              "status": "affected",
              "version": "15.3(2)T2"
            },
            {
              "status": "affected",
              "version": "15.3(2)T3"
            },
            {
              "status": "affected",
              "version": "15.3(2)T4"
            },
            {
              "status": "affected",
              "version": "12.4(10b)JDE"
            },
            {
              "status": "affected",
              "version": "15.0(1)EY"
            },
            {
              "status": "affected",
              "version": "15.0(1)EY1"
            },
            {
              "status": "affected",
              "version": "15.0(1)EY2"
            },
            {
              "status": "affected",
              "version": "15.0(2)EY"
            },
            {
              "status": "affected",
              "version": "15.0(2)EY1"
            },
            {
              "status": "affected",
              "version": "15.0(2)EY2"
            },
            {
              "status": "affected",
              "version": "15.0(2)EY3"
            },
            {
              "status": "affected",
              "version": "12.4(20)MRB"
            },
            {
              "status": "affected",
              "version": "12.4(20)MRB1"
            },
            {
              "status": "affected",
              "version": "12.3(8)JEE"
            },
            {
              "status": "affected",
              "version": "12.2(54)WO"
            },
            {
              "status": "affected",
              "version": "15.1(2)S"
            },
            {
              "status": "affected",
              "version": "15.1(1)S"
            },
            {
              "status": "affected",
              "version": "15.1(1)S1"
            },
            {
              "status": "affected",
              "version": "15.1(3)S"
            },
            {
              "status": "affected",
              "version": "15.1(1)S2"
            },
            {
              "status": "affected",
              "version": "15.1(2)S1"
            },
            {
              "status": "affected",
              "version": "15.1(2)S2"
            },
            {
              "status": "affected",
              "version": "15.1(3)S1"
            },
            {
              "status": "affected",
              "version": "15.1(3)S0a"
            },
            {
              "status": "affected",
              "version": "15.1(3)S2"
            },
            {
              "status": "affected",
              "version": "15.1(3)S4"
            },
            {
              "status": "affected",
              "version": "15.1(3)S3"
            },
            {
              "status": "affected",
              "version": "15.1(3)S5"
            },
            {
              "status": "affected",
              "version": "15.1(3)S6"
            },
            {
              "status": "affected",
              "version": "15.1(3)S5a"
            },
            {
              "status": "affected",
              "version": "15.1(4)M3"
            },
            {
              "status": "affected",
              "version": "15.1(4)M"
            },
            {
              "status": "affected",
              "version": "15.1(4)M1"
            },
            {
              "status": "affected",
              "version": "15.1(4)M2"
            },
            {
              "status": "affected",
              "version": "15.1(4)M6"
            },
            {
              "status": "affected",
              "version": "15.1(4)M5"
            },
            {
              "status": "affected",
              "version": "15.1(4)M4"
            },
            {
              "status": "affected",
              "version": "15.1(4)M7"
            },
            {
              "status": "affected",
              "version": "15.1(4)M3a"
            },
            {
              "status": "affected",
              "version": "15.1(4)M10"
            },
            {
              "status": "affected",
              "version": "15.1(4)M8"
            },
            {
              "status": "affected",
              "version": "15.1(4)M9"
            },
            {
              "status": "affected",
              "version": "12.2(33)IRF"
            },
            {
              "status": "affected",
              "version": "12.4(3g)JMC1"
            },
            {
              "status": "affected",
              "version": "12.4(3g)JMC"
            },
            {
              "status": "affected",
              "version": "12.4(3g)JMC2"
            },
            {
              "status": "affected",
              "version": "15.0(1)SE"
            },
            {
              "status": "affected",
              "version": "15.0(2)SE"
            },
            {
              "status": "affected",
              "version": "15.0(1)SE1"
            },
            {
              "status": "affected",
              "version": "15.0(1)SE2"
            },
            {
              "status": "affected",
              "version": "15.0(1)SE3"
            },
            {
              "status": "affected",
              "version": "15.0(2)SE1"
            },
            {
              "status": "affected",
              "version": "15.0(2)SE2"
            },
            {
              "status": "affected",
              "version": "15.0(2)SE3"
            },
            {
              "status": "affected",
              "version": "15.0(2)SE4"
            },
            {
              "status": "affected",
              "version": "15.0(2)SE5"
            },
            {
              "status": "affected",
              "version": "15.0(2)SE6"
            },
            {
              "status": "affected",
              "version": "15.0(2)SE7"
            },
            {
              "status": "affected",
              "version": "15.0(2)SE8"
            },
            {
              "status": "affected",
              "version": "15.0(2)SE9"
            },
            {
              "status": "affected",
              "version": "15.0(2)SE10"
            },
            {
              "status": "affected",
              "version": "15.0(2)SE11"
            },
            {
              "status": "affected",
              "version": "15.0(2)SE10a"
            },
            {
              "status": "affected",
              "version": "15.0(2)SE12"
            },
            {
              "status": "affected",
              "version": "15.0(2)SE13"
            },
            {
              "status": "affected",
              "version": "15.1(2)GC"
            },
            {
              "status": "affected",
              "version": "15.1(2)GC1"
            },
            {
              "status": "affected",
              "version": "15.1(2)GC2"
            },
            {
              "status": "affected",
              "version": "15.1(4)GC"
            },
            {
              "status": "affected",
              "version": "15.1(4)GC1"
            },
            {
              "status": "affected",
              "version": "15.1(4)GC2"
            },
            {
              "status": "affected",
              "version": "15.0(1)SY"
            },
            {
              "status": "affected",
              "version": "15.0(1)SY1"
            },
            {
              "status": "affected",
              "version": "15.0(1)SY2"
            },
            {
              "status": "affected",
              "version": "15.0(1)SY3"
            },
            {
              "status": "affected",
              "version": "15.0(1)SY4"
            },
            {
              "status": "affected",
              "version": "15.0(1)SY5"
            },
            {
              "status": "affected",
              "version": "15.0(1)SY6"
            },
            {
              "status": "affected",
              "version": "15.0(1)SY7"
            },
            {
              "status": "affected",
              "version": "15.0(1)SY8"
            },
            {
              "status": "affected",
              "version": "15.0(1)SY7a"
            },
            {
              "status": "affected",
              "version": "15.0(1)SY9"
            },
            {
              "status": "affected",
              "version": "15.0(1)SY10"
            },
            {
              "status": "affected",
              "version": "12.2(33)SXJ"
            },
            {
              "status": "affected",
              "version": "12.2(33)SXJ1"
            },
            {
              "status": "affected",
              "version": "12.2(33)SXJ2"
            },
            {
              "status": "affected",
              "version": "12.2(33)SXJ3"
            },
            {
              "status": "affected",
              "version": "12.2(33)SXJ4"
            },
            {
              "status": "affected",
              "version": "12.2(33)SXJ5"
            },
            {
              "status": "affected",
              "version": "12.2(33)SXJ6"
            },
            {
              "status": "affected",
              "version": "12.2(33)SXJ7"
            },
            {
              "status": "affected",
              "version": "12.2(33)SXJ8"
            },
            {
              "status": "affected",
              "version": "12.2(33)SXJ9"
            },
            {
              "status": "affected",
              "version": "12.2(33)SXJ10"
            },
            {
              "status": "affected",
              "version": "15.1(1)SG"
            },
            {
              "status": "affected",
              "version": "15.1(2)SG"
            },
            {
              "status": "affected",
              "version": "15.1(1)SG1"
            },
            {
              "status": "affected",
              "version": "15.1(1)SG2"
            },
            {
              "status": "affected",
              "version": "15.1(2)SG1"
            },
            {
              "status": "affected",
              "version": "15.1(2)SG2"
            },
            {
              "status": "affected",
              "version": "15.1(2)SG3"
            },
            {
              "status": "affected",
              "version": "15.1(2)SG4"
            },
            {
              "status": "affected",
              "version": "15.1(2)SG5"
            },
            {
              "status": "affected",
              "version": "15.1(2)SG6"
            },
            {
              "status": "affected",
              "version": "15.1(2)SG7"
            },
            {
              "status": "affected",
              "version": "15.1(2)SG8"
            },
            {
              "status": "affected",
              "version": "15.0(1)MR"
            },
            {
              "status": "affected",
              "version": "15.0(2)MR"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCF"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCF1"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCF2"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCF3"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCF4"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCF5"
            },
            {
              "status": "affected",
              "version": "15.2(4)M"
            },
            {
              "status": "affected",
              "version": "15.2(4)M1"
            },
            {
              "status": "affected",
              "version": "15.2(4)M2"
            },
            {
              "status": "affected",
              "version": "15.2(4)M4"
            },
            {
              "status": "affected",
              "version": "15.2(4)M3"
            },
            {
              "status": "affected",
              "version": "15.2(4)M5"
            },
            {
              "status": "affected",
              "version": "15.2(4)M8"
            },
            {
              "status": "affected",
              "version": "15.2(4)M10"
            },
            {
              "status": "affected",
              "version": "15.2(4)M7"
            },
            {
              "status": "affected",
              "version": "15.2(4)M6"
            },
            {
              "status": "affected",
              "version": "15.2(4)M9"
            },
            {
              "status": "affected",
              "version": "15.2(4)M6a"
            },
            {
              "status": "affected",
              "version": "15.2(4)M11"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCE"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCE1"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCE2"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCE3"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCE4"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCE5"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCE6"
            },
            {
              "status": "affected",
              "version": "15.0(2)SG"
            },
            {
              "status": "affected",
              "version": "15.0(2)SG1"
            },
            {
              "status": "affected",
              "version": "15.0(2)SG2"
            },
            {
              "status": "affected",
              "version": "15.0(2)SG3"
            },
            {
              "status": "affected",
              "version": "15.0(2)SG4"
            },
            {
              "status": "affected",
              "version": "15.0(2)SG5"
            },
            {
              "status": "affected",
              "version": "15.0(2)SG6"
            },
            {
              "status": "affected",
              "version": "15.0(2)SG7"
            },
            {
              "status": "affected",
              "version": "15.0(2)SG8"
            },
            {
              "status": "affected",
              "version": "15.0(2)SG9"
            },
            {
              "status": "affected",
              "version": "15.0(2)SG10"
            },
            {
              "status": "affected",
              "version": "15.0(2)SG11"
            },
            {
              "status": "affected",
              "version": "12.4(24)MDB"
            },
            {
              "status": "affected",
              "version": "12.4(24)MDB1"
            },
            {
              "status": "affected",
              "version": "12.4(24)MDB3"
            },
            {
              "status": "affected",
              "version": "12.4(24)MDB4"
            },
            {
              "status": "affected",
              "version": "12.4(24)MDB5"
            },
            {
              "status": "affected",
              "version": "12.4(24)MDB6"
            },
            {
              "status": "affected",
              "version": "12.4(24)MDB7"
            },
            {
              "status": "affected",
              "version": "12.4(24)MDB5a"
            },
            {
              "status": "affected",
              "version": "12.4(24)MDB8"
            },
            {
              "status": "affected",
              "version": "12.4(24)MDB9"
            },
            {
              "status": "affected",
              "version": "12.4(24)MDB10"
            },
            {
              "status": "affected",
              "version": "12.4(24)MDB11"
            },
            {
              "status": "affected",
              "version": "12.4(24)MDB12"
            },
            {
              "status": "affected",
              "version": "12.4(24)MDB13"
            },
            {
              "status": "affected",
              "version": "12.4(24)MDB14"
            },
            {
              "status": "affected",
              "version": "12.4(24)MDB15"
            },
            {
              "status": "affected",
              "version": "12.4(24)MDB16"
            },
            {
              "status": "affected",
              "version": "12.4(24)MDB17"
            },
            {
              "status": "affected",
              "version": "12.4(24)MDB18"
            },
            {
              "status": "affected",
              "version": "12.4(24)MDB19"
            },
            {
              "status": "affected",
              "version": "12.2(33)IRG"
            },
            {
              "status": "affected",
              "version": "12.2(33)IRG1"
            },
            {
              "status": "affected",
              "version": "12.4(21a)JHC"
            },
            {
              "status": "affected",
              "version": "15.0(1)EX"
            },
            {
              "status": "affected",
              "version": "15.0(2)EX"
            },
            {
              "status": "affected",
              "version": "15.0(2)EX1"
            },
            {
              "status": "affected",
              "version": "15.0(2)EX2"
            },
            {
              "status": "affected",
              "version": "15.0(2)EX3"
            },
            {
              "status": "affected",
              "version": "15.0(2)EX4"
            },
            {
              "status": "affected",
              "version": "15.0(2)EX5"
            },
            {
              "status": "affected",
              "version": "15.0(2)EX8"
            },
            {
              "status": "affected",
              "version": "15.0(2a)EX5"
            },
            {
              "status": "affected",
              "version": "15.0(2)EX10"
            },
            {
              "status": "affected",
              "version": "15.0(2)EX11"
            },
            {
              "status": "affected",
              "version": "15.0(2)EX13"
            },
            {
              "status": "affected",
              "version": "15.0(2)EX12"
            },
            {
              "status": "affected",
              "version": "15.2(1)GC"
            },
            {
              "status": "affected",
              "version": "15.2(1)GC1"
            },
            {
              "status": "affected",
              "version": "15.2(1)GC2"
            },
            {
              "status": "affected",
              "version": "15.2(2)GC"
            },
            {
              "status": "affected",
              "version": "15.2(3)GC"
            },
            {
              "status": "affected",
              "version": "15.2(3)GC1"
            },
            {
              "status": "affected",
              "version": "15.2(4)GC"
            },
            {
              "status": "affected",
              "version": "15.2(4)GC1"
            },
            {
              "status": "affected",
              "version": "15.2(4)GC2"
            },
            {
              "status": "affected",
              "version": "15.2(4)GC3"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCG"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCG1"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCG2"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCG3"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCG4"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCG5"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCG6"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCG7"
            },
            {
              "status": "affected",
              "version": "12.2(33)IRH"
            },
            {
              "status": "affected",
              "version": "12.2(33)IRH1"
            },
            {
              "status": "affected",
              "version": "15.1(1)SY"
            },
            {
              "status": "affected",
              "version": "15.1(1)SY1"
            },
            {
              "status": "affected",
              "version": "15.1(2)SY"
            },
            {
              "status": "affected",
              "version": "15.1(2)SY1"
            },
            {
              "status": "affected",
              "version": "15.1(2)SY2"
            },
            {
              "status": "affected",
              "version": "15.1(1)SY2"
            },
            {
              "status": "affected",
              "version": "15.1(1)SY3"
            },
            {
              "status": "affected",
              "version": "15.1(2)SY3"
            },
            {
              "status": "affected",
              "version": "15.1(1)SY4"
            },
            {
              "status": "affected",
              "version": "15.1(2)SY4"
            },
            {
              "status": "affected",
              "version": "15.1(1)SY5"
            },
            {
              "status": "affected",
              "version": "15.1(2)SY5"
            },
            {
              "status": "affected",
              "version": "15.1(2)SY4a"
            },
            {
              "status": "affected",
              "version": "15.1(1)SY6"
            },
            {
              "status": "affected",
              "version": "15.1(2)SY6"
            },
            {
              "status": "affected",
              "version": "15.1(2)SY7"
            },
            {
              "status": "affected",
              "version": "15.1(2)SY8"
            },
            {
              "status": "affected",
              "version": "15.1(2)SY9"
            },
            {
              "status": "affected",
              "version": "15.1(2)SY10"
            },
            {
              "status": "affected",
              "version": "15.1(2)SY11"
            },
            {
              "status": "affected",
              "version": "15.1(2)SY12"
            },
            {
              "status": "affected",
              "version": "15.1(2)SY13"
            },
            {
              "status": "affected",
              "version": "15.1(2)SY14"
            },
            {
              "status": "affected",
              "version": "15.1(2)SY15"
            },
            {
              "status": "affected",
              "version": "15.1(2)SY16"
            },
            {
              "status": "affected",
              "version": "15.3(1)S"
            },
            {
              "status": "affected",
              "version": "15.3(2)S"
            },
            {
              "status": "affected",
              "version": "15.3(3)S"
            },
            {
              "status": "affected",
              "version": "15.3(1)S2"
            },
            {
              "status": "affected",
              "version": "15.3(1)S1"
            },
            {
              "status": "affected",
              "version": "15.3(2)S2"
            },
            {
              "status": "affected",
              "version": "15.3(2)S1"
            },
            {
              "status": "affected",
              "version": "15.3(3)S1"
            },
            {
              "status": "affected",
              "version": "15.3(3)S2"
            },
            {
              "status": "affected",
              "version": "15.3(3)S3"
            },
            {
              "status": "affected",
              "version": "15.3(3)S6"
            },
            {
              "status": "affected",
              "version": "15.3(3)S4"
            },
            {
              "status": "affected",
              "version": "15.3(3)S1a"
            },
            {
              "status": "affected",
              "version": "15.3(3)S5"
            },
            {
              "status": "affected",
              "version": "15.3(3)S7"
            },
            {
              "status": "affected",
              "version": "15.3(3)S8"
            },
            {
              "status": "affected",
              "version": "15.3(3)S9"
            },
            {
              "status": "affected",
              "version": "15.3(3)S10"
            },
            {
              "status": "affected",
              "version": "15.3(3)S8a"
            },
            {
              "status": "affected",
              "version": "15.4(1)T"
            },
            {
              "status": "affected",
              "version": "15.4(2)T"
            },
            {
              "status": "affected",
              "version": "15.4(1)T2"
            },
            {
              "status": "affected",
              "version": "15.4(1)T1"
            },
            {
              "status": "affected",
              "version": "15.4(1)T3"
            },
            {
              "status": "affected",
              "version": "15.4(2)T1"
            },
            {
              "status": "affected",
              "version": "15.4(2)T3"
            },
            {
              "status": "affected",
              "version": "15.4(2)T2"
            },
            {
              "status": "affected",
              "version": "15.4(1)T4"
            },
            {
              "status": "affected",
              "version": "15.4(2)T4"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCH"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCH1"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCH2"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCH0a"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCH3"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCH2a"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCH4"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCH5"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCH6"
            },
            {
              "status": "affected",
              "version": "12.4(25e)JAL"
            },
            {
              "status": "affected",
              "version": "12.4(25e)JAL2"
            },
            {
              "status": "affected",
              "version": "15.0(2)EA"
            },
            {
              "status": "affected",
              "version": "15.0(2)EA1"
            },
            {
              "status": "affected",
              "version": "15.2(1)E"
            },
            {
              "status": "affected",
              "version": "15.2(2)E"
            },
            {
              "status": "affected",
              "version": "15.2(1)E1"
            },
            {
              "status": "affected",
              "version": "15.2(3)E"
            },
            {
              "status": "affected",
              "version": "15.2(1)E2"
            },
            {
              "status": "affected",
              "version": "15.2(1)E3"
            },
            {
              "status": "affected",
              "version": "15.2(2)E1"
            },
            {
              "status": "affected",
              "version": "15.2(4)E"
            },
            {
              "status": "affected",
              "version": "15.2(3)E1"
            },
            {
              "status": "affected",
              "version": "15.2(2)E2"
            },
            {
              "status": "affected",
              "version": "15.2(2a)E1"
            },
            {
              "status": "affected",
              "version": "15.2(2)E3"
            },
            {
              "status": "affected",
              "version": "15.2(2a)E2"
            },
            {
              "status": "affected",
              "version": "15.2(3)E2"
            },
            {
              "status": "affected",
              "version": "15.2(3a)E"
            },
            {
              "status": "affected",
              "version": "15.2(3)E3"
            },
            {
              "status": "affected",
              "version": "15.2(4)E1"
            },
            {
              "status": "affected",
              "version": "15.2(2)E4"
            },
            {
              "status": "affected",
              "version": "15.2(2)E5"
            },
            {
              "status": "affected",
              "version": "15.2(4)E2"
            },
            {
              "status": "affected",
              "version": "15.2(3)E4"
            },
            {
              "status": "affected",
              "version": "15.2(5)E"
            },
            {
              "status": "affected",
              "version": "15.2(4)E3"
            },
            {
              "status": "affected",
              "version": "15.2(2)E6"
            },
            {
              "status": "affected",
              "version": "15.2(5a)E"
            },
            {
              "status": "affected",
              "version": "15.2(5)E1"
            },
            {
              "status": "affected",
              "version": "15.2(5b)E"
            },
            {
              "status": "affected",
              "version": "15.2(2)E5a"
            },
            {
              "status": "affected",
              "version": "15.2(5c)E"
            },
            {
              "status": "affected",
              "version": "15.2(2)E5b"
            },
            {
              "status": "affected",
              "version": "15.2(5a)E1"
            },
            {
              "status": "affected",
              "version": "15.2(4)E4"
            },
            {
              "status": "affected",
              "version": "15.2(2)E7"
            },
            {
              "status": "affected",
              "version": "15.2(5)E2"
            },
            {
              "status": "affected",
              "version": "15.2(6)E"
            },
            {
              "status": "affected",
              "version": "15.2(4)E5"
            },
            {
              "status": "affected",
              "version": "15.2(5)E2c"
            },
            {
              "status": "affected",
              "version": "15.2(2)E8"
            },
            {
              "status": "affected",
              "version": "15.2(6)E0a"
            },
            {
              "status": "affected",
              "version": "15.2(6)E1"
            },
            {
              "status": "affected",
              "version": "15.2(6)E0c"
            },
            {
              "status": "affected",
              "version": "15.2(4)E6"
            },
            {
              "status": "affected",
              "version": "15.2(6)E2"
            },
            {
              "status": "affected",
              "version": "15.2(2)E9"
            },
            {
              "status": "affected",
              "version": "15.2(4)E7"
            },
            {
              "status": "affected",
              "version": "15.2(7)E"
            },
            {
              "status": "affected",
              "version": "15.2(2)E10"
            },
            {
              "status": "affected",
              "version": "15.2(4)E8"
            },
            {
              "status": "affected",
              "version": "15.2(6)E2a"
            },
            {
              "status": "affected",
              "version": "15.2(6)E2b"
            },
            {
              "status": "affected",
              "version": "15.2(7)E1"
            },
            {
              "status": "affected",
              "version": "15.2(7)E0a"
            },
            {
              "status": "affected",
              "version": "15.2(7)E0b"
            },
            {
              "status": "affected",
              "version": "15.2(7)E0s"
            },
            {
              "status": "affected",
              "version": "15.2(6)E3"
            },
            {
              "status": "affected",
              "version": "15.2(4)E9"
            },
            {
              "status": "affected",
              "version": "15.2(7)E2"
            },
            {
              "status": "affected",
              "version": "15.2(7a)E0b"
            },
            {
              "status": "affected",
              "version": "15.2(4)E10"
            },
            {
              "status": "affected",
              "version": "15.2(7)E3"
            },
            {
              "status": "affected",
              "version": "15.2(7)E1a"
            },
            {
              "status": "affected",
              "version": "15.2(7b)E0b"
            },
            {
              "status": "affected",
              "version": "15.2(7)E2a"
            },
            {
              "status": "affected",
              "version": "15.2(4)E10a"
            },
            {
              "status": "affected",
              "version": "15.2(7)E4"
            },
            {
              "status": "affected",
              "version": "15.2(7)E3k"
            },
            {
              "status": "affected",
              "version": "15.2(8)E"
            },
            {
              "status": "affected",
              "version": "15.2(8)E1"
            },
            {
              "status": "affected",
              "version": "15.2(7)E5"
            },
            {
              "status": "affected",
              "version": "15.2(7)E6"
            },
            {
              "status": "affected",
              "version": "15.2(8)E2"
            },
            {
              "status": "affected",
              "version": "15.2(4)E10d"
            },
            {
              "status": "affected",
              "version": "15.2(7)E7"
            },
            {
              "status": "affected",
              "version": "15.2(8)E3"
            },
            {
              "status": "affected",
              "version": "15.2(7)E8"
            },
            {
              "status": "affected",
              "version": "15.2(8)E4"
            },
            {
              "status": "affected",
              "version": "15.2(7)E9"
            },
            {
              "status": "affected",
              "version": "15.2(8)E5"
            },
            {
              "status": "affected",
              "version": "15.2(8)E6"
            },
            {
              "status": "affected",
              "version": "15.2(7)E10"
            },
            {
              "status": "affected",
              "version": "15.2(7)E11"
            },
            {
              "status": "affected",
              "version": "15.2(8)E7"
            },
            {
              "status": "affected",
              "version": "15.2(7)E12"
            },
            {
              "status": "affected",
              "version": "15.1(3)MRA"
            },
            {
              "status": "affected",
              "version": "15.1(3)MRA1"
            },
            {
              "status": "affected",
              "version": "15.1(3)MRA2"
            },
            {
              "status": "affected",
              "version": "15.1(3)MRA3"
            },
            {
              "status": "affected",
              "version": "15.1(3)MRA4"
            },
            {
              "status": "affected",
              "version": "15.1(3)SVB1"
            },
            {
              "status": "affected",
              "version": "15.1(3)SVB2"
            },
            {
              "status": "affected",
              "version": "15.2(4)JB5h"
            },
            {
              "status": "affected",
              "version": "15.4(1)S"
            },
            {
              "status": "affected",
              "version": "15.4(2)S"
            },
            {
              "status": "affected",
              "version": "15.4(3)S"
            },
            {
              "status": "affected",
              "version": "15.4(1)S1"
            },
            {
              "status": "affected",
              "version": "15.4(1)S2"
            },
            {
              "status": "affected",
              "version": "15.4(2)S1"
            },
            {
              "status": "affected",
              "version": "15.4(1)S3"
            },
            {
              "status": "affected",
              "version": "15.4(3)S1"
            },
            {
              "status": "affected",
              "version": "15.4(2)S2"
            },
            {
              "status": "affected",
              "version": "15.4(3)S2"
            },
            {
              "status": "affected",
              "version": "15.4(3)S3"
            },
            {
              "status": "affected",
              "version": "15.4(1)S4"
            },
            {
              "status": "affected",
              "version": "15.4(2)S3"
            },
            {
              "status": "affected",
              "version": "15.4(2)S4"
            },
            {
              "status": "affected",
              "version": "15.4(3)S4"
            },
            {
              "status": "affected",
              "version": "15.4(3)S5"
            },
            {
              "status": "affected",
              "version": "15.4(3)S6"
            },
            {
              "status": "affected",
              "version": "15.4(3)S7"
            },
            {
              "status": "affected",
              "version": "15.4(3)S6a"
            },
            {
              "status": "affected",
              "version": "15.4(3)S8"
            },
            {
              "status": "affected",
              "version": "15.4(3)S9"
            },
            {
              "status": "affected",
              "version": "15.4(3)S10"
            },
            {
              "status": "affected",
              "version": "15.3(3)M"
            },
            {
              "status": "affected",
              "version": "15.3(3)M1"
            },
            {
              "status": "affected",
              "version": "15.3(3)M2"
            },
            {
              "status": "affected",
              "version": "15.3(3)M3"
            },
            {
              "status": "affected",
              "version": "15.3(3)M5"
            },
            {
              "status": "affected",
              "version": "15.3(3)M4"
            },
            {
              "status": "affected",
              "version": "15.3(3)M6"
            },
            {
              "status": "affected",
              "version": "15.3(3)M7"
            },
            {
              "status": "affected",
              "version": "15.3(3)M8"
            },
            {
              "status": "affected",
              "version": "15.3(3)M9"
            },
            {
              "status": "affected",
              "version": "15.3(3)M10"
            },
            {
              "status": "affected",
              "version": "15.3(3)M8a"
            },
            {
              "status": "affected",
              "version": "15.0(2)EZ"
            },
            {
              "status": "affected",
              "version": "15.1(3)SVD"
            },
            {
              "status": "affected",
              "version": "15.1(3)SVD1"
            },
            {
              "status": "affected",
              "version": "15.1(3)SVD2"
            },
            {
              "status": "affected",
              "version": "15.2(1)EY"
            },
            {
              "status": "affected",
              "version": "15.0(2)EJ"
            },
            {
              "status": "affected",
              "version": "15.0(2)EJ1"
            },
            {
              "status": "affected",
              "version": "15.2(1)SY"
            },
            {
              "status": "affected",
              "version": "15.2(1)SY1"
            },
            {
              "status": "affected",
              "version": "15.2(1)SY0a"
            },
            {
              "status": "affected",
              "version": "15.2(1)SY2"
            },
            {
              "status": "affected",
              "version": "15.2(2)SY"
            },
            {
              "status": "affected",
              "version": "15.2(1)SY1a"
            },
            {
              "status": "affected",
              "version": "15.2(2)SY1"
            },
            {
              "status": "affected",
              "version": "15.2(2)SY2"
            },
            {
              "status": "affected",
              "version": "15.2(1)SY3"
            },
            {
              "status": "affected",
              "version": "15.2(1)SY4"
            },
            {
              "status": "affected",
              "version": "15.2(2)SY3"
            },
            {
              "status": "affected",
              "version": "15.2(1)SY5"
            },
            {
              "status": "affected",
              "version": "15.2(1)SY6"
            },
            {
              "status": "affected",
              "version": "15.2(1)SY7"
            },
            {
              "status": "affected",
              "version": "15.2(1)SY8"
            },
            {
              "status": "affected",
              "version": "15.2(5)EX"
            },
            {
              "status": "affected",
              "version": "15.1(3)SVF"
            },
            {
              "status": "affected",
              "version": "15.1(3)SVF1"
            },
            {
              "status": "affected",
              "version": "15.1(3)SVE"
            },
            {
              "status": "affected",
              "version": "15.0(2)EK"
            },
            {
              "status": "affected",
              "version": "15.0(2)EK1"
            },
            {
              "status": "affected",
              "version": "15.4(1)CG"
            },
            {
              "status": "affected",
              "version": "15.4(1)CG1"
            },
            {
              "status": "affected",
              "version": "15.4(2)CG"
            },
            {
              "status": "affected",
              "version": "15.5(1)S"
            },
            {
              "status": "affected",
              "version": "15.5(2)S"
            },
            {
              "status": "affected",
              "version": "15.5(1)S1"
            },
            {
              "status": "affected",
              "version": "15.5(3)S"
            },
            {
              "status": "affected",
              "version": "15.5(1)S2"
            },
            {
              "status": "affected",
              "version": "15.5(1)S3"
            },
            {
              "status": "affected",
              "version": "15.5(2)S1"
            },
            {
              "status": "affected",
              "version": "15.5(2)S2"
            },
            {
              "status": "affected",
              "version": "15.5(3)S1"
            },
            {
              "status": "affected",
              "version": "15.5(3)S1a"
            },
            {
              "status": "affected",
              "version": "15.5(2)S3"
            },
            {
              "status": "affected",
              "version": "15.5(3)S2"
            },
            {
              "status": "affected",
              "version": "15.5(3)S0a"
            },
            {
              "status": "affected",
              "version": "15.5(3)S3"
            },
            {
              "status": "affected",
              "version": "15.5(1)S4"
            },
            {
              "status": "affected",
              "version": "15.5(2)S4"
            },
            {
              "status": "affected",
              "version": "15.5(3)S4"
            },
            {
              "status": "affected",
              "version": "15.5(3)S5"
            },
            {
              "status": "affected",
              "version": "15.5(3)S6"
            },
            {
              "status": "affected",
              "version": "15.5(3)S6a"
            },
            {
              "status": "affected",
              "version": "15.5(3)S7"
            },
            {
              "status": "affected",
              "version": "15.5(3)S6b"
            },
            {
              "status": "affected",
              "version": "15.5(3)S8"
            },
            {
              "status": "affected",
              "version": "15.5(3)S9"
            },
            {
              "status": "affected",
              "version": "15.5(3)S10"
            },
            {
              "status": "affected",
              "version": "15.5(3)S9a"
            },
            {
              "status": "affected",
              "version": "15.1(3)SVG"
            },
            {
              "status": "affected",
              "version": "15.2(2)EB"
            },
            {
              "status": "affected",
              "version": "15.2(2)EB1"
            },
            {
              "status": "affected",
              "version": "15.2(2)EB2"
            },
            {
              "status": "affected",
              "version": "15.2(6)EB"
            },
            {
              "status": "affected",
              "version": "15.5(1)T"
            },
            {
              "status": "affected",
              "version": "15.5(1)T1"
            },
            {
              "status": "affected",
              "version": "15.5(2)T"
            },
            {
              "status": "affected",
              "version": "15.5(1)T2"
            },
            {
              "status": "affected",
              "version": "15.5(1)T3"
            },
            {
              "status": "affected",
              "version": "15.5(2)T1"
            },
            {
              "status": "affected",
              "version": "15.5(2)T2"
            },
            {
              "status": "affected",
              "version": "15.5(2)T3"
            },
            {
              "status": "affected",
              "version": "15.5(2)T4"
            },
            {
              "status": "affected",
              "version": "15.5(1)T4"
            },
            {
              "status": "affected",
              "version": "15.2(2)EA"
            },
            {
              "status": "affected",
              "version": "15.2(2)EA1"
            },
            {
              "status": "affected",
              "version": "15.2(2)EA2"
            },
            {
              "status": "affected",
              "version": "15.2(3)EA"
            },
            {
              "status": "affected",
              "version": "15.2(4)EA"
            },
            {
              "status": "affected",
              "version": "15.2(4)EA1"
            },
            {
              "status": "affected",
              "version": "15.2(2)EA3"
            },
            {
              "status": "affected",
              "version": "15.2(4)EA3"
            },
            {
              "status": "affected",
              "version": "15.2(5)EA"
            },
            {
              "status": "affected",
              "version": "15.2(4)EA4"
            },
            {
              "status": "affected",
              "version": "15.2(4)EA5"
            },
            {
              "status": "affected",
              "version": "15.2(4)EA6"
            },
            {
              "status": "affected",
              "version": "15.2(4)EA7"
            },
            {
              "status": "affected",
              "version": "15.2(4)EA8"
            },
            {
              "status": "affected",
              "version": "15.2(4)EA9"
            },
            {
              "status": "affected",
              "version": "15.2(4)EA9a"
            },
            {
              "status": "affected",
              "version": "15.5(3)M"
            },
            {
              "status": "affected",
              "version": "15.5(3)M1"
            },
            {
              "status": "affected",
              "version": "15.5(3)M0a"
            },
            {
              "status": "affected",
              "version": "15.5(3)M2"
            },
            {
              "status": "affected",
              "version": "15.5(3)M3"
            },
            {
              "status": "affected",
              "version": "15.5(3)M4"
            },
            {
              "status": "affected",
              "version": "15.5(3)M4a"
            },
            {
              "status": "affected",
              "version": "15.5(3)M5"
            },
            {
              "status": "affected",
              "version": "15.5(3)M6"
            },
            {
              "status": "affected",
              "version": "15.5(3)M7"
            },
            {
              "status": "affected",
              "version": "15.5(3)M6a"
            },
            {
              "status": "affected",
              "version": "15.5(3)M8"
            },
            {
              "status": "affected",
              "version": "15.5(3)M9"
            },
            {
              "status": "affected",
              "version": "15.5(3)M10"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCI"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCI1"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCI1a"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCI2"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCI3"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCI2a"
            },
            {
              "status": "affected",
              "version": "15.5(3)SN"
            },
            {
              "status": "affected",
              "version": "15.0(2)SQD"
            },
            {
              "status": "affected",
              "version": "15.0(2)SQD1"
            },
            {
              "status": "affected",
              "version": "15.0(2)SQD2"
            },
            {
              "status": "affected",
              "version": "15.0(2)SQD3"
            },
            {
              "status": "affected",
              "version": "15.0(2)SQD4"
            },
            {
              "status": "affected",
              "version": "15.0(2)SQD5"
            },
            {
              "status": "affected",
              "version": "15.0(2)SQD6"
            },
            {
              "status": "affected",
              "version": "15.0(2)SQD7"
            },
            {
              "status": "affected",
              "version": "15.0(2)SQD8"
            },
            {
              "status": "affected",
              "version": "15.6(1)S"
            },
            {
              "status": "affected",
              "version": "15.6(2)S"
            },
            {
              "status": "affected",
              "version": "15.6(2)S1"
            },
            {
              "status": "affected",
              "version": "15.6(1)S1"
            },
            {
              "status": "affected",
              "version": "15.6(1)S2"
            },
            {
              "status": "affected",
              "version": "15.6(2)S2"
            },
            {
              "status": "affected",
              "version": "15.6(1)S3"
            },
            {
              "status": "affected",
              "version": "15.6(2)S3"
            },
            {
              "status": "affected",
              "version": "15.6(1)S4"
            },
            {
              "status": "affected",
              "version": "15.6(2)S4"
            },
            {
              "status": "affected",
              "version": "15.6(1)T"
            },
            {
              "status": "affected",
              "version": "15.6(2)T"
            },
            {
              "status": "affected",
              "version": "15.6(1)T0a"
            },
            {
              "status": "affected",
              "version": "15.6(1)T1"
            },
            {
              "status": "affected",
              "version": "15.6(2)T1"
            },
            {
              "status": "affected",
              "version": "15.6(1)T2"
            },
            {
              "status": "affected",
              "version": "15.6(2)T2"
            },
            {
              "status": "affected",
              "version": "15.6(1)T3"
            },
            {
              "status": "affected",
              "version": "15.6(2)T3"
            },
            {
              "status": "affected",
              "version": "15.3(1)SY"
            },
            {
              "status": "affected",
              "version": "15.3(1)SY1"
            },
            {
              "status": "affected",
              "version": "15.3(1)SY2"
            },
            {
              "status": "affected",
              "version": "15.3(3)JNC2"
            },
            {
              "status": "affected",
              "version": "15.3(3)JNC3"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCJ"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCJ1a"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCJ2"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCJ2a"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCJ2b"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCJ2c"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCJ3"
            },
            {
              "status": "affected",
              "version": "12.2(33)SCJ4"
            },
            {
              "status": "affected",
              "version": "15.6(2)SP"
            },
            {
              "status": "affected",
              "version": "15.6(2)SP1"
            },
            {
              "status": "affected",
              "version": "15.6(2)SP2"
            },
            {
              "status": "affected",
              "version": "15.6(2)SP3"
            },
            {
              "status": "affected",
              "version": "15.6(2)SP4"
            },
            {
              "status": "affected",
              "version": "15.6(2)SP5"
            },
            {
              "status": "affected",
              "version": "15.6(2)SP6"
            },
            {
              "status": "affected",
              "version": "15.6(2)SP7"
            },
            {
              "status": "affected",
              "version": "15.6(2)SP8"
            },
            {
              "status": "affected",
              "version": "15.6(2)SP9"
            },
            {
              "status": "affected",
              "version": "15.6(2)SN"
            },
            {
              "status": "affected",
              "version": "15.6(3)M"
            },
            {
              "status": "affected",
              "version": "15.6(3)M1"
            },
            {
              "status": "affected",
              "version": "15.6(3)M0a"
            },
            {
              "status": "affected",
              "version": "15.6(3)M1b"
            },
            {
              "status": "affected",
              "version": "15.6(3)M2"
            },
            {
              "status": "affected",
              "version": "15.6(3)M2a"
            },
            {
              "status": "affected",
              "version": "15.6(3)M3"
            },
            {
              "status": "affected",
              "version": "15.6(3)M3a"
            },
            {
              "status": "affected",
              "version": "15.6(3)M4"
            },
            {
              "status": "affected",
              "version": "15.6(3)M5"
            },
            {
              "status": "affected",
              "version": "15.6(3)M6"
            },
            {
              "status": "affected",
              "version": "15.6(3)M7"
            },
            {
              "status": "affected",
              "version": "15.6(3)M6a"
            },
            {
              "status": "affected",
              "version": "15.6(3)M6b"
            },
            {
              "status": "affected",
              "version": "15.6(3)M8"
            },
            {
              "status": "affected",
              "version": "15.6(3)M9"
            },
            {
              "status": "affected",
              "version": "15.1(3)SVJ2"
            },
            {
              "status": "affected",
              "version": "15.2(4)EC1"
            },
            {
              "status": "affected",
              "version": "15.2(4)EC2"
            },
            {
              "status": "affected",
              "version": "15.3(3)JPC100"
            },
            {
              "status": "affected",
              "version": "15.4(1)SY"
            },
            {
              "status": "affected",
              "version": "15.4(1)SY1"
            },
            {
              "status": "affected",
              "version": "15.4(1)SY2"
            },
            {
              "status": "affected",
              "version": "15.4(1)SY3"
            },
            {
              "status": "affected",
              "version": "15.4(1)SY4"
            },
            {
              "status": "affected",
              "version": "15.5(1)SY"
            },
            {
              "status": "affected",
              "version": "15.5(1)SY1"
            },
            {
              "status": "affected",
              "version": "15.5(1)SY2"
            },
            {
              "status": "affected",
              "version": "15.5(1)SY3"
            },
            {
              "status": "affected",
              "version": "15.5(1)SY4"
            },
            {
              "status": "affected",
              "version": "15.5(1)SY5"
            },
            {
              "status": "affected",
              "version": "15.5(1)SY6"
            },
            {
              "status": "affected",
              "version": "15.5(1)SY7"
            },
            {
              "status": "affected",
              "version": "15.5(1)SY8"
            },
            {
              "status": "affected",
              "version": "15.5(1)SY9"
            },
            {
              "status": "affected",
              "version": "15.5(1)SY10"
            },
            {
              "status": "affected",
              "version": "15.5(1)SY11"
            },
            {
              "status": "affected",
              "version": "15.5(1)SY12"
            },
            {
              "status": "affected",
              "version": "15.5(1)SY13"
            },
            {
              "status": "affected",
              "version": "15.5(1)SY14"
            },
            {
              "status": "affected",
              "version": "15.5(1)SY15"
            },
            {
              "status": "affected",
              "version": "15.7(3)M"
            },
            {
              "status": "affected",
              "version": "15.7(3)M1"
            },
            {
              "status": "affected",
              "version": "15.7(3)M0a"
            },
            {
              "status": "affected",
              "version": "15.7(3)M3"
            },
            {
              "status": "affected",
              "version": "15.7(3)M2"
            },
            {
              "status": "affected",
              "version": "15.7(3)M4"
            },
            {
              "status": "affected",
              "version": "15.7(3)M5"
            },
            {
              "status": "affected",
              "version": "15.7(3)M4a"
            },
            {
              "status": "affected",
              "version": "15.7(3)M4b"
            },
            {
              "status": "affected",
              "version": "15.7(3)M6"
            },
            {
              "status": "affected",
              "version": "15.7(3)M7"
            },
            {
              "status": "affected",
              "version": "15.7(3)M8"
            },
            {
              "status": "affected",
              "version": "15.7(3)M9"
            },
            {
              "status": "affected",
              "version": "15.8(3)M"
            },
            {
              "status": "affected",
              "version": "15.8(3)M1"
            },
            {
              "status": "affected",
              "version": "15.8(3)M0a"
            },
            {
              "status": "affected",
              "version": "15.8(3)M0b"
            },
            {
              "status": "affected",
              "version": "15.8(3)M2"
            },
            {
              "status": "affected",
              "version": "15.8(3)M1a"
            },
            {
              "status": "affected",
              "version": "15.8(3)M3"
            },
            {
              "status": "affected",
              "version": "15.8(3)M2a"
            },
            {
              "status": "affected",
              "version": "15.8(3)M4"
            },
            {
              "status": "affected",
              "version": "15.8(3)M3a"
            },
            {
              "status": "affected",
              "version": "15.8(3)M3b"
            },
            {
              "status": "affected",
              "version": "15.8(3)M5"
            },
            {
              "status": "affected",
              "version": "15.8(3)M6"
            },
            {
              "status": "affected",
              "version": "15.8(3)M7"
            },
            {
              "status": "affected",
              "version": "15.8(3)M8"
            },
            {
              "status": "affected",
              "version": "15.8(3)M9"
            },
            {
              "status": "affected",
              "version": "15.9(3)M"
            },
            {
              "status": "affected",
              "version": "15.9(3)M1"
            },
            {
              "status": "affected",
              "version": "15.9(3)M0a"
            },
            {
              "status": "affected",
              "version": "15.9(3)M2"
            },
            {
              "status": "affected",
              "version": "15.9(3)M3"
            },
            {
              "status": "affected",
              "version": "15.9(3)M2a"
            },
            {
              "status": "affected",
              "version": "15.9(3)M3a"
            },
            {
              "status": "affected",
              "version": "15.9(3)M4"
            },
            {
              "status": "affected",
              "version": "15.9(3)M3b"
            },
            {
              "status": "affected",
              "version": "15.9(3)M5"
            },
            {
              "status": "affected",
              "version": "15.9(3)M4a"
            },
            {
              "status": "affected",
              "version": "15.9(3)M6"
            },
            {
              "status": "affected",
              "version": "15.9(3)M7"
            },
            {
              "status": "affected",
              "version": "15.9(3)M6a"
            },
            {
              "status": "affected",
              "version": "15.9(3)M6b"
            },
            {
              "status": "affected",
              "version": "15.9(3)M8"
            },
            {
              "status": "affected",
              "version": "15.9(3)M7a"
            },
            {
              "status": "affected",
              "version": "15.9(3)M9"
            },
            {
              "status": "affected",
              "version": "15.9(3)M8b"
            },
            {
              "status": "affected",
              "version": "15.9(3)M10"
            },
            {
              "status": "affected",
              "version": "15.9(3)M11"
            }
          ]
        },
        {
          "product": "Cisco IOS XR Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "6.5.1"
            },
            {
              "status": "affected",
              "version": "6.5.2"
            },
            {
              "status": "affected",
              "version": "6.5.3"
            },
            {
              "status": "affected",
              "version": "6.6.2"
            },
            {
              "status": "affected",
              "version": "6.6.3"
            },
            {
              "status": "affected",
              "version": "6.6.25"
            },
            {
              "status": "affected",
              "version": "6.7.1"
            },
            {
              "status": "affected",
              "version": "6.7.2"
            },
            {
              "status": "affected",
              "version": "6.7.3"
            },
            {
              "status": "affected",
              "version": "6.8.1"
            },
            {
              "status": "affected",
              "version": "6.8.2"
            },
            {
              "status": "affected",
              "version": "6.9.1"
            },
            {
              "status": "affected",
              "version": "6.9.2"
            }
          ]
        },
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "9.8.1"
            },
            {
              "status": "affected",
              "version": "9.8.1.5"
            },
            {
              "status": "affected",
              "version": "9.8.1.7"
            },
            {
              "status": "affected",
              "version": "9.8.2"
            },
            {
              "status": "affected",
              "version": "9.8.2.8"
            },
            {
              "status": "affected",
              "version": "9.8.2.14"
            },
            {
              "status": "affected",
              "version": "9.8.2.15"
            },
            {
              "status": "affected",
              "version": "9.8.2.17"
            },
            {
              "status": "affected",
              "version": "9.8.2.20"
            },
            {
              "status": "affected",
              "version": "9.8.2.24"
            },
            {
              "status": "affected",
              "version": "9.8.2.26"
            },
            {
              "status": "affected",
              "version": "9.8.2.28"
            },
            {
              "status": "affected",
              "version": "9.8.2.33"
            },
            {
              "status": "affected",
              "version": "9.8.2.35"
            },
            {
              "status": "affected",
              "version": "9.8.2.38"
            },
            {
              "status": "affected",
              "version": "9.8.3.8"
            },
            {
              "status": "affected",
              "version": "9.8.3.11"
            },
            {
              "status": "affected",
              "version": "9.8.3.14"
            },
            {
              "status": "affected",
              "version": "9.8.3.16"
            },
            {
              "status": "affected",
              "version": "9.8.3.18"
            },
            {
              "status": "affected",
              "version": "9.8.3.21"
            },
            {
              "status": "affected",
              "version": "9.8.3"
            },
            {
              "status": "affected",
              "version": "9.8.3.26"
            },
            {
              "status": "affected",
              "version": "9.8.3.29"
            },
            {
              "status": "affected",
              "version": "9.8.4"
            },
            {
              "status": "affected",
              "version": "9.8.4.3"
            },
            {
              "status": "affected",
              "version": "9.8.4.7"
            },
            {
              "status": "affected",
              "version": "9.8.4.8"
            },
            {
              "status": "affected",
              "version": "9.8.4.10"
            },
            {
              "status": "affected",
              "version": "9.8.4.12"
            },
            {
              "status": "affected",
              "version": "9.8.4.15"
            },
            {
              "status": "affected",
              "version": "9.8.4.17"
            },
            {
              "status": "affected",
              "version": "9.8.2.45"
            },
            {
              "status": "affected",
              "version": "9.8.4.25"
            },
            {
              "status": "affected",
              "version": "9.8.4.20"
            },
            {
              "status": "affected",
              "version": "9.8.4.22"
            },
            {
              "status": "affected",
              "version": "9.8.4.26"
            },
            {
              "status": "affected",
              "version": "9.8.4.29"
            },
            {
              "status": "affected",
              "version": "9.8.4.32"
            },
            {
              "status": "affected",
              "version": "9.8.4.33"
            },
            {
              "status": "affected",
              "version": "9.8.4.34"
            },
            {
              "status": "affected",
              "version": "9.8.4.35"
            },
            {
              "status": "affected",
              "version": "9.8.4.39"
            },
            {
              "status": "affected",
              "version": "9.8.4.40"
            },
            {
              "status": "affected",
              "version": "9.8.4.41"
            },
            {
              "status": "affected",
              "version": "9.8.4.43"
            },
            {
              "status": "affected",
              "version": "9.8.4.44"
            },
            {
              "status": "affected",
              "version": "9.8.4.45"
            },
            {
              "status": "affected",
              "version": "9.8.4.46"
            },
            {
              "status": "affected",
              "version": "9.8.4.48"
            },
            {
              "status": "affected",
              "version": "9.12.1"
            },
            {
              "status": "affected",
              "version": "9.12.1.2"
            },
            {
              "status": "affected",
              "version": "9.12.1.3"
            },
            {
              "status": "affected",
              "version": "9.12.2"
            },
            {
              "status": "affected",
              "version": "9.12.2.4"
            },
            {
              "status": "affected",
              "version": "9.12.2.5"
            },
            {
              "status": "affected",
              "version": "9.12.2.9"
            },
            {
              "status": "affected",
              "version": "9.12.3"
            },
            {
              "status": "affected",
              "version": "9.12.3.2"
            },
            {
              "status": "affected",
              "version": "9.12.3.7"
            },
            {
              "status": "affected",
              "version": "9.12.4"
            },
            {
              "status": "affected",
              "version": "9.12.3.12"
            },
            {
              "status": "affected",
              "version": "9.12.3.9"
            },
            {
              "status": "affected",
              "version": "9.12.2.1"
            },
            {
              "status": "affected",
              "version": "9.12.4.2"
            },
            {
              "status": "affected",
              "version": "9.12.4.4"
            },
            {
              "status": "affected",
              "version": "9.12.4.7"
            },
            {
              "status": "affected",
              "version": "9.12.4.10"
            },
            {
              "status": "affected",
              "version": "9.12.4.13"
            },
            {
              "status": "affected",
              "version": "9.12.4.8"
            },
            {
              "status": "affected",
              "version": "9.12.4.18"
            },
            {
              "status": "affected",
              "version": "9.12.4.24"
            },
            {
              "status": "affected",
              "version": "9.12.4.26"
            },
            {
              "status": "affected",
              "version": "9.12.4.29"
            },
            {
              "status": "affected",
              "version": "9.12.4.30"
            },
            {
              "status": "affected",
              "version": "9.12.4.35"
            },
            {
              "status": "affected",
              "version": "9.12.4.37"
            },
            {
              "status": "affected",
              "version": "9.12.4.38"
            },
            {
              "status": "affected",
              "version": "9.12.4.39"
            },
            {
              "status": "affected",
              "version": "9.12.4.40"
            },
            {
              "status": "affected",
              "version": "9.12.4.41"
            },
            {
              "status": "affected",
              "version": "9.12.4.47"
            },
            {
              "status": "affected",
              "version": "9.12.4.48"
            },
            {
              "status": "affected",
              "version": "9.12.4.50"
            },
            {
              "status": "affected",
              "version": "9.12.4.52"
            },
            {
              "status": "affected",
              "version": "9.12.4.54"
            },
            {
              "status": "affected",
              "version": "9.12.4.55"
            },
            {
              "status": "affected",
              "version": "9.12.4.56"
            },
            {
              "status": "affected",
              "version": "9.12.4.58"
            },
            {
              "status": "affected",
              "version": "9.12.4.62"
            },
            {
              "status": "affected",
              "version": "9.12.4.65"
            },
            {
              "status": "affected",
              "version": "9.12.4.67"
            },
            {
              "status": "affected",
              "version": "9.14.1"
            },
            {
              "status": "affected",
              "version": "9.14.1.10"
            },
            {
              "status": "affected",
              "version": "9.14.1.6"
            },
            {
              "status": "affected",
              "version": "9.14.1.15"
            },
            {
              "status": "affected",
              "version": "9.14.1.19"
            },
            {
              "status": "affected",
              "version": "9.14.1.30"
            },
            {
              "status": "affected",
              "version": "9.14.2"
            },
            {
              "status": "affected",
              "version": "9.14.2.4"
            },
            {
              "status": "affected",
              "version": "9.14.2.8"
            },
            {
              "status": "affected",
              "version": "9.14.2.13"
            },
            {
              "status": "affected",
              "version": "9.14.2.15"
            },
            {
              "status": "affected",
              "version": "9.14.3"
            },
            {
              "status": "affected",
              "version": "9.14.3.1"
            },
            {
              "status": "affected",
              "version": "9.14.3.9"
            },
            {
              "status": "affected",
              "version": "9.14.3.11"
            },
            {
              "status": "affected",
              "version": "9.14.3.13"
            },
            {
              "status": "affected",
              "version": "9.14.3.18"
            },
            {
              "status": "affected",
              "version": "9.14.3.15"
            },
            {
              "status": "affected",
              "version": "9.14.4"
            },
            {
              "status": "affected",
              "version": "9.14.4.6"
            },
            {
              "status": "affected",
              "version": "9.14.4.7"
            },
            {
              "status": "affected",
              "version": "9.14.4.12"
            },
            {
              "status": "affected",
              "version": "9.14.4.13"
            },
            {
              "status": "affected",
              "version": "9.14.4.14"
            },
            {
              "status": "affected",
              "version": "9.14.4.15"
            },
            {
              "status": "affected",
              "version": "9.14.4.17"
            },
            {
              "status": "affected",
              "version": "9.14.4.22"
            },
            {
              "status": "affected",
              "version": "9.14.4.23"
            },
            {
              "status": "affected",
              "version": "9.14.4.24"
            },
            {
              "status": "affected",
              "version": "9.16.1"
            },
            {
              "status": "affected",
              "version": "9.16.1.28"
            },
            {
              "status": "affected",
              "version": "9.16.2"
            },
            {
              "status": "affected",
              "version": "9.16.2.3"
            },
            {
              "status": "affected",
              "version": "9.16.2.7"
            },
            {
              "status": "affected",
              "version": "9.16.2.11"
            },
            {
              "status": "affected",
              "version": "9.16.2.13"
            },
            {
              "status": "affected",
              "version": "9.16.2.14"
            },
            {
              "status": "affected",
              "version": "9.16.3"
            },
            {
              "status": "affected",
              "version": "9.16.3.3"
            },
            {
              "status": "affected",
              "version": "9.16.3.14"
            },
            {
              "status": "affected",
              "version": "9.16.3.15"
            },
            {
              "status": "affected",
              "version": "9.16.3.19"
            },
            {
              "status": "affected",
              "version": "9.16.3.23"
            },
            {
              "status": "affected",
              "version": "9.16.4"
            },
            {
              "status": "affected",
              "version": "9.16.4.9"
            },
            {
              "status": "affected",
              "version": "9.16.4.14"
            },
            {
              "status": "affected",
              "version": "9.16.4.18"
            },
            {
              "status": "affected",
              "version": "9.16.4.19"
            },
            {
              "status": "affected",
              "version": "9.16.4.27"
            },
            {
              "status": "affected",
              "version": "9.16.4.38"
            },
            {
              "status": "affected",
              "version": "9.16.4.39"
            },
            {
              "status": "affected",
              "version": "9.16.4.42"
            },
            {
              "status": "affected",
              "version": "9.16.4.48"
            },
            {
              "status": "affected",
              "version": "9.16.4.55"
            },
            {
              "status": "affected",
              "version": "9.16.4.57"
            },
            {
              "status": "affected",
              "version": "9.16.4.61"
            },
            {
              "status": "affected",
              "version": "9.16.4.62"
            },
            {
              "status": "affected",
              "version": "9.16.4.67"
            },
            {
              "status": "affected",
              "version": "9.16.4.70"
            },
            {
              "status": "affected",
              "version": "9.16.4.71"
            },
            {
              "status": "affected",
              "version": "9.16.4.76"
            },
            {
              "status": "affected",
              "version": "9.16.4.82"
            },
            {
              "status": "affected",
              "version": "9.17.1"
            },
            {
              "status": "affected",
              "version": "9.17.1.7"
            },
            {
              "status": "affected",
              "version": "9.17.1.9"
            },
            {
              "status": "affected",
              "version": "9.17.1.10"
            },
            {
              "status": "affected",
              "version": "9.17.1.11"
            },
            {
              "status": "affected",
              "version": "9.17.1.13"
            },
            {
              "status": "affected",
              "version": "9.17.1.15"
            },
            {
              "status": "affected",
              "version": "9.17.1.20"
            },
            {
              "status": "affected",
              "version": "9.17.1.30"
            },
            {
              "status": "affected",
              "version": "9.17.1.33"
            },
            {
              "status": "affected",
              "version": "9.17.1.39"
            },
            {
              "status": "affected",
              "version": "9.17.1.45"
            },
            {
              "status": "affected",
              "version": "9.17.1.46"
            },
            {
              "status": "affected",
              "version": "9.18.1"
            },
            {
              "status": "affected",
              "version": "9.18.1.3"
            },
            {
              "status": "affected",
              "version": "9.18.2"
            },
            {
              "status": "affected",
              "version": "9.18.2.5"
            },
            {
              "status": "affected",
              "version": "9.18.2.7"
            },
            {
              "status": "affected",
              "version": "9.18.2.8"
            },
            {
              "status": "affected",
              "version": "9.18.3"
            },
            {
              "status": "affected",
              "version": "9.18.3.39"
            },
            {
              "status": "affected",
              "version": "9.18.3.46"
            },
            {
              "status": "affected",
              "version": "9.18.3.53"
            },
            {
              "status": "affected",
              "version": "9.18.3.55"
            },
            {
              "status": "affected",
              "version": "9.18.3.56"
            },
            {
              "status": "affected",
              "version": "9.18.4"
            },
            {
              "status": "affected",
              "version": "9.18.4.5"
            },
            {
              "status": "affected",
              "version": "9.18.4.8"
            },
            {
              "status": "affected",
              "version": "9.18.4.22"
            },
            {
              "status": "affected",
              "version": "9.18.4.24"
            },
            {
              "status": "affected",
              "version": "9.18.4.29"
            },
            {
              "status": "affected",
              "version": "9.18.4.34"
            },
            {
              "status": "affected",
              "version": "9.18.4.40"
            },
            {
              "status": "affected",
              "version": "9.18.4.47"
            },
            {
              "status": "affected",
              "version": "9.18.4.50"
            },
            {
              "status": "affected",
              "version": "9.18.4.52"
            },
            {
              "status": "affected",
              "version": "9.18.4.53"
            },
            {
              "status": "affected",
              "version": "9.19.1"
            },
            {
              "status": "affected",
              "version": "9.19.1.5"
            },
            {
              "status": "affected",
              "version": "9.19.1.9"
            },
            {
              "status": "affected",
              "version": "9.19.1.12"
            },
            {
              "status": "affected",
              "version": "9.19.1.18"
            },
            {
              "status": "affected",
              "version": "9.19.1.22"
            },
            {
              "status": "affected",
              "version": "9.19.1.24"
            },
            {
              "status": "affected",
              "version": "9.19.1.27"
            },
            {
              "status": "affected",
              "version": "9.19.1.28"
            },
            {
              "status": "affected",
              "version": "9.19.1.31"
            },
            {
              "status": "affected",
              "version": "9.19.1.37"
            },
            {
              "status": "affected",
              "version": "9.19.1.38"
            },
            {
              "status": "affected",
              "version": "9.20.1"
            },
            {
              "status": "affected",
              "version": "9.20.1.5"
            },
            {
              "status": "affected",
              "version": "9.20.2"
            },
            {
              "status": "affected",
              "version": "9.20.2.10"
            },
            {
              "status": "affected",
              "version": "9.20.2.21"
            },
            {
              "status": "affected",
              "version": "9.20.2.22"
            },
            {
              "status": "affected",
              "version": "9.20.3"
            },
            {
              "status": "affected",
              "version": "9.20.3.4"
            },
            {
              "status": "affected",
              "version": "9.20.3.7"
            },
            {
              "status": "affected",
              "version": "9.20.3.9"
            },
            {
              "status": "affected",
              "version": "9.20.3.10"
            },
            {
              "status": "affected",
              "version": "9.20.3.13"
            },
            {
              "status": "affected",
              "version": "9.22.1.1"
            },
            {
              "status": "affected",
              "version": "9.22.1.3"
            },
            {
              "status": "affected",
              "version": "9.22.1.2"
            },
            {
              "status": "affected",
              "version": "9.22.1.6"
            },
            {
              "status": "affected",
              "version": "9.23.1"
            }
          ]
        },
        {
          "product": "Cisco IOS XE Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "3.2.0SG"
            },
            {
              "status": "affected",
              "version": "3.2.1SG"
            },
            {
              "status": "affected",
              "version": "3.2.2SG"
            },
            {
              "status": "affected",
              "version": "3.2.3SG"
            },
            {
              "status": "affected",
              "version": "3.2.4SG"
            },
            {
              "status": "affected",
              "version": "3.2.5SG"
            },
            {
              "status": "affected",
              "version": "3.2.6SG"
            },
            {
              "status": "affected",
              "version": "3.2.7SG"
            },
            {
              "status": "affected",
              "version": "3.2.8SG"
            },
            {
              "status": "affected",
              "version": "3.2.9SG"
            },
            {
              "status": "affected",
              "version": "3.2.10SG"
            },
            {
              "status": "affected",
              "version": "3.2.11SG"
            },
            {
              "status": "affected",
              "version": "3.7.0S"
            },
            {
              "status": "affected",
              "version": "3.7.1S"
            },
            {
              "status": "affected",
              "version": "3.7.2S"
            },
            {
              "status": "affected",
              "version": "3.7.3S"
            },
            {
              "status": "affected",
              "version": "3.7.4S"
            },
            {
              "status": "affected",
              "version": "3.7.5S"
            },
            {
              "status": "affected",
              "version": "3.7.6S"
            },
            {
              "status": "affected",
              "version": "3.7.7S"
            },
            {
              "status": "affected",
              "version": "3.7.4aS"
            },
            {
              "status": "affected",
              "version": "3.7.2tS"
            },
            {
              "status": "affected",
              "version": "3.7.0bS"
            },
            {
              "status": "affected",
              "version": "3.7.1aS"
            },
            {
              "status": "affected",
              "version": "3.3.0SG"
            },
            {
              "status": "affected",
              "version": "3.3.2SG"
            },
            {
              "status": "affected",
              "version": "3.3.1SG"
            },
            {
              "status": "affected",
              "version": "3.8.0S"
            },
            {
              "status": "affected",
              "version": "3.8.1S"
            },
            {
              "status": "affected",
              "version": "3.8.2S"
            },
            {
              "status": "affected",
              "version": "3.9.1S"
            },
            {
              "status": "affected",
              "version": "3.9.0S"
            },
            {
              "status": "affected",
              "version": "3.9.2S"
            },
            {
              "status": "affected",
              "version": "3.9.1aS"
            },
            {
              "status": "affected",
              "version": "3.9.0aS"
            },
            {
              "status": "affected",
              "version": "3.2.0SE"
            },
            {
              "status": "affected",
              "version": "3.2.1SE"
            },
            {
              "status": "affected",
              "version": "3.2.2SE"
            },
            {
              "status": "affected",
              "version": "3.2.3SE"
            },
            {
              "status": "affected",
              "version": "3.3.0SE"
            },
            {
              "status": "affected",
              "version": "3.3.1SE"
            },
            {
              "status": "affected",
              "version": "3.3.2SE"
            },
            {
              "status": "affected",
              "version": "3.3.3SE"
            },
            {
              "status": "affected",
              "version": "3.3.4SE"
            },
            {
              "status": "affected",
              "version": "3.3.5SE"
            },
            {
              "status": "affected",
              "version": "3.4.0SG"
            },
            {
              "status": "affected",
              "version": "3.4.2SG"
            },
            {
              "status": "affected",
              "version": "3.4.1SG"
            },
            {
              "status": "affected",
              "version": "3.4.3SG"
            },
            {
              "status": "affected",
              "version": "3.4.4SG"
            },
            {
              "status": "affected",
              "version": "3.4.5SG"
            },
            {
              "status": "affected",
              "version": "3.4.6SG"
            },
            {
              "status": "affected",
              "version": "3.4.7SG"
            },
            {
              "status": "affected",
              "version": "3.4.8SG"
            },
            {
              "status": "affected",
              "version": "3.5.0E"
            },
            {
              "status": "affected",
              "version": "3.5.1E"
            },
            {
              "status": "affected",
              "version": "3.5.2E"
            },
            {
              "status": "affected",
              "version": "3.5.3E"
            },
            {
              "status": "affected",
              "version": "3.11.1S"
            },
            {
              "status": "affected",
              "version": "3.11.2S"
            },
            {
              "status": "affected",
              "version": "3.11.0S"
            },
            {
              "status": "affected",
              "version": "3.11.3S"
            },
            {
              "status": "affected",
              "version": "3.11.4S"
            },
            {
              "status": "affected",
              "version": "3.12.0S"
            },
            {
              "status": "affected",
              "version": "3.12.1S"
            },
            {
              "status": "affected",
              "version": "3.12.2S"
            },
            {
              "status": "affected",
              "version": "3.12.3S"
            },
            {
              "status": "affected",
              "version": "3.12.0aS"
            },
            {
              "status": "affected",
              "version": "3.12.4S"
            },
            {
              "status": "affected",
              "version": "3.13.0S"
            },
            {
              "status": "affected",
              "version": "3.13.1S"
            },
            {
              "status": "affected",
              "version": "3.13.2S"
            },
            {
              "status": "affected",
              "version": "3.13.3S"
            },
            {
              "status": "affected",
              "version": "3.13.4S"
            },
            {
              "status": "affected",
              "version": "3.13.5S"
            },
            {
              "status": "affected",
              "version": "3.13.2aS"
            },
            {
              "status": "affected",
              "version": "3.13.0aS"
            },
            {
              "status": "affected",
              "version": "3.13.5aS"
            },
            {
              "status": "affected",
              "version": "3.13.6S"
            },
            {
              "status": "affected",
              "version": "3.13.7S"
            },
            {
              "status": "affected",
              "version": "3.13.6aS"
            },
            {
              "status": "affected",
              "version": "3.13.7aS"
            },
            {
              "status": "affected",
              "version": "3.13.8S"
            },
            {
              "status": "affected",
              "version": "3.13.9S"
            },
            {
              "status": "affected",
              "version": "3.13.10S"
            },
            {
              "status": "affected",
              "version": "3.6.0E"
            },
            {
              "status": "affected",
              "version": "3.6.1E"
            },
            {
              "status": "affected",
              "version": "3.6.2aE"
            },
            {
              "status": "affected",
              "version": "3.6.2E"
            },
            {
              "status": "affected",
              "version": "3.6.3E"
            },
            {
              "status": "affected",
              "version": "3.6.4E"
            },
            {
              "status": "affected",
              "version": "3.6.5E"
            },
            {
              "status": "affected",
              "version": "3.6.6E"
            },
            {
              "status": "affected",
              "version": "3.6.5aE"
            },
            {
              "status": "affected",
              "version": "3.6.5bE"
            },
            {
              "status": "affected",
              "version": "3.6.7E"
            },
            {
              "status": "affected",
              "version": "3.6.8E"
            },
            {
              "status": "affected",
              "version": "3.6.7bE"
            },
            {
              "status": "affected",
              "version": "3.6.9E"
            },
            {
              "status": "affected",
              "version": "3.6.10E"
            },
            {
              "status": "affected",
              "version": "3.14.0S"
            },
            {
              "status": "affected",
              "version": "3.14.1S"
            },
            {
              "status": "affected",
              "version": "3.14.2S"
            },
            {
              "status": "affected",
              "version": "3.14.3S"
            },
            {
              "status": "affected",
              "version": "3.14.4S"
            },
            {
              "status": "affected",
              "version": "3.15.0S"
            },
            {
              "status": "affected",
              "version": "3.15.1S"
            },
            {
              "status": "affected",
              "version": "3.15.2S"
            },
            {
              "status": "affected",
              "version": "3.15.1cS"
            },
            {
              "status": "affected",
              "version": "3.15.3S"
            },
            {
              "status": "affected",
              "version": "3.15.4S"
            },
            {
              "status": "affected",
              "version": "3.3.0SQ"
            },
            {
              "status": "affected",
              "version": "3.3.1SQ"
            },
            {
              "status": "affected",
              "version": "3.4.0SQ"
            },
            {
              "status": "affected",
              "version": "3.4.1SQ"
            },
            {
              "status": "affected",
              "version": "3.7.0E"
            },
            {
              "status": "affected",
              "version": "3.7.1E"
            },
            {
              "status": "affected",
              "version": "3.7.2E"
            },
            {
              "status": "affected",
              "version": "3.7.3E"
            },
            {
              "status": "affected",
              "version": "3.7.4E"
            },
            {
              "status": "affected",
              "version": "3.7.5E"
            },
            {
              "status": "affected",
              "version": "3.5.0SQ"
            },
            {
              "status": "affected",
              "version": "3.5.1SQ"
            },
            {
              "status": "affected",
              "version": "3.5.2SQ"
            },
            {
              "status": "affected",
              "version": "3.5.3SQ"
            },
            {
              "status": "affected",
              "version": "3.5.4SQ"
            },
            {
              "status": "affected",
              "version": "3.5.5SQ"
            },
            {
              "status": "affected",
              "version": "3.5.6SQ"
            },
            {
              "status": "affected",
              "version": "3.5.7SQ"
            },
            {
              "status": "affected",
              "version": "3.5.8SQ"
            },
            {
              "status": "affected",
              "version": "3.16.0S"
            },
            {
              "status": "affected",
              "version": "3.16.1S"
            },
            {
              "status": "affected",
              "version": "3.16.1aS"
            },
            {
              "status": "affected",
              "version": "3.16.2S"
            },
            {
              "status": "affected",
              "version": "3.16.2aS"
            },
            {
              "status": "affected",
              "version": "3.16.0cS"
            },
            {
              "status": "affected",
              "version": "3.16.3S"
            },
            {
              "status": "affected",
              "version": "3.16.2bS"
            },
            {
              "status": "affected",
              "version": "3.16.3aS"
            },
            {
              "status": "affected",
              "version": "3.16.4S"
            },
            {
              "status": "affected",
              "version": "3.16.4aS"
            },
            {
              "status": "affected",
              "version": "3.16.4bS"
            },
            {
              "status": "affected",
              "version": "3.16.5S"
            },
            {
              "status": "affected",
              "version": "3.16.4dS"
            },
            {
              "status": "affected",
              "version": "3.16.6S"
            },
            {
              "status": "affected",
              "version": "3.16.7S"
            },
            {
              "status": "affected",
              "version": "3.16.6bS"
            },
            {
              "status": "affected",
              "version": "3.16.7aS"
            },
            {
              "status": "affected",
              "version": "3.16.7bS"
            },
            {
              "status": "affected",
              "version": "3.16.8S"
            },
            {
              "status": "affected",
              "version": "3.16.9S"
            },
            {
              "status": "affected",
              "version": "3.16.10S"
            },
            {
              "status": "affected",
              "version": "3.17.0S"
            },
            {
              "status": "affected",
              "version": "3.17.1S"
            },
            {
              "status": "affected",
              "version": "3.17.2S"
            },
            {
              "status": "affected",
              "version": "3.17.1aS"
            },
            {
              "status": "affected",
              "version": "3.17.3S"
            },
            {
              "status": "affected",
              "version": "3.17.4S"
            },
            {
              "status": "affected",
              "version": "16.1.1"
            },
            {
              "status": "affected",
              "version": "16.1.2"
            },
            {
              "status": "affected",
              "version": "16.1.3"
            },
            {
              "status": "affected",
              "version": "16.2.1"
            },
            {
              "status": "affected",
              "version": "16.2.2"
            },
            {
              "status": "affected",
              "version": "3.8.0E"
            },
            {
              "status": "affected",
              "version": "3.8.1E"
            },
            {
              "status": "affected",
              "version": "3.8.2E"
            },
            {
              "status": "affected",
              "version": "3.8.3E"
            },
            {
              "status": "affected",
              "version": "3.8.4E"
            },
            {
              "status": "affected",
              "version": "3.8.5E"
            },
            {
              "status": "affected",
              "version": "3.8.5aE"
            },
            {
              "status": "affected",
              "version": "3.8.6E"
            },
            {
              "status": "affected",
              "version": "3.8.7E"
            },
            {
              "status": "affected",
              "version": "3.8.8E"
            },
            {
              "status": "affected",
              "version": "3.8.9E"
            },
            {
              "status": "affected",
              "version": "3.8.10E"
            },
            {
              "status": "affected",
              "version": "16.3.1"
            },
            {
              "status": "affected",
              "version": "16.3.2"
            },
            {
              "status": "affected",
              "version": "16.3.3"
            },
            {
              "status": "affected",
              "version": "16.3.1a"
            },
            {
              "status": "affected",
              "version": "16.3.4"
            },
            {
              "status": "affected",
              "version": "16.3.5"
            },
            {
              "status": "affected",
              "version": "16.3.5b"
            },
            {
              "status": "affected",
              "version": "16.3.6"
            },
            {
              "status": "affected",
              "version": "16.3.7"
            },
            {
              "status": "affected",
              "version": "16.3.8"
            },
            {
              "status": "affected",
              "version": "16.3.9"
            },
            {
              "status": "affected",
              "version": "16.3.10"
            },
            {
              "status": "affected",
              "version": "16.3.11"
            },
            {
              "status": "affected",
              "version": "16.4.1"
            },
            {
              "status": "affected",
              "version": "16.4.2"
            },
            {
              "status": "affected",
              "version": "16.4.3"
            },
            {
              "status": "affected",
              "version": "16.5.1"
            },
            {
              "status": "affected",
              "version": "16.5.1a"
            },
            {
              "status": "affected",
              "version": "16.5.1b"
            },
            {
              "status": "affected",
              "version": "16.5.2"
            },
            {
              "status": "affected",
              "version": "16.5.3"
            },
            {
              "status": "affected",
              "version": "3.18.0aS"
            },
            {
              "status": "affected",
              "version": "3.18.0S"
            },
            {
              "status": "affected",
              "version": "3.18.1S"
            },
            {
              "status": "affected",
              "version": "3.18.2S"
            },
            {
              "status": "affected",
              "version": "3.18.3S"
            },
            {
              "status": "affected",
              "version": "3.18.4S"
            },
            {
              "status": "affected",
              "version": "3.18.0SP"
            },
            {
              "status": "affected",
              "version": "3.18.1SP"
            },
            {
              "status": "affected",
              "version": "3.18.1aSP"
            },
            {
              "status": "affected",
              "version": "3.18.1bSP"
            },
            {
              "status": "affected",
              "version": "3.18.1cSP"
            },
            {
              "status": "affected",
              "version": "3.18.2SP"
            },
            {
              "status": "affected",
              "version": "3.18.2aSP"
            },
            {
              "status": "affected",
              "version": "3.18.3SP"
            },
            {
              "status": "affected",
              "version": "3.18.4SP"
            },
            {
              "status": "affected",
              "version": "3.18.3aSP"
            },
            {
              "status": "affected",
              "version": "3.18.3bSP"
            },
            {
              "status": "affected",
              "version": "3.18.5SP"
            },
            {
              "status": "affected",
              "version": "3.18.6SP"
            },
            {
              "status": "affected",
              "version": "3.18.7SP"
            },
            {
              "status": "affected",
              "version": "3.18.8aSP"
            },
            {
              "status": "affected",
              "version": "3.18.9SP"
            },
            {
              "status": "affected",
              "version": "3.9.0E"
            },
            {
              "status": "affected",
              "version": "3.9.1E"
            },
            {
              "status": "affected",
              "version": "3.9.2E"
            },
            {
              "status": "affected",
              "version": "16.6.1"
            },
            {
              "status": "affected",
              "version": "16.6.2"
            },
            {
              "status": "affected",
              "version": "16.6.3"
            },
            {
              "status": "affected",
              "version": "16.6.4"
            },
            {
              "status": "affected",
              "version": "16.6.5"
            },
            {
              "status": "affected",
              "version": "16.6.4a"
            },
            {
              "status": "affected",
              "version": "16.6.5a"
            },
            {
              "status": "affected",
              "version": "16.6.6"
            },
            {
              "status": "affected",
              "version": "16.6.7"
            },
            {
              "status": "affected",
              "version": "16.6.8"
            },
            {
              "status": "affected",
              "version": "16.6.9"
            },
            {
              "status": "affected",
              "version": "16.6.10"
            },
            {
              "status": "affected",
              "version": "16.7.1"
            },
            {
              "status": "affected",
              "version": "16.7.1a"
            },
            {
              "status": "affected",
              "version": "16.7.1b"
            },
            {
              "status": "affected",
              "version": "16.7.2"
            },
            {
              "status": "affected",
              "version": "16.7.3"
            },
            {
              "status": "affected",
              "version": "16.7.4"
            },
            {
              "status": "affected",
              "version": "16.8.1"
            },
            {
              "status": "affected",
              "version": "16.8.1a"
            },
            {
              "status": "affected",
              "version": "16.8.1b"
            },
            {
              "status": "affected",
              "version": "16.8.1s"
            },
            {
              "status": "affected",
              "version": "16.8.1c"
            },
            {
              "status": "affected",
              "version": "16.8.1d"
            },
            {
              "status": "affected",
              "version": "16.8.2"
            },
            {
              "status": "affected",
              "version": "16.8.1e"
            },
            {
              "status": "affected",
              "version": "16.8.3"
            },
            {
              "status": "affected",
              "version": "16.9.1"
            },
            {
              "status": "affected",
              "version": "16.9.2"
            },
            {
              "status": "affected",
              "version": "16.9.1a"
            },
            {
              "status": "affected",
              "version": "16.9.1b"
            },
            {
              "status": "affected",
              "version": "16.9.1s"
            },
            {
              "status": "affected",
              "version": "16.9.3"
            },
            {
              "status": "affected",
              "version": "16.9.4"
            },
            {
              "status": "affected",
              "version": "16.9.3a"
            },
            {
              "status": "affected",
              "version": "16.9.5"
            },
            {
              "status": "affected",
              "version": "16.9.5f"
            },
            {
              "status": "affected",
              "version": "16.9.6"
            },
            {
              "status": "affected",
              "version": "16.9.7"
            },
            {
              "status": "affected",
              "version": "16.9.8"
            },
            {
              "status": "affected",
              "version": "16.10.1"
            },
            {
              "status": "affected",
              "version": "16.10.1a"
            },
            {
              "status": "affected",
              "version": "16.10.1b"
            },
            {
              "status": "affected",
              "version": "16.10.1s"
            },
            {
              "status": "affected",
              "version": "16.10.1c"
            },
            {
              "status": "affected",
              "version": "16.10.1e"
            },
            {
              "status": "affected",
              "version": "16.10.1d"
            },
            {
              "status": "affected",
              "version": "16.10.2"
            },
            {
              "status": "affected",
              "version": "16.10.1f"
            },
            {
              "status": "affected",
              "version": "16.10.1g"
            },
            {
              "status": "affected",
              "version": "16.10.3"
            },
            {
              "status": "affected",
              "version": "3.10.0E"
            },
            {
              "status": "affected",
              "version": "3.10.1E"
            },
            {
              "status": "affected",
              "version": "3.10.0cE"
            },
            {
              "status": "affected",
              "version": "3.10.2E"
            },
            {
              "status": "affected",
              "version": "3.10.3E"
            },
            {
              "status": "affected",
              "version": "16.11.1"
            },
            {
              "status": "affected",
              "version": "16.11.1a"
            },
            {
              "status": "affected",
              "version": "16.11.1b"
            },
            {
              "status": "affected",
              "version": "16.11.2"
            },
            {
              "status": "affected",
              "version": "16.11.1s"
            },
            {
              "status": "affected",
              "version": "16.12.1"
            },
            {
              "status": "affected",
              "version": "16.12.1s"
            },
            {
              "status": "affected",
              "version": "16.12.1a"
            },
            {
              "status": "affected",
              "version": "16.12.1c"
            },
            {
              "status": "affected",
              "version": "16.12.1w"
            },
            {
              "status": "affected",
              "version": "16.12.2"
            },
            {
              "status": "affected",
              "version": "16.12.1y"
            },
            {
              "status": "affected",
              "version": "16.12.2a"
            },
            {
              "status": "affected",
              "version": "16.12.3"
            },
            {
              "status": "affected",
              "version": "16.12.8"
            },
            {
              "status": "affected",
              "version": "16.12.2s"
            },
            {
              "status": "affected",
              "version": "16.12.1x"
            },
            {
              "status": "affected",
              "version": "16.12.1t"
            },
            {
              "status": "affected",
              "version": "16.12.4"
            },
            {
              "status": "affected",
              "version": "16.12.3s"
            },
            {
              "status": "affected",
              "version": "16.12.3a"
            },
            {
              "status": "affected",
              "version": "16.12.4a"
            },
            {
              "status": "affected",
              "version": "16.12.5"
            },
            {
              "status": "affected",
              "version": "16.12.6"
            },
            {
              "status": "affected",
              "version": "16.12.1z1"
            },
            {
              "status": "affected",
              "version": "16.12.5a"
            },
            {
              "status": "affected",
              "version": "16.12.5b"
            },
            {
              "status": "affected",
              "version": "16.12.1z2"
            },
            {
              "status": "affected",
              "version": "16.12.6a"
            },
            {
              "status": "affected",
              "version": "16.12.7"
            },
            {
              "status": "affected",
              "version": "16.12.9"
            },
            {
              "status": "affected",
              "version": "16.12.10"
            },
            {
              "status": "affected",
              "version": "16.12.10a"
            },
            {
              "status": "affected",
              "version": "16.12.11"
            },
            {
              "status": "affected",
              "version": "16.12.12"
            },
            {
              "status": "affected",
              "version": "16.12.13"
            },
            {
              "status": "affected",
              "version": "3.11.0E"
            },
            {
              "status": "affected",
              "version": "3.11.1E"
            },
            {
              "status": "affected",
              "version": "3.11.2E"
            },
            {
              "status": "affected",
              "version": "3.11.3E"
            },
            {
              "status": "affected",
              "version": "3.11.1aE"
            },
            {
              "status": "affected",
              "version": "3.11.4E"
            },
            {
              "status": "affected",
              "version": "3.11.3aE"
            },
            {
              "status": "affected",
              "version": "3.11.5E"
            },
            {
              "status": "affected",
              "version": "3.11.6E"
            },
            {
              "status": "affected",
              "version": "3.11.7E"
            },
            {
              "status": "affected",
              "version": "3.11.8E"
            },
            {
              "status": "affected",
              "version": "3.11.9E"
            },
            {
              "status": "affected",
              "version": "3.11.10E"
            },
            {
              "status": "affected",
              "version": "3.11.11E"
            },
            {
              "status": "affected",
              "version": "3.11.12E"
            },
            {
              "status": "affected",
              "version": "17.1.1"
            },
            {
              "status": "affected",
              "version": "17.1.1a"
            },
            {
              "status": "affected",
              "version": "17.1.1s"
            },
            {
              "status": "affected",
              "version": "17.1.1t"
            },
            {
              "status": "affected",
              "version": "17.1.3"
            },
            {
              "status": "affected",
              "version": "17.2.1"
            },
            {
              "status": "affected",
              "version": "17.2.1r"
            },
            {
              "status": "affected",
              "version": "17.2.1a"
            },
            {
              "status": "affected",
              "version": "17.2.1v"
            },
            {
              "status": "affected",
              "version": "17.2.2"
            },
            {
              "status": "affected",
              "version": "17.2.3"
            },
            {
              "status": "affected",
              "version": "17.3.1"
            },
            {
              "status": "affected",
              "version": "17.3.2"
            },
            {
              "status": "affected",
              "version": "17.3.3"
            },
            {
              "status": "affected",
              "version": "17.3.1a"
            },
            {
              "status": "affected",
              "version": "17.3.1w"
            },
            {
              "status": "affected",
              "version": "17.3.2a"
            },
            {
              "status": "affected",
              "version": "17.3.1x"
            },
            {
              "status": "affected",
              "version": "17.3.1z"
            },
            {
              "status": "affected",
              "version": "17.3.4"
            },
            {
              "status": "affected",
              "version": "17.3.5"
            },
            {
              "status": "affected",
              "version": "17.3.4a"
            },
            {
              "status": "affected",
              "version": "17.3.6"
            },
            {
              "status": "affected",
              "version": "17.3.4b"
            },
            {
              "status": "affected",
              "version": "17.3.4c"
            },
            {
              "status": "affected",
              "version": "17.3.5a"
            },
            {
              "status": "affected",
              "version": "17.3.5b"
            },
            {
              "status": "affected",
              "version": "17.3.7"
            },
            {
              "status": "affected",
              "version": "17.3.8"
            },
            {
              "status": "affected",
              "version": "17.3.8a"
            },
            {
              "status": "affected",
              "version": "17.4.1"
            },
            {
              "status": "affected",
              "version": "17.4.2"
            },
            {
              "status": "affected",
              "version": "17.4.1a"
            },
            {
              "status": "affected",
              "version": "17.4.1b"
            },
            {
              "status": "affected",
              "version": "17.4.2a"
            },
            {
              "status": "affected",
              "version": "17.5.1"
            },
            {
              "status": "affected",
              "version": "17.5.1a"
            },
            {
              "status": "affected",
              "version": "17.6.1"
            },
            {
              "status": "affected",
              "version": "17.6.2"
            },
            {
              "status": "affected",
              "version": "17.6.1w"
            },
            {
              "status": "affected",
              "version": "17.6.1a"
            },
            {
              "status": "affected",
              "version": "17.6.1x"
            },
            {
              "status": "affected",
              "version": "17.6.3"
            },
            {
              "status": "affected",
              "version": "17.6.1y"
            },
            {
              "status": "affected",
              "version": "17.6.1z"
            },
            {
              "status": "affected",
              "version": "17.6.3a"
            },
            {
              "status": "affected",
              "version": "17.6.4"
            },
            {
              "status": "affected",
              "version": "17.6.1z1"
            },
            {
              "status": "affected",
              "version": "17.6.5"
            },
            {
              "status": "affected",
              "version": "17.6.6"
            },
            {
              "status": "affected",
              "version": "17.6.6a"
            },
            {
              "status": "affected",
              "version": "17.6.5a"
            },
            {
              "status": "affected",
              "version": "17.6.7"
            },
            {
              "status": "affected",
              "version": "17.6.8"
            },
            {
              "status": "affected",
              "version": "17.6.8a"
            },
            {
              "status": "affected",
              "version": "17.7.1"
            },
            {
              "status": "affected",
              "version": "17.7.1a"
            },
            {
              "status": "affected",
              "version": "17.7.1b"
            },
            {
              "status": "affected",
              "version": "17.7.2"
            },
            {
              "status": "affected",
              "version": "17.10.1"
            },
            {
              "status": "affected",
              "version": "17.10.1a"
            },
            {
              "status": "affected",
              "version": "17.10.1b"
            },
            {
              "status": "affected",
              "version": "17.8.1"
            },
            {
              "status": "affected",
              "version": "17.8.1a"
            },
            {
              "status": "affected",
              "version": "17.9.1"
            },
            {
              "status": "affected",
              "version": "17.9.1w"
            },
            {
              "status": "affected",
              "version": "17.9.2"
            },
            {
              "status": "affected",
              "version": "17.9.1a"
            },
            {
              "status": "affected",
              "version": "17.9.1x"
            },
            {
              "status": "affected",
              "version": "17.9.1y"
            },
            {
              "status": "affected",
              "version": "17.9.3"
            },
            {
              "status": "affected",
              "version": "17.9.2a"
            },
            {
              "status": "affected",
              "version": "17.9.1x1"
            },
            {
              "status": "affected",
              "version": "17.9.3a"
            },
            {
              "status": "affected",
              "version": "17.9.4"
            },
            {
              "status": "affected",
              "version": "17.9.1y1"
            },
            {
              "status": "affected",
              "version": "17.9.5"
            },
            {
              "status": "affected",
              "version": "17.9.4a"
            },
            {
              "status": "affected",
              "version": "17.9.5a"
            },
            {
              "status": "affected",
              "version": "17.9.5b"
            },
            {
              "status": "affected",
              "version": "17.9.6"
            },
            {
              "status": "affected",
              "version": "17.9.6a"
            },
            {
              "status": "affected",
              "version": "17.9.7"
            },
            {
              "status": "affected",
              "version": "17.9.5e"
            },
            {
              "status": "affected",
              "version": "17.9.5f"
            },
            {
              "status": "affected",
              "version": "17.9.7b"
            },
            {
              "status": "affected",
              "version": "17.11.1"
            },
            {
              "status": "affected",
              "version": "17.11.1a"
            },
            {
              "status": "affected",
              "version": "17.12.1"
            },
            {
              "status": "affected",
              "version": "17.12.1w"
            },
            {
              "status": "affected",
              "version": "17.12.1a"
            },
            {
              "status": "affected",
              "version": "17.12.1x"
            },
            {
              "status": "affected",
              "version": "17.12.2"
            },
            {
              "status": "affected",
              "version": "17.12.3"
            },
            {
              "status": "affected",
              "version": "17.12.2a"
            },
            {
              "status": "affected",
              "version": "17.12.1y"
            },
            {
              "status": "affected",
              "version": "17.12.1z"
            },
            {
              "status": "affected",
              "version": "17.12.4"
            },
            {
              "status": "affected",
              "version": "17.12.3a"
            },
            {
              "status": "affected",
              "version": "17.12.1z1"
            },
            {
              "status": "affected",
              "version": "17.12.1z2"
            },
            {
              "status": "affected",
              "version": "17.12.4a"
            },
            {
              "status": "affected",
              "version": "17.12.5"
            },
            {
              "status": "affected",
              "version": "17.12.4b"
            },
            {
              "status": "affected",
              "version": "17.12.1z3"
            },
            {
              "status": "affected",
              "version": "17.12.5a"
            },
            {
              "status": "affected",
              "version": "17.12.1z4"
            },
            {
              "status": "affected",
              "version": "17.12.5c"
            },
            {
              "status": "affected",
              "version": "17.13.1"
            },
            {
              "status": "affected",
              "version": "17.13.1a"
            },
            {
              "status": "affected",
              "version": "17.14.1"
            },
            {
              "status": "affected",
              "version": "17.14.1a"
            },
            {
              "status": "affected",
              "version": "17.11.99SW"
            },
            {
              "status": "affected",
              "version": "17.15.1"
            },
            {
              "status": "affected",
              "version": "17.15.1w"
            },
            {
              "status": "affected",
              "version": "17.15.1a"
            },
            {
              "status": "affected",
              "version": "17.15.2"
            },
            {
              "status": "affected",
              "version": "17.15.1b"
            },
            {
              "status": "affected",
              "version": "17.15.1x"
            },
            {
              "status": "affected",
              "version": "17.15.1z"
            },
            {
              "status": "affected",
              "version": "17.15.3"
            },
            {
              "status": "affected",
              "version": "17.15.2c"
            },
            {
              "status": "affected",
              "version": "17.15.2a"
            },
            {
              "status": "affected",
              "version": "17.15.1y"
            },
            {
              "status": "affected",
              "version": "17.15.2b"
            },
            {
              "status": "affected",
              "version": "17.16.1"
            },
            {
              "status": "affected",
              "version": "17.16.1a"
            },
            {
              "status": "affected",
              "version": "17.17.1"
            }
          ]
        },
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "6.2.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.1"
            },
            {
              "status": "affected",
              "version": "6.2.3.2"
            },
            {
              "status": "affected",
              "version": "6.2.3.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.4"
            },
            {
              "status": "affected",
              "version": "6.2.3.5"
            },
            {
              "status": "affected",
              "version": "6.2.3.6"
            },
            {
              "status": "affected",
              "version": "6.2.3.7"
            },
            {
              "status": "affected",
              "version": "6.2.3.8"
            },
            {
              "status": "affected",
              "version": "6.2.3.10"
            },
            {
              "status": "affected",
              "version": "6.2.3.11"
            },
            {
              "status": "affected",
              "version": "6.2.3.9"
            },
            {
              "status": "affected",
              "version": "6.2.3.12"
            },
            {
              "status": "affected",
              "version": "6.2.3.13"
            },
            {
              "status": "affected",
              "version": "6.2.3.14"
            },
            {
              "status": "affected",
              "version": "6.2.3.15"
            },
            {
              "status": "affected",
              "version": "6.2.3.16"
            },
            {
              "status": "affected",
              "version": "6.2.3.17"
            },
            {
              "status": "affected",
              "version": "6.2.3.18"
            },
            {
              "status": "affected",
              "version": "6.6.0"
            },
            {
              "status": "affected",
              "version": "6.6.0.1"
            },
            {
              "status": "affected",
              "version": "6.6.1"
            },
            {
              "status": "affected",
              "version": "6.6.3"
            },
            {
              "status": "affected",
              "version": "6.6.4"
            },
            {
              "status": "affected",
              "version": "6.6.5"
            },
            {
              "status": "affected",
              "version": "6.6.5.1"
            },
            {
              "status": "affected",
              "version": "6.6.5.2"
            },
            {
              "status": "affected",
              "version": "6.6.7"
            },
            {
              "status": "affected",
              "version": "6.6.7.1"
            },
            {
              "status": "affected",
              "version": "6.6.7.2"
            },
            {
              "status": "affected",
              "version": "6.4.0"
            },
            {
              "status": "affected",
              "version": "6.4.0.1"
            },
            {
              "status": "affected",
              "version": "6.4.0.3"
            },
            {
              "status": "affected",
              "version": "6.4.0.2"
            },
            {
              "status": "affected",
              "version": "6.4.0.4"
            },
            {
              "status": "affected",
              "version": "6.4.0.5"
            },
            {
              "status": "affected",
              "version": "6.4.0.6"
            },
            {
              "status": "affected",
              "version": "6.4.0.7"
            },
            {
              "status": "affected",
              "version": "6.4.0.8"
            },
            {
              "status": "affected",
              "version": "6.4.0.9"
            },
            {
              "status": "affected",
              "version": "6.4.0.10"
            },
            {
              "status": "affected",
              "version": "6.4.0.11"
            },
            {
              "status": "affected",
              "version": "6.4.0.12"
            },
            {
              "status": "affected",
              "version": "6.4.0.13"
            },
            {
              "status": "affected",
              "version": "6.4.0.14"
            },
            {
              "status": "affected",
              "version": "6.4.0.15"
            },
            {
              "status": "affected",
              "version": "6.4.0.16"
            },
            {
              "status": "affected",
              "version": "6.4.0.17"
            },
            {
              "status": "affected",
              "version": "6.4.0.18"
            },
            {
              "status": "affected",
              "version": "7.0.0"
            },
            {
              "status": "affected",
              "version": "7.0.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1.1"
            },
            {
              "status": "affected",
              "version": "7.0.2"
            },
            {
              "status": "affected",
              "version": "7.0.2.1"
            },
            {
              "status": "affected",
              "version": "7.0.3"
            },
            {
              "status": "affected",
              "version": "7.0.4"
            },
            {
              "status": "affected",
              "version": "7.0.5"
            },
            {
              "status": "affected",
              "version": "7.0.6"
            },
            {
              "status": "affected",
              "version": "7.0.6.1"
            },
            {
              "status": "affected",
              "version": "7.0.6.2"
            },
            {
              "status": "affected",
              "version": "7.0.6.3"
            },
            {
              "status": "affected",
              "version": "7.0.7"
            },
            {
              "status": "affected",
              "version": "7.1.0"
            },
            {
              "status": "affected",
              "version": "7.1.0.1"
            },
            {
              "status": "affected",
              "version": "7.1.0.2"
            },
            {
              "status": "affected",
              "version": "7.1.0.3"
            },
            {
              "status": "affected",
              "version": "7.2.0"
            },
            {
              "status": "affected",
              "version": "7.2.0.1"
            },
            {
              "status": "affected",
              "version": "7.2.1"
            },
            {
              "status": "affected",
              "version": "7.2.2"
            },
            {
              "status": "affected",
              "version": "7.2.3"
            },
            {
              "status": "affected",
              "version": "7.2.4"
            },
            {
              "status": "affected",
              "version": "7.2.4.1"
            },
            {
              "status": "affected",
              "version": "7.2.5"
            },
            {
              "status": "affected",
              "version": "7.2.5.1"
            },
            {
              "status": "affected",
              "version": "7.2.6"
            },
            {
              "status": "affected",
              "version": "7.2.7"
            },
            {
              "status": "affected",
              "version": "7.2.5.2"
            },
            {
              "status": "affected",
              "version": "7.2.8"
            },
            {
              "status": "affected",
              "version": "7.2.8.1"
            },
            {
              "status": "affected",
              "version": "7.2.9"
            },
            {
              "status": "affected",
              "version": "7.3.0"
            },
            {
              "status": "affected",
              "version": "7.3.1"
            },
            {
              "status": "affected",
              "version": "7.3.1.1"
            },
            {
              "status": "affected",
              "version": "7.3.1.2"
            },
            {
              "status": "affected",
              "version": "7.4.0"
            },
            {
              "status": "affected",
              "version": "7.4.1"
            },
            {
              "status": "affected",
              "version": "7.4.1.1"
            },
            {
              "status": "affected",
              "version": "7.4.2"
            },
            {
              "status": "affected",
              "version": "7.4.2.1"
            },
            {
              "status": "affected",
              "version": "7.4.2.2"
            },
            {
              "status": "affected",
              "version": "7.6.0"
            },
            {
              "status": "affected",
              "version": "7.7.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the web services of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software, Cisco Secure Firewall Threat Defense (FTD) Software, Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, remote attacker (Cisco ASA and FTD Software) or authenticated, remote attacker (Cisco IOS, IOS XE, and IOS XR Software) with low user privileges to execute arbitrary code on an affected device. \r\n\r This vulnerability is due to improper validation of user-supplied input in HTTP requests. An attacker could exploit this vulnerability by sending crafted HTTP requests to a targeted web service on an affected device after obtaining additional information about the system, overcoming exploit mitigations, or both. A successful exploit could allow the attacker to execute arbitrary code as root, which may lead to the complete compromise of the affected device.\r\n\r For more information about this vulnerability, see the Details [\"#details\"] section of this advisory."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-122",
              "description": "Heap-based Buffer Overflow",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-09-25T16:12:55.674Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-http-code-exec-WmfP3h3O",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http-code-exec-WmfP3h3O"
        }
      ],
      "source": {
        "advisory": "cisco-sa-http-code-exec-WmfP3h3O",
        "defects": [
          "CSCwo18850",
          "CSCwo49562",
          "CSCwo35704",
          "CSCwo35779"
        ],
        "discovery": "EXTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2025-20363",
    "datePublished": "2025-09-25T16:12:55.674Z",
    "dateReserved": "2024-10-10T19:15:13.258Z",
    "dateUpdated": "2025-09-26T03:55:14.410Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-20086 (GCVE-0-2023-20086)

Vulnerability from cvelistv5

Published

2023-11-01 16:42

Modified

2024-08-02 08:57

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-248 - Uncaught Exception

Summary

A vulnerability in ICMPv6 processing of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to improper processing of ICMPv6 messages. An attacker could exploit this vulnerability by sending crafted ICMPv6 messages to a targeted Cisco ASA or FTD system with IPv6 enabled. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

References

▼	URL	Tags
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-icmpv6-t5TzqwNd

Impacted products

Vendor

Product

Version

▼

Cisco

Cisco Adaptive Security Appliance (ASA) Software

Version: 9.8.1
Version: 9.8.1.5
Version: 9.8.1.7
Version: 9.8.2
Version: 9.8.2.8
Version: 9.8.2.14
Version: 9.8.2.15
Version: 9.8.2.17
Version: 9.8.2.20
Version: 9.8.2.24
Version: 9.8.2.26
Version: 9.8.2.28
Version: 9.8.2.33
Version: 9.8.2.35
Version: 9.8.2.38
Version: 9.8.3.8
Version: 9.8.3.11
Version: 9.8.3.14
Version: 9.8.3.16
Version: 9.8.3.18
Version: 9.8.3.21
Version: 9.8.3
Version: 9.8.3.26
Version: 9.8.3.29
Version: 9.8.4
Version: 9.8.4.3
Version: 9.8.4.7
Version: 9.8.4.8
Version: 9.8.4.10
Version: 9.8.4.12
Version: 9.8.4.15
Version: 9.8.4.17
Version: 9.8.4.25
Version: 9.8.4.20
Version: 9.8.4.22
Version: 9.8.4.26
Version: 9.8.4.29
Version: 9.8.4.32
Version: 9.8.4.33
Version: 9.8.4.34
Version: 9.8.4.35
Version: 9.8.4.39
Version: 9.8.4.40
Version: 9.8.4.41
Version: 9.8.4.43
Version: 9.8.4.44
Version: 9.8.4.45
Version: 9.8.4.46
Version: 9.8.4.48
Version: 9.12.1
Version: 9.12.1.2
Version: 9.12.1.3
Version: 9.12.2
Version: 9.12.2.4
Version: 9.12.2.5
Version: 9.12.2.9
Version: 9.12.3
Version: 9.12.3.2
Version: 9.12.3.7
Version: 9.12.4
Version: 9.12.3.12
Version: 9.12.3.9
Version: 9.12.2.1
Version: 9.12.4.2
Version: 9.12.4.4
Version: 9.12.4.7
Version: 9.12.4.10
Version: 9.12.4.13
Version: 9.12.4.8
Version: 9.12.4.18
Version: 9.12.4.24
Version: 9.12.4.26
Version: 9.12.4.29
Version: 9.12.4.30
Version: 9.12.4.35
Version: 9.12.4.37
Version: 9.12.4.38
Version: 9.12.4.39
Version: 9.12.4.40
Version: 9.12.4.41
Version: 9.12.4.47
Version: 9.12.4.48
Version: 9.12.4.50
Version: 9.12.4.52
Version: 9.12.4.54
Version: 9.12.4.55
Version: 9.14.1
Version: 9.14.1.10
Version: 9.14.1.15
Version: 9.14.1.19
Version: 9.14.1.30
Version: 9.14.2
Version: 9.14.2.4
Version: 9.14.2.8
Version: 9.14.2.13
Version: 9.14.2.15
Version: 9.14.3
Version: 9.14.3.1
Version: 9.14.3.9
Version: 9.14.3.11
Version: 9.14.3.13
Version: 9.14.3.18
Version: 9.14.3.15
Version: 9.14.4
Version: 9.14.4.6
Version: 9.14.4.7
Version: 9.14.4.12
Version: 9.14.4.13
Version: 9.14.4.14
Version: 9.14.4.15
Version: 9.14.4.17
Version: 9.14.4.22
Version: 9.15.1
Version: 9.15.1.7
Version: 9.15.1.10
Version: 9.15.1.15
Version: 9.15.1.16
Version: 9.15.1.17
Version: 9.15.1.1
Version: 9.15.1.21
Version: 9.16.1
Version: 9.16.1.28
Version: 9.16.2
Version: 9.16.2.3
Version: 9.16.2.7
Version: 9.16.2.11
Version: 9.16.2.13
Version: 9.16.2.14
Version: 9.16.3
Version: 9.16.3.3
Version: 9.16.3.14
Version: 9.16.3.15
Version: 9.16.3.19
Version: 9.16.3.23
Version: 9.16.4
Version: 9.16.4.9
Version: 9.17.1
Version: 9.17.1.7
Version: 9.17.1.9
Version: 9.17.1.10
Version: 9.17.1.11
Version: 9.17.1.13
Version: 9.17.1.15
Version: 9.17.1.20
Version: 9.18.1
Version: 9.18.1.3
Version: 9.18.2
Version: 9.18.2.5
Version: 9.18.2.7
Version: 9.18.2.8
Version: 9.19.1

Cisco

Cisco Firepower Threat Defense Software

Version: 6.2.3
Version: 6.2.3.1
Version: 6.2.3.2
Version: 6.2.3.3
Version: 6.2.3.4
Version: 6.2.3.5
Version: 6.2.3.6
Version: 6.2.3.7
Version: 6.2.3.8
Version: 6.2.3.10
Version: 6.2.3.11
Version: 6.2.3.9
Version: 6.2.3.12
Version: 6.2.3.13
Version: 6.2.3.14
Version: 6.2.3.15
Version: 6.2.3.16
Version: 6.2.3.17
Version: 6.2.3.18
Version: 6.6.0
Version: 6.6.0.1
Version: 6.6.1
Version: 6.6.3
Version: 6.6.4
Version: 6.6.5
Version: 6.6.5.1
Version: 6.6.5.2
Version: 6.6.7
Version: 6.6.7.1
Version: 6.4.0
Version: 6.4.0.1
Version: 6.4.0.3
Version: 6.4.0.2
Version: 6.4.0.4
Version: 6.4.0.5
Version: 6.4.0.6
Version: 6.4.0.7
Version: 6.4.0.8
Version: 6.4.0.9
Version: 6.4.0.10
Version: 6.4.0.11
Version: 6.4.0.12
Version: 6.4.0.13
Version: 6.4.0.14
Version: 6.4.0.15
Version: 6.4.0.16
Version: 6.7.0
Version: 6.7.0.1
Version: 6.7.0.2
Version: 6.7.0.3
Version: 7.0.0
Version: 7.0.0.1
Version: 7.0.1
Version: 7.0.1.1
Version: 7.0.2
Version: 7.0.2.1
Version: 7.0.3
Version: 7.0.4
Version: 7.0.5
Version: 7.1.0
Version: 7.1.0.1
Version: 7.1.0.2
Version: 7.1.0.3
Version: 7.2.0
Version: 7.2.0.1
Version: 7.2.1
Version: 7.2.2
Version: 7.2.3
Version: 7.3.0
Version: 7.3.1
Version: 7.3.1.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T08:57:35.691Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "cisco-sa-asa-icmpv6-t5TzqwNd",
            "tags": [
              "x_transferred"
            ],
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-icmpv6-t5TzqwNd"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "9.8.1"
            },
            {
              "status": "affected",
              "version": "9.8.1.5"
            },
            {
              "status": "affected",
              "version": "9.8.1.7"
            },
            {
              "status": "affected",
              "version": "9.8.2"
            },
            {
              "status": "affected",
              "version": "9.8.2.8"
            },
            {
              "status": "affected",
              "version": "9.8.2.14"
            },
            {
              "status": "affected",
              "version": "9.8.2.15"
            },
            {
              "status": "affected",
              "version": "9.8.2.17"
            },
            {
              "status": "affected",
              "version": "9.8.2.20"
            },
            {
              "status": "affected",
              "version": "9.8.2.24"
            },
            {
              "status": "affected",
              "version": "9.8.2.26"
            },
            {
              "status": "affected",
              "version": "9.8.2.28"
            },
            {
              "status": "affected",
              "version": "9.8.2.33"
            },
            {
              "status": "affected",
              "version": "9.8.2.35"
            },
            {
              "status": "affected",
              "version": "9.8.2.38"
            },
            {
              "status": "affected",
              "version": "9.8.3.8"
            },
            {
              "status": "affected",
              "version": "9.8.3.11"
            },
            {
              "status": "affected",
              "version": "9.8.3.14"
            },
            {
              "status": "affected",
              "version": "9.8.3.16"
            },
            {
              "status": "affected",
              "version": "9.8.3.18"
            },
            {
              "status": "affected",
              "version": "9.8.3.21"
            },
            {
              "status": "affected",
              "version": "9.8.3"
            },
            {
              "status": "affected",
              "version": "9.8.3.26"
            },
            {
              "status": "affected",
              "version": "9.8.3.29"
            },
            {
              "status": "affected",
              "version": "9.8.4"
            },
            {
              "status": "affected",
              "version": "9.8.4.3"
            },
            {
              "status": "affected",
              "version": "9.8.4.7"
            },
            {
              "status": "affected",
              "version": "9.8.4.8"
            },
            {
              "status": "affected",
              "version": "9.8.4.10"
            },
            {
              "status": "affected",
              "version": "9.8.4.12"
            },
            {
              "status": "affected",
              "version": "9.8.4.15"
            },
            {
              "status": "affected",
              "version": "9.8.4.17"
            },
            {
              "status": "affected",
              "version": "9.8.4.25"
            },
            {
              "status": "affected",
              "version": "9.8.4.20"
            },
            {
              "status": "affected",
              "version": "9.8.4.22"
            },
            {
              "status": "affected",
              "version": "9.8.4.26"
            },
            {
              "status": "affected",
              "version": "9.8.4.29"
            },
            {
              "status": "affected",
              "version": "9.8.4.32"
            },
            {
              "status": "affected",
              "version": "9.8.4.33"
            },
            {
              "status": "affected",
              "version": "9.8.4.34"
            },
            {
              "status": "affected",
              "version": "9.8.4.35"
            },
            {
              "status": "affected",
              "version": "9.8.4.39"
            },
            {
              "status": "affected",
              "version": "9.8.4.40"
            },
            {
              "status": "affected",
              "version": "9.8.4.41"
            },
            {
              "status": "affected",
              "version": "9.8.4.43"
            },
            {
              "status": "affected",
              "version": "9.8.4.44"
            },
            {
              "status": "affected",
              "version": "9.8.4.45"
            },
            {
              "status": "affected",
              "version": "9.8.4.46"
            },
            {
              "status": "affected",
              "version": "9.8.4.48"
            },
            {
              "status": "affected",
              "version": "9.12.1"
            },
            {
              "status": "affected",
              "version": "9.12.1.2"
            },
            {
              "status": "affected",
              "version": "9.12.1.3"
            },
            {
              "status": "affected",
              "version": "9.12.2"
            },
            {
              "status": "affected",
              "version": "9.12.2.4"
            },
            {
              "status": "affected",
              "version": "9.12.2.5"
            },
            {
              "status": "affected",
              "version": "9.12.2.9"
            },
            {
              "status": "affected",
              "version": "9.12.3"
            },
            {
              "status": "affected",
              "version": "9.12.3.2"
            },
            {
              "status": "affected",
              "version": "9.12.3.7"
            },
            {
              "status": "affected",
              "version": "9.12.4"
            },
            {
              "status": "affected",
              "version": "9.12.3.12"
            },
            {
              "status": "affected",
              "version": "9.12.3.9"
            },
            {
              "status": "affected",
              "version": "9.12.2.1"
            },
            {
              "status": "affected",
              "version": "9.12.4.2"
            },
            {
              "status": "affected",
              "version": "9.12.4.4"
            },
            {
              "status": "affected",
              "version": "9.12.4.7"
            },
            {
              "status": "affected",
              "version": "9.12.4.10"
            },
            {
              "status": "affected",
              "version": "9.12.4.13"
            },
            {
              "status": "affected",
              "version": "9.12.4.8"
            },
            {
              "status": "affected",
              "version": "9.12.4.18"
            },
            {
              "status": "affected",
              "version": "9.12.4.24"
            },
            {
              "status": "affected",
              "version": "9.12.4.26"
            },
            {
              "status": "affected",
              "version": "9.12.4.29"
            },
            {
              "status": "affected",
              "version": "9.12.4.30"
            },
            {
              "status": "affected",
              "version": "9.12.4.35"
            },
            {
              "status": "affected",
              "version": "9.12.4.37"
            },
            {
              "status": "affected",
              "version": "9.12.4.38"
            },
            {
              "status": "affected",
              "version": "9.12.4.39"
            },
            {
              "status": "affected",
              "version": "9.12.4.40"
            },
            {
              "status": "affected",
              "version": "9.12.4.41"
            },
            {
              "status": "affected",
              "version": "9.12.4.47"
            },
            {
              "status": "affected",
              "version": "9.12.4.48"
            },
            {
              "status": "affected",
              "version": "9.12.4.50"
            },
            {
              "status": "affected",
              "version": "9.12.4.52"
            },
            {
              "status": "affected",
              "version": "9.12.4.54"
            },
            {
              "status": "affected",
              "version": "9.12.4.55"
            },
            {
              "status": "affected",
              "version": "9.14.1"
            },
            {
              "status": "affected",
              "version": "9.14.1.10"
            },
            {
              "status": "affected",
              "version": "9.14.1.15"
            },
            {
              "status": "affected",
              "version": "9.14.1.19"
            },
            {
              "status": "affected",
              "version": "9.14.1.30"
            },
            {
              "status": "affected",
              "version": "9.14.2"
            },
            {
              "status": "affected",
              "version": "9.14.2.4"
            },
            {
              "status": "affected",
              "version": "9.14.2.8"
            },
            {
              "status": "affected",
              "version": "9.14.2.13"
            },
            {
              "status": "affected",
              "version": "9.14.2.15"
            },
            {
              "status": "affected",
              "version": "9.14.3"
            },
            {
              "status": "affected",
              "version": "9.14.3.1"
            },
            {
              "status": "affected",
              "version": "9.14.3.9"
            },
            {
              "status": "affected",
              "version": "9.14.3.11"
            },
            {
              "status": "affected",
              "version": "9.14.3.13"
            },
            {
              "status": "affected",
              "version": "9.14.3.18"
            },
            {
              "status": "affected",
              "version": "9.14.3.15"
            },
            {
              "status": "affected",
              "version": "9.14.4"
            },
            {
              "status": "affected",
              "version": "9.14.4.6"
            },
            {
              "status": "affected",
              "version": "9.14.4.7"
            },
            {
              "status": "affected",
              "version": "9.14.4.12"
            },
            {
              "status": "affected",
              "version": "9.14.4.13"
            },
            {
              "status": "affected",
              "version": "9.14.4.14"
            },
            {
              "status": "affected",
              "version": "9.14.4.15"
            },
            {
              "status": "affected",
              "version": "9.14.4.17"
            },
            {
              "status": "affected",
              "version": "9.14.4.22"
            },
            {
              "status": "affected",
              "version": "9.15.1"
            },
            {
              "status": "affected",
              "version": "9.15.1.7"
            },
            {
              "status": "affected",
              "version": "9.15.1.10"
            },
            {
              "status": "affected",
              "version": "9.15.1.15"
            },
            {
              "status": "affected",
              "version": "9.15.1.16"
            },
            {
              "status": "affected",
              "version": "9.15.1.17"
            },
            {
              "status": "affected",
              "version": "9.15.1.1"
            },
            {
              "status": "affected",
              "version": "9.15.1.21"
            },
            {
              "status": "affected",
              "version": "9.16.1"
            },
            {
              "status": "affected",
              "version": "9.16.1.28"
            },
            {
              "status": "affected",
              "version": "9.16.2"
            },
            {
              "status": "affected",
              "version": "9.16.2.3"
            },
            {
              "status": "affected",
              "version": "9.16.2.7"
            },
            {
              "status": "affected",
              "version": "9.16.2.11"
            },
            {
              "status": "affected",
              "version": "9.16.2.13"
            },
            {
              "status": "affected",
              "version": "9.16.2.14"
            },
            {
              "status": "affected",
              "version": "9.16.3"
            },
            {
              "status": "affected",
              "version": "9.16.3.3"
            },
            {
              "status": "affected",
              "version": "9.16.3.14"
            },
            {
              "status": "affected",
              "version": "9.16.3.15"
            },
            {
              "status": "affected",
              "version": "9.16.3.19"
            },
            {
              "status": "affected",
              "version": "9.16.3.23"
            },
            {
              "status": "affected",
              "version": "9.16.4"
            },
            {
              "status": "affected",
              "version": "9.16.4.9"
            },
            {
              "status": "affected",
              "version": "9.17.1"
            },
            {
              "status": "affected",
              "version": "9.17.1.7"
            },
            {
              "status": "affected",
              "version": "9.17.1.9"
            },
            {
              "status": "affected",
              "version": "9.17.1.10"
            },
            {
              "status": "affected",
              "version": "9.17.1.11"
            },
            {
              "status": "affected",
              "version": "9.17.1.13"
            },
            {
              "status": "affected",
              "version": "9.17.1.15"
            },
            {
              "status": "affected",
              "version": "9.17.1.20"
            },
            {
              "status": "affected",
              "version": "9.18.1"
            },
            {
              "status": "affected",
              "version": "9.18.1.3"
            },
            {
              "status": "affected",
              "version": "9.18.2"
            },
            {
              "status": "affected",
              "version": "9.18.2.5"
            },
            {
              "status": "affected",
              "version": "9.18.2.7"
            },
            {
              "status": "affected",
              "version": "9.18.2.8"
            },
            {
              "status": "affected",
              "version": "9.19.1"
            }
          ]
        },
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "6.2.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.1"
            },
            {
              "status": "affected",
              "version": "6.2.3.2"
            },
            {
              "status": "affected",
              "version": "6.2.3.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.4"
            },
            {
              "status": "affected",
              "version": "6.2.3.5"
            },
            {
              "status": "affected",
              "version": "6.2.3.6"
            },
            {
              "status": "affected",
              "version": "6.2.3.7"
            },
            {
              "status": "affected",
              "version": "6.2.3.8"
            },
            {
              "status": "affected",
              "version": "6.2.3.10"
            },
            {
              "status": "affected",
              "version": "6.2.3.11"
            },
            {
              "status": "affected",
              "version": "6.2.3.9"
            },
            {
              "status": "affected",
              "version": "6.2.3.12"
            },
            {
              "status": "affected",
              "version": "6.2.3.13"
            },
            {
              "status": "affected",
              "version": "6.2.3.14"
            },
            {
              "status": "affected",
              "version": "6.2.3.15"
            },
            {
              "status": "affected",
              "version": "6.2.3.16"
            },
            {
              "status": "affected",
              "version": "6.2.3.17"
            },
            {
              "status": "affected",
              "version": "6.2.3.18"
            },
            {
              "status": "affected",
              "version": "6.6.0"
            },
            {
              "status": "affected",
              "version": "6.6.0.1"
            },
            {
              "status": "affected",
              "version": "6.6.1"
            },
            {
              "status": "affected",
              "version": "6.6.3"
            },
            {
              "status": "affected",
              "version": "6.6.4"
            },
            {
              "status": "affected",
              "version": "6.6.5"
            },
            {
              "status": "affected",
              "version": "6.6.5.1"
            },
            {
              "status": "affected",
              "version": "6.6.5.2"
            },
            {
              "status": "affected",
              "version": "6.6.7"
            },
            {
              "status": "affected",
              "version": "6.6.7.1"
            },
            {
              "status": "affected",
              "version": "6.4.0"
            },
            {
              "status": "affected",
              "version": "6.4.0.1"
            },
            {
              "status": "affected",
              "version": "6.4.0.3"
            },
            {
              "status": "affected",
              "version": "6.4.0.2"
            },
            {
              "status": "affected",
              "version": "6.4.0.4"
            },
            {
              "status": "affected",
              "version": "6.4.0.5"
            },
            {
              "status": "affected",
              "version": "6.4.0.6"
            },
            {
              "status": "affected",
              "version": "6.4.0.7"
            },
            {
              "status": "affected",
              "version": "6.4.0.8"
            },
            {
              "status": "affected",
              "version": "6.4.0.9"
            },
            {
              "status": "affected",
              "version": "6.4.0.10"
            },
            {
              "status": "affected",
              "version": "6.4.0.11"
            },
            {
              "status": "affected",
              "version": "6.4.0.12"
            },
            {
              "status": "affected",
              "version": "6.4.0.13"
            },
            {
              "status": "affected",
              "version": "6.4.0.14"
            },
            {
              "status": "affected",
              "version": "6.4.0.15"
            },
            {
              "status": "affected",
              "version": "6.4.0.16"
            },
            {
              "status": "affected",
              "version": "6.7.0"
            },
            {
              "status": "affected",
              "version": "6.7.0.1"
            },
            {
              "status": "affected",
              "version": "6.7.0.2"
            },
            {
              "status": "affected",
              "version": "6.7.0.3"
            },
            {
              "status": "affected",
              "version": "7.0.0"
            },
            {
              "status": "affected",
              "version": "7.0.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1.1"
            },
            {
              "status": "affected",
              "version": "7.0.2"
            },
            {
              "status": "affected",
              "version": "7.0.2.1"
            },
            {
              "status": "affected",
              "version": "7.0.3"
            },
            {
              "status": "affected",
              "version": "7.0.4"
            },
            {
              "status": "affected",
              "version": "7.0.5"
            },
            {
              "status": "affected",
              "version": "7.1.0"
            },
            {
              "status": "affected",
              "version": "7.1.0.1"
            },
            {
              "status": "affected",
              "version": "7.1.0.2"
            },
            {
              "status": "affected",
              "version": "7.1.0.3"
            },
            {
              "status": "affected",
              "version": "7.2.0"
            },
            {
              "status": "affected",
              "version": "7.2.0.1"
            },
            {
              "status": "affected",
              "version": "7.2.1"
            },
            {
              "status": "affected",
              "version": "7.2.2"
            },
            {
              "status": "affected",
              "version": "7.2.3"
            },
            {
              "status": "affected",
              "version": "7.3.0"
            },
            {
              "status": "affected",
              "version": "7.3.1"
            },
            {
              "status": "affected",
              "version": "7.3.1.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in ICMPv6 processing of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to improper processing of ICMPv6 messages. An attacker could exploit this vulnerability by sending crafted ICMPv6 messages to a targeted Cisco ASA or FTD system with IPv6 enabled. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-248",
              "description": "Uncaught Exception",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-25T16:57:43.147Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-asa-icmpv6-t5TzqwNd",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-icmpv6-t5TzqwNd"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asa-icmpv6-t5TzqwNd",
        "defects": [
          "CSCwd77581"
        ],
        "discovery": "INTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2023-20086",
    "datePublished": "2023-11-01T16:42:43.902Z",
    "dateReserved": "2022-10-27T18:47:50.334Z",
    "dateUpdated": "2024-08-02T08:57:35.691Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-20748 (GCVE-0-2022-20748)

Vulnerability from cvelistv5

Published

2022-05-03 03:15

Modified

2024-11-06 16:20

Severity ?

5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CWE

CWE-664

Summary

A vulnerability in the local malware analysis process of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. This vulnerability is due to insufficient error handling in the local malware analysis process of an affected device. An attacker could exploit this vulnerability by sending a crafted file through the device. A successful exploit could allow the attacker to cause the local malware analysis process to crash, which could result in a DoS condition. Notes: Manual intervention may be required to recover from this situation. Malware cloud lookup and dynamic analysis will not be impacted.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-amp-local-dos-CUfwRJXT	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Threat Defense Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T02:24:49.598Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20220427 Cisco Firepower Threat Defense Software Local Malware Analysis Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-amp-local-dos-CUfwRJXT"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-20748",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-06T16:01:37.387726Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-06T16:20:57.348Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2022-04-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the local malware analysis process of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. This vulnerability is due to insufficient error handling in the local malware analysis process of an affected device. An attacker could exploit this vulnerability by sending a crafted file through the device. A successful exploit could allow the attacker to cause the local malware analysis process to crash, which could result in a DoS condition. Notes: Manual intervention may be required to recover from this situation. Malware cloud lookup and dynamic analysis will not be impacted."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-664",
              "description": "CWE-664",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-05-03T03:15:22",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20220427 Cisco Firepower Threat Defense Software Local Malware Analysis Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-amp-local-dos-CUfwRJXT"
        }
      ],
      "source": {
        "advisory": "cisco-sa-ftd-amp-local-dos-CUfwRJXT",
        "defect": [
          [
            "CSCvy33560"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Firepower Threat Defense Software Local Malware Analysis Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2022-04-27T16:00:00",
          "ID": "CVE-2022-20748",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Firepower Threat Defense Software Local Malware Analysis Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Firepower Threat Defense Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the local malware analysis process of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. This vulnerability is due to insufficient error handling in the local malware analysis process of an affected device. An attacker could exploit this vulnerability by sending a crafted file through the device. A successful exploit could allow the attacker to cause the local malware analysis process to crash, which could result in a DoS condition. Notes: Manual intervention may be required to recover from this situation. Malware cloud lookup and dynamic analysis will not be impacted."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "5.3",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-664"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20220427 Cisco Firepower Threat Defense Software Local Malware Analysis Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-amp-local-dos-CUfwRJXT"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-ftd-amp-local-dos-CUfwRJXT",
          "defect": [
            [
              "CSCvy33560"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2022-20748",
    "datePublished": "2022-05-03T03:15:22.995313Z",
    "dateReserved": "2021-11-02T00:00:00",
    "dateUpdated": "2024-11-06T16:20:57.348Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-3196 (GCVE-0-2020-3196)

Vulnerability from cvelistv5

Published

2020-05-06 16:41

Modified

2024-11-15 17:25

Severity ?

8.6 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-400

Summary

A vulnerability in the Secure Sockets Layer (SSL)/Transport Layer Security (TLS) handler of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to exhaust memory resources on the affected device, leading to a denial of service (DoS) condition. The vulnerability is due to improper resource management for inbound SSL/TLS connections. An attacker could exploit this vulnerability by establishing multiple SSL/TLS connections with specific conditions to the affected device. A successful exploit could allow the attacker to exhaust the memory on the affected device, causing the device to stop accepting new SSL/TLS connections and resulting in a DoS condition for services on the device that process SSL/TLS traffic. Manual intervention is required to recover an affected device.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ssl-vpn-dos-qY7BHpjN	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Adaptive Security Appliance (ASA) Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T07:24:00.777Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20200506 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL/TLS Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ssl-vpn-dos-qY7BHpjN"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-3196",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-15T16:21:37.712968Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-15T17:25:01.365Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2020-05-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Secure Sockets Layer (SSL)/Transport Layer Security (TLS) handler of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to exhaust memory resources on the affected device, leading to a denial of service (DoS) condition. The vulnerability is due to improper resource management for inbound SSL/TLS connections. An attacker could exploit this vulnerability by establishing multiple SSL/TLS connections with specific conditions to the affected device. A successful exploit could allow the attacker to exhaust the memory on the affected device, causing the device to stop accepting new SSL/TLS connections and resulting in a DoS condition for services on the device that process SSL/TLS traffic. Manual intervention is required to recover an affected device."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-05-06T16:41:25",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20200506 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL/TLS Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ssl-vpn-dos-qY7BHpjN"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asa-ssl-vpn-dos-qY7BHpjN",
        "defect": [
          [
            "CSCvp49481",
            "CSCvp93468"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL/TLS Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2020-05-06T16:00:00-0700",
          "ID": "CVE-2020-3196",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL/TLS Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the Secure Sockets Layer (SSL)/Transport Layer Security (TLS) handler of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to exhaust memory resources on the affected device, leading to a denial of service (DoS) condition. The vulnerability is due to improper resource management for inbound SSL/TLS connections. An attacker could exploit this vulnerability by establishing multiple SSL/TLS connections with specific conditions to the affected device. A successful exploit could allow the attacker to exhaust the memory on the affected device, causing the device to stop accepting new SSL/TLS connections and resulting in a DoS condition for services on the device that process SSL/TLS traffic. Manual intervention is required to recover an affected device."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.6",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-400"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20200506 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL/TLS Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ssl-vpn-dos-qY7BHpjN"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-asa-ssl-vpn-dos-qY7BHpjN",
          "defect": [
            [
              "CSCvp49481",
              "CSCvp93468"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2020-3196",
    "datePublished": "2020-05-06T16:41:25.710083Z",
    "dateReserved": "2019-12-12T00:00:00",
    "dateUpdated": "2024-11-15T17:25:01.365Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2018-0243 (GCVE-0-2018-0243)

Vulnerability from cvelistv5

Published

2018-04-19 20:00

Modified

2024-11-29 15:16

Severity ?

CWE

CWE-693

Summary

A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass a configured file action policy that is intended to drop the Server Message Block Version 2 (SMB2) and SMB Version 3 (SMB3) protocols if malware is detected. The vulnerability is due to incorrect detection of an SMB2 or SMB3 file based on the total file length. An attacker could exploit this vulnerability by sending a crafted SMB2 or SMB3 transfer request through the targeted device. An exploit could allow the attacker to pass SMB2 or SMB3 files that could be malware even though the device is configured to block them. This vulnerability does not exist for SMB Version 1 (SMB1) files. This vulnerability affects Cisco Firepower System Software when one or more file action policies are configured, on software releases prior to 6.2.3. Cisco Bug IDs: CSCvg68807.

References

▼	URL	Tags
	http://www.securityfocus.com/bid/103943	vdb-entry, x_refsource_BID
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-fss	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	Cisco Firepower System Software	Version: Cisco Firepower System Software

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T03:21:14.484Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "103943",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/103943"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-fss"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2018-0243",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-29T14:44:23.379408Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-29T15:16:39.535Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower System Software",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Cisco Firepower System Software"
            }
          ]
        }
      ],
      "datePublic": "2018-04-19T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass a configured file action policy that is intended to drop the Server Message Block Version 2 (SMB2) and SMB Version 3 (SMB3) protocols if malware is detected. The vulnerability is due to incorrect detection of an SMB2 or SMB3 file based on the total file length. An attacker could exploit this vulnerability by sending a crafted SMB2 or SMB3 transfer request through the targeted device. An exploit could allow the attacker to pass SMB2 or SMB3 files that could be malware even though the device is configured to block them. This vulnerability does not exist for SMB Version 1 (SMB1) files. This vulnerability affects Cisco Firepower System Software when one or more file action policies are configured, on software releases prior to 6.2.3. Cisco Bug IDs: CSCvg68807."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-693",
              "description": "CWE-693",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-04-24T09:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "103943",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/103943"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-fss"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2018-0243",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Firepower System Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Cisco Firepower System Software"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass a configured file action policy that is intended to drop the Server Message Block Version 2 (SMB2) and SMB Version 3 (SMB3) protocols if malware is detected. The vulnerability is due to incorrect detection of an SMB2 or SMB3 file based on the total file length. An attacker could exploit this vulnerability by sending a crafted SMB2 or SMB3 transfer request through the targeted device. An exploit could allow the attacker to pass SMB2 or SMB3 files that could be malware even though the device is configured to block them. This vulnerability does not exist for SMB Version 1 (SMB1) files. This vulnerability affects Cisco Firepower System Software when one or more file action policies are configured, on software releases prior to 6.2.3. Cisco Bug IDs: CSCvg68807."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-693"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "103943",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/103943"
            },
            {
              "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-fss",
              "refsource": "CONFIRM",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-fss"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2018-0243",
    "datePublished": "2018-04-19T20:00:00",
    "dateReserved": "2017-11-27T00:00:00",
    "dateUpdated": "2024-11-29T15:16:39.535Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-3299 (GCVE-0-2020-3299)

Vulnerability from cvelistv5

Published

2020-10-21 18:25

Modified

2024-11-13 17:50

Severity ?

5.8 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

CWE

CWE-693

Summary

Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured File Policy for HTTP. The vulnerability is due to incorrect detection of modified HTTP packets used in chunked responses. An attacker could exploit this vulnerability by sending crafted HTTP packets through an affected device. A successful exploit could allow the attacker to bypass a configured File Policy for HTTP packets and deliver a malicious payload.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-bypass-3eCfd24j	vendor-advisory
	https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html	mailing-list
	https://www.debian.org/security/2023/dsa-5354	vendor-advisory

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Threat Defense Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T07:30:57.923Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20201021 Multiple Cisco Products SNORT HTTP Detection Engine File Policy Bypass Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-bypass-3eCfd24j"
          },
          {
            "name": "[debian-lts-announce] 20230210 [SECURITY] [DLA 3317-1] snort security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html"
          },
          {
            "name": "DSA-5354",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2023/dsa-5354"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-3299",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-13T17:12:30.607418Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-13T17:50:59.312Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2020-10-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured File Policy for HTTP. The vulnerability is due to incorrect detection of modified HTTP packets used in chunked responses. An attacker could exploit this vulnerability by sending crafted HTTP packets through an affected device. A successful exploit could allow the attacker to bypass a configured File Policy for HTTP packets and deliver a malicious payload."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-693",
              "description": "CWE-693",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-02-19T00:00:00",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20201021 Multiple Cisco Products SNORT HTTP Detection Engine File Policy Bypass Vulnerability",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-bypass-3eCfd24j"
        },
        {
          "name": "[debian-lts-announce] 20230210 [SECURITY] [DLA 3317-1] snort security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html"
        },
        {
          "name": "DSA-5354",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.debian.org/security/2023/dsa-5354"
        }
      ],
      "source": {
        "advisory": "cisco-sa-ftd-bypass-3eCfd24j",
        "defect": [
          [
            "CSCvm69545",
            "CSCvq96573"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Multiple Cisco Products SNORT HTTP Detection Engine File Policy Bypass Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2020-3299",
    "datePublished": "2020-10-21T18:25:13.223171Z",
    "dateReserved": "2019-12-12T00:00:00",
    "dateUpdated": "2024-11-13T17:50:59.312Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-20247 (GCVE-0-2023-20247)

Vulnerability from cvelistv5

Published

2023-11-01 17:14

Modified

2025-06-12 14:34

Severity ?

5.0 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N

CWE

CWE-288 - Authentication Bypass Using an Alternate Path or Channel

Summary

A vulnerability in the remote access SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to bypass a configured multiple certificate authentication policy and connect using only a valid username and password. This vulnerability is due to improper error handling during remote access VPN authentication. An attacker could exploit this vulnerability by sending crafted requests during remote access VPN session establishment. A successful exploit could allow the attacker to bypass the configured multiple certificate authentication policy while retaining the privileges and permissions associated with the original connection profile.

References

▼	URL	Tags
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-multi-cert-dzA3h5PT

Impacted products

Vendor

Product

Version

▼

Cisco

Cisco Adaptive Security Appliance (ASA) Software

Version: 9.8.1
Version: 9.8.1.5
Version: 9.8.1.7
Version: 9.8.2
Version: 9.8.2.8
Version: 9.8.2.14
Version: 9.8.2.15
Version: 9.8.2.17
Version: 9.8.2.20
Version: 9.8.2.24
Version: 9.8.2.26
Version: 9.8.2.28
Version: 9.8.2.33
Version: 9.8.2.35
Version: 9.8.2.38
Version: 9.8.3.8
Version: 9.8.3.11
Version: 9.8.3.14
Version: 9.8.3.16
Version: 9.8.3.18
Version: 9.8.3.21
Version: 9.8.3
Version: 9.8.3.26
Version: 9.8.3.29
Version: 9.8.4
Version: 9.8.4.3
Version: 9.8.4.7
Version: 9.8.4.8
Version: 9.8.4.10
Version: 9.8.4.12
Version: 9.8.4.15
Version: 9.8.4.17
Version: 9.8.4.25
Version: 9.8.4.20
Version: 9.8.4.22
Version: 9.8.4.26
Version: 9.8.4.29
Version: 9.8.4.32
Version: 9.8.4.33
Version: 9.8.4.34
Version: 9.8.4.35
Version: 9.8.4.39
Version: 9.8.4.40
Version: 9.8.4.41
Version: 9.8.4.43
Version: 9.8.4.44
Version: 9.8.4.45
Version: 9.8.4.46
Version: 9.8.4.48
Version: 9.12.1
Version: 9.12.1.2
Version: 9.12.1.3
Version: 9.12.2
Version: 9.12.2.4
Version: 9.12.2.5
Version: 9.12.2.9
Version: 9.12.3
Version: 9.12.3.2
Version: 9.12.3.7
Version: 9.12.4
Version: 9.12.3.12
Version: 9.12.3.9
Version: 9.12.2.1
Version: 9.12.4.2
Version: 9.12.4.4
Version: 9.12.4.7
Version: 9.12.4.10
Version: 9.12.4.13
Version: 9.12.4.8
Version: 9.12.4.18
Version: 9.12.4.24
Version: 9.12.4.26
Version: 9.12.4.29
Version: 9.12.4.30
Version: 9.12.4.35
Version: 9.12.4.37
Version: 9.12.4.38
Version: 9.12.4.39
Version: 9.12.4.40
Version: 9.12.4.41
Version: 9.12.4.47
Version: 9.12.4.48
Version: 9.12.4.50
Version: 9.12.4.52
Version: 9.12.4.54
Version: 9.12.4.55
Version: 9.12.4.56
Version: 9.12.4.58
Version: 9.14.1
Version: 9.14.1.10
Version: 9.14.1.6
Version: 9.14.1.15
Version: 9.14.1.19
Version: 9.14.1.30
Version: 9.14.2
Version: 9.14.2.4
Version: 9.14.2.8
Version: 9.14.2.13
Version: 9.14.2.15
Version: 9.14.3
Version: 9.14.3.1
Version: 9.14.3.9
Version: 9.14.3.11
Version: 9.14.3.13
Version: 9.14.3.18
Version: 9.14.3.15
Version: 9.14.4
Version: 9.14.4.6
Version: 9.14.4.7
Version: 9.14.4.12
Version: 9.14.4.13
Version: 9.14.4.14
Version: 9.14.4.15
Version: 9.14.4.17
Version: 9.14.4.22
Version: 9.14.4.23
Version: 9.15.1
Version: 9.15.1.7
Version: 9.15.1.10
Version: 9.15.1.15
Version: 9.15.1.16
Version: 9.15.1.17
Version: 9.15.1.1
Version: 9.15.1.21
Version: 9.16.1
Version: 9.16.1.28
Version: 9.16.2
Version: 9.16.2.3
Version: 9.16.2.7
Version: 9.16.2.11
Version: 9.16.2.13
Version: 9.16.2.14
Version: 9.16.3
Version: 9.16.3.3
Version: 9.16.3.14
Version: 9.16.3.15
Version: 9.16.3.19
Version: 9.16.3.23
Version: 9.16.4
Version: 9.16.4.9
Version: 9.16.4.14
Version: 9.16.4.18
Version: 9.16.4.19
Version: 9.17.1
Version: 9.17.1.7
Version: 9.17.1.9
Version: 9.17.1.10
Version: 9.17.1.11
Version: 9.17.1.13
Version: 9.17.1.15
Version: 9.17.1.20
Version: 9.17.1.30
Version: 9.18.1
Version: 9.18.1.3
Version: 9.18.2
Version: 9.18.2.5
Version: 9.18.2.7
Version: 9.18.2.8
Version: 9.18.3
Version: 9.18.3.39
Version: 9.18.3.46
Version: 9.19.1
Version: 9.19.1.5
Version: 9.19.1.9
Version: 9.19.1.12

Cisco

Cisco Firepower Threat Defense Software

Version: 6.2.3
Version: 6.2.3.1
Version: 6.2.3.2
Version: 6.2.3.3
Version: 6.2.3.4
Version: 6.2.3.5
Version: 6.2.3.6
Version: 6.2.3.7
Version: 6.2.3.8
Version: 6.2.3.10
Version: 6.2.3.11
Version: 6.2.3.9
Version: 6.2.3.12
Version: 6.2.3.13
Version: 6.2.3.14
Version: 6.2.3.15
Version: 6.2.3.16
Version: 6.2.3.17
Version: 6.2.3.18
Version: 6.6.0
Version: 6.6.0.1
Version: 6.6.1
Version: 6.6.3
Version: 6.6.4
Version: 6.6.5
Version: 6.6.5.1
Version: 6.6.5.2
Version: 6.6.7
Version: 6.6.7.1
Version: 6.4.0
Version: 6.4.0.1
Version: 6.4.0.3
Version: 6.4.0.2
Version: 6.4.0.4
Version: 6.4.0.5
Version: 6.4.0.6
Version: 6.4.0.7
Version: 6.4.0.8
Version: 6.4.0.9
Version: 6.4.0.10
Version: 6.4.0.11
Version: 6.4.0.12
Version: 6.4.0.13
Version: 6.4.0.14
Version: 6.4.0.15
Version: 6.4.0.16
Version: 6.7.0
Version: 6.7.0.1
Version: 6.7.0.2
Version: 6.7.0.3
Version: 7.0.0
Version: 7.0.0.1
Version: 7.0.1
Version: 7.0.1.1
Version: 7.0.2
Version: 7.0.2.1
Version: 7.0.3
Version: 7.0.4
Version: 7.0.5
Version: 7.1.0
Version: 7.1.0.1
Version: 7.1.0.2
Version: 7.1.0.3
Version: 7.2.0
Version: 7.2.0.1
Version: 7.2.1
Version: 7.2.2
Version: 7.2.3
Version: 7.2.4
Version: 7.3.0
Version: 7.3.1
Version: 7.3.1.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T09:05:35.954Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "cisco-sa-asaftd-multi-cert-dzA3h5PT",
            "tags": [
              "x_transferred"
            ],
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-multi-cert-dzA3h5PT"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-20247",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-06-12T14:34:10.276276Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-12T14:34:20.796Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "9.8.1"
            },
            {
              "status": "affected",
              "version": "9.8.1.5"
            },
            {
              "status": "affected",
              "version": "9.8.1.7"
            },
            {
              "status": "affected",
              "version": "9.8.2"
            },
            {
              "status": "affected",
              "version": "9.8.2.8"
            },
            {
              "status": "affected",
              "version": "9.8.2.14"
            },
            {
              "status": "affected",
              "version": "9.8.2.15"
            },
            {
              "status": "affected",
              "version": "9.8.2.17"
            },
            {
              "status": "affected",
              "version": "9.8.2.20"
            },
            {
              "status": "affected",
              "version": "9.8.2.24"
            },
            {
              "status": "affected",
              "version": "9.8.2.26"
            },
            {
              "status": "affected",
              "version": "9.8.2.28"
            },
            {
              "status": "affected",
              "version": "9.8.2.33"
            },
            {
              "status": "affected",
              "version": "9.8.2.35"
            },
            {
              "status": "affected",
              "version": "9.8.2.38"
            },
            {
              "status": "affected",
              "version": "9.8.3.8"
            },
            {
              "status": "affected",
              "version": "9.8.3.11"
            },
            {
              "status": "affected",
              "version": "9.8.3.14"
            },
            {
              "status": "affected",
              "version": "9.8.3.16"
            },
            {
              "status": "affected",
              "version": "9.8.3.18"
            },
            {
              "status": "affected",
              "version": "9.8.3.21"
            },
            {
              "status": "affected",
              "version": "9.8.3"
            },
            {
              "status": "affected",
              "version": "9.8.3.26"
            },
            {
              "status": "affected",
              "version": "9.8.3.29"
            },
            {
              "status": "affected",
              "version": "9.8.4"
            },
            {
              "status": "affected",
              "version": "9.8.4.3"
            },
            {
              "status": "affected",
              "version": "9.8.4.7"
            },
            {
              "status": "affected",
              "version": "9.8.4.8"
            },
            {
              "status": "affected",
              "version": "9.8.4.10"
            },
            {
              "status": "affected",
              "version": "9.8.4.12"
            },
            {
              "status": "affected",
              "version": "9.8.4.15"
            },
            {
              "status": "affected",
              "version": "9.8.4.17"
            },
            {
              "status": "affected",
              "version": "9.8.4.25"
            },
            {
              "status": "affected",
              "version": "9.8.4.20"
            },
            {
              "status": "affected",
              "version": "9.8.4.22"
            },
            {
              "status": "affected",
              "version": "9.8.4.26"
            },
            {
              "status": "affected",
              "version": "9.8.4.29"
            },
            {
              "status": "affected",
              "version": "9.8.4.32"
            },
            {
              "status": "affected",
              "version": "9.8.4.33"
            },
            {
              "status": "affected",
              "version": "9.8.4.34"
            },
            {
              "status": "affected",
              "version": "9.8.4.35"
            },
            {
              "status": "affected",
              "version": "9.8.4.39"
            },
            {
              "status": "affected",
              "version": "9.8.4.40"
            },
            {
              "status": "affected",
              "version": "9.8.4.41"
            },
            {
              "status": "affected",
              "version": "9.8.4.43"
            },
            {
              "status": "affected",
              "version": "9.8.4.44"
            },
            {
              "status": "affected",
              "version": "9.8.4.45"
            },
            {
              "status": "affected",
              "version": "9.8.4.46"
            },
            {
              "status": "affected",
              "version": "9.8.4.48"
            },
            {
              "status": "affected",
              "version": "9.12.1"
            },
            {
              "status": "affected",
              "version": "9.12.1.2"
            },
            {
              "status": "affected",
              "version": "9.12.1.3"
            },
            {
              "status": "affected",
              "version": "9.12.2"
            },
            {
              "status": "affected",
              "version": "9.12.2.4"
            },
            {
              "status": "affected",
              "version": "9.12.2.5"
            },
            {
              "status": "affected",
              "version": "9.12.2.9"
            },
            {
              "status": "affected",
              "version": "9.12.3"
            },
            {
              "status": "affected",
              "version": "9.12.3.2"
            },
            {
              "status": "affected",
              "version": "9.12.3.7"
            },
            {
              "status": "affected",
              "version": "9.12.4"
            },
            {
              "status": "affected",
              "version": "9.12.3.12"
            },
            {
              "status": "affected",
              "version": "9.12.3.9"
            },
            {
              "status": "affected",
              "version": "9.12.2.1"
            },
            {
              "status": "affected",
              "version": "9.12.4.2"
            },
            {
              "status": "affected",
              "version": "9.12.4.4"
            },
            {
              "status": "affected",
              "version": "9.12.4.7"
            },
            {
              "status": "affected",
              "version": "9.12.4.10"
            },
            {
              "status": "affected",
              "version": "9.12.4.13"
            },
            {
              "status": "affected",
              "version": "9.12.4.8"
            },
            {
              "status": "affected",
              "version": "9.12.4.18"
            },
            {
              "status": "affected",
              "version": "9.12.4.24"
            },
            {
              "status": "affected",
              "version": "9.12.4.26"
            },
            {
              "status": "affected",
              "version": "9.12.4.29"
            },
            {
              "status": "affected",
              "version": "9.12.4.30"
            },
            {
              "status": "affected",
              "version": "9.12.4.35"
            },
            {
              "status": "affected",
              "version": "9.12.4.37"
            },
            {
              "status": "affected",
              "version": "9.12.4.38"
            },
            {
              "status": "affected",
              "version": "9.12.4.39"
            },
            {
              "status": "affected",
              "version": "9.12.4.40"
            },
            {
              "status": "affected",
              "version": "9.12.4.41"
            },
            {
              "status": "affected",
              "version": "9.12.4.47"
            },
            {
              "status": "affected",
              "version": "9.12.4.48"
            },
            {
              "status": "affected",
              "version": "9.12.4.50"
            },
            {
              "status": "affected",
              "version": "9.12.4.52"
            },
            {
              "status": "affected",
              "version": "9.12.4.54"
            },
            {
              "status": "affected",
              "version": "9.12.4.55"
            },
            {
              "status": "affected",
              "version": "9.12.4.56"
            },
            {
              "status": "affected",
              "version": "9.12.4.58"
            },
            {
              "status": "affected",
              "version": "9.14.1"
            },
            {
              "status": "affected",
              "version": "9.14.1.10"
            },
            {
              "status": "affected",
              "version": "9.14.1.6"
            },
            {
              "status": "affected",
              "version": "9.14.1.15"
            },
            {
              "status": "affected",
              "version": "9.14.1.19"
            },
            {
              "status": "affected",
              "version": "9.14.1.30"
            },
            {
              "status": "affected",
              "version": "9.14.2"
            },
            {
              "status": "affected",
              "version": "9.14.2.4"
            },
            {
              "status": "affected",
              "version": "9.14.2.8"
            },
            {
              "status": "affected",
              "version": "9.14.2.13"
            },
            {
              "status": "affected",
              "version": "9.14.2.15"
            },
            {
              "status": "affected",
              "version": "9.14.3"
            },
            {
              "status": "affected",
              "version": "9.14.3.1"
            },
            {
              "status": "affected",
              "version": "9.14.3.9"
            },
            {
              "status": "affected",
              "version": "9.14.3.11"
            },
            {
              "status": "affected",
              "version": "9.14.3.13"
            },
            {
              "status": "affected",
              "version": "9.14.3.18"
            },
            {
              "status": "affected",
              "version": "9.14.3.15"
            },
            {
              "status": "affected",
              "version": "9.14.4"
            },
            {
              "status": "affected",
              "version": "9.14.4.6"
            },
            {
              "status": "affected",
              "version": "9.14.4.7"
            },
            {
              "status": "affected",
              "version": "9.14.4.12"
            },
            {
              "status": "affected",
              "version": "9.14.4.13"
            },
            {
              "status": "affected",
              "version": "9.14.4.14"
            },
            {
              "status": "affected",
              "version": "9.14.4.15"
            },
            {
              "status": "affected",
              "version": "9.14.4.17"
            },
            {
              "status": "affected",
              "version": "9.14.4.22"
            },
            {
              "status": "affected",
              "version": "9.14.4.23"
            },
            {
              "status": "affected",
              "version": "9.15.1"
            },
            {
              "status": "affected",
              "version": "9.15.1.7"
            },
            {
              "status": "affected",
              "version": "9.15.1.10"
            },
            {
              "status": "affected",
              "version": "9.15.1.15"
            },
            {
              "status": "affected",
              "version": "9.15.1.16"
            },
            {
              "status": "affected",
              "version": "9.15.1.17"
            },
            {
              "status": "affected",
              "version": "9.15.1.1"
            },
            {
              "status": "affected",
              "version": "9.15.1.21"
            },
            {
              "status": "affected",
              "version": "9.16.1"
            },
            {
              "status": "affected",
              "version": "9.16.1.28"
            },
            {
              "status": "affected",
              "version": "9.16.2"
            },
            {
              "status": "affected",
              "version": "9.16.2.3"
            },
            {
              "status": "affected",
              "version": "9.16.2.7"
            },
            {
              "status": "affected",
              "version": "9.16.2.11"
            },
            {
              "status": "affected",
              "version": "9.16.2.13"
            },
            {
              "status": "affected",
              "version": "9.16.2.14"
            },
            {
              "status": "affected",
              "version": "9.16.3"
            },
            {
              "status": "affected",
              "version": "9.16.3.3"
            },
            {
              "status": "affected",
              "version": "9.16.3.14"
            },
            {
              "status": "affected",
              "version": "9.16.3.15"
            },
            {
              "status": "affected",
              "version": "9.16.3.19"
            },
            {
              "status": "affected",
              "version": "9.16.3.23"
            },
            {
              "status": "affected",
              "version": "9.16.4"
            },
            {
              "status": "affected",
              "version": "9.16.4.9"
            },
            {
              "status": "affected",
              "version": "9.16.4.14"
            },
            {
              "status": "affected",
              "version": "9.16.4.18"
            },
            {
              "status": "affected",
              "version": "9.16.4.19"
            },
            {
              "status": "affected",
              "version": "9.17.1"
            },
            {
              "status": "affected",
              "version": "9.17.1.7"
            },
            {
              "status": "affected",
              "version": "9.17.1.9"
            },
            {
              "status": "affected",
              "version": "9.17.1.10"
            },
            {
              "status": "affected",
              "version": "9.17.1.11"
            },
            {
              "status": "affected",
              "version": "9.17.1.13"
            },
            {
              "status": "affected",
              "version": "9.17.1.15"
            },
            {
              "status": "affected",
              "version": "9.17.1.20"
            },
            {
              "status": "affected",
              "version": "9.17.1.30"
            },
            {
              "status": "affected",
              "version": "9.18.1"
            },
            {
              "status": "affected",
              "version": "9.18.1.3"
            },
            {
              "status": "affected",
              "version": "9.18.2"
            },
            {
              "status": "affected",
              "version": "9.18.2.5"
            },
            {
              "status": "affected",
              "version": "9.18.2.7"
            },
            {
              "status": "affected",
              "version": "9.18.2.8"
            },
            {
              "status": "affected",
              "version": "9.18.3"
            },
            {
              "status": "affected",
              "version": "9.18.3.39"
            },
            {
              "status": "affected",
              "version": "9.18.3.46"
            },
            {
              "status": "affected",
              "version": "9.19.1"
            },
            {
              "status": "affected",
              "version": "9.19.1.5"
            },
            {
              "status": "affected",
              "version": "9.19.1.9"
            },
            {
              "status": "affected",
              "version": "9.19.1.12"
            }
          ]
        },
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "6.2.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.1"
            },
            {
              "status": "affected",
              "version": "6.2.3.2"
            },
            {
              "status": "affected",
              "version": "6.2.3.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.4"
            },
            {
              "status": "affected",
              "version": "6.2.3.5"
            },
            {
              "status": "affected",
              "version": "6.2.3.6"
            },
            {
              "status": "affected",
              "version": "6.2.3.7"
            },
            {
              "status": "affected",
              "version": "6.2.3.8"
            },
            {
              "status": "affected",
              "version": "6.2.3.10"
            },
            {
              "status": "affected",
              "version": "6.2.3.11"
            },
            {
              "status": "affected",
              "version": "6.2.3.9"
            },
            {
              "status": "affected",
              "version": "6.2.3.12"
            },
            {
              "status": "affected",
              "version": "6.2.3.13"
            },
            {
              "status": "affected",
              "version": "6.2.3.14"
            },
            {
              "status": "affected",
              "version": "6.2.3.15"
            },
            {
              "status": "affected",
              "version": "6.2.3.16"
            },
            {
              "status": "affected",
              "version": "6.2.3.17"
            },
            {
              "status": "affected",
              "version": "6.2.3.18"
            },
            {
              "status": "affected",
              "version": "6.6.0"
            },
            {
              "status": "affected",
              "version": "6.6.0.1"
            },
            {
              "status": "affected",
              "version": "6.6.1"
            },
            {
              "status": "affected",
              "version": "6.6.3"
            },
            {
              "status": "affected",
              "version": "6.6.4"
            },
            {
              "status": "affected",
              "version": "6.6.5"
            },
            {
              "status": "affected",
              "version": "6.6.5.1"
            },
            {
              "status": "affected",
              "version": "6.6.5.2"
            },
            {
              "status": "affected",
              "version": "6.6.7"
            },
            {
              "status": "affected",
              "version": "6.6.7.1"
            },
            {
              "status": "affected",
              "version": "6.4.0"
            },
            {
              "status": "affected",
              "version": "6.4.0.1"
            },
            {
              "status": "affected",
              "version": "6.4.0.3"
            },
            {
              "status": "affected",
              "version": "6.4.0.2"
            },
            {
              "status": "affected",
              "version": "6.4.0.4"
            },
            {
              "status": "affected",
              "version": "6.4.0.5"
            },
            {
              "status": "affected",
              "version": "6.4.0.6"
            },
            {
              "status": "affected",
              "version": "6.4.0.7"
            },
            {
              "status": "affected",
              "version": "6.4.0.8"
            },
            {
              "status": "affected",
              "version": "6.4.0.9"
            },
            {
              "status": "affected",
              "version": "6.4.0.10"
            },
            {
              "status": "affected",
              "version": "6.4.0.11"
            },
            {
              "status": "affected",
              "version": "6.4.0.12"
            },
            {
              "status": "affected",
              "version": "6.4.0.13"
            },
            {
              "status": "affected",
              "version": "6.4.0.14"
            },
            {
              "status": "affected",
              "version": "6.4.0.15"
            },
            {
              "status": "affected",
              "version": "6.4.0.16"
            },
            {
              "status": "affected",
              "version": "6.7.0"
            },
            {
              "status": "affected",
              "version": "6.7.0.1"
            },
            {
              "status": "affected",
              "version": "6.7.0.2"
            },
            {
              "status": "affected",
              "version": "6.7.0.3"
            },
            {
              "status": "affected",
              "version": "7.0.0"
            },
            {
              "status": "affected",
              "version": "7.0.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1.1"
            },
            {
              "status": "affected",
              "version": "7.0.2"
            },
            {
              "status": "affected",
              "version": "7.0.2.1"
            },
            {
              "status": "affected",
              "version": "7.0.3"
            },
            {
              "status": "affected",
              "version": "7.0.4"
            },
            {
              "status": "affected",
              "version": "7.0.5"
            },
            {
              "status": "affected",
              "version": "7.1.0"
            },
            {
              "status": "affected",
              "version": "7.1.0.1"
            },
            {
              "status": "affected",
              "version": "7.1.0.2"
            },
            {
              "status": "affected",
              "version": "7.1.0.3"
            },
            {
              "status": "affected",
              "version": "7.2.0"
            },
            {
              "status": "affected",
              "version": "7.2.0.1"
            },
            {
              "status": "affected",
              "version": "7.2.1"
            },
            {
              "status": "affected",
              "version": "7.2.2"
            },
            {
              "status": "affected",
              "version": "7.2.3"
            },
            {
              "status": "affected",
              "version": "7.2.4"
            },
            {
              "status": "affected",
              "version": "7.3.0"
            },
            {
              "status": "affected",
              "version": "7.3.1"
            },
            {
              "status": "affected",
              "version": "7.3.1.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the remote access SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to bypass a configured multiple certificate authentication policy and connect using only a valid username and password. This vulnerability is due to improper error handling during remote access VPN authentication. An attacker could exploit this vulnerability by sending crafted requests during remote access VPN session establishment. A successful exploit could allow the attacker to bypass the configured multiple certificate authentication policy while retaining the privileges and permissions associated with the original connection profile."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-288",
              "description": "Authentication Bypass Using an Alternate Path or Channel",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-25T16:58:31.488Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-asaftd-multi-cert-dzA3h5PT",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-multi-cert-dzA3h5PT"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asaftd-multi-cert-dzA3h5PT",
        "defects": [
          "CSCwe20918"
        ],
        "discovery": "INTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2023-20247",
    "datePublished": "2023-11-01T17:14:57.660Z",
    "dateReserved": "2022-10-27T18:47:50.371Z",
    "dateUpdated": "2025-06-12T14:34:20.796Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-20275 (GCVE-0-2023-20275)

Vulnerability from cvelistv5

Published

2023-12-12 18:06

Modified

2024-08-02 09:05

Severity ?

4.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N

CWE

CWE-346 - Origin Validation Error

Summary

A vulnerability in the AnyConnect SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to send packets with another VPN user's source IP address. This vulnerability is due to improper validation of the packet's inner source IP address after decryption. An attacker could exploit this vulnerability by sending crafted packets through the tunnel. A successful exploit could allow the attacker to send a packet impersonating another VPN user's IP address. It is not possible for the attacker to receive return packets.

References

▼	URL	Tags
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ssl-vpn-Y88QOm77

Impacted products

Vendor

Product

Version

▼

Cisco

Cisco Adaptive Security Appliance (ASA) Software

Version: 9.8.1
Version: 9.8.1.5
Version: 9.8.1.7
Version: 9.8.2
Version: 9.8.2.8
Version: 9.8.2.14
Version: 9.8.2.15
Version: 9.8.2.17
Version: 9.8.2.20
Version: 9.8.2.24
Version: 9.8.2.26
Version: 9.8.2.28
Version: 9.8.2.33
Version: 9.8.2.35
Version: 9.8.2.38
Version: 9.8.3.8
Version: 9.8.3.11
Version: 9.8.3.14
Version: 9.8.3.16
Version: 9.8.3.18
Version: 9.8.3.21
Version: 9.8.3
Version: 9.8.3.26
Version: 9.8.3.29
Version: 9.8.4
Version: 9.8.4.3
Version: 9.8.4.7
Version: 9.8.4.8
Version: 9.8.4.10
Version: 9.8.4.12
Version: 9.8.4.15
Version: 9.8.4.17
Version: 9.8.4.25
Version: 9.8.4.20
Version: 9.8.4.22
Version: 9.8.4.26
Version: 9.8.4.29
Version: 9.8.4.32
Version: 9.8.4.33
Version: 9.8.4.34
Version: 9.8.4.35
Version: 9.8.4.39
Version: 9.8.4.40
Version: 9.8.4.41
Version: 9.8.4.43
Version: 9.8.4.44
Version: 9.8.4.45
Version: 9.8.4.46
Version: 9.8.4.48
Version: 9.12.1
Version: 9.12.1.2
Version: 9.12.1.3
Version: 9.12.2
Version: 9.12.2.4
Version: 9.12.2.5
Version: 9.12.2.9
Version: 9.12.3
Version: 9.12.3.2
Version: 9.12.3.7
Version: 9.12.4
Version: 9.12.3.12
Version: 9.12.3.9
Version: 9.12.2.1
Version: 9.12.4.2
Version: 9.12.4.4
Version: 9.12.4.7
Version: 9.12.4.10
Version: 9.12.4.13
Version: 9.12.4.8
Version: 9.12.4.18
Version: 9.12.4.24
Version: 9.12.4.26
Version: 9.12.4.29
Version: 9.12.4.30
Version: 9.12.4.35
Version: 9.12.4.37
Version: 9.12.4.38
Version: 9.12.4.39
Version: 9.12.4.40
Version: 9.12.4.41
Version: 9.12.4.47
Version: 9.12.4.48
Version: 9.12.4.50
Version: 9.12.4.52
Version: 9.12.4.54
Version: 9.12.4.55
Version: 9.12.4.56
Version: 9.12.4.58
Version: 9.14.1
Version: 9.14.1.10
Version: 9.14.1.6
Version: 9.14.1.15
Version: 9.14.1.19
Version: 9.14.1.30
Version: 9.14.2
Version: 9.14.2.4
Version: 9.14.2.8
Version: 9.14.2.13
Version: 9.14.2.15
Version: 9.14.3
Version: 9.14.3.1
Version: 9.14.3.9
Version: 9.14.3.11
Version: 9.14.3.13
Version: 9.14.3.18
Version: 9.14.3.15
Version: 9.14.4
Version: 9.14.4.6
Version: 9.14.4.7
Version: 9.14.4.12
Version: 9.14.4.13
Version: 9.14.4.14
Version: 9.14.4.15
Version: 9.14.4.17
Version: 9.14.4.22
Version: 9.14.4.23
Version: 9.15.1
Version: 9.15.1.7
Version: 9.15.1.10
Version: 9.15.1.15
Version: 9.15.1.16
Version: 9.15.1.17
Version: 9.15.1.1
Version: 9.15.1.21
Version: 9.16.1
Version: 9.16.1.28
Version: 9.16.2
Version: 9.16.2.3
Version: 9.16.2.7
Version: 9.16.2.11
Version: 9.16.2.13
Version: 9.16.2.14
Version: 9.16.3
Version: 9.16.3.3
Version: 9.16.3.14
Version: 9.16.3.15
Version: 9.16.3.19
Version: 9.16.3.23
Version: 9.16.4
Version: 9.16.4.9
Version: 9.16.4.14
Version: 9.16.4.18
Version: 9.16.4.19
Version: 9.16.4.27
Version: 9.17.1
Version: 9.17.1.7
Version: 9.17.1.9
Version: 9.17.1.10
Version: 9.17.1.11
Version: 9.17.1.13
Version: 9.17.1.15
Version: 9.17.1.20
Version: 9.17.1.30
Version: 9.18.1
Version: 9.18.1.3
Version: 9.18.2
Version: 9.18.2.5
Version: 9.18.2.7
Version: 9.18.2.8
Version: 9.18.3
Version: 9.18.3.39
Version: 9.18.3.46
Version: 9.19.1
Version: 9.19.1.5
Version: 9.19.1.9
Version: 9.19.1.12

Cisco

Cisco Firepower Threat Defense Software

Version: 6.2.3
Version: 6.2.3.1
Version: 6.2.3.2
Version: 6.2.3.3
Version: 6.2.3.4
Version: 6.2.3.5
Version: 6.2.3.6
Version: 6.2.3.7
Version: 6.2.3.8
Version: 6.2.3.10
Version: 6.2.3.11
Version: 6.2.3.9
Version: 6.2.3.12
Version: 6.2.3.13
Version: 6.2.3.14
Version: 6.2.3.15
Version: 6.2.3.16
Version: 6.2.3.17
Version: 6.2.3.18
Version: 6.6.0
Version: 6.6.0.1
Version: 6.6.1
Version: 6.6.3
Version: 6.6.4
Version: 6.6.5
Version: 6.6.5.1
Version: 6.6.5.2
Version: 6.6.7
Version: 6.6.7.1
Version: 6.4.0
Version: 6.4.0.1
Version: 6.4.0.3
Version: 6.4.0.2
Version: 6.4.0.4
Version: 6.4.0.5
Version: 6.4.0.6
Version: 6.4.0.7
Version: 6.4.0.8
Version: 6.4.0.9
Version: 6.4.0.10
Version: 6.4.0.11
Version: 6.4.0.12
Version: 6.4.0.13
Version: 6.4.0.14
Version: 6.4.0.15
Version: 6.4.0.16
Version: 6.7.0
Version: 6.7.0.1
Version: 6.7.0.2
Version: 6.7.0.3
Version: 7.0.0
Version: 7.0.0.1
Version: 7.0.1
Version: 7.0.1.1
Version: 7.0.2
Version: 7.0.2.1
Version: 7.0.3
Version: 7.0.4
Version: 7.0.5
Version: 7.0.6
Version: 7.1.0
Version: 7.1.0.1
Version: 7.1.0.2
Version: 7.1.0.3
Version: 7.2.0
Version: 7.2.0.1
Version: 7.2.1
Version: 7.2.2
Version: 7.2.3
Version: 7.2.4
Version: 7.3.0
Version: 7.3.1
Version: 7.3.1.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T09:05:36.246Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "cisco-sa-asa-ssl-vpn-Y88QOm77",
            "tags": [
              "x_transferred"
            ],
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ssl-vpn-Y88QOm77"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "9.8.1"
            },
            {
              "status": "affected",
              "version": "9.8.1.5"
            },
            {
              "status": "affected",
              "version": "9.8.1.7"
            },
            {
              "status": "affected",
              "version": "9.8.2"
            },
            {
              "status": "affected",
              "version": "9.8.2.8"
            },
            {
              "status": "affected",
              "version": "9.8.2.14"
            },
            {
              "status": "affected",
              "version": "9.8.2.15"
            },
            {
              "status": "affected",
              "version": "9.8.2.17"
            },
            {
              "status": "affected",
              "version": "9.8.2.20"
            },
            {
              "status": "affected",
              "version": "9.8.2.24"
            },
            {
              "status": "affected",
              "version": "9.8.2.26"
            },
            {
              "status": "affected",
              "version": "9.8.2.28"
            },
            {
              "status": "affected",
              "version": "9.8.2.33"
            },
            {
              "status": "affected",
              "version": "9.8.2.35"
            },
            {
              "status": "affected",
              "version": "9.8.2.38"
            },
            {
              "status": "affected",
              "version": "9.8.3.8"
            },
            {
              "status": "affected",
              "version": "9.8.3.11"
            },
            {
              "status": "affected",
              "version": "9.8.3.14"
            },
            {
              "status": "affected",
              "version": "9.8.3.16"
            },
            {
              "status": "affected",
              "version": "9.8.3.18"
            },
            {
              "status": "affected",
              "version": "9.8.3.21"
            },
            {
              "status": "affected",
              "version": "9.8.3"
            },
            {
              "status": "affected",
              "version": "9.8.3.26"
            },
            {
              "status": "affected",
              "version": "9.8.3.29"
            },
            {
              "status": "affected",
              "version": "9.8.4"
            },
            {
              "status": "affected",
              "version": "9.8.4.3"
            },
            {
              "status": "affected",
              "version": "9.8.4.7"
            },
            {
              "status": "affected",
              "version": "9.8.4.8"
            },
            {
              "status": "affected",
              "version": "9.8.4.10"
            },
            {
              "status": "affected",
              "version": "9.8.4.12"
            },
            {
              "status": "affected",
              "version": "9.8.4.15"
            },
            {
              "status": "affected",
              "version": "9.8.4.17"
            },
            {
              "status": "affected",
              "version": "9.8.4.25"
            },
            {
              "status": "affected",
              "version": "9.8.4.20"
            },
            {
              "status": "affected",
              "version": "9.8.4.22"
            },
            {
              "status": "affected",
              "version": "9.8.4.26"
            },
            {
              "status": "affected",
              "version": "9.8.4.29"
            },
            {
              "status": "affected",
              "version": "9.8.4.32"
            },
            {
              "status": "affected",
              "version": "9.8.4.33"
            },
            {
              "status": "affected",
              "version": "9.8.4.34"
            },
            {
              "status": "affected",
              "version": "9.8.4.35"
            },
            {
              "status": "affected",
              "version": "9.8.4.39"
            },
            {
              "status": "affected",
              "version": "9.8.4.40"
            },
            {
              "status": "affected",
              "version": "9.8.4.41"
            },
            {
              "status": "affected",
              "version": "9.8.4.43"
            },
            {
              "status": "affected",
              "version": "9.8.4.44"
            },
            {
              "status": "affected",
              "version": "9.8.4.45"
            },
            {
              "status": "affected",
              "version": "9.8.4.46"
            },
            {
              "status": "affected",
              "version": "9.8.4.48"
            },
            {
              "status": "affected",
              "version": "9.12.1"
            },
            {
              "status": "affected",
              "version": "9.12.1.2"
            },
            {
              "status": "affected",
              "version": "9.12.1.3"
            },
            {
              "status": "affected",
              "version": "9.12.2"
            },
            {
              "status": "affected",
              "version": "9.12.2.4"
            },
            {
              "status": "affected",
              "version": "9.12.2.5"
            },
            {
              "status": "affected",
              "version": "9.12.2.9"
            },
            {
              "status": "affected",
              "version": "9.12.3"
            },
            {
              "status": "affected",
              "version": "9.12.3.2"
            },
            {
              "status": "affected",
              "version": "9.12.3.7"
            },
            {
              "status": "affected",
              "version": "9.12.4"
            },
            {
              "status": "affected",
              "version": "9.12.3.12"
            },
            {
              "status": "affected",
              "version": "9.12.3.9"
            },
            {
              "status": "affected",
              "version": "9.12.2.1"
            },
            {
              "status": "affected",
              "version": "9.12.4.2"
            },
            {
              "status": "affected",
              "version": "9.12.4.4"
            },
            {
              "status": "affected",
              "version": "9.12.4.7"
            },
            {
              "status": "affected",
              "version": "9.12.4.10"
            },
            {
              "status": "affected",
              "version": "9.12.4.13"
            },
            {
              "status": "affected",
              "version": "9.12.4.8"
            },
            {
              "status": "affected",
              "version": "9.12.4.18"
            },
            {
              "status": "affected",
              "version": "9.12.4.24"
            },
            {
              "status": "affected",
              "version": "9.12.4.26"
            },
            {
              "status": "affected",
              "version": "9.12.4.29"
            },
            {
              "status": "affected",
              "version": "9.12.4.30"
            },
            {
              "status": "affected",
              "version": "9.12.4.35"
            },
            {
              "status": "affected",
              "version": "9.12.4.37"
            },
            {
              "status": "affected",
              "version": "9.12.4.38"
            },
            {
              "status": "affected",
              "version": "9.12.4.39"
            },
            {
              "status": "affected",
              "version": "9.12.4.40"
            },
            {
              "status": "affected",
              "version": "9.12.4.41"
            },
            {
              "status": "affected",
              "version": "9.12.4.47"
            },
            {
              "status": "affected",
              "version": "9.12.4.48"
            },
            {
              "status": "affected",
              "version": "9.12.4.50"
            },
            {
              "status": "affected",
              "version": "9.12.4.52"
            },
            {
              "status": "affected",
              "version": "9.12.4.54"
            },
            {
              "status": "affected",
              "version": "9.12.4.55"
            },
            {
              "status": "affected",
              "version": "9.12.4.56"
            },
            {
              "status": "affected",
              "version": "9.12.4.58"
            },
            {
              "status": "affected",
              "version": "9.14.1"
            },
            {
              "status": "affected",
              "version": "9.14.1.10"
            },
            {
              "status": "affected",
              "version": "9.14.1.6"
            },
            {
              "status": "affected",
              "version": "9.14.1.15"
            },
            {
              "status": "affected",
              "version": "9.14.1.19"
            },
            {
              "status": "affected",
              "version": "9.14.1.30"
            },
            {
              "status": "affected",
              "version": "9.14.2"
            },
            {
              "status": "affected",
              "version": "9.14.2.4"
            },
            {
              "status": "affected",
              "version": "9.14.2.8"
            },
            {
              "status": "affected",
              "version": "9.14.2.13"
            },
            {
              "status": "affected",
              "version": "9.14.2.15"
            },
            {
              "status": "affected",
              "version": "9.14.3"
            },
            {
              "status": "affected",
              "version": "9.14.3.1"
            },
            {
              "status": "affected",
              "version": "9.14.3.9"
            },
            {
              "status": "affected",
              "version": "9.14.3.11"
            },
            {
              "status": "affected",
              "version": "9.14.3.13"
            },
            {
              "status": "affected",
              "version": "9.14.3.18"
            },
            {
              "status": "affected",
              "version": "9.14.3.15"
            },
            {
              "status": "affected",
              "version": "9.14.4"
            },
            {
              "status": "affected",
              "version": "9.14.4.6"
            },
            {
              "status": "affected",
              "version": "9.14.4.7"
            },
            {
              "status": "affected",
              "version": "9.14.4.12"
            },
            {
              "status": "affected",
              "version": "9.14.4.13"
            },
            {
              "status": "affected",
              "version": "9.14.4.14"
            },
            {
              "status": "affected",
              "version": "9.14.4.15"
            },
            {
              "status": "affected",
              "version": "9.14.4.17"
            },
            {
              "status": "affected",
              "version": "9.14.4.22"
            },
            {
              "status": "affected",
              "version": "9.14.4.23"
            },
            {
              "status": "affected",
              "version": "9.15.1"
            },
            {
              "status": "affected",
              "version": "9.15.1.7"
            },
            {
              "status": "affected",
              "version": "9.15.1.10"
            },
            {
              "status": "affected",
              "version": "9.15.1.15"
            },
            {
              "status": "affected",
              "version": "9.15.1.16"
            },
            {
              "status": "affected",
              "version": "9.15.1.17"
            },
            {
              "status": "affected",
              "version": "9.15.1.1"
            },
            {
              "status": "affected",
              "version": "9.15.1.21"
            },
            {
              "status": "affected",
              "version": "9.16.1"
            },
            {
              "status": "affected",
              "version": "9.16.1.28"
            },
            {
              "status": "affected",
              "version": "9.16.2"
            },
            {
              "status": "affected",
              "version": "9.16.2.3"
            },
            {
              "status": "affected",
              "version": "9.16.2.7"
            },
            {
              "status": "affected",
              "version": "9.16.2.11"
            },
            {
              "status": "affected",
              "version": "9.16.2.13"
            },
            {
              "status": "affected",
              "version": "9.16.2.14"
            },
            {
              "status": "affected",
              "version": "9.16.3"
            },
            {
              "status": "affected",
              "version": "9.16.3.3"
            },
            {
              "status": "affected",
              "version": "9.16.3.14"
            },
            {
              "status": "affected",
              "version": "9.16.3.15"
            },
            {
              "status": "affected",
              "version": "9.16.3.19"
            },
            {
              "status": "affected",
              "version": "9.16.3.23"
            },
            {
              "status": "affected",
              "version": "9.16.4"
            },
            {
              "status": "affected",
              "version": "9.16.4.9"
            },
            {
              "status": "affected",
              "version": "9.16.4.14"
            },
            {
              "status": "affected",
              "version": "9.16.4.18"
            },
            {
              "status": "affected",
              "version": "9.16.4.19"
            },
            {
              "status": "affected",
              "version": "9.16.4.27"
            },
            {
              "status": "affected",
              "version": "9.17.1"
            },
            {
              "status": "affected",
              "version": "9.17.1.7"
            },
            {
              "status": "affected",
              "version": "9.17.1.9"
            },
            {
              "status": "affected",
              "version": "9.17.1.10"
            },
            {
              "status": "affected",
              "version": "9.17.1.11"
            },
            {
              "status": "affected",
              "version": "9.17.1.13"
            },
            {
              "status": "affected",
              "version": "9.17.1.15"
            },
            {
              "status": "affected",
              "version": "9.17.1.20"
            },
            {
              "status": "affected",
              "version": "9.17.1.30"
            },
            {
              "status": "affected",
              "version": "9.18.1"
            },
            {
              "status": "affected",
              "version": "9.18.1.3"
            },
            {
              "status": "affected",
              "version": "9.18.2"
            },
            {
              "status": "affected",
              "version": "9.18.2.5"
            },
            {
              "status": "affected",
              "version": "9.18.2.7"
            },
            {
              "status": "affected",
              "version": "9.18.2.8"
            },
            {
              "status": "affected",
              "version": "9.18.3"
            },
            {
              "status": "affected",
              "version": "9.18.3.39"
            },
            {
              "status": "affected",
              "version": "9.18.3.46"
            },
            {
              "status": "affected",
              "version": "9.19.1"
            },
            {
              "status": "affected",
              "version": "9.19.1.5"
            },
            {
              "status": "affected",
              "version": "9.19.1.9"
            },
            {
              "status": "affected",
              "version": "9.19.1.12"
            }
          ]
        },
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "6.2.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.1"
            },
            {
              "status": "affected",
              "version": "6.2.3.2"
            },
            {
              "status": "affected",
              "version": "6.2.3.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.4"
            },
            {
              "status": "affected",
              "version": "6.2.3.5"
            },
            {
              "status": "affected",
              "version": "6.2.3.6"
            },
            {
              "status": "affected",
              "version": "6.2.3.7"
            },
            {
              "status": "affected",
              "version": "6.2.3.8"
            },
            {
              "status": "affected",
              "version": "6.2.3.10"
            },
            {
              "status": "affected",
              "version": "6.2.3.11"
            },
            {
              "status": "affected",
              "version": "6.2.3.9"
            },
            {
              "status": "affected",
              "version": "6.2.3.12"
            },
            {
              "status": "affected",
              "version": "6.2.3.13"
            },
            {
              "status": "affected",
              "version": "6.2.3.14"
            },
            {
              "status": "affected",
              "version": "6.2.3.15"
            },
            {
              "status": "affected",
              "version": "6.2.3.16"
            },
            {
              "status": "affected",
              "version": "6.2.3.17"
            },
            {
              "status": "affected",
              "version": "6.2.3.18"
            },
            {
              "status": "affected",
              "version": "6.6.0"
            },
            {
              "status": "affected",
              "version": "6.6.0.1"
            },
            {
              "status": "affected",
              "version": "6.6.1"
            },
            {
              "status": "affected",
              "version": "6.6.3"
            },
            {
              "status": "affected",
              "version": "6.6.4"
            },
            {
              "status": "affected",
              "version": "6.6.5"
            },
            {
              "status": "affected",
              "version": "6.6.5.1"
            },
            {
              "status": "affected",
              "version": "6.6.5.2"
            },
            {
              "status": "affected",
              "version": "6.6.7"
            },
            {
              "status": "affected",
              "version": "6.6.7.1"
            },
            {
              "status": "affected",
              "version": "6.4.0"
            },
            {
              "status": "affected",
              "version": "6.4.0.1"
            },
            {
              "status": "affected",
              "version": "6.4.0.3"
            },
            {
              "status": "affected",
              "version": "6.4.0.2"
            },
            {
              "status": "affected",
              "version": "6.4.0.4"
            },
            {
              "status": "affected",
              "version": "6.4.0.5"
            },
            {
              "status": "affected",
              "version": "6.4.0.6"
            },
            {
              "status": "affected",
              "version": "6.4.0.7"
            },
            {
              "status": "affected",
              "version": "6.4.0.8"
            },
            {
              "status": "affected",
              "version": "6.4.0.9"
            },
            {
              "status": "affected",
              "version": "6.4.0.10"
            },
            {
              "status": "affected",
              "version": "6.4.0.11"
            },
            {
              "status": "affected",
              "version": "6.4.0.12"
            },
            {
              "status": "affected",
              "version": "6.4.0.13"
            },
            {
              "status": "affected",
              "version": "6.4.0.14"
            },
            {
              "status": "affected",
              "version": "6.4.0.15"
            },
            {
              "status": "affected",
              "version": "6.4.0.16"
            },
            {
              "status": "affected",
              "version": "6.7.0"
            },
            {
              "status": "affected",
              "version": "6.7.0.1"
            },
            {
              "status": "affected",
              "version": "6.7.0.2"
            },
            {
              "status": "affected",
              "version": "6.7.0.3"
            },
            {
              "status": "affected",
              "version": "7.0.0"
            },
            {
              "status": "affected",
              "version": "7.0.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1.1"
            },
            {
              "status": "affected",
              "version": "7.0.2"
            },
            {
              "status": "affected",
              "version": "7.0.2.1"
            },
            {
              "status": "affected",
              "version": "7.0.3"
            },
            {
              "status": "affected",
              "version": "7.0.4"
            },
            {
              "status": "affected",
              "version": "7.0.5"
            },
            {
              "status": "affected",
              "version": "7.0.6"
            },
            {
              "status": "affected",
              "version": "7.1.0"
            },
            {
              "status": "affected",
              "version": "7.1.0.1"
            },
            {
              "status": "affected",
              "version": "7.1.0.2"
            },
            {
              "status": "affected",
              "version": "7.1.0.3"
            },
            {
              "status": "affected",
              "version": "7.2.0"
            },
            {
              "status": "affected",
              "version": "7.2.0.1"
            },
            {
              "status": "affected",
              "version": "7.2.1"
            },
            {
              "status": "affected",
              "version": "7.2.2"
            },
            {
              "status": "affected",
              "version": "7.2.3"
            },
            {
              "status": "affected",
              "version": "7.2.4"
            },
            {
              "status": "affected",
              "version": "7.3.0"
            },
            {
              "status": "affected",
              "version": "7.3.1"
            },
            {
              "status": "affected",
              "version": "7.3.1.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the AnyConnect SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to send packets with another VPN user\u0027s source IP address. This vulnerability is due to improper validation of the packet\u0027s inner source IP address after decryption. An attacker could exploit this vulnerability by sending crafted packets through the tunnel. A successful exploit could allow the attacker to send a packet impersonating another VPN user\u0027s IP address. It is not possible for the attacker to receive return packets."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is aware of public announcements about the vulnerability that is described in this advisory.\r\n\r\nThe Cisco PSIRT is not aware of any malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-346",
              "description": "Origin Validation Error",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-25T16:58:38.503Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-asa-ssl-vpn-Y88QOm77",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ssl-vpn-Y88QOm77"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asa-ssl-vpn-Y88QOm77",
        "defects": [
          "CSCwd98316"
        ],
        "discovery": "EXTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2023-20275",
    "datePublished": "2023-12-12T18:06:17.467Z",
    "dateReserved": "2022-10-27T18:47:50.374Z",
    "dateUpdated": "2024-08-02T09:05:36.246Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-3187 (GCVE-0-2020-3187)

Vulnerability from cvelistv5

Published

2020-05-06 16:41

Modified

2024-11-15 17:25

Severity ?

9.1 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE

CWE-22

Summary

A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct directory traversal attacks and obtain read and delete access to sensitive files on a targeted system. The vulnerability is due to a lack of proper input validation of the HTTP URL. An attacker could exploit this vulnerability by sending a crafted HTTP request containing directory traversal character sequences. An exploit could allow the attacker to view or delete arbitrary files on the targeted system. When the device is reloaded after exploitation of this vulnerability, any files that were deleted are restored. The attacker can only view and delete files within the web services file system. This file system is enabled when the affected device is configured with either WebVPN or AnyConnect features. This vulnerability can not be used to obtain access to ASA or FTD system files or underlying operating system (OS) files. Reloading the affected device will restore all files within the web services file system.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-path-JE3azWw43	vendor-advisory, x_refsource_CISCO
	http://packetstormsecurity.com/files/158648/Cisco-Adaptive-Security-Appliance-Software-9.7-Arbitrary-File-Deletion.html	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Adaptive Security Appliance (ASA) Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T07:24:00.674Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20200506 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Path Traversal Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-path-JE3azWw43"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/158648/Cisco-Adaptive-Security-Appliance-Software-9.7-Arbitrary-File-Deletion.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-3187",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-15T16:19:44.187201Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-15T17:25:50.836Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2020-05-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct directory traversal attacks and obtain read and delete access to sensitive files on a targeted system. The vulnerability is due to a lack of proper input validation of the HTTP URL. An attacker could exploit this vulnerability by sending a crafted HTTP request containing directory traversal character sequences. An exploit could allow the attacker to view or delete arbitrary files on the targeted system. When the device is reloaded after exploitation of this vulnerability, any files that were deleted are restored. The attacker can only view and delete files within the web services file system. This file system is enabled when the affected device is configured with either WebVPN or AnyConnect features. This vulnerability can not be used to obtain access to ASA or FTD system files or underlying operating system (OS) files. Reloading the affected device will restore all files within the web services file system."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-22",
              "description": "CWE-22",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-07-29T19:06:08",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20200506 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Path Traversal Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-path-JE3azWw43"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/158648/Cisco-Adaptive-Security-Appliance-Software-9.7-Arbitrary-File-Deletion.html"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asaftd-path-JE3azWw43",
        "defect": [
          [
            "CSCvr55825"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Path Traversal Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2020-05-06T16:00:00-0700",
          "ID": "CVE-2020-3187",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Path Traversal Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct directory traversal attacks and obtain read and delete access to sensitive files on a targeted system. The vulnerability is due to a lack of proper input validation of the HTTP URL. An attacker could exploit this vulnerability by sending a crafted HTTP request containing directory traversal character sequences. An exploit could allow the attacker to view or delete arbitrary files on the targeted system. When the device is reloaded after exploitation of this vulnerability, any files that were deleted are restored. The attacker can only view and delete files within the web services file system. This file system is enabled when the affected device is configured with either WebVPN or AnyConnect features. This vulnerability can not be used to obtain access to ASA or FTD system files or underlying operating system (OS) files. Reloading the affected device will restore all files within the web services file system."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "9.1",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-22"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20200506 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Path Traversal Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-path-JE3azWw43"
            },
            {
              "name": "http://packetstormsecurity.com/files/158648/Cisco-Adaptive-Security-Appliance-Software-9.7-Arbitrary-File-Deletion.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/158648/Cisco-Adaptive-Security-Appliance-Software-9.7-Arbitrary-File-Deletion.html"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-asaftd-path-JE3azWw43",
          "defect": [
            [
              "CSCvr55825"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2020-3187",
    "datePublished": "2020-05-06T16:41:01.588678Z",
    "dateReserved": "2019-12-12T00:00:00",
    "dateUpdated": "2024-11-15T17:25:50.836Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-20715 (GCVE-0-2022-20715)

Vulnerability from cvelistv5

Published

2022-05-03 03:16

Modified

2024-09-16 17:19

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-399

Summary

A vulnerability in the remote access SSL VPN features of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper validation of errors that are logged as a result of client connections that are made using remote access VPN. An attacker could exploit this vulnerability by sending crafted requests to an affected system. A successful exploit could allow the attacker to cause the affected device to restart, resulting in a DoS condition.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-dos-tL4uA4AA	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Adaptive Security Appliance (ASA) Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T02:24:49.269Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20220427 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Remote Access SSL VPN Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-dos-tL4uA4AA"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2022-04-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the remote access SSL VPN features of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper validation of errors that are logged as a result of client connections that are made using remote access VPN. An attacker could exploit this vulnerability by sending crafted requests to an affected system. A successful exploit could allow the attacker to cause the affected device to restart, resulting in a DoS condition."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-399",
              "description": "CWE-399",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-05-03T03:16:28",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20220427 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Remote Access SSL VPN Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-dos-tL4uA4AA"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asa-dos-tL4uA4AA",
        "defect": [
          [
            "CSCwa04461"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Remote Access SSL VPN Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2022-04-27T16:00:00",
          "ID": "CVE-2022-20715",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Remote Access SSL VPN Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the remote access SSL VPN features of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper validation of errors that are logged as a result of client connections that are made using remote access VPN. An attacker could exploit this vulnerability by sending crafted requests to an affected system. A successful exploit could allow the attacker to cause the affected device to restart, resulting in a DoS condition."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.6",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-399"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20220427 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Remote Access SSL VPN Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-dos-tL4uA4AA"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-asa-dos-tL4uA4AA",
          "defect": [
            [
              "CSCwa04461"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2022-20715",
    "datePublished": "2022-05-03T03:16:28.466114Z",
    "dateReserved": "2021-11-02T00:00:00",
    "dateUpdated": "2024-09-16T17:19:10.789Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-3564 (GCVE-0-2020-3564)

Vulnerability from cvelistv5

Published

2020-10-21 18:40

Modified

2024-11-13 17:46

Severity ?

5.8 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

CWE

CWE-284

Summary

A vulnerability in the FTP inspection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass FTP inspection. The vulnerability is due to ineffective flow tracking of FTP traffic. An attacker could exploit this vulnerability by sending crafted FTP traffic through an affected device. A successful exploit could allow the attacker to bypass FTP inspection and successfully complete FTP connections.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ftpbypass-HY3UTxYu	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Adaptive Security Appliance (ASA) Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T07:37:54.957Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software FTP Inspection Bypass Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ftpbypass-HY3UTxYu"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-3564",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-13T17:12:13.801577Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-13T17:46:31.618Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2020-10-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the FTP inspection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass FTP inspection. The vulnerability is due to ineffective flow tracking of FTP traffic. An attacker could exploit this vulnerability by sending crafted FTP traffic through an affected device. A successful exploit could allow the attacker to bypass FTP inspection and successfully complete FTP connections."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-284",
              "description": "CWE-284",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-21T18:40:58",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software FTP Inspection Bypass Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ftpbypass-HY3UTxYu"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asaftd-ftpbypass-HY3UTxYu",
        "defect": [
          [
            "CSCvt13445"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software FTP Inspection Bypass Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2020-10-21T16:00:00",
          "ID": "CVE-2020-3564",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software FTP Inspection Bypass Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the FTP inspection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass FTP inspection. The vulnerability is due to ineffective flow tracking of FTP traffic. An attacker could exploit this vulnerability by sending crafted FTP traffic through an affected device. A successful exploit could allow the attacker to bypass FTP inspection and successfully complete FTP connections."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "5.8",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-284"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software FTP Inspection Bypass Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ftpbypass-HY3UTxYu"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-asaftd-ftpbypass-HY3UTxYu",
          "defect": [
            [
              "CSCvt13445"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2020-3564",
    "datePublished": "2020-10-21T18:40:58.904272Z",
    "dateReserved": "2019-12-12T00:00:00",
    "dateUpdated": "2024-11-13T17:46:31.618Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-20757 (GCVE-0-2022-20757)

Vulnerability from cvelistv5

Published

2022-05-03 03:15

Modified

2024-11-06 16:20

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-770

Summary

A vulnerability in the connection handling function in Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper traffic handling when platform limits are reached. An attacker could exploit this vulnerability by sending a high rate of UDP traffic through an affected device. A successful exploit could allow the attacker to cause all new, incoming connections to be dropped, resulting in a DoS condition.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-JnnJm4wB	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Threat Defense Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T02:24:49.534Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20220427 Cisco Firepower Threat Defense Software Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-JnnJm4wB"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-20757",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-06T16:01:35.365704Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-06T16:20:36.573Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2022-04-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the connection handling function in Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper traffic handling when platform limits are reached. An attacker could exploit this vulnerability by sending a high rate of UDP traffic through an affected device. A successful exploit could allow the attacker to cause all new, incoming connections to be dropped, resulting in a DoS condition."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-770",
              "description": "CWE-770",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-05-03T03:15:33",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20220427 Cisco Firepower Threat Defense Software Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-JnnJm4wB"
        }
      ],
      "source": {
        "advisory": "cisco-sa-ftd-dos-JnnJm4wB",
        "defect": [
          [
            "CSCwa14485"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Firepower Threat Defense Software Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2022-04-27T16:00:00",
          "ID": "CVE-2022-20757",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Firepower Threat Defense Software Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Firepower Threat Defense Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the connection handling function in Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper traffic handling when platform limits are reached. An attacker could exploit this vulnerability by sending a high rate of UDP traffic through an affected device. A successful exploit could allow the attacker to cause all new, incoming connections to be dropped, resulting in a DoS condition."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.6",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-770"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20220427 Cisco Firepower Threat Defense Software Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-JnnJm4wB"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-ftd-dos-JnnJm4wB",
          "defect": [
            [
              "CSCwa14485"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2022-20757",
    "datePublished": "2022-05-03T03:15:33.955136Z",
    "dateReserved": "2021-11-02T00:00:00",
    "dateUpdated": "2024-11-06T16:20:36.573Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2018-0231 (GCVE-0-2018-0231)

Vulnerability from cvelistv5

Published

2018-04-19 20:00

Modified

2024-11-29 15:18

Severity ?

CWE

CWE-20

Summary

A vulnerability in the Transport Layer Security (TLS) library of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of the affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a malicious TLS message to an interface enabled for Secure Layer Socket (SSL) services on an affected device. Messages using SSL Version 3 (SSLv3) or SSL Version 2 (SSLv2) cannot be be used to exploit this vulnerability. An exploit could allow the attacker to cause a buffer underflow, triggering a crash on an affected device. This vulnerability affects Cisco ASA Software and Cisco FTD Software that is running on the following Cisco products: Adaptive Security Virtual Appliance (ASAv), Firepower Threat Defense Virtual (FTDv), Firepower 2100 Series Security Appliance. Cisco Bug IDs: CSCve18902, CSCve34335, CSCve38446.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa3	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1040725	vdb-entry, x_refsource_SECTRACK
	https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	Cisco Adaptive Security Appliance	Version: Cisco Adaptive Security Appliance

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T03:21:13.898Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa3"
          },
          {
            "name": "1040725",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1040725"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2018-0231",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-29T14:44:32.219848Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-29T15:18:17.699Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Cisco Adaptive Security Appliance"
            }
          ]
        }
      ],
      "datePublic": "2018-04-19T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Transport Layer Security (TLS) library of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of the affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a malicious TLS message to an interface enabled for Secure Layer Socket (SSL) services on an affected device. Messages using SSL Version 3 (SSLv3) or SSL Version 2 (SSLv2) cannot be be used to exploit this vulnerability. An exploit could allow the attacker to cause a buffer underflow, triggering a crash on an affected device. This vulnerability affects Cisco ASA Software and Cisco FTD Software that is running on the following Cisco products: Adaptive Security Virtual Appliance (ASAv), Firepower Threat Defense Virtual (FTDv), Firepower 2100 Series Security Appliance. Cisco Bug IDs: CSCve18902, CSCve34335, CSCve38446."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-07-05T17:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa3"
        },
        {
          "name": "1040725",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1040725"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2018-0231",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Cisco Adaptive Security Appliance"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the Transport Layer Security (TLS) library of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of the affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a malicious TLS message to an interface enabled for Secure Layer Socket (SSL) services on an affected device. Messages using SSL Version 3 (SSLv3) or SSL Version 2 (SSLv2) cannot be be used to exploit this vulnerability. An exploit could allow the attacker to cause a buffer underflow, triggering a crash on an affected device. This vulnerability affects Cisco ASA Software and Cisco FTD Software that is running on the following Cisco products: Adaptive Security Virtual Appliance (ASAv), Firepower Threat Defense Virtual (FTDv), Firepower 2100 Series Security Appliance. Cisco Bug IDs: CSCve18902, CSCve34335, CSCve38446."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa3",
              "refsource": "CONFIRM",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa3"
            },
            {
              "name": "1040725",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1040725"
            },
            {
              "name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01",
              "refsource": "MISC",
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2018-0231",
    "datePublished": "2018-04-19T20:00:00",
    "dateReserved": "2017-11-27T00:00:00",
    "dateUpdated": "2024-11-29T15:18:17.699Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-1708 (GCVE-0-2019-1708)

Vulnerability from cvelistv5

Published

2019-05-03 16:10

Modified

2024-11-19 19:08

Severity ?

8.6 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-404

Summary

A vulnerability in the Internet Key Exchange Version 2 Mobility and Multihoming Protocol (MOBIKE) feature for the Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a memory leak or a reload of an affected device that leads to a denial of service (DoS) condition. The vulnerability is due to the incorrect processing of certain MOBIKE packets. An attacker could exploit this vulnerability by sending crafted MOBIKE packets to an affected device to be processed. A successful exploit could cause an affected device to continuously consume memory and eventually reload, resulting in a DoS condition. The MOBIKE feature is supported only for IPv4 addresses.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftd-ike-dos	vendor-advisory, x_refsource_CISCO
	http://www.securityfocus.com/bid/108166	vdb-entry, x_refsource_BID

Impacted products

Vendor

Product

Version

▼

Cisco

Cisco Adaptive Security Appliance (ASA) Software

Version: unspecified   < 9.8.4
Version: unspecified   < 9.9.2.50
Version: unspecified   < 9.10.1.17

Cisco

Cisco Firepower Threat Defense (FTD) Software

Version: unspecified < 6.2.3.12
Version: unspecified < 6.3.0.3

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T18:28:42.683Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20190501 Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Software MOBIKE Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftd-ike-dos"
          },
          {
            "name": "108166",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/108166"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2019-1708",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-19T17:24:24.481304Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-19T19:08:55.652Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "9.8.4",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "9.9.2.50",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "9.10.1.17",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Cisco Firepower Threat Defense (FTD) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "6.2.3.12",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "6.3.0.3",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2019-05-01T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Internet Key Exchange Version 2 Mobility and Multihoming Protocol (MOBIKE) feature for the Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a memory leak or a reload of an affected device that leads to a denial of service (DoS) condition. The vulnerability is due to the incorrect processing of certain MOBIKE packets. An attacker could exploit this vulnerability by sending crafted MOBIKE packets to an affected device to be processed. A successful exploit could cause an affected device to continuously consume memory and eventually reload, resulting in a DoS condition. The MOBIKE feature is supported only for IPv4 addresses."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-404",
              "description": "CWE-404",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-05-06T13:06:15",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20190501 Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Software MOBIKE Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftd-ike-dos"
        },
        {
          "name": "108166",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/108166"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20190501-asa-ftd-ike-dos",
        "defect": [
          [
            "CSCvm72145"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Software MOBIKE Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2019-05-01T16:00:00-0700",
          "ID": "CVE-2019-1708",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Software MOBIKE Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "9.8.4"
                          },
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "9.9.2.50"
                          },
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "9.10.1.17"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Cisco Firepower Threat Defense (FTD) Software",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "6.2.3.12"
                          },
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "6.3.0.3"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the Internet Key Exchange Version 2 Mobility and Multihoming Protocol (MOBIKE) feature for the Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a memory leak or a reload of an affected device that leads to a denial of service (DoS) condition. The vulnerability is due to the incorrect processing of certain MOBIKE packets. An attacker could exploit this vulnerability by sending crafted MOBIKE packets to an affected device to be processed. A successful exploit could cause an affected device to continuously consume memory and eventually reload, resulting in a DoS condition. The MOBIKE feature is supported only for IPv4 addresses."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.6",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-404"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20190501 Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Software MOBIKE Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftd-ike-dos"
            },
            {
              "name": "108166",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/108166"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20190501-asa-ftd-ike-dos",
          "defect": [
            [
              "CSCvm72145"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2019-1708",
    "datePublished": "2019-05-03T16:10:20.704528Z",
    "dateReserved": "2018-12-06T00:00:00",
    "dateUpdated": "2024-11-19T19:08:55.652Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-20070 (GCVE-0-2023-20070)

Vulnerability from cvelistv5

Published

2023-11-01 17:08

Modified

2024-08-02 08:57

Severity ?

4.0 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:L

CWE

CWE-244 - Improper Clearing of Heap Memory Before Release ('Heap Inspection')

Summary

A vulnerability in the TLS 1.3 implementation of the Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the Snort 3 detection engine to unexpectedly restart. This vulnerability is due to a logic error in how memory allocations are handled during a TLS 1.3 session. Under specific, time-based constraints, an attacker could exploit this vulnerability by sending a crafted TLS 1.3 message sequence through an affected device. A successful exploit could allow the attacker to cause the Snort 3 detection engine to reload, resulting in a denial of service (DoS) condition. While the Snort detection engine reloads, packets going through the FTD device that are sent to the Snort detection engine will be dropped. The Snort detection engine will restart automatically. No manual intervention is required.

References

▼	URL	Tags
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort3-uAnUntcV

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Threat Defense Software	Version: 7.2.0 Version: 7.2.0.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T08:57:35.637Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "cisco-sa-ftd-snort3-uAnUntcV",
            "tags": [
              "x_transferred"
            ],
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort3-uAnUntcV"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "7.2.0"
            },
            {
              "status": "affected",
              "version": "7.2.0.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the TLS 1.3 implementation of the Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the Snort 3 detection engine to unexpectedly restart. This vulnerability is due to a logic error in how memory allocations are handled during a TLS 1.3 session. Under specific, time-based constraints, an attacker could exploit this vulnerability by sending a crafted TLS 1.3 message sequence through an affected device. A successful exploit could allow the attacker to cause the Snort 3 detection engine to reload, resulting in a denial of service (DoS) condition. While the Snort detection engine reloads, packets going through the FTD device that are sent to the Snort detection engine will be dropped. The Snort detection engine will restart automatically. No manual intervention is required."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-244",
              "description": "Improper Clearing of Heap Memory Before Release (\u0027Heap Inspection\u0027)",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-25T16:57:40.830Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-ftd-snort3-uAnUntcV",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort3-uAnUntcV"
        }
      ],
      "source": {
        "advisory": "cisco-sa-ftd-snort3-uAnUntcV",
        "defects": [
          "CSCwc59953"
        ],
        "discovery": "EXTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2023-20070",
    "datePublished": "2023-11-01T17:08:19.315Z",
    "dateReserved": "2022-10-27T18:47:50.328Z",
    "dateUpdated": "2024-08-02T08:57:35.637Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-3578 (GCVE-0-2020-3578)

Vulnerability from cvelistv5

Published

2020-10-21 18:40

Modified

2024-11-13 17:47

Severity ?

5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

CWE

CWE-863

Summary

A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access rule and access parts of the WebVPN portal that are supposed to be blocked. The vulnerability is due to insufficient validation of URLs when portal access rules are configured. An attacker could exploit this vulnerability by accessing certain URLs on the affected device.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-rule-bypass-P73ABNWQ	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Adaptive Security Appliance (ASA) Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T07:37:55.560Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software WebVPN Portal Access Rule Bypass Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-rule-bypass-P73ABNWQ"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-3578",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-13T17:12:18.582097Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-13T17:47:19.839Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2020-10-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access rule and access parts of the WebVPN portal that are supposed to be blocked. The vulnerability is due to insufficient validation of URLs when portal access rules are configured. An attacker could exploit this vulnerability by accessing certain URLs on the affected device."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-863",
              "description": "CWE-863",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-21T18:40:32",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software WebVPN Portal Access Rule Bypass Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-rule-bypass-P73ABNWQ"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asaftd-rule-bypass-P73ABNWQ",
        "defect": [
          [
            "CSCvu75615"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software WebVPN Portal Access Rule Bypass Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2020-10-21T16:00:00",
          "ID": "CVE-2020-3578",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software WebVPN Portal Access Rule Bypass Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access rule and access parts of the WebVPN portal that are supposed to be blocked. The vulnerability is due to insufficient validation of URLs when portal access rules are configured. An attacker could exploit this vulnerability by accessing certain URLs on the affected device."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "5.3",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-863"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software WebVPN Portal Access Rule Bypass Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-rule-bypass-P73ABNWQ"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-asaftd-rule-bypass-P73ABNWQ",
          "defect": [
            [
              "CSCvu75615"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2020-3578",
    "datePublished": "2020-10-21T18:40:32.095597Z",
    "dateReserved": "2019-12-12T00:00:00",
    "dateUpdated": "2024-11-13T17:47:19.839Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-3283 (GCVE-0-2020-3283)

Vulnerability from cvelistv5

Published

2020-05-06 16:41

Modified

2024-11-15 17:23

Severity ?

8.6 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-119

Summary

A vulnerability in the Secure Sockets Layer (SSL)/Transport Layer Security (TLS) handler of Cisco Firepower Threat Defense (FTD) Software when running on the Cisco Firepower 1000 Series platform could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition on an affected device. The vulnerability is due to a communication error between internal functions. An attacker could exploit this vulnerability by sending a crafted SSL/TLS message to an affected device. A successful exploit could allow the attacker to cause a buffer underrun, which leads to a crash. The crash causes the affected device to reload.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tls-dos-4v5nmWtZ	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Threat Defense Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T07:30:57.723Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20200506 Cisco Firepower 1000 Series SSL/TLS Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tls-dos-4v5nmWtZ"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-3283",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-15T16:21:28.326174Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-15T17:23:57.468Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2020-05-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Secure Sockets Layer (SSL)/Transport Layer Security (TLS) handler of Cisco Firepower Threat Defense (FTD) Software when running on the Cisco Firepower 1000 Series platform could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition on an affected device. The vulnerability is due to a communication error between internal functions. An attacker could exploit this vulnerability by sending a crafted SSL/TLS message to an affected device. A successful exploit could allow the attacker to cause a buffer underrun, which leads to a crash. The crash causes the affected device to reload."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-119",
              "description": "CWE-119",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-05-06T16:41:58",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20200506 Cisco Firepower 1000 Series SSL/TLS Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tls-dos-4v5nmWtZ"
        }
      ],
      "source": {
        "advisory": "cisco-sa-ftd-tls-dos-4v5nmWtZ",
        "defect": [
          [
            "CSCvq89361"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Firepower 1000 Series SSL/TLS Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2020-05-06T16:00:00-0700",
          "ID": "CVE-2020-3283",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Firepower 1000 Series SSL/TLS Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Firepower Threat Defense Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the Secure Sockets Layer (SSL)/Transport Layer Security (TLS) handler of Cisco Firepower Threat Defense (FTD) Software when running on the Cisco Firepower 1000 Series platform could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition on an affected device. The vulnerability is due to a communication error between internal functions. An attacker could exploit this vulnerability by sending a crafted SSL/TLS message to an affected device. A successful exploit could allow the attacker to cause a buffer underrun, which leads to a crash. The crash causes the affected device to reload."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.6",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-119"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20200506 Cisco Firepower 1000 Series SSL/TLS Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tls-dos-4v5nmWtZ"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-ftd-tls-dos-4v5nmWtZ",
          "defect": [
            [
              "CSCvq89361"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2020-3283",
    "datePublished": "2020-05-06T16:41:58.202989Z",
    "dateReserved": "2019-12-12T00:00:00",
    "dateUpdated": "2024-11-15T17:23:57.468Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2017-3887 (GCVE-0-2017-3887)

Vulnerability from cvelistv5

Published

2017-04-07 17:00

Modified

2024-08-05 14:39

Severity ?

CWE

Denial of Service Vulnerability

Summary

A vulnerability in the detection engine that handles Secure Sockets Layer (SSL) packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition because the Snort process unexpectedly restarts. This vulnerability affects Cisco Firepower System Software prior to the first fixed release when it is configured with an SSL Decrypt-Resign policy. More Information: CSCvb62292. Known Affected Releases: 6.0.1 6.1.0 6.2.0. Known Fixed Releases: 6.2.0 6.1.0.2.

References

▼	URL	Tags
	http://www.securityfocus.com/bid/97453	vdb-entry, x_refsource_BID
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170405-cfpw1	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	Cisco Firepower Detection Engine	Version: Cisco Firepower Detection Engine

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T14:39:41.351Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "97453",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/97453"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170405-cfpw1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Detection Engine",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Cisco Firepower Detection Engine"
            }
          ]
        }
      ],
      "datePublic": "2017-04-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the detection engine that handles Secure Sockets Layer (SSL) packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition because the Snort process unexpectedly restarts. This vulnerability affects Cisco Firepower System Software prior to the first fixed release when it is configured with an SSL Decrypt-Resign policy. More Information: CSCvb62292. Known Affected Releases: 6.0.1 6.1.0 6.2.0. Known Fixed Releases: 6.2.0 6.1.0.2."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Denial of Service Vulnerability",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-04-10T09:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "97453",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/97453"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170405-cfpw1"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2017-3887",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Firepower Detection Engine",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Cisco Firepower Detection Engine"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the detection engine that handles Secure Sockets Layer (SSL) packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition because the Snort process unexpectedly restarts. This vulnerability affects Cisco Firepower System Software prior to the first fixed release when it is configured with an SSL Decrypt-Resign policy. More Information: CSCvb62292. Known Affected Releases: 6.0.1 6.1.0 6.2.0. Known Fixed Releases: 6.2.0 6.1.0.2."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Denial of Service Vulnerability"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "97453",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/97453"
            },
            {
              "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170405-cfpw1",
              "refsource": "CONFIRM",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170405-cfpw1"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2017-3887",
    "datePublished": "2017-04-07T17:00:00",
    "dateReserved": "2016-12-21T00:00:00",
    "dateUpdated": "2024-08-05T14:39:41.351Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-20949 (GCVE-0-2022-20949)

Vulnerability from cvelistv5

Published

2022-11-10 17:32

Modified

2024-08-03 02:31

Severity ?

6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H

CWE

CWE-399 - Resource Management Errors

Summary

A vulnerability in the management web server of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker with high privileges to execute configuration commands on an affected system. This vulnerability exists because access to HTTPS endpoints is not properly restricted on an affected device. An attacker could exploit this vulnerability by sending specific messages to the affected HTTPS handler. A successful exploit could allow the attacker to perform configuration changes on the affected system, which should be configured and managed only through Cisco Firepower Management Center (FMC) Software.

References

▼	URL	Tags
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-mgmt-privesc-7GqR2th

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Threat Defense Software	Version: 6.2.3 Version: 6.2.3.1 Version: 6.2.3.2 Version: 6.2.3.3 Version: 6.2.3.4 Version: 6.2.3.5 Version: 6.2.3.6 Version: 6.2.3.7 Version: 6.2.3.8 Version: 6.2.3.10 Version: 6.2.3.11 Version: 6.2.3.9 Version: 6.2.3.12 Version: 6.2.3.13 Version: 6.2.3.14 Version: 6.2.3.15 Version: 6.2.3.16 Version: 6.2.3.17 Version: 6.2.3.18 Version: 6.6.0 Version: 6.6.0.1 Version: 6.6.1 Version: 6.6.3 Version: 6.6.4 Version: 6.6.5 Version: 6.6.5.1 Version: 6.6.5.2 Version: 6.4.0 Version: 6.4.0.1 Version: 6.4.0.3 Version: 6.4.0.2 Version: 6.4.0.4 Version: 6.4.0.5 Version: 6.4.0.6 Version: 6.4.0.7 Version: 6.4.0.8 Version: 6.4.0.9 Version: 6.4.0.10 Version: 6.4.0.11 Version: 6.4.0.12 Version: 6.4.0.13 Version: 6.4.0.14 Version: 6.4.0.15 Version: 6.7.0 Version: 6.7.0.1 Version: 6.7.0.2 Version: 6.7.0.3 Version: 7.0.0 Version: 7.0.0.1 Version: 7.0.1 Version: 7.0.1.1 Version: 7.0.2 Version: 7.0.2.1 Version: 7.0.3 Version: 7.1.0 Version: 7.1.0.1 Version: 7.1.0.2 Version: 7.2.0 Version: 7.2.0.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T02:31:59.814Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "cisco-sa-ftd-mgmt-privesc-7GqR2th",
            "tags": [
              "x_transferred"
            ],
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-mgmt-privesc-7GqR2th"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "6.2.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.1"
            },
            {
              "status": "affected",
              "version": "6.2.3.2"
            },
            {
              "status": "affected",
              "version": "6.2.3.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.4"
            },
            {
              "status": "affected",
              "version": "6.2.3.5"
            },
            {
              "status": "affected",
              "version": "6.2.3.6"
            },
            {
              "status": "affected",
              "version": "6.2.3.7"
            },
            {
              "status": "affected",
              "version": "6.2.3.8"
            },
            {
              "status": "affected",
              "version": "6.2.3.10"
            },
            {
              "status": "affected",
              "version": "6.2.3.11"
            },
            {
              "status": "affected",
              "version": "6.2.3.9"
            },
            {
              "status": "affected",
              "version": "6.2.3.12"
            },
            {
              "status": "affected",
              "version": "6.2.3.13"
            },
            {
              "status": "affected",
              "version": "6.2.3.14"
            },
            {
              "status": "affected",
              "version": "6.2.3.15"
            },
            {
              "status": "affected",
              "version": "6.2.3.16"
            },
            {
              "status": "affected",
              "version": "6.2.3.17"
            },
            {
              "status": "affected",
              "version": "6.2.3.18"
            },
            {
              "status": "affected",
              "version": "6.6.0"
            },
            {
              "status": "affected",
              "version": "6.6.0.1"
            },
            {
              "status": "affected",
              "version": "6.6.1"
            },
            {
              "status": "affected",
              "version": "6.6.3"
            },
            {
              "status": "affected",
              "version": "6.6.4"
            },
            {
              "status": "affected",
              "version": "6.6.5"
            },
            {
              "status": "affected",
              "version": "6.6.5.1"
            },
            {
              "status": "affected",
              "version": "6.6.5.2"
            },
            {
              "status": "affected",
              "version": "6.4.0"
            },
            {
              "status": "affected",
              "version": "6.4.0.1"
            },
            {
              "status": "affected",
              "version": "6.4.0.3"
            },
            {
              "status": "affected",
              "version": "6.4.0.2"
            },
            {
              "status": "affected",
              "version": "6.4.0.4"
            },
            {
              "status": "affected",
              "version": "6.4.0.5"
            },
            {
              "status": "affected",
              "version": "6.4.0.6"
            },
            {
              "status": "affected",
              "version": "6.4.0.7"
            },
            {
              "status": "affected",
              "version": "6.4.0.8"
            },
            {
              "status": "affected",
              "version": "6.4.0.9"
            },
            {
              "status": "affected",
              "version": "6.4.0.10"
            },
            {
              "status": "affected",
              "version": "6.4.0.11"
            },
            {
              "status": "affected",
              "version": "6.4.0.12"
            },
            {
              "status": "affected",
              "version": "6.4.0.13"
            },
            {
              "status": "affected",
              "version": "6.4.0.14"
            },
            {
              "status": "affected",
              "version": "6.4.0.15"
            },
            {
              "status": "affected",
              "version": "6.7.0"
            },
            {
              "status": "affected",
              "version": "6.7.0.1"
            },
            {
              "status": "affected",
              "version": "6.7.0.2"
            },
            {
              "status": "affected",
              "version": "6.7.0.3"
            },
            {
              "status": "affected",
              "version": "7.0.0"
            },
            {
              "status": "affected",
              "version": "7.0.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1.1"
            },
            {
              "status": "affected",
              "version": "7.0.2"
            },
            {
              "status": "affected",
              "version": "7.0.2.1"
            },
            {
              "status": "affected",
              "version": "7.0.3"
            },
            {
              "status": "affected",
              "version": "7.1.0"
            },
            {
              "status": "affected",
              "version": "7.1.0.1"
            },
            {
              "status": "affected",
              "version": "7.1.0.2"
            },
            {
              "status": "affected",
              "version": "7.2.0"
            },
            {
              "status": "affected",
              "version": "7.2.0.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the management web server of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker with high privileges to execute configuration commands on an affected system.\r\n\r This vulnerability exists because access to HTTPS endpoints is not properly restricted on an affected device. An attacker could exploit this vulnerability by sending specific messages to the affected HTTPS handler. A successful exploit could allow the attacker to perform configuration changes on the affected system, which should be configured and managed only through Cisco Firepower Management Center (FMC) Software."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-399",
              "description": "Resource Management Errors",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-25T16:57:19.735Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-ftd-mgmt-privesc-7GqR2th",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-mgmt-privesc-7GqR2th"
        }
      ],
      "source": {
        "advisory": "cisco-sa-ftd-mgmt-privesc-7GqR2th",
        "defects": [
          "CSCwb52401"
        ],
        "discovery": "INTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2022-20949",
    "datePublished": "2022-11-10T17:32:15.340Z",
    "dateReserved": "2021-11-02T13:28:29.194Z",
    "dateUpdated": "2024-08-03T02:31:59.814Z",
    "requesterUserId": "4087f8c1-b21c-479b-99df-de23cb76b743",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-20751 (GCVE-0-2022-20751)

Vulnerability from cvelistv5

Published

2022-05-03 03:15

Modified

2024-11-06 16:20

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-770

Summary

A vulnerability in the Snort detection engine integration for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause unlimited memory consumption, which could lead to a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient memory management for certain Snort events. An attacker could exploit this vulnerability by sending a series of crafted IP packets that would generate specific Snort events on an affected device. A sustained attack could cause an out of memory condition on the affected device. A successful exploit could allow the attacker to interrupt all traffic flowing through the affected device. In some circumstances, the attacker may be able to cause the device to reload, resulting in a DoS condition.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort-dos-hd2hFgM	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Threat Defense Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T02:24:49.350Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20220427 Cisco Firepower Threat Defense Software Snort Out of Memory Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort-dos-hd2hFgM"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-20751",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-06T16:01:36.401192Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-06T16:20:47.088Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2022-04-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Snort detection engine integration for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause unlimited memory consumption, which could lead to a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient memory management for certain Snort events. An attacker could exploit this vulnerability by sending a series of crafted IP packets that would generate specific Snort events on an affected device. A sustained attack could cause an out of memory condition on the affected device. A successful exploit could allow the attacker to interrupt all traffic flowing through the affected device. In some circumstances, the attacker may be able to cause the device to reload, resulting in a DoS condition."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-770",
              "description": "CWE-770",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-05-03T03:15:28",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20220427 Cisco Firepower Threat Defense Software Snort Out of Memory Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort-dos-hd2hFgM"
        }
      ],
      "source": {
        "advisory": "cisco-sa-ftd-snort-dos-hd2hFgM",
        "defect": [
          [
            "CSCvu41615"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Firepower Threat Defense Software Snort Out of Memory Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2022-04-27T16:00:00",
          "ID": "CVE-2022-20751",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Firepower Threat Defense Software Snort Out of Memory Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Firepower Threat Defense Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the Snort detection engine integration for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause unlimited memory consumption, which could lead to a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient memory management for certain Snort events. An attacker could exploit this vulnerability by sending a series of crafted IP packets that would generate specific Snort events on an affected device. A sustained attack could cause an out of memory condition on the affected device. A successful exploit could allow the attacker to interrupt all traffic flowing through the affected device. In some circumstances, the attacker may be able to cause the device to reload, resulting in a DoS condition."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.6",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-770"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20220427 Cisco Firepower Threat Defense Software Snort Out of Memory Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort-dos-hd2hFgM"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-ftd-snort-dos-hd2hFgM",
          "defect": [
            [
              "CSCvu41615"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2022-20751",
    "datePublished": "2022-05-03T03:15:28.395288Z",
    "dateReserved": "2021-11-02T00:00:00",
    "dateUpdated": "2024-11-06T16:20:47.088Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-20264 (GCVE-0-2023-20264)

Vulnerability from cvelistv5

Published

2023-11-01 17:10

Modified

2024-08-02 09:05

Severity ?

6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CWE

CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')

Summary

A vulnerability in the implementation of Security Assertion Markup Language (SAML) 2.0 single sign-on (SSO) for remote access VPN in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to intercept the SAML assertion of a user who is authenticating to a remote access VPN session. This vulnerability is due to insufficient validation of the login URL. An attacker could exploit this vulnerability by persuading a user to access a site that is under the control of the attacker, allowing the attacker to modify the login URL. A successful exploit could allow the attacker to intercept a successful SAML assertion and use that assertion to establish a remote access VPN session toward the affected device with the identity and permissions of the hijacked user, resulting in access to the protected network.

References

▼	URL	Tags
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-saml-hijack-ttuQfyz

Impacted products

Vendor

Product

Version

▼

Cisco

Cisco Adaptive Security Appliance (ASA) Software

Version: 9.18.1
Version: 9.18.1.3
Version: 9.18.2
Version: 9.18.2.5
Version: 9.18.2.7
Version: 9.18.2.8
Version: 9.18.3
Version: 9.18.3.39
Version: 9.18.3.46
Version: 9.19.1.5
Version: 9.19.1.9
Version: 9.19.1.12

Cisco

Cisco Firepower Threat Defense Software

Version: 7.2.4

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T09:05:36.229Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "cisco-sa-asaftd-saml-hijack-ttuQfyz",
            "tags": [
              "x_transferred"
            ],
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-saml-hijack-ttuQfyz"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "9.18.1"
            },
            {
              "status": "affected",
              "version": "9.18.1.3"
            },
            {
              "status": "affected",
              "version": "9.18.2"
            },
            {
              "status": "affected",
              "version": "9.18.2.5"
            },
            {
              "status": "affected",
              "version": "9.18.2.7"
            },
            {
              "status": "affected",
              "version": "9.18.2.8"
            },
            {
              "status": "affected",
              "version": "9.18.3"
            },
            {
              "status": "affected",
              "version": "9.18.3.39"
            },
            {
              "status": "affected",
              "version": "9.18.3.46"
            },
            {
              "status": "affected",
              "version": "9.19.1.5"
            },
            {
              "status": "affected",
              "version": "9.19.1.9"
            },
            {
              "status": "affected",
              "version": "9.19.1.12"
            }
          ]
        },
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "7.2.4"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the implementation of Security Assertion Markup Language (SAML) 2.0 single sign-on (SSO) for remote access VPN in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to intercept the SAML assertion of a user who is authenticating to a remote access VPN session. This vulnerability is due to insufficient validation of the login URL. An attacker could exploit this vulnerability by persuading a user to access a site that is under the control of the attacker, allowing the attacker to modify the login URL. A successful exploit could allow the attacker to intercept a successful SAML assertion and use that assertion to establish a remote access VPN session toward the affected device with the identity and permissions of the hijacked user, resulting in access to the protected network."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-601",
              "description": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-25T16:58:35.278Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-asaftd-saml-hijack-ttuQfyz",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-saml-hijack-ttuQfyz"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asaftd-saml-hijack-ttuQfyz",
        "defects": [
          "CSCwf85757"
        ],
        "discovery": "EXTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2023-20264",
    "datePublished": "2023-11-01T17:10:33.630Z",
    "dateReserved": "2022-10-27T18:47:50.373Z",
    "dateUpdated": "2024-08-02T09:05:36.229Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2018-0244 (GCVE-0-2018-0244)

Vulnerability from cvelistv5

Published

2018-04-19 20:00

Modified

2024-11-29 15:16

Severity ?

CWE

CWE-693

Summary

A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass a configured file action policy to drop the Server Message Block (SMB) protocol if a malware file is detected. The vulnerability is due to how the SMB protocol handles a case in which a large file transfer fails. This case occurs when some pieces of the file are successfully transferred to the remote endpoint, but ultimately the file transfer fails and is reset. An attacker could exploit this vulnerability by sending a crafted SMB file transfer request through the targeted device. An exploit could allow the attacker to pass an SMB file that contains malware, which the device is configured to block. This vulnerability affects Cisco Firepower System Software when one or more file action policies are configured, on software releases prior to 6.2.3. Cisco Bug IDs: CSCvc20141.

References

▼	URL	Tags
	http://www.securityfocus.com/bid/103945	vdb-entry, x_refsource_BID
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-fss1	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	Cisco Firepower System Software	Version: Cisco Firepower System Software

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T03:21:14.622Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "103945",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/103945"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-fss1"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2018-0244",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-29T14:44:22.063651Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-29T15:16:29.378Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower System Software",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Cisco Firepower System Software"
            }
          ]
        }
      ],
      "datePublic": "2018-04-19T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass a configured file action policy to drop the Server Message Block (SMB) protocol if a malware file is detected. The vulnerability is due to how the SMB protocol handles a case in which a large file transfer fails. This case occurs when some pieces of the file are successfully transferred to the remote endpoint, but ultimately the file transfer fails and is reset. An attacker could exploit this vulnerability by sending a crafted SMB file transfer request through the targeted device. An exploit could allow the attacker to pass an SMB file that contains malware, which the device is configured to block. This vulnerability affects Cisco Firepower System Software when one or more file action policies are configured, on software releases prior to 6.2.3. Cisco Bug IDs: CSCvc20141."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-693",
              "description": "CWE-693",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-04-24T09:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "103945",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/103945"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-fss1"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2018-0244",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Firepower System Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Cisco Firepower System Software"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass a configured file action policy to drop the Server Message Block (SMB) protocol if a malware file is detected. The vulnerability is due to how the SMB protocol handles a case in which a large file transfer fails. This case occurs when some pieces of the file are successfully transferred to the remote endpoint, but ultimately the file transfer fails and is reset. An attacker could exploit this vulnerability by sending a crafted SMB file transfer request through the targeted device. An exploit could allow the attacker to pass an SMB file that contains malware, which the device is configured to block. This vulnerability affects Cisco Firepower System Software when one or more file action policies are configured, on software releases prior to 6.2.3. Cisco Bug IDs: CSCvc20141."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-693"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "103945",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/103945"
            },
            {
              "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-fss1",
              "refsource": "CONFIRM",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-fss1"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2018-0244",
    "datePublished": "2018-04-19T20:00:00",
    "dateReserved": "2017-11-27T00:00:00",
    "dateUpdated": "2024-11-29T15:16:29.378Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-12700 (GCVE-0-2019-12700)

Vulnerability from cvelistv5

Published

2019-10-02 19:06

Modified

2024-11-21 19:12

Severity ?

7.7 (High) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-400

Summary

A vulnerability in the configuration of the Pluggable Authentication Module (PAM) used in Cisco Firepower Threat Defense (FTD) Software, Cisco Firepower Management Center (FMC) Software, and Cisco FXOS Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to improper resource management in the context of user session management. An attacker could exploit this vulnerability by connecting to an affected system and performing many simultaneous successful Secure Shell (SSH) logins. A successful exploit could allow the attacker to exhaust system resources and cause the device to reload, resulting in a DoS condition. To exploit this vulnerability, the attacker needs valid user credentials on the system.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-ftd-fpmc-dos	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Management Center	Version: unspecified < n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T23:24:39.252Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20191002 Cisco FTD, FMC, and FXOS Software Pluggable Authentication Module Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-ftd-fpmc-dos"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2019-12700",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-21T18:56:40.420140Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-21T19:12:01.659Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Management Center",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "n/a",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2019-10-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the configuration of the Pluggable Authentication Module (PAM) used in Cisco Firepower Threat Defense (FTD) Software, Cisco Firepower Management Center (FMC) Software, and Cisco FXOS Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to improper resource management in the context of user session management. An attacker could exploit this vulnerability by connecting to an affected system and performing many simultaneous successful Secure Shell (SSH) logins. A successful exploit could allow the attacker to exhaust system resources and cause the device to reload, resulting in a DoS condition. To exploit this vulnerability, the attacker needs valid user credentials on the system."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-10-02T19:06:49",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20191002 Cisco FTD, FMC, and FXOS Software Pluggable Authentication Module Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-ftd-fpmc-dos"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20191002-ftd-fpmc-dos",
        "defect": [
          [
            "CSCvm92401",
            "CSCvn83385"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco FTD, FMC, and FXOS Software Pluggable Authentication Module Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2019-10-02T16:00:00-0700",
          "ID": "CVE-2019-12700",
          "STATE": "PUBLIC",
          "TITLE": "Cisco FTD, FMC, and FXOS Software Pluggable Authentication Module Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Firepower Management Center",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the configuration of the Pluggable Authentication Module (PAM) used in Cisco Firepower Threat Defense (FTD) Software, Cisco Firepower Management Center (FMC) Software, and Cisco FXOS Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to improper resource management in the context of user session management. An attacker could exploit this vulnerability by connecting to an affected system and performing many simultaneous successful Secure Shell (SSH) logins. A successful exploit could allow the attacker to exhaust system resources and cause the device to reload, resulting in a DoS condition. To exploit this vulnerability, the attacker needs valid user credentials on the system."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "7.7",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-400"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20191002 Cisco FTD, FMC, and FXOS Software Pluggable Authentication Module Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-ftd-fpmc-dos"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20191002-ftd-fpmc-dos",
          "defect": [
            [
              "CSCvm92401",
              "CSCvn83385"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2019-12700",
    "datePublished": "2019-10-02T19:06:49.655979Z",
    "dateReserved": "2019-06-04T00:00:00",
    "dateUpdated": "2024-11-21T19:12:01.659Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-40118 (GCVE-0-2021-40118)

Vulnerability from cvelistv5

Published

2021-10-27 18:56

Modified

2024-11-07 21:45

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-121

Summary

A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. This vulnerability is due to improper input validation when parsing HTTPS requests. An attacker could exploit this vulnerability by sending a malicious HTTPS request to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asafdt-webvpn-dos-KSqJAKPA	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Adaptive Security Appliance (ASA) Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T02:27:31.540Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20211027 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Denial of Service Vulnerabilities",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asafdt-webvpn-dos-KSqJAKPA"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-40118",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-07T21:44:22.102613Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-07T21:45:17.254Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2021-10-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. This vulnerability is due to improper input validation when parsing HTTPS requests. An attacker could exploit this vulnerability by sending a malicious HTTPS request to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-121",
              "description": "CWE-121",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-01-11T20:25:20",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20211027 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Denial of Service Vulnerabilities",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asafdt-webvpn-dos-KSqJAKPA"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asafdt-webvpn-dos-KSqJAKPA",
        "defect": [
          [
            "CSCvy36910",
            "CSCvy58278",
            "CSCvy89144"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Denial of Service Vulnerabilities",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2021-10-27T16:00:00",
          "ID": "CVE-2021-40118",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Denial of Service Vulnerabilities"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. This vulnerability is due to improper input validation when parsing HTTPS requests. An attacker could exploit this vulnerability by sending a malicious HTTPS request to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.6",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-121"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20211027 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Denial of Service Vulnerabilities",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asafdt-webvpn-dos-KSqJAKPA"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-asafdt-webvpn-dos-KSqJAKPA",
          "defect": [
            [
              "CSCvy36910",
              "CSCvy58278",
              "CSCvy89144"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2021-40118",
    "datePublished": "2021-10-27T18:56:54.065412Z",
    "dateReserved": "2021-08-25T00:00:00",
    "dateUpdated": "2024-11-07T21:45:17.254Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Vulnerabilites related to cisco - firepower_threat_defense

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd