cnvd - cnvd-2022-44687

cnvd-2022-44687

Vulnerability from cnvd

Title: Cisco Adaptive Security Appliance和Firepower Threat Defense信息泄露漏洞

Description:

Cisco Firepower Threat Defense和Cisco Adaptive Security Appliances Software都是美国思科（Cisco）公司的产品。Cisco Firepower Threat Defense是一套提供下一代防火墙服务的统一软件。Cisco Adaptive Security Appliances Software是一套防火墙和网络安全平台。该平台提供了对数据和网络资源的高度安全的访问等功能。

Cisco Adaptive Security Appliance和Firepower Threat Defense存在信息泄露漏洞，未经身份验证的远程攻击者可利用该漏洞解密、读取、修改和重新加密通过受影响的IPsec IKEv2 VPN隧道传输的数据。

Severity: 中

Patch Name: Cisco Adaptive Security Appliance和Firepower Threat Defense信息泄露漏洞的补丁

Patch Description:

Cisco Adaptive Security Appliance和Firepower Threat Defense存在信息泄露漏洞，未经身份验证的远程攻击者可利用该漏洞解密、读取、修改和重新加密通过受影响的IPsec IKEv2 VPN隧道传输的数据。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

厂商已发布了漏洞修复程序，请及时关注更新： https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ipsec-mitm-CKnLr4

Reference: https://www.cybersecurity-help.cz/vdb/SB2022042739

Impacted products

Name
['Cisco Firepower Threat Defense 6.7.0', 'Cisco Firepower Threat Defense 7.0.0', 'Cisco Firepower Threat Defense 7.1.0', 'Cisco Adaptive Security Appliance <=9.7', 'Cisco Adaptive Security Appliance 9.8', 'Cisco Adaptive Security Appliance 9.9', 'Cisco Adaptive Security Appliance 9.10', 'Cisco Adaptive Security Appliance 9.12', 'Cisco Adaptive Security Appliance 9.13', 'Cisco Adaptive Security Appliance 9.14', 'Cisco Adaptive Security Appliance 9.15', 'Cisco Adaptive Security Appliance 9.16', 'Cisco Adaptive Security Appliance 9.17', 'Cisco Firepower Threat Defense <=6.2.2', 'Cisco Firepower Threat Defense 6.3.0', 'Cisco Firepower Threat Defense 6.4.0', 'Cisco Firepower Threat Defense 6.5.0', 'Cisco Firepower Threat Defense 6.6.0', 'Cisco Firepower Threat Defense 6.2.3']

Name

['Cisco Firepower Threat Defense 6.7.0', 'Cisco Firepower Threat Defense 7.0.0', 'Cisco Firepower Threat Defense 7.1.0', 'Cisco Adaptive Security Appliance <=9.7', 'Cisco Adaptive Security Appliance 9.8', 'Cisco Adaptive Security Appliance 9.9', 'Cisco Adaptive Security Appliance 9.10', 'Cisco Adaptive Security Appliance 9.12', 'Cisco Adaptive Security Appliance 9.13', 'Cisco Adaptive Security Appliance 9.14', 'Cisco Adaptive Security Appliance 9.15', 'Cisco Adaptive Security Appliance 9.16', 'Cisco Adaptive Security Appliance 9.17', 'Cisco Firepower Threat Defense <=6.2.2', 'Cisco Firepower Threat Defense 6.3.0', 'Cisco Firepower Threat Defense 6.4.0', 'Cisco Firepower Threat Defense 6.5.0', 'Cisco Firepower Threat Defense 6.6.0', 'Cisco Firepower Threat Defense 6.2.3']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2022-20742",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2022-20742"
    }
  },
  "description": "Cisco Firepower Threat Defense\u548cCisco Adaptive Security Appliances Software\u90fd\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002Cisco Firepower Threat Defense\u662f\u4e00\u5957\u63d0\u4f9b\u4e0b\u4e00\u4ee3\u9632\u706b\u5899\u670d\u52a1\u7684\u7edf\u4e00\u8f6f\u4ef6\u3002Cisco Adaptive Security Appliances Software\u662f\u4e00\u5957\u9632\u706b\u5899\u548c\u7f51\u7edc\u5b89\u5168\u5e73\u53f0\u3002\u8be5\u5e73\u53f0\u63d0\u4f9b\u4e86\u5bf9\u6570\u636e\u548c\u7f51\u7edc\u8d44\u6e90\u7684\u9ad8\u5ea6\u5b89\u5168\u7684\u8bbf\u95ee\u7b49\u529f\u80fd\u3002\n\nCisco Adaptive Security Appliance\u548cFirepower Threat Defense\u5b58\u5728\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff0c\u672a\u7ecf\u8eab\u4efd\u9a8c\u8bc1\u7684\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u89e3\u5bc6\u3001\u8bfb\u53d6\u3001\u4fee\u6539\u548c\u91cd\u65b0\u52a0\u5bc6\u901a\u8fc7\u53d7\u5f71\u54cd\u7684IPsec IKEv2 VPN\u96a7\u9053\u4f20\u8f93\u7684\u6570\u636e\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ipsec-mitm-CKnLr4",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2022-44687",
  "openTime": "2022-06-13",
  "patchDescription": "Cisco Firepower Threat Defense\u548cCisco Adaptive Security Appliances Software\u90fd\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002Cisco Firepower Threat Defense\u662f\u4e00\u5957\u63d0\u4f9b\u4e0b\u4e00\u4ee3\u9632\u706b\u5899\u670d\u52a1\u7684\u7edf\u4e00\u8f6f\u4ef6\u3002Cisco Adaptive Security Appliances Software\u662f\u4e00\u5957\u9632\u706b\u5899\u548c\u7f51\u7edc\u5b89\u5168\u5e73\u53f0\u3002\u8be5\u5e73\u53f0\u63d0\u4f9b\u4e86\u5bf9\u6570\u636e\u548c\u7f51\u7edc\u8d44\u6e90\u7684\u9ad8\u5ea6\u5b89\u5168\u7684\u8bbf\u95ee\u7b49\u529f\u80fd\u3002\r\n\r\nCisco Adaptive Security Appliance\u548cFirepower Threat Defense\u5b58\u5728\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff0c\u672a\u7ecf\u8eab\u4efd\u9a8c\u8bc1\u7684\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u89e3\u5bc6\u3001\u8bfb\u53d6\u3001\u4fee\u6539\u548c\u91cd\u65b0\u52a0\u5bc6\u901a\u8fc7\u53d7\u5f71\u54cd\u7684IPsec IKEv2 VPN\u96a7\u9053\u4f20\u8f93\u7684\u6570\u636e\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Cisco Adaptive Security Appliance\u548cFirepower Threat Defense\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Cisco Firepower Threat Defense 6.7.0",
      "Cisco Firepower Threat Defense 7.0.0",
      "Cisco Firepower Threat Defense 7.1.0",
      "Cisco Adaptive Security Appliance \u003c=9.7",
      "Cisco Adaptive Security Appliance 9.8",
      "Cisco Adaptive Security Appliance 9.9",
      "Cisco Adaptive Security Appliance 9.10",
      "Cisco Adaptive Security Appliance 9.12",
      "Cisco Adaptive Security Appliance 9.13",
      "Cisco Adaptive Security Appliance 9.14",
      "Cisco Adaptive Security Appliance 9.15",
      "Cisco Adaptive Security Appliance 9.16",
      "Cisco Adaptive Security Appliance 9.17",
      "Cisco Firepower Threat Defense \u003c=6.2.2",
      "Cisco Firepower Threat Defense 6.3.0",
      "Cisco Firepower Threat Defense 6.4.0",
      "Cisco Firepower Threat Defense 6.5.0",
      "Cisco Firepower Threat Defense 6.6.0",
      "Cisco Firepower Threat Defense 6.2.3"
    ]
  },
  "referenceLink": "https://www.cybersecurity-help.cz/vdb/SB2022042739",
  "serverity": "\u4e2d",
  "submitTime": "2022-04-29",
  "title": "Cisco Adaptive Security Appliance\u548cFirepower Threat Defense\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e"
}

CVE-2022-20742 (GCVE-0-2022-20742)

Vulnerability from cvelistv5

Published

2022-05-03 03:16

Modified

2024-11-06 16:19

Severity ?

7.4 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE

CWE-325

Summary

A vulnerability in an IPsec VPN library of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to read or modify data within an IPsec IKEv2 VPN tunnel. This vulnerability is due to an improper implementation of Galois/Counter Mode (GCM) ciphers. An attacker in a man-in-the-middle position could exploit this vulnerability by intercepting a sufficient number of encrypted messages across an affected IPsec IKEv2 VPN tunnel and then using cryptanalytic techniques to break the encryption. A successful exploit could allow the attacker to decrypt, read, modify, and re-encrypt data that is transmitted across an affected IPsec IKEv2 VPN tunnel.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ipsec-mitm-CKnLr4	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Adaptive Security Appliance (ASA) Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T02:24:49.394Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20220427 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IPsec IKEv2 VPN Information Disclosure Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ipsec-mitm-CKnLr4"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-20742",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-06T16:00:09.277652Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-06T16:19:31.684Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2022-04-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in an IPsec VPN library of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to read or modify data within an IPsec IKEv2 VPN tunnel. This vulnerability is due to an improper implementation of Galois/Counter Mode (GCM) ciphers. An attacker in a man-in-the-middle position could exploit this vulnerability by intercepting a sufficient number of encrypted messages across an affected IPsec IKEv2 VPN tunnel and then using cryptanalytic techniques to break the encryption. A successful exploit could allow the attacker to decrypt, read, modify, and re-encrypt data that is transmitted across an affected IPsec IKEv2 VPN tunnel."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-325",
              "description": "CWE-325",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-05-03T03:16:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20220427 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IPsec IKEv2 VPN Information Disclosure Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ipsec-mitm-CKnLr4"
        }
      ],
      "source": {
        "advisory": "cisco-sa-asaftd-ipsec-mitm-CKnLr4",
        "defect": [
          [
            "CSCvz81480"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IPsec IKEv2 VPN Information Disclosure Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2022-04-27T16:00:00",
          "ID": "CVE-2022-20742",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IPsec IKEv2 VPN Information Disclosure Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in an IPsec VPN library of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to read or modify data within an IPsec IKEv2 VPN tunnel. This vulnerability is due to an improper implementation of Galois/Counter Mode (GCM) ciphers. An attacker in a man-in-the-middle position could exploit this vulnerability by intercepting a sufficient number of encrypted messages across an affected IPsec IKEv2 VPN tunnel and then using cryptanalytic techniques to break the encryption. A successful exploit could allow the attacker to decrypt, read, modify, and re-encrypt data that is transmitted across an affected IPsec IKEv2 VPN tunnel."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "7.4",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-325"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20220427 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IPsec IKEv2 VPN Information Disclosure Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ipsec-mitm-CKnLr4"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-asaftd-ipsec-mitm-CKnLr4",
          "defect": [
            [
              "CSCvz81480"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2022-20742",
    "datePublished": "2022-05-03T03:16:01.369615Z",
    "dateReserved": "2021-11-02T00:00:00",
    "dateUpdated": "2024-11-06T16:19:31.684Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted