HPI-VDB — Database for IT-Attack Analysis


ID: CVE-2022-20767

Last Modified: May 11, 2022

A vulnerability in the Snort rule evaluation function of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper handling of the DNS reputation enforcement rule. An attacker could exploit this vulnerability by sending crafted UDP packets through an affected device to force a buildup of UDP connections. A successful exploit could allow the attacker to cause traffic that is going through the affected device to be dropped, resulting in a DoS condition. Note: This vulnerability only affects Cisco FTD devices that are running Snort 3.

Twitter Activity

Tweets last week: 0

Remaining steady

Yahoo Activity

Yahoo results: 0

Remaining steady

EPSS History

Current EPSS Score: 0.00118

Remaining steady

Reddit Activity

Reddit Posts: 1

Remaining steady

Github Repos

Github Repos: 0

Remaining steady

Exploits

Found exploits:

Attack Vector: Network

Attack Complexity: Low

Privileges Required: None

User Interaction: None

Scope: Unchanged

Confidentiality: None

Integrity: None

Availability: High

Base Score: 7.5

Exploitability Score: 3.9

Impact Score: 3.6

CVSS V3: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Specialize CVSS-Score

Access Vector: Network

Access Complexity: Low

Authentication: None

Confidentiality Impact: None

Integrity Impact: None

Availability Impact: Complete

Base Score: 7.8

Exploitability Score: 10.0

Impact Score: 6.9

CVSS V2: AV:N/AC:L/Au:N/C:N/I:N/A:C

Specialize CVSS-Score

CWE-770

Condition Configuration
OR
OR
Alle Schwachstellen für cisco
Alle Schwachstellen für cisco 
                    <?xml version="1.0" ?>
<set operator="and">
    <set operator="or">
        <prop key="application" value="cpe:2.3:a:cisco:firepower_threat_defense:7.1.0:*:*:*:*:*:*:*"/>
        <prop key="application" value="cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*"/>
    </set>
    <prop key="program_influence" value="input"/>
    <prop key="range" value="remote"/>
</set>

                  
                      <?xml version="1.0" ?>
<set operator="and">
    <set operator="or">
        <prop key="application" value="cpe:2.3:a:cisco:firepower_threat_defense:7.1.0:*:*:*:*:*:*:*"/>
        <prop key="application" value="cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*"/>
    </set>
    <set operator="or">
        <prop key="program_influence" value="input"/>
        <prop key="program_influence" value="existence"/>
    </set>
    <prop key="range" value="remote"/>
</set>