Rewterz Threat Advisory – CVE-2022-27854 – WordPress Vulnerability
April 29, 2022Rewterz Threat Advisory – Multiple NVIDIA Jetson Vulnerabilities
April 29, 2022Rewterz Threat Advisory – CVE-2022-27854 – WordPress Vulnerability
April 29, 2022Rewterz Threat Advisory – Multiple NVIDIA Jetson Vulnerabilities
April 29, 2022Severity
Medium
Analysis Summary
CVE-2022-20767, CVSS 8.6
Cisco Firepower Threat Defense Software is vulnerable to a denial of service, caused by improper handling of the DNS reputation enforcement rule in the Snort rule evaluation function. By sending specially-crafted UDP packets, a remote attacker could exploit this vulnerability to cause traffic that is going through the affected device to be dropped
CVE-2022-20760, CVSS 8.6
Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Software are vulnerable to a denial of service, caused by improper processing of incoming requests in the DNS inspection handler. By sending specially crafted DNS requests at a high rate to an affected device, a remote attacker could exploit this vulnerability to cause the device to stop responding.
CVE-2022-20757, CVSS 8.6
Cisco Firepower Threat Defense Software is vulnerable to a denial of service, caused by improper traffic handling when platform limits are reached. By sending a high rate of UDP traffic through an affected device, a remote attacker could exploit this vulnerability to cause a denial of service.
CVE-2022-20751, CVSS 8.6
Cisco Firepower Threat Defense Software is vulnerable to a denial of service, caused by insufficient memory management for certain Snort events. By sending a series of specially crafted IP packets that would generate specific Snort events on an affected device, a remote attacker could exploit this vulnerability to cause a denial of service.
CVE-2022-20748, CVSS 5.3
Cisco Firepower Threat Defense Software is vulnerable to a denial of service, caused by insufficient error handling in the local malware analysis process of an affected device. By sending a specially crafted file through the device, a remote attacker could exploit this vulnerability to cause a denial of service.
CVE-2022-20746, CVSS 8.6
Cisco Firepower Threat Defense Software is vulnerable to a denial of service, caused by the improper handling of TCP flows by the TCP Proxy functionality. By sending a specially crafted stream of TCP traffic, a remote attacker could exploit this vulnerability to cause a denial of service.
CVE-2022-20745, CVSS 8.6
Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Software are vulnerable to a denial of service, caused by improper input validation in the web services interface when parsing HTTPS requests. By sending a specially-crafted HTTPS request, a remote attacker could exploit this vulnerability to cause the device to reload.
CVE-2022-20744, CVSS 4.3
Cisco Firepower Management Center Software could allow a remote authenticated attacker to obtain sensitive information, caused by a protection mechanism that relies on the existence of values of a specific input in the input protection. By modifying the input and sending a specially crafted request, an attacker could exploit this vulnerability to view data without proper authorization.
CVE-2022-20740, CVSS 6.1
Cisco Firepower Management Center Software is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the web-based management interface. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute a script in a victim’s Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
CVE-2022-20730, CVSS 4
Cisco Firepower Threat Defense Software could allow a remote attacker to bypass security restrictions, caused by an improper feed update processing. By sending a specially-crafted traffic, an attacker could exploit this vulnerability to bypass device controls and successfully send traffic to devices that are expected to be protected.
CVE-2022-20759, CVSS 8.8
could allow a remote authenticated attacker to gain elevated privileges on the system, caused by improper separation of authentication and authorization scopes. By sending a specially-crafted HTTPS messages to the web services interface, an authenticated attacker could exploit this vulnerability to gain privilege level 15 access to the web management interface.
CVE-2022-20743, CVSS 6.5
Cisco Firepower Management Center could allow a remote authenticated attacker to upload arbitrary files, caused by the improper validation of file extensions. By sending a specially-crafted HTTP request, a remote attacker could exploit this vulnerability to upload a malicious file, which could allow the attacker to execute arbitrary code on the vulnerable system.
CVE-2022-20729, CVSS 4.4
Cisco Firepower Threat Defense Software could allow a local authenticated attacker to execute arbitrary commands on the system, caused by an XML injection flaw in the the command parser. By including specially-crafted input in commands, an attacker could exploit this vulnerability to execute arbitrary commands on the system.
CVE-2022-20627, CVSS 5.4
Cisco Firepower Management Center Software is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the web-based management interface. A remote authenticated attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim’s Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
CVE-2022-20628, CVSS 5.4
Cisco Firepower Management Center Software is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the web-based management interface. A remote authenticated attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim’s Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
CVE-2022-20629, CVSS 5.4
Cisco Firepower Management Center Software is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the web-based management interface. A remote authenticated attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim’s Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
CVE-2022-20715, CVSS 8.6
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software is vulnerable to a denial of service, caused by improper validation of errors in remote access SSL VPN features. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause the device to restart.
CVE-2022-20737, CVSS 8.5
Cisco Adaptive Security Appliance Software is vulnerable to a denial of service, caused by insufficient bounds checking when parsing specific HTTP authentication messages. By sending malicious traffic to an affected device acting as a VPN Gateway, a remote authenticated attacker could exploit this vulnerability to cause the device to reload or retrieve bytes from the device process memory.
CVE-2022-20742, CVSS 7.4
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software could allow a remote attacker to obtain sensitive information, caused by improper implementation of Galois/Counter Mode (GCM) ciphers. By intercepting a sufficient number of encrypted messages across an affected IPsec IKEv2 VPN tunnel and then using cryptanalytic techniques to break the encryption, a remote attacker could exploit this vulnerability to decrypt, read, modify, and re-encrypt data that is transmitted across an affected IPsec IKEv2 VPN tunnel.
Impact
- Denial of Service
- Obtain Information
- Cross-Site Scripting
- Bypass Security
- Gain Access
Indicators Of Compromise
CVE
- CVE-2022-20767
- CVE-2022-20760
- CVE-2022-20759
- CVE-2022-20757
- CVE-2022-20751
- CVE-2022-20748
- CVE-2022-20746
- CVE-2022-20745
- CVE-2022-20744
- CVE-2022-20743
- CVE-2022-20742
- CVE-2022-20740
- CVE-2022-20737
- CVE-2022-20730
- CVE-2022-20729
- CVE-2022-20715
- CVE-2022-20629
- CVE-2022-20628
- CVE-2022-20627
Affected Vendors
- Cisco
Affected Products
- Cisco Adaptive Security Appliance Software 7.0
- Cisco Adaptive Security Appliance Software 7.0.1
- Cisco Adaptive Security Appliance Software 7.0.1.4
- Cisco Adaptive Security Appliance Software 7.0.2
- Cisco Adaptive Security Appliance Software 7.0.4
- Cisco Adaptive Security Appliance Software 7.0.4.3
- Cisco Adaptive Security Appliance Software 7.0.5
- Cisco Adaptive Security Appliance Software 7.0.6
- Cisco Adaptive Security Appliance Software 7.0.7
- Cisco Adaptive Security Appliance Software 7.0.8
- Cisco Adaptive Security Appliance Software 7.0.8 Interim
- Cisco Adaptive Security Appliance Software 7.1
- Cisco Adaptive Security Appliance Software 7.1.1
- Cisco Adaptive Security Appliance Software 7.1.2
- Cisco Adaptive Security Appliance Software 7.2
- Cisco Adaptive Security Appliance Software 7.2.1
- Cisco Adaptive Security Appliance Software 7.2.2
- Cisco Adaptive Security Appliance Software 7.2.3
- Cisco Adaptive Security Appliance Software 7.2.4
- Cisco Adaptive Security Appliance Software 7.2.5
- Cisco Adaptive Security Appliance Software 8.0
- Cisco Adaptive Security Appliance Software 8.0.2
- Cisco Adaptive Security Appliance Software 8.0.3
- Cisco Adaptive Security Appliance Software 8.0.4
- Cisco Adaptive Security Appliance Software 8.0.5
- Cisco Adaptive Security Appliance Software 8.2.1
- Cisco Adaptive Security Appliance Software 8.2.2
- Cisco Adaptive Security Appliance Software 8.2.2 Interim
- Cisco Adaptive Security Appliance Software 8.2.3
- Cisco Adaptive Security Appliance Software 8.3.1
- Cisco Adaptive Security Appliance Software 8.3.1 Interim
- Cisco Adaptive Security Appliance Software 8.3.2
- Cisco Adaptive Security Appliance Software 8.1
- Cisco Adaptive Security Appliance Software 8.5
- Cisco Adaptive Security Appliance Software 8.4
- Cisco Adaptive Security Appliance Software 8.2
- Cisco Adaptive Security Appliance Software 8.7.1
- Cisco Adaptive Security Appliance Software 8.7.1.1
- Cisco Adaptive Security Appliance Software
- Cisco Adaptive Security Appliance Software 9.1(1)
- Cisco Adaptive Security Appliance Software 8.4(0.3)
- Cisco Adaptive Security Appliance Software 9.0
- Cisco Adaptive Security Appliance Software 8.7
- Cisco Adaptive Security Appliance Software 9.1
- Cisco Adaptive Security Appliance Software 8.6
- Cisco Adaptive Security Appliance Software 9.4.3.2
- Cisco Adaptive Security Appliance Software 9.4.3.1
- Cisco Adaptive Security Appliance Software 9.4.4
- Cisco Adaptive Security Appliance Software 9.4.4.13
- Cisco Adaptive Security Appliance Software 9.5.2.7
- Cisco Adaptive Security Appliance Software 9.5.2.8
- Cisco Adaptive Security Appliance Software 9.5.3.7
- Cisco Adaptive Security Appliance Software 9.5.3.9
- Cisco Adaptive Security Appliance Software 9.6.2.9
- Cisco Adaptive Security Appliance Software 9.6.2.21
- Cisco Adaptive Security Appliance Software 9.6.3.17
- Cisco Adaptive Security Appliance Software 9.6.3
- Cisco Firepower Threat Defense (FTD) Software 6.2.0
- Cisco Firepower Threat Defense (FTD) Software 6.2.1
- Cisco Firepower Threat Defense (FTD) Software 6.2.2
- Cisco Firepower Threat Defense (FTD) Software 6.2.3
- Cisco Firepower Threat Defense (FTD) Software 6.5.0
- Cisco Firepower Threat Defense (FTD) Software 6.3.0
- Cisco Firepower Threat Defense (FTD) Software 6.4.0
- Cisco Firepower Threat Defense (FTD) Software 7.0.1
- Cisco Firepower Threat Defense Software 7.0.0
- Cisco Firepower Management Center Software 6.6.0
- Cisco Firepower Management Center Software 6.2.2
- Cisco Firepower Management Center Software 6.2.3
- Cisco Firepower Management Center Software 6.3.0
- Cisco Firepower Management Center Software 6.4.0
- Cisco Firepower Management Center Software 6.7.0
- Cisco Firepower Management Center Software 6.5.0
- Cisco Firepower Management Center Software 7.0.0
- Cisco Firepower Management Center Software 7.1.0
- Cisco Firepower Threat Defense Software
- Cisco Firepower Management Center
Remediation
Refer to Cisco Security Advisory for the patch, upgrade, or suggested workaround information.