{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2022-20946", "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "state": "PUBLISHED", "assignerShortName": "cisco", "requesterUserId": "4087f8c1-b21c-479b-99df-de23cb76b743", "dateReserved": "2021-11-02T13:28:29.194Z", "datePublished": "2022-11-10T17:29:08.400Z", "dateUpdated": "2024-08-03T02:31:58.684Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco", "dateUpdated": "2024-01-25T16:57:19.097Z"}, "descriptions": [{"lang": "en", "value": "A vulnerability in the generic routing encapsulation (GRE) tunnel decapsulation feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\r\n\r This vulnerability is due to a memory handling error that occurs when GRE traffic is processed. An attacker could exploit this vulnerability by sending a crafted GRE payload through an affected device. A successful exploit could allow the attacker to cause the device to restart, resulting in a DoS condition.\r\n\r \r\n\r https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-gre-dos-hmedHQPM [\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-gre-dos-hmedHQPM\"]\r\n\r \r This advisory is part of the November 2022 release of the Cisco ASA, FTD, and FMC Security Advisory Bundled publication."}], "affected": [{"vendor": "Cisco", "product": "Cisco Firepower Threat Defense Software", "versions": [{"version": "6.6.0", "status": "affected"}, {"version": "6.6.0.1", "status": "affected"}, {"version": "6.6.1", "status": "affected"}, {"version": "6.6.3", "status": "affected"}, {"version": "6.6.4", "status": "affected"}, {"version": "6.6.5", "status": "affected"}, {"version": "6.6.5.1", "status": "affected"}, {"version": "6.6.5.2", "status": "affected"}, {"version": "6.4.0", "status": "affected"}, {"version": "6.4.0.1", "status": "affected"}, {"version": "6.4.0.3", "status": "affected"}, {"version": "6.4.0.2", "status": "affected"}, {"version": "6.4.0.4", "status": "affected"}, {"version": "6.4.0.5", "status": "affected"}, {"version": "6.4.0.6", "status": "affected"}, {"version": "6.4.0.7", "status": "affected"}, {"version": "6.4.0.8", "status": "affected"}, {"version": "6.4.0.9", "status": "affected"}, {"version": "6.4.0.10", "status": "affected"}, {"version": "6.4.0.11", "status": "affected"}, {"version": "6.4.0.12", "status": "affected"}, {"version": "6.4.0.13", "status": "affected"}, {"version": "6.4.0.14", "status": "affected"}, {"version": "6.4.0.15", "status": "affected"}, {"version": "6.7.0", "status": "affected"}, {"version": "6.7.0.1", "status": "affected"}, {"version": "6.7.0.2", "status": "affected"}, {"version": "6.7.0.3", "status": "affected"}, {"version": "7.0.0", "status": "affected"}, {"version": "7.0.0.1", "status": "affected"}, {"version": "7.0.1", "status": "affected"}, {"version": "7.0.1.1", "status": "affected"}, {"version": "7.0.2", "status": "affected"}, {"version": "7.0.2.1", "status": "affected"}, {"version": "7.0.3", "status": "affected"}, {"version": "7.1.0", "status": "affected"}, {"version": "7.1.0.1", "status": "affected"}, {"version": "7.1.0.2", "status": "affected"}]}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "Heap-based Buffer Overflow", "type": "cwe", "cweId": "CWE-122"}]}], "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-gre-dos-hmedHQPM", "name": "cisco-sa-ftd-gre-dos-hmedHQPM"}], "metrics": [{"format": "cvssV3_1", "cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "baseScore": 8.6, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH"}}], "exploits": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "source": {"advisory": "cisco-sa-ftd-gre-dos-hmedHQPM", "discovery": "INTERNAL", "defects": ["CSCwb66761"]}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T02:31:58.684Z"}, "title": "CVE Program Container", "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-gre-dos-hmedHQPM", "name": "cisco-sa-ftd-gre-dos-hmedHQPM", "tags": ["x_transferred"]}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", "matchCriteriaId": "EDE0C110-518D-4E51-BCEB-F4E9FC448278", "versionEndIncluding": "6.3.0.5", "versionStartIncluding": "6.3.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", "matchCriteriaId": "874E0E13-4A9E-4296-BEE6-F5B1077411A0", "versionEndIncluding": "6.4.0.15", "versionStartIncluding": "6.4.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", "matchCriteriaId": "171E1C5D-68C5-4BBC-AE18-D1518A1B7277", "versionEndIncluding": "6.5.0.5", "versionStartIncluding": "6.5.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", "matchCriteriaId": "6362D78F-F131-46E4-8F0E-C7F218500017", "versionEndIncluding": "6.6.5.2", "versionStartIncluding": "6.6.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", "matchCriteriaId": "1110632C-526F-4025-A7BE-0CF9F37E5F9E", "versionEndIncluding": "6.7.0.3", "versionStartIncluding": "6.7.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", "matchCriteriaId": "89DFD86B-768D-4301-92DB-B73C14255123", "versionEndIncluding": "7.0.3", "versionStartIncluding": "7.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "B7533780-0DF9-41BE-8455-F60676785689", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "469EA365-DED5-4436-AAC2-5553529DE700", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "4D94F400-5A35-41F5-B37F-E9DA6F87ED8E", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability in the generic routing encapsulation (GRE) tunnel decapsulation feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\r\n\r This vulnerability is due to a memory handling error that occurs when GRE traffic is processed. An attacker could exploit this vulnerability by sending a crafted GRE payload through an affected device. A successful exploit could allow the attacker to cause the device to restart, resulting in a DoS condition.\r\n\r \r\n\r https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-gre-dos-hmedHQPM [\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-gre-dos-hmedHQPM\"]\r\n\r \r This advisory is part of the November 2022 release of the Cisco ASA, FTD, and FMC Security Advisory Bundled publication."}, {"lang": "es", "value": "Una vulnerabilidad en la funci\u00f3n de decapsulaci\u00f3n de t\u00fanel de Generic Routing Encapsulation (GRE) del software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir que un atacante remoto no autenticado cause una condici\u00f3n de Denegaci\u00f3n de Servicio (DoS) en un dispositivo afectado. Esta vulnerabilidad se debe a un error de manejo de memoria que ocurre cuando se procesa el tr\u00e1fico GRE. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando un payload GRE manipulado a trav\u00e9s de un dispositivo afectado. Un exploit exitoso podr\u00eda permitir que el atacante reinicie el dispositivo, lo que provocar\u00eda una condici\u00f3n DoS. \nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-gre-dos-hmedHQPM \nEste aviso es parte de la versi\u00f3n de noviembre de 2022 de la publicaci\u00f3n del Security Advisory Bundled de Cisco ASA, FTD y FMC."}], "id": "CVE-2022-20946", "lastModified": "2024-01-25T17:15:21.187", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 4.0, "source": "ykramarz@cisco.com", "type": "Secondary"}]}, "published": "2022-11-15T21:15:35.317", "references": [{"source": "ykramarz@cisco.com", "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-gre-dos-hmedHQPM"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-122"}], "source": "ykramarz@cisco.com", "type": "Secondary"}]}

{}