CVE-2022-20826
https://notcve.org/view.php?id=CVE-2022-20826
A vulnerability in the secure boot implementation of Cisco Secure Firewalls 3100 Series that are running Cisco Adaptive Security Appliance (ASA) Software or Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated attacker with physical access to the device to bypass the secure boot functionality. This vulnerability is due to a logic error in the boot process. An attacker could exploit this vulnerability by injecting malicious code into a specific memory location during the boot process of an affected device. A successful exploit could allow the attacker to execute persistent code at boot time and break the chain of trust. Una vulnerabilidad en la implementación de boot seguro de Cisco Secure Firewalls serie 3100 que ejecutan el Software Cisco Adaptive Security Appliance (ASA) o el Software Cisco Firepower Threat Defense (FTD) podría permitir que un atacante no autenticado con acceso físico al dispositivo omita la funcionalidad de boot seguro. Esta vulnerabilidad se debe a un error lógico en el proceso de boot. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fw3100-secure-boot-5M8mUh26 • CWE-501: Trust Boundary Violation •
CVE-2022-20854
https://notcve.org/view.php?id=CVE-2022-20854
A vulnerability in the processing of SSH connections of Cisco Firepower Management Center (FMC) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper error handling when an SSH session fails to be established. An attacker could exploit this vulnerability by sending a high rate of crafted SSH connections to the instance. A successful exploit could allow the attacker to cause resource exhaustion, resulting in a reboot on the affected device. Una vulnerabilidad en el procesamiento de conexiones SSH de Cisco Firepower Management Center (FMC) y el software Cisco Firepower Threat Defense (FTD) podría permitir que un atacante remoto no autenticado cause una condición de Denegación de Servicio (DoS) en un dispositivo afectado. Esta vulnerabilidad se debe a un manejo inadecuado de errores cuando no se puede establecer una sesión SSH. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-dos-OwEunWJN • CWE-400: Uncontrolled Resource Consumption CWE-755: Improper Handling of Exceptional Conditions •
CVE-2022-20924
https://notcve.org/view.php?id=CVE-2022-20924
A vulnerability in the Simple Network Management Protocol (SNMP) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted SNMP request to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Una vulnerabilidad en la función del Protocolo Simple de Administración de Red (SNMP) del software Cisco Adaptive Security Appliance (ASA) y del software Cisco Firepower Threat Defense (FTD) podría permitir que un atacante remoto autenticado provoque una condición de Denegación de Servicio (DoS) en el dispositivo afectado. Esta vulnerabilidad se debe a una validación de entrada insuficiente. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-snmp-dos-qsqBNM6x • CWE-20: Improper Input Validation CWE-703: Improper Check or Handling of Exceptional Conditions •
CVE-2022-20927
https://notcve.org/view.php?id=CVE-2022-20927
A vulnerability in the SSL/TLS client of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper memory management when a device initiates SSL/TLS connections. An attacker could exploit this vulnerability by ensuring that the device will connect to an SSL/TLS server that is using specific encryption parameters. A successful exploit could allow the attacker to cause the affected device to unexpectedly reload, resulting in a DoS condition. Una vulnerabilidad en el cliente SSL/TLS del software Cisco Adaptive Security Appliance (ASA) y el software Cisco Firepower Threat Defense (FTD) podría permitir que un atacante remoto autenticado cause una condición de Denegación de Servicio (DoS) en un dispositivo afectado. Esta vulnerabilidad se debe a una gestión inadecuada de la memoria cuando un dispositivo inicia conexiones SSL/TLS. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ssl-client-dos-cCrQPkA • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2022-20947
https://notcve.org/view.php?id=CVE-2022-20947
A vulnerability in dynamic access policies (DAP) functionality of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. This vulnerability is due to improper processing of HostScan data received from the Posture (HostScan) module. An attacker could exploit this vulnerability by sending crafted HostScan data to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-dap-dos-GhYZBxDU ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-dap-dos-GhYZBxDU"] This advisory is part of the November 2022 release of the Cisco ASA, FTD, and FMC Security Advisory Bundled publication. Una vulnerabilidad en la funcionalidad de las políticas de acceso dinámico (DAP) del software Cisco Adaptive Security Appliance (ASA) y del software Firepower Threat Defense (FTD) podría permitir que un atacante remoto no autenticado provoque que un dispositivo afectado se recargue, lo que resultaría en una condición de Denegación de Servicio (DoS). • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-dap-dos-GhYZBxDU • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •