CVE-2022-20922
Severity Score
6.5
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Multiple vulnerabilities in the Server Message Block Version 2 (SMB2) processor of the Snort detection engine on multiple Cisco products could allow an unauthenticated, remote attacker to bypass the configured policies or cause a denial of service (DoS) condition on an affected device.
These vulnerabilities are due to improper management of system resources when the Snort detection engine is processing SMB2 traffic. An attacker could exploit these vulnerabilities by sending a high rate of certain types of SMB2 packets through an affected device. A successful exploit could allow the attacker to trigger a reload of the Snort process, resulting in a DoS condition.
Note: When the snort preserve-connection option is enabled for the Snort detection engine, a successful exploit could also allow the attacker to bypass the configured policies and deliver a malicious payload to the protected network. The snort preserve-connection setting is enabled by default. See the Details ["#details"] section of this advisory for more information.
Note: Only products that have Snort 3 configured are affected. Products that are configured with Snort 2 are not affected.
Múltiples vulnerabilidades en el procesador Server Message Block Versión 2 (SMB2) del motor de detección Snort en múltiples productos Cisco podrían permitir que un atacante remoto no autenticado omita las políticas configuradas o cause una condición de Denegación de Servicio (DoS) en un dispositivo afectado. Estas vulnerabilidades se deben a una gestión inadecuada de los recursos del sistema cuando el motor de detección de Snort procesa el tráfico SMB2. Un atacante podría aprovechar estas vulnerabilidades enviando unalto número de ciertos tipos de paquetes SMB2 a través de un dispositivo afectado. Un exploit exitoso podría permitir al atacante activar una recarga del proceso Snort, lo que resultaría en una condición DoS. Nota: Cuando la opción Snort preserve-connection está habilitada para el motor de detección de Snort, un exploit exitoso también podría permitir al atacante omitir las políticas configuradas y entregar un payload malicioso a la red protegida. La configuración de preservación de conexión de Snort está habilitada de forma predeterminada. Consulte la sección Detalles ["#details"] de este aviso para obtener más información. Nota: Sólo se ven afectados los productos que tienen Snort 3 configurado. Los productos configurados con Snort 2 no se ven afectados.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2021-11-02 CVE Reserved
- 2022-11-10 CVE Published
- 2024-06-02 EPSS Updated
- 2024-08-03 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-244: Improper Clearing of Heap Memory Before Release ('Heap Inspection')
CAPEC
References (1)
| URL | Tag | Source |
|---|---|---|
| https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-smb-3nfhJtr |
|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | 7.1.0 Search vendor "Cisco" for product "Firepower Threat Defense" and version "7.1.0" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | 7.1.0.1 Search vendor "Cisco" for product "Firepower Threat Defense" and version "7.1.0.1" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | 7.1.0.2 Search vendor "Cisco" for product "Firepower Threat Defense" and version "7.1.0.2" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | 7.2.0 Search vendor "Cisco" for product "Firepower Threat Defense" and version "7.2.0" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | 7.2.0.1 Search vendor "Cisco" for product "Firepower Threat Defense" and version "7.2.0.1" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Umbrella Insights Virtual Appliance Search vendor "Cisco" for product "Umbrella Insights Virtual Appliance" | 1.5.4 Search vendor "Cisco" for product "Umbrella Insights Virtual Appliance" and version "1.5.4" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Umbrella Insights Virtual Appliance Search vendor "Cisco" for product "Umbrella Insights Virtual Appliance" | 1.5.5 Search vendor "Cisco" for product "Umbrella Insights Virtual Appliance" and version "1.5.5" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Umbrella Insights Virtual Appliance Search vendor "Cisco" for product "Umbrella Insights Virtual Appliance" | 1.5.6 Search vendor "Cisco" for product "Umbrella Insights Virtual Appliance" and version "1.5.6" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Umbrella Insights Virtual Appliance Search vendor "Cisco" for product "Umbrella Insights Virtual Appliance" | 2.0.0 Search vendor "Cisco" for product "Umbrella Insights Virtual Appliance" and version "2.0.0" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Umbrella Insights Virtual Appliance Search vendor "Cisco" for product "Umbrella Insights Virtual Appliance" | 2.0.2 Search vendor "Cisco" for product "Umbrella Insights Virtual Appliance" and version "2.0.2" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Umbrella Insights Virtual Appliance Search vendor "Cisco" for product "Umbrella Insights Virtual Appliance" | 2.0.3 Search vendor "Cisco" for product "Umbrella Insights Virtual Appliance" and version "2.0.3" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Umbrella Insights Virtual Appliance Search vendor "Cisco" for product "Umbrella Insights Virtual Appliance" | 2.1.0 Search vendor "Cisco" for product "Umbrella Insights Virtual Appliance" and version "2.1.0" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Umbrella Insights Virtual Appliance Search vendor "Cisco" for product "Umbrella Insights Virtual Appliance" | 2.1.2 Search vendor "Cisco" for product "Umbrella Insights Virtual Appliance" and version "2.1.2" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Umbrella Insights Virtual Appliance Search vendor "Cisco" for product "Umbrella Insights Virtual Appliance" | 2.1.4 Search vendor "Cisco" for product "Umbrella Insights Virtual Appliance" and version "2.1.4" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Umbrella Insights Virtual Appliance Search vendor "Cisco" for product "Umbrella Insights Virtual Appliance" | 2.1.5 Search vendor "Cisco" for product "Umbrella Insights Virtual Appliance" and version "2.1.5" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Umbrella Insights Virtual Appliance Search vendor "Cisco" for product "Umbrella Insights Virtual Appliance" | 2.2 Search vendor "Cisco" for product "Umbrella Insights Virtual Appliance" and version "2.2" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Umbrella Insights Virtual Appliance Search vendor "Cisco" for product "Umbrella Insights Virtual Appliance" | 2.2.1 Search vendor "Cisco" for product "Umbrella Insights Virtual Appliance" and version "2.2.1" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Umbrella Insights Virtual Appliance Search vendor "Cisco" for product "Umbrella Insights Virtual Appliance" | 2.3 Search vendor "Cisco" for product "Umbrella Insights Virtual Appliance" and version "2.3" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Umbrella Insights Virtual Appliance Search vendor "Cisco" for product "Umbrella Insights Virtual Appliance" | 2.3.1 Search vendor "Cisco" for product "Umbrella Insights Virtual Appliance" and version "2.3.1" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Umbrella Insights Virtual Appliance Search vendor "Cisco" for product "Umbrella Insights Virtual Appliance" | 2.4 Search vendor "Cisco" for product "Umbrella Insights Virtual Appliance" and version "2.4" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Umbrella Insights Virtual Appliance Search vendor "Cisco" for product "Umbrella Insights Virtual Appliance" | 2.4.4 Search vendor "Cisco" for product "Umbrella Insights Virtual Appliance" and version "2.4.4" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Umbrella Insights Virtual Appliance Search vendor "Cisco" for product "Umbrella Insights Virtual Appliance" | 2.4.6 Search vendor "Cisco" for product "Umbrella Insights Virtual Appliance" and version "2.4.6" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Umbrella Insights Virtual Appliance Search vendor "Cisco" for product "Umbrella Insights Virtual Appliance" | 2.4.12 Search vendor "Cisco" for product "Umbrella Insights Virtual Appliance" and version "2.4.12" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Umbrella Insights Virtual Appliance Search vendor "Cisco" for product "Umbrella Insights Virtual Appliance" | 2.5 Search vendor "Cisco" for product "Umbrella Insights Virtual Appliance" and version "2.5" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Umbrella Insights Virtual Appliance Search vendor "Cisco" for product "Umbrella Insights Virtual Appliance" | 2.5.4 Search vendor "Cisco" for product "Umbrella Insights Virtual Appliance" and version "2.5.4" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Umbrella Insights Virtual Appliance Search vendor "Cisco" for product "Umbrella Insights Virtual Appliance" | 2.5.5 Search vendor "Cisco" for product "Umbrella Insights Virtual Appliance" and version "2.5.5" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Umbrella Insights Virtual Appliance Search vendor "Cisco" for product "Umbrella Insights Virtual Appliance" | 2.5.6 Search vendor "Cisco" for product "Umbrella Insights Virtual Appliance" and version "2.5.6" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Umbrella Insights Virtual Appliance Search vendor "Cisco" for product "Umbrella Insights Virtual Appliance" | 2.5.7 Search vendor "Cisco" for product "Umbrella Insights Virtual Appliance" and version "2.5.7" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Umbrella Insights Virtual Appliance Search vendor "Cisco" for product "Umbrella Insights Virtual Appliance" | 2.6.0 Search vendor "Cisco" for product "Umbrella Insights Virtual Appliance" and version "2.6.0" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Umbrella Insights Virtual Appliance Search vendor "Cisco" for product "Umbrella Insights Virtual Appliance" | 2.6.1 Search vendor "Cisco" for product "Umbrella Insights Virtual Appliance" and version "2.6.1" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Umbrella Insights Virtual Appliance Search vendor "Cisco" for product "Umbrella Insights Virtual Appliance" | 2.6.2 Search vendor "Cisco" for product "Umbrella Insights Virtual Appliance" and version "2.6.2" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Umbrella Insights Virtual Appliance Search vendor "Cisco" for product "Umbrella Insights Virtual Appliance" | 2.7 Search vendor "Cisco" for product "Umbrella Insights Virtual Appliance" and version "2.7" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Umbrella Insights Virtual Appliance Search vendor "Cisco" for product "Umbrella Insights Virtual Appliance" | 2.8 Search vendor "Cisco" for product "Umbrella Insights Virtual Appliance" and version "2.8" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Umbrella Insights Virtual Appliance Search vendor "Cisco" for product "Umbrella Insights Virtual Appliance" | 2.8.9 Search vendor "Cisco" for product "Umbrella Insights Virtual Appliance" and version "2.8.9" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Umbrella Insights Virtual Appliance Search vendor "Cisco" for product "Umbrella Insights Virtual Appliance" | 3.0 Search vendor "Cisco" for product "Umbrella Insights Virtual Appliance" and version "3.0" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Umbrella Insights Virtual Appliance Search vendor "Cisco" for product "Umbrella Insights Virtual Appliance" | 3.1 Search vendor "Cisco" for product "Umbrella Insights Virtual Appliance" and version "3.1" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Umbrella Insights Virtual Appliance Search vendor "Cisco" for product "Umbrella Insights Virtual Appliance" | 3.2 Search vendor "Cisco" for product "Umbrella Insights Virtual Appliance" and version "3.2" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Cyber Vision Search vendor "Cisco" for product "Cyber Vision" | 3.0.0 Search vendor "Cisco" for product "Cyber Vision" and version "3.0.0" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Cyber Vision Search vendor "Cisco" for product "Cyber Vision" | 3.0.1 Search vendor "Cisco" for product "Cyber Vision" and version "3.0.1" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Cyber Vision Search vendor "Cisco" for product "Cyber Vision" | 3.0.2 Search vendor "Cisco" for product "Cyber Vision" and version "3.0.2" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Cyber Vision Search vendor "Cisco" for product "Cyber Vision" | 3.0.3 Search vendor "Cisco" for product "Cyber Vision" and version "3.0.3" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Cyber Vision Search vendor "Cisco" for product "Cyber Vision" | 3.0.5 Search vendor "Cisco" for product "Cyber Vision" and version "3.0.5" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Cyber Vision Search vendor "Cisco" for product "Cyber Vision" | 3.0.6 Search vendor "Cisco" for product "Cyber Vision" and version "3.0.6" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Cyber Vision Search vendor "Cisco" for product "Cyber Vision" | 3.1.0 Search vendor "Cisco" for product "Cyber Vision" and version "3.1.0" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Cyber Vision Search vendor "Cisco" for product "Cyber Vision" | 3.1.1 Search vendor "Cisco" for product "Cyber Vision" and version "3.1.1" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Cyber Vision Search vendor "Cisco" for product "Cyber Vision" | 3.1.2 Search vendor "Cisco" for product "Cyber Vision" and version "3.1.2" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Cyber Vision Search vendor "Cisco" for product "Cyber Vision" | 3.2.0 Search vendor "Cisco" for product "Cyber Vision" and version "3.2.0" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Cyber Vision Search vendor "Cisco" for product "Cyber Vision" | 3.2.1 Search vendor "Cisco" for product "Cyber Vision" and version "3.2.1" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Cyber Vision Search vendor "Cisco" for product "Cyber Vision" | 3.2.2 Search vendor "Cisco" for product "Cyber Vision" and version "3.2.2" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Cyber Vision Search vendor "Cisco" for product "Cyber Vision" | 3.2.3 Search vendor "Cisco" for product "Cyber Vision" and version "3.2.3" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Cyber Vision Search vendor "Cisco" for product "Cyber Vision" | 3.2.4 Search vendor "Cisco" for product "Cyber Vision" and version "3.2.4" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Cyber Vision Search vendor "Cisco" for product "Cyber Vision" | 4.0.0 Search vendor "Cisco" for product "Cyber Vision" and version "4.0.0" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Cyber Vision Search vendor "Cisco" for product "Cyber Vision" | 4.0.1 Search vendor "Cisco" for product "Cyber Vision" and version "4.0.1" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Cyber Vision Search vendor "Cisco" for product "Cyber Vision" | 4.0.2 Search vendor "Cisco" for product "Cyber Vision" and version "4.0.2" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Cyber Vision Search vendor "Cisco" for product "Cyber Vision" | 4.0.3 Search vendor "Cisco" for product "Cyber Vision" and version "4.0.3" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Cyber Vision Search vendor "Cisco" for product "Cyber Vision" | 4.1.0 Search vendor "Cisco" for product "Cyber Vision" and version "4.1.0" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Cyber Vision Search vendor "Cisco" for product "Cyber Vision" | 4.1.1 Search vendor "Cisco" for product "Cyber Vision" and version "4.1.1" | - |
Affected
| ||||||