VDB

CVE-2022-20746

CVE-2022-20746 PUBLISHED CVSS 8.600000381469727 HIGH

A vulnerability in the TCP proxy functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. This vulnerability is due to improper handling of TCP flows. An attacker could exploit this vulnerability by sending a crafted stream of TCP traffic through an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

EPSS 0.91% · 76.3th percentile

Risk Scores

CVSS 3.1
8.600000381469727
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
EPSS Score
0.91%
76.3th percentile

Affected Products

VendorProductVersions
ciscofirepower_threat_defense0, 6.5.0, 7.0.0
CiscoCisco Firepower Threat Defense Softwaren/a

Exploit Intelligence

Timeline

  • Apr 27, 2022 CVE Published
  • May 3, 2022 EPSS Score
  • Jun 22, 2022 EPSS Score
  • Aug 11, 2022 EPSS Score
  • Sep 30, 2022 EPSS Score
  • Nov 18, 2022 EPSS Score
  • Feb 25, 2023 EPSS Score
  • Mar 7, 2023 EPSS Score
  • Apr 16, 2023 EPSS Score
  • Jun 4, 2023 EPSS Score
  • Jul 24, 2023 EPSS Score
  • Sep 12, 2023 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›