VDB

CVE-2022-20947

CVE-2022-20947 PUBLISHED CVSS 8.600000381469727 HIGH

A vulnerability in dynamic access policies (DAP) functionality of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. This vulnerability is due to improper processing of HostScan data received from the Posture (HostScan) module. An attacker could exploit this vulnerability by sending crafted HostScan data to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-dap-dos-GhYZBxDU ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-dap-dos-GhYZBxDU"] This advisory is part of the November 2022 release of the Cisco ASA, FTD, and FMC Security Advisory Bundled publication.

EPSS 0.79% · 74.3th percentile

Risk Scores

CVSS 3.1
8.600000381469727
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
EPSS Score
0.79%
74.3th percentile

Affected Products

VendorProductVersions
ciscofirepower_threat_defense6.3.0.5, 6.7.0.3, 6.2.3.5
ciscoadaptive_security_appliance_software9.8.4.15, 9.7.1.24, 9.8.4.20
CiscoCisco Firepower Threat Defense Software6.2.3, 6.4.0.1, 6.4.0.9
CiscoCisco Adaptive Security Appliance (ASA) Software9.12.1.3, 9.17.1

Exploit Intelligence

Timeline

  • Nov 10, 2022 CVE Published
  • Nov 16, 2022 EPSS Score
  • Dec 29, 2022 EPSS Score
  • Feb 10, 2023 EPSS Score
  • Mar 24, 2023 EPSS Score
  • May 6, 2023 EPSS Score
  • Jun 18, 2023 EPSS Score
  • Jul 31, 2023 EPSS Score
  • Sep 12, 2023 EPSS Score
  • Oct 24, 2023 EPSS Score
  • Jan 18, 2024 EPSS Score
  • Mar 1, 2024 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›