Attacker Value

Unknown

(0 users assessed)

Exploitability

Unknown

(0 users assessed)

User Interaction

CVE-2022-20922

Disclosure Date: November 15, 2022 •

CVE-2022-20922 CVSS v3 Base Score: 6.5

MITRE ATT&CK

Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

Multiple vulnerabilities in the Server Message Block Version 2 (SMB2) processor of the Snort detection engine on multiple Cisco products could allow an unauthenticated, remote attacker to bypass the configured policies or cause a denial of service (DoS) condition on an affected device.

These vulnerabilities are due to improper management of system resources when the Snort detection engine is processing SMB2 traffic. An attacker could exploit these vulnerabilities by sending a high rate of certain types of SMB2 packets through an affected device. A successful exploit could allow the attacker to trigger a reload of the Snort process, resulting in a DoS condition.

Note: When the snort preserve-connection option is enabled for the Snort detection engine, a successful exploit could also allow the attacker to bypass the configured policies and deliver a malicious payload to the protected network. The snort preserve-connection setting is enabled by default. See the Details [“#details”] section of this advisory for more information.

Note: Only products that have Snort 3 configured are affected. Products that are configured with Snort 2 are not affected.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics

Data provided by the National Vulnerability Database (NVD)

Base Score:

6.5 Medium

Impact Score:

2.5

Exploitability Score:

3.9

Vector:

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

Attack Vector (AV):

Network

Attack Complexity (AC):

Low

Privileges Required (PR):

None

User Interaction (UI):

None

Scope (S):

Unchanged

Confidentiality (C):

None

Integrity (I):

Low

Availability (A):

Low

General Information

Offensive Application

Unknown

Utility Class

Unknown

Ports

Unknown

Vulnerable Versions

Cisco Firepower Threat Defense Software 7.1.0

Cisco Firepower Threat Defense Software 7.1.0.1

Cisco Firepower Threat Defense Software 7.1.0.2

Cisco Firepower Threat Defense Software 7.2.0

Cisco Firepower Threat Defense Software 7.2.0.1

Cisco Umbrella Insights Virtual Appliance 1.5.4

Cisco Umbrella Insights Virtual Appliance 1.5.5

Cisco Umbrella Insights Virtual Appliance 1.5.6

Cisco Umbrella Insights Virtual Appliance 2.0.0

Cisco Umbrella Insights Virtual Appliance 2.0.2

Cisco Umbrella Insights Virtual Appliance 2.0.3

Cisco Umbrella Insights Virtual Appliance 2.1.0

Cisco Umbrella Insights Virtual Appliance 2.1.2

Cisco Umbrella Insights Virtual Appliance 2.1.5

Cisco Umbrella Insights Virtual Appliance 2.1.4

Cisco Umbrella Insights Virtual Appliance 2.4.12

Cisco Umbrella Insights Virtual Appliance 2.4.6

Cisco Umbrella Insights Virtual Appliance 2.4

Cisco Umbrella Insights Virtual Appliance 2.4.4

Cisco Umbrella Insights Virtual Appliance 2.5

Cisco Umbrella Insights Virtual Appliance 2.5.4

Cisco Umbrella Insights Virtual Appliance 2.5.5

Cisco Umbrella Insights Virtual Appliance 2.5.6

Cisco Umbrella Insights Virtual Appliance 2.5.7

Cisco Umbrella Insights Virtual Appliance 2.6.0

Cisco Umbrella Insights Virtual Appliance 2.6.1

Cisco Umbrella Insights Virtual Appliance 2.6.2

Cisco Umbrella Insights Virtual Appliance 2.7

Cisco Umbrella Insights Virtual Appliance 2.8

Cisco Umbrella Insights Virtual Appliance 2.8.9

Cisco Umbrella Insights Virtual Appliance 3.0

Cisco Umbrella Insights Virtual Appliance 3.1

Cisco Umbrella Insights Virtual Appliance 3.2

Cisco Umbrella Insights Virtual Appliance 2.3.1

Cisco Umbrella Insights Virtual Appliance 2.3

Cisco Umbrella Insights Virtual Appliance 2.2

Cisco Umbrella Insights Virtual Appliance 2.2.1

Cisco Cyber Vision 3.0.4

Cisco Cyber Vision 3.0.0

Cisco Cyber Vision 3.0.1

Cisco Cyber Vision 3.0.2

Cisco Cyber Vision 3.0.3

Cisco Cyber Vision 3.0.5

Cisco Cyber Vision 3.0.6

Cisco Cyber Vision 3.1.0

Cisco Cyber Vision 3.1.2

Cisco Cyber Vision 3.1.1

Cisco Cyber Vision 3.2.3

Cisco Cyber Vision 3.2.1

Cisco Cyber Vision 3.2.4

Cisco Cyber Vision 3.2.0

Cisco Cyber Vision 3.2.2

Cisco Cyber Vision 4.0.0

Cisco Cyber Vision 4.0.1

Cisco Cyber Vision 4.0.2

Cisco Cyber Vision 4.0.3

Cisco Cyber Vision 4.1.0

Cisco Cyber Vision 4.1.1

Prerequisites

Unknown

Discovered By

Unknown

PoC Author

Unknown

Metasploit Module

Unknown

Reporter

Unknown

Vendors

cisco

Products

References

Canonical

CVE-2022-20922 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20922)

Miscellaneous

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-smb-3nfhJtr

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-smb-3nfhJtr

Rapid7

Unknown

CVE-2022-20922

Unknown

Unknown

None

None

Network

CVE-2022-20922

Description

Add Assessment

CVSS V3 Severity and Metrics

General Information

Vendors

Products

References

Canonical

Miscellaneous

Additional Info

Technical Analysis

Unknown

CVE-2022-20922

Unknown

Unknown

None

None

Network

CVE-2022-20922

Description

Add Assessment

CVSS V3 Severity and Metrics

General Information

Vendors

Products

References

Canonical

Miscellaneous

Additional Info

Technical Analysis

Quick Cookie Notification