CVE-2022-20927
Summary
| CVE | CVE-2022-20927 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2022-11-15 21:15:00 UTC |
| Updated | 2024-01-25 17:15:00 UTC |
| Description | A vulnerability in the SSL/TLS client of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper memory management when a device initiates SSL/TLS connections. An attacker could exploit this vulnerability by ensuring that the device will connect to an SSL/TLS server that is using specific encryption parameters. A successful exploit could allow the attacker to cause the affected device to unexpectedly reload, resulting in a DoS condition. |
Risk And Classification
Problem Types: NVD-CWE-noinfo
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Cisco | Adaptive Security Appliance | 9.13.1 | All | All | All |
| Application | Cisco | Adaptive Security Appliance | 9.13.1.10 | All | All | All |
| Application | Cisco | Adaptive Security Appliance | 9.13.1.12 | All | All | All |
| Application | Cisco | Adaptive Security Appliance | 9.13.1.13 | All | All | All |
| Application | Cisco | Adaptive Security Appliance | 9.13.1.16 | All | All | All |
| Application | Cisco | Adaptive Security Appliance | 9.13.1.19 | All | All | All |
| Application | Cisco | Adaptive Security Appliance | 9.13.1.2 | All | All | All |
| Application | Cisco | Adaptive Security Appliance | 9.13.1.21 | All | All | All |
| Application | Cisco | Adaptive Security Appliance | 9.13.1.7 | All | All | All |
| Application | Cisco | Adaptive Security Appliance | 9.14.1 | All | All | All |
| Application | Cisco | Adaptive Security Appliance | 9.14.1.10 | All | All | All |
| Application | Cisco | Adaptive Security Appliance | 9.14.1.15 | All | All | All |
| Application | Cisco | Adaptive Security Appliance | 9.14.1.19 | All | All | All |
| Application | Cisco | Adaptive Security Appliance | 9.14.1.30 | All | All | All |
| Application | Cisco | Adaptive Security Appliance | 9.14.2 | All | All | All |
| Application | Cisco | Adaptive Security Appliance | 9.14.2.13 | All | All | All |
| Application | Cisco | Adaptive Security Appliance | 9.14.2.15 | All | All | All |
| Application | Cisco | Adaptive Security Appliance | 9.14.2.4 | All | All | All |
| Application | Cisco | Adaptive Security Appliance | 9.14.2.8 | All | All | All |
| Application | Cisco | Adaptive Security Appliance | 9.14.3 | All | All | All |
| Application | Cisco | Adaptive Security Appliance | 9.14.3.1 | All | All | All |
| Application | Cisco | Adaptive Security Appliance | 9.14.3.11 | All | All | All |
| Application | Cisco | Adaptive Security Appliance | 9.14.3.13 | All | All | All |
| Application | Cisco | Adaptive Security Appliance | 9.14.3.15 | All | All | All |
| Application | Cisco | Adaptive Security Appliance | 9.14.3.18 | All | All | All |
| Application | Cisco | Adaptive Security Appliance | 9.14.3.9 | All | All | All |
| Application | Cisco | Adaptive Security Appliance | 9.15.1 | All | All | All |
| Application | Cisco | Adaptive Security Appliance | 9.15.1.1 | All | All | All |
| Application | Cisco | Adaptive Security Appliance | 9.15.1.10 | All | All | All |
| Application | Cisco | Adaptive Security Appliance | 9.15.1.15 | All | All | All |
| Application | Cisco | Adaptive Security Appliance | 9.15.1.16 | All | All | All |
| Application | Cisco | Adaptive Security Appliance | 9.15.1.17 | All | All | All |
| Application | Cisco | Adaptive Security Appliance | 9.15.1.21 | All | All | All |
| Application | Cisco | Adaptive Security Appliance | 9.15.1.7 | All | All | All |
| Operating System | Cisco | Adaptive Security Appliance Software | 9.13.1 | All | All | All |
| Operating System | Cisco | Adaptive Security Appliance Software | 9.13.1.10 | All | All | All |
| Operating System | Cisco | Adaptive Security Appliance Software | 9.13.1.12 | All | All | All |
| Operating System | Cisco | Adaptive Security Appliance Software | 9.13.1.13 | All | All | All |
| Operating System | Cisco | Adaptive Security Appliance Software | 9.13.1.16 | All | All | All |
| Operating System | Cisco | Adaptive Security Appliance Software | 9.13.1.19 | All | All | All |
| Operating System | Cisco | Adaptive Security Appliance Software | 9.13.1.2 | All | All | All |
| Operating System | Cisco | Adaptive Security Appliance Software | 9.13.1.21 | All | All | All |
| Operating System | Cisco | Adaptive Security Appliance Software | 9.13.1.7 | All | All | All |
| Operating System | Cisco | Adaptive Security Appliance Software | 9.14.1 | All | All | All |
| Operating System | Cisco | Adaptive Security Appliance Software | 9.14.1.10 | All | All | All |
| Operating System | Cisco | Adaptive Security Appliance Software | 9.14.1.15 | All | All | All |
| Operating System | Cisco | Adaptive Security Appliance Software | 9.14.1.19 | All | All | All |
| Operating System | Cisco | Adaptive Security Appliance Software | 9.14.1.30 | All | All | All |
| Operating System | Cisco | Adaptive Security Appliance Software | 9.14.2 | All | All | All |
| Operating System | Cisco | Adaptive Security Appliance Software | 9.14.2.13 | All | All | All |
| Operating System | Cisco | Adaptive Security Appliance Software | 9.14.2.15 | All | All | All |
| Operating System | Cisco | Adaptive Security Appliance Software | 9.14.2.4 | All | All | All |
| Operating System | Cisco | Adaptive Security Appliance Software | 9.14.2.8 | All | All | All |
| Operating System | Cisco | Adaptive Security Appliance Software | 9.14.3 | All | All | All |
| Operating System | Cisco | Adaptive Security Appliance Software | 9.14.3.1 | All | All | All |
| Operating System | Cisco | Adaptive Security Appliance Software | 9.14.3.11 | All | All | All |
| Operating System | Cisco | Adaptive Security Appliance Software | 9.14.3.13 | All | All | All |
| Operating System | Cisco | Adaptive Security Appliance Software | 9.14.3.15 | All | All | All |
| Operating System | Cisco | Adaptive Security Appliance Software | 9.14.3.18 | All | All | All |
| Operating System | Cisco | Adaptive Security Appliance Software | 9.14.3.9 | All | All | All |
| Operating System | Cisco | Adaptive Security Appliance Software | 9.15.1 | All | All | All |
| Operating System | Cisco | Adaptive Security Appliance Software | 9.15.1.1 | All | All | All |
| Operating System | Cisco | Adaptive Security Appliance Software | 9.15.1.10 | All | All | All |
| Operating System | Cisco | Adaptive Security Appliance Software | 9.15.1.15 | All | All | All |
| Operating System | Cisco | Adaptive Security Appliance Software | 9.15.1.16 | All | All | All |
| Operating System | Cisco | Adaptive Security Appliance Software | 9.15.1.17 | All | All | All |
| Operating System | Cisco | Adaptive Security Appliance Software | 9.15.1.21 | All | All | All |
| Operating System | Cisco | Adaptive Security Appliance Software | 9.15.1.7 | All | All | All |
| Application | Cisco | Firepower Services Software For Asa | - | All | All | All |
| Application | Cisco | Firepower Threat Defense | 6.6.0 | All | All | All |
| Application | Cisco | Firepower Threat Defense | 6.6.0.1 | All | All | All |
| Application | Cisco | Firepower Threat Defense | 6.6.1 | All | All | All |
| Application | Cisco | Firepower Threat Defense | 6.6.3 | All | All | All |
| Application | Cisco | Firepower Threat Defense | 6.6.4 | All | All | All |
| Application | Cisco | Firepower Threat Defense | 6.6.5 | All | All | All |
| Application | Cisco | Firepower Threat Defense | 6.6.5.1 | All | All | All |
| Application | Cisco | Firepower Threat Defense | All | All | All | All |
| Application | Cisco | Firepower Threat Defense | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL/TLS Client Denial of Service Vulnerability | sec.cloudapps.cisco.com | ||
| tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ssl-cl... | MISC | tools.cisco.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 317267 Cisco Adaptive Security Appliance (ASA) Software SSL/Transport Layer Security (TLS) Client Denial of Service (DoS) Vulnerability (cisco-sa-ssl-client-dos-cCrQPkA)
- 317272 Firepower Threat Defense (FTD) Software SSL/Transport Layer Security (TLS) Client Denial of Service (DoS) Vulnerability (cisco-sa-ssl-client-dos-cCrQPkA)