CVE-2022-20943

Published on: Not Yet Published

Last Modified on: 11/23/2022 02:30:00 PM UTC

CVE-2022-20943 - advisory for cisco-sa-snort-smb-3nfhJtr

Source: Mitre Source: NIST CVE.ORG Print: PDF PDF
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

Certain versions of Cyber Vision from Cisco contain the following vulnerability:

Multiple vulnerabilities in the Server Message Block Version 2 (SMB2) processor of the Snort detection engine on multiple Cisco products could allow an unauthenticated, remote attacker to bypass the configured policies or cause a denial of service (DoS) condition on an affected device. These vulnerabilities are due to improper management of system resources when the Snort detection engine is processing SMB2 traffic. An attacker could exploit these vulnerabilities by sending a high rate of certain types of SMB2 packets through an affected device. A successful exploit could allow the attacker to trigger a reload of the Snort process, resulting in a DoS condition. Note: When the snort preserve-connection option is enabled for the Snort detection engine, a successful exploit could also allow the attacker to bypass the configured policies and deliver a malicious payload to the protected network. The snort preserve-connection setting is enabled by default. See the Details ["#details"] section of this advisory for more information. Note: Only products that have Snort 3 configured are affected. Products that are configured with Snort 2 are not affected.

  • CVE-2022-20943 has been assigned by URL Logo [email protected] to track the vulnerability - currently rated as MEDIUM severity.
  • The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.

CVSS3 Score: 5.8 - MEDIUM

Attack
Vector
Attack
Complexity
Privileges
Required
User
Interaction
NETWORK LOW NONE NONE
Scope Confidentiality
Impact
Integrity
Impact
Availability
Impact
CHANGED NONE NONE LOW

CVE References

Description Tags Link
No Description Provided tools.cisco.com
text/html
URL Logo MISC tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-smb-3nfhJtr

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
ApplicationCiscoCyber Vision3.0.0AllAllAll
ApplicationCiscoCyber Vision3.0.1AllAllAll
ApplicationCiscoCyber Vision3.0.2AllAllAll
ApplicationCiscoCyber Vision3.0.3AllAllAll
ApplicationCiscoCyber Vision3.0.5AllAllAll
ApplicationCiscoCyber Vision3.0.6AllAllAll
ApplicationCiscoCyber Vision3.1.0AllAllAll
ApplicationCiscoCyber Vision3.1.1AllAllAll
ApplicationCiscoCyber Vision3.1.2AllAllAll
ApplicationCiscoCyber Vision3.2.0AllAllAll
ApplicationCiscoCyber Vision3.2.1AllAllAll
ApplicationCiscoCyber Vision3.2.2AllAllAll
ApplicationCiscoCyber Vision3.2.3AllAllAll
ApplicationCiscoCyber Vision3.2.4AllAllAll
ApplicationCiscoCyber Vision4.0.0AllAllAll
ApplicationCiscoCyber Vision4.0.1AllAllAll
ApplicationCiscoCyber Vision4.0.2AllAllAll
ApplicationCiscoCyber Vision4.0.3AllAllAll
ApplicationCiscoCyber Vision4.1.0AllAllAll
ApplicationCiscoCyber Vision4.1.1AllAllAll
ApplicationCiscoFirepower Threat Defense7.0.0AllAllAll
ApplicationCiscoFirepower Threat Defense7.0.0.1AllAllAll
ApplicationCiscoFirepower Threat Defense7.0.1AllAllAll
ApplicationCiscoFirepower Threat Defense7.0.1.1AllAllAll
Operating
System
CiscoMeraki Mx Security Appliance FirmwareAllAllAllAll
  • cpe:2.3:a:cisco:cyber_vision:3.0.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:cyber_vision:3.0.1:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:cyber_vision:3.0.2:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:cyber_vision:3.0.3:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:cyber_vision:3.0.5:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:cyber_vision:3.0.6:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:cyber_vision:3.1.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:cyber_vision:3.1.1:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:cyber_vision:3.1.2:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:cyber_vision:3.2.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:cyber_vision:3.2.1:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:cyber_vision:3.2.2:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:cyber_vision:3.2.3:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:cyber_vision:3.2.4:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:cyber_vision:4.0.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:cyber_vision:4.0.1:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:cyber_vision:4.0.2:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:cyber_vision:4.0.3:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:cyber_vision:4.1.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:cyber_vision:4.1.1:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:firepower_threat_defense:7.0.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:firepower_threat_defense:7.0.0.1:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:firepower_threat_defense:7.0.1:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:firepower_threat_defense:7.0.1.1:*:*:*:*:*:*:*:
  • cpe:2.3:o:cisco:meraki_mx_security_appliance_firmware:*:*:*:*:*:*:*:*:

Social Mentions

Source Title Posted (UTC)
Reddit Logo Icon /r/netcve CVE-2022-20943 2022-11-15 21:38:55
© CVE.report 2023 Twitter Nitter Twitter Viewer |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

CVE.report and Source URL Uptime Status status.cve.report