​​​​​=================================================================== CERT-Renater Note d'Information No. 2022/VULN419 _____________________________________________________________________ DATE : 10/11/2022 HARDWARE PLATFORM(S): / OPERATING SYSTEM(S): Systems running Cisco Firepower Threat Defense Software, Cisco Adaptive Security Appliance Software, Cisco FirePOWER Software for ASA FirePOWER Module, Firepower Management Center Software, NGIPS Software, Cisco FXOS, Cisco Products Snort SMB2 Detection Engine. ====================================================================https://tools.cisco.com/security/center/publicationListing.x _____________________________________________________________________ Below is the list of Cisco Security Advisories published by Cisco PSIRT on 2022-November-09. The following PSIRT security advisories (8 High, 11 Medium) were published at 16:03 UTC today. Table of Contents: 1) Cisco Firepower Threat Defense Software Generic Routing Encapsulation Denial of Service Vulnerability - SIR: High 2) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Dynamic Access Policies Denial of Service Vulnerability - SIR: High 3) Cisco FirePOWER Software for ASA FirePOWER Module, Firepower Management Center Software, and NGIPS Software SNMP Default Credential Vulnerability - SIR: High 4) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL/TLS Client Denial of Service Vulnerability - SIR: High 5) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SNMP Denial of Service Vulnerability - SIR: High 6) Cisco Firepower Management Center and Firepower Threat Defense Software SSH Denial of Service Vulnerability - SIR: High 7) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Interface Denial of Service Vulnerability - SIR: High 8) Cisco Secure Firewall 3100 Series Secure Boot Bypass Vulnerability - SIR: High 9) Cisco Firepower Threat Defense Software Privilege Escalation Vulnerability - SIR: Medium 10) Cisco Firepower Threat Defense Software SIP and Snort 3 Detection Engine Denial of Service Vulnerability - SIR: Medium 11) Cisco Firepower Threat Defense Software and Cisco FXOS Software Command Injection Vulnerability - SIR: Medium 12) Cisco Firepower Management Center Software Command Injection Vulnerabilities - SIR: Medium 13) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software VPN Authorization Bypass Vulnerability - SIR: Medium 14) Multiple Cisco Products Snort SMB2 Detection Engine Policy Bypass and Denial of Service Vulnerabilities - SIR: Medium 15) Cisco Firepower Management Center Software Information Disclosure Vulnerability - SIR: Medium 16) Cisco Firepower Threat Defense Software SSL Decryption Policy Bleichenbacher Attack Vulnerability - SIR: Medium 17) Cisco Firepower Management Center Software Cross-Site Scripting Vulnerabilities - SIR: Medium 18) Cisco Firepower Management Center Software XML External Entity Injection Vulnerability - SIR: Medium 19) Cisco Adaptive Security Appliance and Firepower Threat Defense Software VPN Web Client Services Client-Side Request Smuggling Vulnerability - SIR: Medium +-------------------------------------------------------------------- 1) Cisco Firepower Threat Defense Software Generic Routing Encapsulation Denial of Service Vulnerability CVE-2022-20946 SIR: High CVSS Score v(3.1): 8.6 URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-gre-dos-hmedHQPM ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-gre-dos-hmedHQPM"] +-------------------------------------------------------------------- 2) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Dynamic Access Policies Denial of Service Vulnerability CVE-2022-20947 SIR: High CVSS Score v(3.1): 8.6 URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-dap-dos-GhYZBxDU ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-dap-dos-GhYZBxDU"] +-------------------------------------------------------------------- 3) Cisco FirePOWER Software for ASA FirePOWER Module, Firepower Management Center Software, and NGIPS Software SNMP Default Credential Vulnerability CVE-2022-20918 SIR: High CVSS Score v(3.1): 7.5 URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmcsfr-snmp-access-6gqgtJ4S ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmcsfr-snmp-access-6gqgtJ4S"] +-------------------------------------------------------------------- 4) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL/TLS Client Denial of Service Vulnerability CVE-2022-20927 SIR: High CVSS Score v(3.1): 7.7 URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ssl-client-dos-cCrQPkA ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ssl-client-dos-cCrQPkA"] +-------------------------------------------------------------------- 5) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SNMP Denial of Service Vulnerability CVE-2022-20924 SIR: High CVSS Score v(3.1): 7.7 URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-snmp-dos-qsqBNM6x ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-snmp-dos-qsqBNM6x"] +-------------------------------------------------------------------- 6) Cisco Firepower Management Center and Firepower Threat Defense Software SSH Denial of Service Vulnerability CVE-2022-20854 SIR: High CVSS Score v(3.1): 7.5 URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-dos-OwEunWJN ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-dos-OwEunWJN"] +-------------------------------------------------------------------- 7) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Interface Denial of Service Vulnerability CVE-2022-20745 SIR: High CVSS Score v(3.1): 7.5 URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asafdt-webvpn-dos-tzPSYern ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asafdt-webvpn-dos-tzPSYern"] +-------------------------------------------------------------------- 8) Cisco Secure Firewall 3100 Series Secure Boot Bypass Vulnerability CVE-2022-20826 SIR: High CVSS Score v(3.1): 6.4 URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fw3100-secure-boot-5M8mUh26 ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fw3100-secure-boot-5M8mUh26"] +-------------------------------------------------------------------- 9) Cisco Firepower Threat Defense Software Privilege Escalation Vulnerability CVE-2022-20949 SIR: Medium CVSS Score v(3.1): 6.5 URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-mgmt-privesc-7GqR2th ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-mgmt-privesc-7GqR2th"] +-------------------------------------------------------------------- 10) Cisco Firepower Threat Defense Software SIP and Snort 3 Detection Engine Denial of Service Vulnerability CVE-2022-20950 SIR: Medium CVSS Score v(3.1): 5.8 URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftdsnort3sip-dos-A4cHeArC ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftdsnort3sip-dos-A4cHeArC"] +-------------------------------------------------------------------- 11) Cisco Firepower Threat Defense Software and Cisco FXOS Software Command Injection Vulnerability CVE-2022-20934 SIR: Medium CVSS Score v(3.1): 6.0 URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-fxos-cmd-inj-Q9bLNsrK ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-fxos-cmd-inj-Q9bLNsrK"] +-------------------------------------------------------------------- 12) Cisco Firepower Management Center Software Command Injection Vulnerabilities CVE-2022-20925, CVE-2022-20926 SIR: Medium CVSS Score v(3.1): 6.3 URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-cmd-inj-Z3B5MY35 ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-cmd-inj-Z3B5MY35"] +-------------------------------------------------------------------- 13) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software VPN Authorization Bypass Vulnerability CVE-2022-20928 SIR: Medium CVSS Score v(3.1): 5.8 URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-vp-authz-N2GckjN6 ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-vp-authz-N2GckjN6"] +-------------------------------------------------------------------- 14) Multiple Cisco Products Snort SMB2 Detection Engine Policy Bypass and Denial of Service Vulnerabilities CVE-2022-20922, CVE-2022-20943 SIR: Medium CVSS Score v(3.1): 5.8 URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-smb-3nfhJtr ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-smb-3nfhJtr"] +-------------------------------------------------------------------- 15) Cisco Firepower Management Center Software Information Disclosure Vulnerability CVE-2022-20941 SIR: Medium CVSS Score v(3.1): 5.3 URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-info-disc-UghNRRhP ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-info-disc-UghNRRhP"] +-------------------------------------------------------------------- 16) Cisco Firepower Threat Defense Software SSL Decryption Policy Bleichenbacher Attack Vulnerability CVE-2022-20940 SIR: Medium CVSS Score v(3.1): 5.3 URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tls-bb-rCgtmY2 ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tls-bb-rCgtmY2"] +-------------------------------------------------------------------- 17) Cisco Firepower Management Center Software Cross-Site Scripting Vulnerabilities CVE-2022-20831, CVE-2022-20832, CVE-2022-20833, CVE-2022-20834, CVE-2022-20835, CVE-2022-20836, CVE-2022-20838, CVE-2022-20839, CVE-2022-20840, CVE-2022-20843, CVE-2022-20872, CVE-2022-20905, CVE-2022-20932, CVE-2022-20935, CVE-2022-20936 SIR: Medium CVSS Score v(3.1): 4.8 URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-LATZYzxs ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-LATZYzxs"] +-------------------------------------------------------------------- 18) Cisco Firepower Management Center Software XML External Entity Injection Vulnerability CVE-2022-20938 SIR: Medium CVSS Score v(3.1): 4.3 URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xxe-MzPC4bYd ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xxe-MzPC4bYd"] +-------------------------------------------------------------------- 19) Cisco Adaptive Security Appliance and Firepower Threat Defense Software VPN Web Client Services Client-Side Request Smuggling Vulnerability CVE-2022-20713 SIR: Medium CVSS Score v(3.1): 4.3 URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-webvpn-LOeKsNmO ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-webvpn-LOeKsNmO"] ========================================================+ CERT-RENATER | tel : 01-53-94-20-44 + + 23/25 Rue Daviel | fax : 01-53-94-20-41 + + 75013 Paris | email:cert@support.renater.fr + =======================================================