8.6

CVE-2022-20760

A vulnerability in the DNS inspection handler of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service condition (DoS) on an affected device. This vulnerability is due to a lack of proper processing of incoming requests. An attacker could exploit this vulnerability by sending crafted DNS requests at a high rate to an affected device. A successful exploit could allow the attacker to cause the device to stop responding, resulting in a DoS condition.

Data is provided by the National Vulnerability Database (NVD)
CiscoFirepower Threat Defense Version < 6.4.0.15
CiscoFirepower Threat Defense Version >= 6.5.0 < 6.6.5.2
CiscoFirepower Threat Defense Version >= 7.0.0 < 7.0.2
CiscoFirepower Threat Defense Version7.1.0
CiscoAdaptive Security Appliance Software Version >= 9.13.0 < 9.14.4
CiscoAdaptive Security Appliance Software Version >= 9.15.0 < 9.15.1.21
CiscoAdaptive Security Appliance Software Version >= 9.16.0 < 9.16.2.14
CiscoAdaptive Security Appliance Software Version >= 9.17.0 < 9.17.1.7
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 2.59% 0.85
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov 7.8 10 6.9
AV:N/AC:L/Au:N/C:N/I:N/A:C
psirt@cisco.com 8.6 3.9 4
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
CWE-400 Uncontrolled Resource Consumption

The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.