Boletines de Vulnerabilidades

Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Dynamic Access Policies Denial of Service Vulnerability

Información sobre el sistema
   
Software afectado Cisco

Descripción
A vulnerability in dynamic access policies (DAP) functionality of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. This vulnerability is due to improper processing of HostScan data received from the Posture (HostScan) module. An attacker could exploit this vulnerability by sending crafted HostScan data to an affected

More info:

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-dap-dos-GhYZBxDU?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Adaptive%20Security%20Appliance%20Software%20and%20Firepower%20Threat%20Defense%20Software%20Dynamic%20Access%20Policies%20Denial%20of%20Service%20Vulnerability&vs_k=1

Identificadores estándar
Propiedad Valor
CVE CVE-2022-20947.

Histórico de versiones
Versión Comentario Fecha
1.0 Advisory issued 2022-12-23

Miembros de

CERT
FIRST
TF-CSIRT
EGC Group
UE
Red Nacional de SOC
Foro Nacional de Ciberseguridad
CSIRT.es
Ministerio de Defensa
CNI
CCN
CCN-CERT