CVE-2022-20927

HIGH

Cisco Firepower Threat Defense < 6.5.0.5 - Buffer Overflow

Title source: rule

Description

A vulnerability in the SSL/TLS client of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper memory management when a device initiates SSL/TLS connections. An attacker could exploit this vulnerability by ensuring that the device will connect to an SSL/TLS server that is using specific encryption parameters. A successful exploit could allow the attacker to cause the affected device to unexpectedly reload, resulting in a DoS condition.

References (1)

Core 1

Core References

Various Sources

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ssl-client-dos-cCrQPkA

Scores

CVSS v3 7.7

EPSS 0.0019

EPSS Percentile 40.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

Details

CWE

CWE-120

Status published

Products (43)

cisco/adaptive_security_appliance_software 9.13.1

cisco/adaptive_security_appliance_software 9.13.1.2

cisco/adaptive_security_appliance_software 9.13.1.7

cisco/adaptive_security_appliance_software 9.13.1.10

cisco/adaptive_security_appliance_software 9.13.1.12

cisco/adaptive_security_appliance_software 9.13.1.13

cisco/adaptive_security_appliance_software 9.13.1.16

cisco/adaptive_security_appliance_software 9.13.1.19

cisco/adaptive_security_appliance_software 9.13.1.21

cisco/adaptive_security_appliance_software 9.14.1

... and 33 more

Published Nov 15, 2022

Tracked Since Feb 18, 2026