A vulnerability in the DNS inspection handler of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service condition (DoS) on an affected device. This vulnerability is due to a lack of proper processing of incoming requests. An attacker could exploit this vulnerability by sending crafted DNS requests at a high rate to an affected device. A successful exploit could allow the attacker to cause the device to stop responding, resulting in a DoS condition.
References
Link | Resource |
---|---|
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dos-nJVAwOeq | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
12 May 2022, 14:51
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-400 | |
References | (CISCO) https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dos-nJVAwOeq - Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : 7.8
v3 : 7.5 |
First Time |
Cisco
Cisco adaptive Security Appliance Software Cisco firepower Threat Defense |
|
CPE | cpe:2.3:a:cisco:firepower_threat_defense:7.1.0:*:*:*:*:*:*:* cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:* cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:* |
03 May 2022, 04:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-05-03 04:15
Updated : 2023-12-10 14:22
NVD link : CVE-2022-20760
Mitre link : CVE-2022-20760
CVE.ORG link : CVE-2022-20760
JSON object : View
Products Affected
cisco
- firepower_threat_defense
- adaptive_security_appliance_software
CWE
CWE-400
Uncontrolled Resource Consumption