CVE-2022-20928
Published: Nov 15, 2022Modified: Nov 21, 2024
5.8
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
Exploitability: 3.9 / Impact: 1.4
Source: NVD
Description
A vulnerability in the authentication and authorization flows for VPN connections in Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to establish a connection as a different user.
This vulnerability is due to a flaw in the authorization verifications during the VPN authentication flow. An attacker could exploit this vulnerability by sending a crafted packet during a VPN authentication. The attacker must have valid credentials to establish a VPN connection. A successful exploit could allow the attacker to establish a VPN connection with access privileges from a different user.
Affected (305)
Configuration A218 vulnerable
| Vulnerable Software | Affected Versions |
|---|---|
| Version 9.10.1.10 | |
| Version 9.10.1.11 | |
| Version 9.10.1.17 | |
| Version 9.10.1.22 | |
| Version 9.10.1.27 | |
| Version 9.10.1.2 | |
| Version 9.10.1.30 | |
| Version 9.10.1.32 | |
| Version 9.10.1.37 | |
| Version 9.10.1.40 | |
| Version 9.10.1.42 | |
| Version 9.10.1.44 | |
| Version 9.10.1.7 | |
| Version 9.10.1 | |
| Version 9.12.1.2 | |
| Version 9.12.1.3 | |
| Version 9.12.1 | |
| Version 9.12.2.1 | |
| Version 9.12.2.4 | |
| Version 9.12.2.5 | |
| Version 9.12.2.9 | |
| Version 9.12.2 | |
| Version 9.12.3.12 | |
| Version 9.12.3.2 | |
| Version 9.12.3.7 | |
| Version 9.12.3.9 | |
| Version 9.12.3 | |
| Version 9.12.4.10 | |
| Version 9.12.4.13 | |
| Version 9.12.4.18 | |
| Version 9.12.4.24 | |
| Version 9.12.4.26 | |
| Version 9.12.4.29 | |
| Version 9.12.4.2 | |
| Version 9.12.4.30 | |
| Version 9.12.4.35 | |
| Version 9.12.4.37 | |
| Version 9.12.4.38 | |
| Version 9.12.4.39 | |
| Version 9.12.4.4 | |
| Version 9.12.4.7 | |
| Version 9.12.4.8 | |
| Version 9.12.4 | |
| Version 9.13.1.10 | |
| Version 9.13.1.12 | |
| Version 9.13.1.13 | |
| Version 9.13.1.16 | |
| Version 9.13.1.19 | |
| Version 9.13.1.21 | |
| Version 9.13.1.2 | |
| Version 9.13.1.7 | |
| Version 9.13.1 | |
| Version 9.14.1.10 | |
| Version 9.14.1.15 | |
| Version 9.14.1.19 | |
| Version 9.14.1.30 | |
| Version 9.14.1.6 | |
| Version 9.14.1 | |
| Version 9.14.2.13 | |
| Version 9.14.2.15 | |
| Version 9.14.2.4 | |
| Version 9.14.2.8 | |
| Version 9.14.2 | |
| Version 9.14.3.11 | |
| Version 9.14.3.13 | |
| Version 9.14.3.15 | |
| Version 9.14.3.18 | |
| Version 9.14.3.1 | |
| Version 9.14.3.9 | |
| Version 9.14.3 | |
| Version 9.14.4.6 | |
| Version 9.14.4 | |
| Version 9.15.1.10 | |
| Version 9.15.1.15 | |
| Version 9.15.1.16 | |
| Version 9.15.1.17 | |
| Version 9.15.1.1 | |
| Version 9.15.1.21 | |
| Version 9.15.1.7 | |
| Version 9.15.1 | |
| Version 9.16.1.28 | |
| Version 9.16.1 | |
| Version 9.16.2.11 | |
| Version 9.16.2.13 | |
| Version 9.16.2.14 | |
| Version 9.16.2.3 | |
| Version 9.16.2.7 | |
| Version 9.16.2 | |
| Version 9.17.1.7 | |
| Version 9.17.1 | |
| Version 9.6.1.10 | |
| Version 9.6.1.3 | |
| Version 9.6.1.5 | |
| Version 9.6.1 | |
| Version 9.6.2.11 | |
| Version 9.6.2.13 | |
| Version 9.6.2.1 | |
| Version 9.6.2.22 | |
| Version 9.6.2.23 | |
| Version 9.6.2.2 | |
| Version 9.6.2.3 | |
| Version 9.6.2.7 | |
| Version 9.6.2 | |
| Version 9.6.3.11 | |
| Version 9.6.3.12 | |
| Version 9.6.3.14 | |
| Version 9.6.3.17 | |
| Version 9.6.3.1 | |
| Version 9.6.3.20 | |
| Version 9.6.3.3 | |
| Version 9.6.3.8 | |
| Version 9.6.3.9 | |
| Version 9.6.3 | |
| Version 9.6.4.10 | |
| Version 9.6.4.12 | |
| Version 9.6.4.14 | |
| Version 9.6.4.17 | |
| Version 9.6.4.18 | |
| Version 9.6.4.20 | |
| Version 9.6.4.22 | |
| Version 9.6.4.23 | |
| Version 9.6.4.24 | |
| Version 9.6.4.25 | |
| Version 9.6.4.29 | |
| Version 9.6.4.30 | |
| Version 9.6.4.34 | |
| Version 9.6.4.36 | |
| Version 9.6.4.3 | |
| Version 9.6.4.40 | |
| Version 9.6.4.41 | |
| Version 9.6.4.42 | |
| Version 9.6.4.45 | |
| Version 9.6.4.5 | |
| Version 9.6.4.6 | |
| Version 9.6.4.8 | |
| Version 9.6.4 | |
| Version 9.7.1.15 | |
| Version 9.7.1.16 | |
| Version 9.7.1.21 | |
| Version 9.7.1.24 | |
| Version 9.7.1.2 | |
| Version 9.7.1.4 | |
| Version 9.7.1.8 | |
| Version 9.7.1 | |
| Version 9.8.1.5 | |
| Version 9.8.1.7 | |
| Version 9.8.1 | |
| Version 9.8.2.14 | |
| Version 9.8.2.15 | |
| Version 9.8.2.17 | |
| Version 9.8.2.20 | |
| Version 9.8.2.24 | |
| Version 9.8.2.26 | |
| Version 9.8.2.28 | |
| Version 9.8.2.33 | |
| Version 9.8.2.35 | |
| Version 9.8.2.38 | |
| Version 9.8.2.8 | |
| Version 9.8.2 | |
| Version 9.8.3.11 | |
| Version 9.8.3.14 | |
| Version 9.8.3.16 | |
| Version 9.8.3.18 | |
| Version 9.8.3.21 | |
| Version 9.8.3.26 | |
| Version 9.8.3.29 | |
| Version 9.8.3.8 | |
| Version 9.8.3 | |
| Version 9.8.4.10 | |
| Version 9.8.4.12 | |
| Version 9.8.4.15 | |
| Version 9.8.4.17 | |
| Version 9.8.4.20 | |
| Version 9.8.4.22 | |
| Version 9.8.4.25 | |
| Version 9.8.4.26 | |
| Version 9.8.4.29 | |
| Version 9.8.4.32 | |
| Version 9.8.4.33 | |
| Version 9.8.4.34 | |
| Version 9.8.4.35 | |
| Version 9.8.4.39 | |
| Version 9.8.4.3 | |
| Version 9.8.4.40 | |
| Version 9.8.4.41 | |
| Version 9.8.4.43 | |
| Version 9.8.4.44 | |
| Version 9.8.4.45 | |
| Version 9.8.4.7 | |
| Version 9.8.4.8 | |
| Version 9.8.4 | |
| Version 9.9.1.2 | |
| Version 9.9.1.3 | |
| Version 9.9.1.4 | |
| Version 9.9.1.5 | |
| Version 9.9.1 | |
| Version 9.9.2.14 | |
| Version 9.9.2.18 | |
| Version 9.9.2.1 | |
| Version 9.9.2.25 | |
| Version 9.9.2.27 | |
| Version 9.9.2.32 | |
| Version 9.9.2.36 | |
| Version 9.9.2.40 | |
| Version 9.9.2.47 | |
| Version 9.9.2.50 | |
| Version 9.9.2.52 | |
| Version 9.9.2.56 | |
| Version 9.9.2.59 | |
| Version 9.9.2.61 | |
| Version 9.9.2.66 | |
| Version 9.9.2.67 | |
| Version 9.9.2.74 | |
| Version 9.9.2.80 | |
| Version 9.9.2.83 | |
| Version 9.9.2.85 | |
| Version 9.9.2.9 | |
| Version 9.9.2 |
Configuration B87 vulnerable
| Vulnerable Software | Affected Versions |
|---|---|
| Version 6.1.0.1 | |
| Version 6.1.0.2 | |
| Version 6.1.0.3 | |
| Version 6.1.0.4 | |
| Version 6.1.0.5 | |
| Version 6.1.0.6 | |
| Version 6.1.0.7 | |
| Version 6.1.0 | |
| Version 6.2.0.1 | |
| Version 6.2.0.2 | |
| Version 6.2.0.3 | |
| Version 6.2.0.4 | |
| Version 6.2.0.5 | |
| Version 6.2.0.6 | |
| Version 6.2.0 | |
| Version 6.2.1 | |
| Version 6.2.2.1 | |
| Version 6.2.2.2 | |
| Version 6.2.2.3 | |
| Version 6.2.2.4 | |
| Version 6.2.2.5 | |
| Version 6.2.2 | |
| Version 6.2.3.10 | |
| Version 6.2.3.11 | |
| Version 6.2.3.12 | |
| Version 6.2.3.13 | |
| Version 6.2.3.14 | |
| Version 6.2.3.15 | |
| Version 6.2.3.16 | |
| Version 6.2.3.17 | |
| Version 6.2.3.18 | |
| Version 6.2.3.1 | |
| Version 6.2.3.2 | |
| Version 6.2.3.3 | |
| Version 6.2.3.4 | |
| Version 6.2.3.5 | |
| Version 6.2.3.6 | |
| Version 6.2.3.7 | |
| Version 6.2.3.8 | |
| Version 6.2.3.9 | |
| Version 6.2.3 | |
| Version 6.3.0.1 | |
| Version 6.3.0.2 | |
| Version 6.3.0.3 | |
| Version 6.3.0.4 | |
| Version 6.3.0.5 | |
| Version 6.3.0 | |
| Version 6.4.0.10 | |
| Version 6.4.0.11 | |
| Version 6.4.0.12 | |
| Version 6.4.0.13 | |
| Version 6.4.0.14 | |
| Version 6.4.0.1 | |
| Version 6.4.0.2 | |
| Version 6.4.0.3 | |
| Version 6.4.0.4 | |
| Version 6.4.0.5 | |
| Version 6.4.0.6 | |
| Version 6.4.0.7 | |
| Version 6.4.0.8 | |
| Version 6.4.0.9 | |
| Version 6.4.0 | |
| Version 6.5.0.1 | |
| Version 6.5.0.2 | |
| Version 6.5.0.3 | |
| Version 6.5.0.4 | |
| Version 6.5.0.5 | |
| Version 6.5.0 | |
| Version 6.6.0.1 | |
| Version 6.6.0 | |
| Version 6.6.1 | |
| Version 6.6.3 | |
| Version 6.6.4 | |
| Version 6.6.5.1 | |
| Version 6.6.5.2 | |
| Version 6.6.5 | |
| Version 6.7.0.1 | |
| Version 6.7.0.2 | |
| Version 6.7.0.3 | |
| Version 6.7.0 | |
| Version 7.0.0.1 | |
| Version 7.0.0 | |
| Version 7.0.1.1 | |
| Version 7.0.1 | |
| Version 7.1.0.1 | |
| Version 7.1.0.2 | |
| Version 7.1.0 |
References (2)
Source: psirt@cisco.com
Source: af854a3a-2127-422b-91ae-364da2661108
Timeline
No history available yet.