What is CVE-2022-20751?

CVE-2022-20751 is a vulnerability in the Snort detection engine integration for Cisco Firepower Threat Defense (FTD) Software that could allow an unauthenticated, remote attacker to cause unlimited memory consumption, leading to a denial of service (DoS) condition.

Which software is affected by CVE-2022-20751?

CVE-2022-20751 affects Cisco Firepower Threat Defense (FTD) Software versions up to and including 6.4.0.15, versions between 6.5.0 and 6.6.5.2, versions between 7.0.0 and 7.0.2, and version 7.1.0.0.

How severe is CVE-2022-20751?

CVE-2022-20751 has a severity score of 7.5 (High).

How can I fix CVE-2022-20751?

There is currently no fixed version available for CVE-2022-20751, but Cisco has released software updates that address this vulnerability. It is recommended to update to the latest available version of Cisco Firepower Threat Defense (FTD) Software.

Where can I find more information about CVE-2022-20751?

You can find more information about CVE-2022-20751 on the Cisco website at the following link: [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort-dos-hd2hFgM).

Vulnerability/
CVE-2022-20751

high

8.6

3/5/2022

24/1/2023

CVE-2022-20751

First published: Tue May 03 2022(Updated: )

A vulnerability in the Snort detection engine integration for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause unlimited memory consumption, which could lead to a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient memory management for certain Snort events. An attacker could exploit this vulnerability by sending a series of crafted IP packets that would generate specific Snort events on an affected device. A sustained attack could cause an out of memory condition on the affected device. A successful exploit could allow the attacker to interrupt all traffic flowing through the affected device. In some circumstances, the attacker may be able to cause the device to reload, resulting in a DoS condition.

Credit: ykramarz@cisco.com

Affected Software	Affected Version	How to fix
Cisco Firepower Threat Defense	<6.4.0.15
Cisco Firepower Threat Defense	>=6.5.0<6.6.5.2
Cisco Firepower Threat Defense	>=7.0.0<7.0.2
Cisco Firepower Threat Defense	=7.1.0.0
Cisco Firepower 1000
Cisco Firepower 1010
Cisco Firepower 1020
Cisco Firepower 1030
Cisco Firepower 1040
Cisco Firepower 1120
Cisco Firepower 1140
Cisco Firepower 1150
Cisco Firepower 2100
Cisco Firepower 2110
Cisco Firepower 2120
Cisco Firepower 2130
Cisco Firepower 2140
Cisco Firepower 4100
Cisco Firepower 4110
Cisco Firepower 4112
Cisco Firepower 4115
Cisco Firepower 4120
Cisco Firepower 4125
Cisco Firepower 4140
Cisco Firepower 4145
Cisco Firepower 4150

Never miss a vulnerability like this again

Reference Links

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort-dos-hd2hFgM

Frequently Asked Questions

What is CVE-2022-20751?
CVE-2022-20751 is a vulnerability in the Snort detection engine integration for Cisco Firepower Threat Defense (FTD) Software that could allow an unauthenticated, remote attacker to cause unlimited memory consumption, leading to a denial of service (DoS) condition.
Which software is affected by CVE-2022-20751?
CVE-2022-20751 affects Cisco Firepower Threat Defense (FTD) Software versions up to and including 6.4.0.15, versions between 6.5.0 and 6.6.5.2, versions between 7.0.0 and 7.0.2, and version 7.1.0.0.
How severe is CVE-2022-20751?
CVE-2022-20751 has a severity score of 7.5 (High).
How can I fix CVE-2022-20751?
There is currently no fixed version available for CVE-2022-20751, but Cisco has released software updates that address this vulnerability. It is recommended to update to the latest available version of Cisco Firepower Threat Defense (FTD) Software.
Where can I find more information about CVE-2022-20751?
You can find more information about CVE-2022-20751 on the Cisco website at the following link: [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort-dos-hd2hFgM).

collector/nvd-index
vendor/cisco
product/firepower threat defense
canonical/cisco firepower threat defense
product/firepower 1000
canonical/cisco firepower 1000
product/firepower 1010
canonical/cisco firepower 1010
product/firepower 1020
canonical/cisco firepower 1020
product/firepower 1030
canonical/cisco firepower 1030
product/firepower 1040
canonical/cisco firepower 1040
product/firepower 1120
canonical/cisco firepower 1120
product/firepower 1140
canonical/cisco firepower 1140
product/firepower 1150
canonical/cisco firepower 1150
product/firepower 2100
canonical/cisco firepower 2100
product/firepower 2110
canonical/cisco firepower 2110
product/firepower 2120
canonical/cisco firepower 2120
product/firepower 2130
canonical/cisco firepower 2130
product/firepower 2140
canonical/cisco firepower 2140
product/firepower 4100
canonical/cisco firepower 4100
product/firepower 4110
canonical/cisco firepower 4110
product/firepower 4112
canonical/cisco firepower 4112
product/firepower 4115
canonical/cisco firepower 4115
product/firepower 4120
canonical/cisco firepower 4120
product/firepower 4125
canonical/cisco firepower 4125
product/firepower 4140
canonical/cisco firepower 4140
product/firepower 4145
canonical/cisco firepower 4145
product/firepower 4150
canonical/cisco firepower 4150