What is the severity of CVE-2022-20924?

CVE-2022-20924 has a medium severity rating which indicates it could cause denial of service conditions.

How do I fix CVE-2022-20924?

To fix CVE-2022-20924, you should apply the recommended Cisco software updates for the affected versions of Cisco ASA and FTD software.

What versions of ASA and FTD are affected by CVE-2022-20924?

CVE-2022-20924 affects multiple versions of Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD), specifically versions 9.14.1 through 9.18.1 and 6.6.0 through 7.2.0.1.

Can CVE-2022-20924 be exploited remotely?

Yes, CVE-2022-20924 can be exploited by an authenticated remote attacker.

What impact does CVE-2022-20924 have on affected devices?

The impact of CVE-2022-20924 on affected devices is a denial of service (DoS) condition, potentially disrupting operations.

Vulnerability/
CVE-2022-20924

high

7.7

CWE

703 20

10/11/2022

3/8/2024

CVE-2022-20924: Input Validation

First published: Thu Nov 10 2022(Updated: )

A vulnerability in the Simple Network Management Protocol (SNMP) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted SNMP request to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition.

Credit: ykramarz@cisco.com ykramarz@cisco.com

Affected Software	Affected Version	How to fix
Cisco Adaptive Security Appliance	=9.14.1
Cisco Adaptive Security Appliance	=9.14.1.6
Cisco Adaptive Security Appliance	=9.14.1.10
Cisco Adaptive Security Appliance	=9.14.1.15
Cisco Adaptive Security Appliance	=9.14.1.19
Cisco Adaptive Security Appliance	=9.14.1.30
Cisco Adaptive Security Appliance	=9.14.2
Cisco Adaptive Security Appliance	=9.14.2.4
Cisco Adaptive Security Appliance Software	=9.14.2.8
Cisco Adaptive Security Appliance Software	=9.14.2.13
Cisco Adaptive Security Appliance Software	=9.14.2.15
Cisco Adaptive Security Appliance Software	=9.14.3
Cisco Adaptive Security Appliance Software	=9.14.3.1
Cisco Adaptive Security Appliance Software	=9.14.3.9
Cisco Adaptive Security Appliance Software	=9.14.3.11
Cisco Adaptive Security Appliance Software	=9.14.3.13
Cisco Adaptive Security Appliance Software	=9.14.3.15
Cisco Adaptive Security Appliance Software	=9.14.3.18
Cisco Adaptive Security Appliance Software	=9.14.4
Cisco Adaptive Security Appliance Software	=9.14.4.6
Cisco Adaptive Security Appliance Software	=9.14.4.7
Cisco Adaptive Security Appliance Software	=9.14.4.12
Cisco Adaptive Security Appliance Software	=9.15.1
Cisco Adaptive Security Appliance Software	=9.15.1.1
Cisco Adaptive Security Appliance Software	=9.15.1.7
Cisco Adaptive Security Appliance Software	=9.15.1.10
Cisco Adaptive Security Appliance Software	=9.15.1.15
Cisco Adaptive Security Appliance Software	=9.15.1.16
Cisco Adaptive Security Appliance Software	=9.15.1.17
Cisco Adaptive Security Appliance Software	=9.15.1.21
Cisco Adaptive Security Appliance Software	=9.16.3
Cisco Adaptive Security Appliance Software	=9.16.3.3
Cisco Adaptive Security Appliance Software	=9.16.3.14
Cisco Adaptive Security Appliance Software	=9.17.1
Cisco Adaptive Security Appliance Software	=9.17.1.7
Cisco Adaptive Security Appliance Software	=9.17.1.9
Cisco Adaptive Security Appliance Software	=9.17.1.10
Cisco Adaptive Security Appliance Software	=9.17.1.11
Cisco Adaptive Security Appliance Software	=9.17.1.13
Cisco Adaptive Security Appliance Software	=9.17.1.15
Cisco Adaptive Security Appliance Software	=9.18.1
Cisco Firepower Threat Defense	=6.6.0
Cisco Firepower Threat Defense	=6.6.0.1
Cisco Firepower Threat Defense	=6.6.1
Cisco Firepower Threat Defense	=6.6.3
Cisco Firepower Threat Defense	=6.6.4
Cisco Firepower Threat Defense	=6.6.5
Cisco Firepower Threat Defense	=6.6.5.1
Cisco Firepower Threat Defense	=6.6.5.2
Cisco Firepower Threat Defense	=6.7.0
Cisco Firepower Threat Defense	=6.7.0.1
Cisco Firepower Threat Defense	=6.7.0.2
Cisco Firepower Threat Defense	=6.7.0.3
Cisco Firepower Threat Defense	=7.0.0
Cisco Firepower Threat Defense	=7.0.0.1
Cisco Firepower Threat Defense	=7.0.1
Cisco Firepower Threat Defense	=7.0.1.1
Cisco Firepower Threat Defense	=7.0.2
Cisco Firepower Threat Defense	=7.0.2.1
Cisco Firepower Threat Defense	=7.0.3
Cisco Firepower Threat Defense	=7.1.0.0
Cisco Firepower Threat Defense	=7.1.0.1
Cisco Firepower Threat Defense	=7.1.0.2
Cisco Firepower Threat Defense	=7.2.0
Cisco Firepower Threat Defense	=7.2.0.1
Cisco Adaptive Security Appliance Software	=9.14.1
Cisco Adaptive Security Appliance Software	=9.14.1.6
Cisco Adaptive Security Appliance Software	=9.14.1.10
Cisco Adaptive Security Appliance Software	=9.14.1.15
Cisco Adaptive Security Appliance Software	=9.14.1.19
Cisco Adaptive Security Appliance Software	=9.14.1.30
Cisco Adaptive Security Appliance Software	=9.14.2
Cisco Adaptive Security Appliance Software	=9.14.2.4

Remedy

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-snmp-dos-qsqBNM6x

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2022-20924?
CVE-2022-20924 has a medium severity rating which indicates it could cause denial of service conditions.
How do I fix CVE-2022-20924?
To fix CVE-2022-20924, you should apply the recommended Cisco software updates for the affected versions of Cisco ASA and FTD software.
What versions of ASA and FTD are affected by CVE-2022-20924?
CVE-2022-20924 affects multiple versions of Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD), specifically versions 9.14.1 through 9.18.1 and 6.6.0 through 7.2.0.1.
Can CVE-2022-20924 be exploited remotely?
Yes, CVE-2022-20924 can be exploited by an authenticated remote attacker.
What impact does CVE-2022-20924 have on affected devices?
The impact of CVE-2022-20924 on affected devices is a denial of service (DoS) condition, potentially disrupting operations.

agent/author
agent/type
agent/softwarecombine
agent/references
agent/severity
agent/remedy
agent/first-publish-date
agent/event
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/source
agent/weakness
agent/tags
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/software-canonical-lookup-request
collector/nvd-index
vendor/cisco
canonical/cisco adaptive security appliance
version/cisco adaptive security appliance/9.14.1
version/cisco adaptive security appliance/9.14.1.6
version/cisco adaptive security appliance/9.14.1.10
version/cisco adaptive security appliance/9.14.1.15
version/cisco adaptive security appliance/9.14.1.19
version/cisco adaptive security appliance/9.14.1.30
version/cisco adaptive security appliance/9.14.2
version/cisco adaptive security appliance/9.14.2.4
canonical/cisco adaptive security appliance software
version/cisco adaptive security appliance software/9.14.2.8
version/cisco adaptive security appliance software/9.14.2.13
version/cisco adaptive security appliance software/9.14.2.15
version/cisco adaptive security appliance software/9.14.3
version/cisco adaptive security appliance software/9.14.3.1
version/cisco adaptive security appliance software/9.14.3.9
version/cisco adaptive security appliance software/9.14.3.11
version/cisco adaptive security appliance software/9.14.3.13
version/cisco adaptive security appliance software/9.14.3.15
version/cisco adaptive security appliance software/9.14.3.18
version/cisco adaptive security appliance software/9.14.4
version/cisco adaptive security appliance software/9.14.4.6
version/cisco adaptive security appliance software/9.14.4.7
version/cisco adaptive security appliance software/9.14.4.12
version/cisco adaptive security appliance software/9.15.1
version/cisco adaptive security appliance software/9.15.1.1
version/cisco adaptive security appliance software/9.15.1.7
version/cisco adaptive security appliance software/9.15.1.10
version/cisco adaptive security appliance software/9.15.1.15
version/cisco adaptive security appliance software/9.15.1.16
version/cisco adaptive security appliance software/9.15.1.17
version/cisco adaptive security appliance software/9.15.1.21
version/cisco adaptive security appliance software/9.16.3
version/cisco adaptive security appliance software/9.16.3.3
version/cisco adaptive security appliance software/9.16.3.14
version/cisco adaptive security appliance software/9.17.1
version/cisco adaptive security appliance software/9.17.1.7
version/cisco adaptive security appliance software/9.17.1.9
version/cisco adaptive security appliance software/9.17.1.10
version/cisco adaptive security appliance software/9.17.1.11
version/cisco adaptive security appliance software/9.17.1.13
version/cisco adaptive security appliance software/9.17.1.15
version/cisco adaptive security appliance software/9.18.1
canonical/cisco firepower threat defense
version/cisco firepower threat defense/6.6.0
version/cisco firepower threat defense/6.6.0.1
version/cisco firepower threat defense/6.6.1
version/cisco firepower threat defense/6.6.3
version/cisco firepower threat defense/6.6.4
version/cisco firepower threat defense/6.6.5
version/cisco firepower threat defense/6.6.5.1
version/cisco firepower threat defense/6.6.5.2
version/cisco firepower threat defense/6.7.0
version/cisco firepower threat defense/6.7.0.1
version/cisco firepower threat defense/6.7.0.2
version/cisco firepower threat defense/6.7.0.3
version/cisco firepower threat defense/7.0.0
version/cisco firepower threat defense/7.0.0.1
version/cisco firepower threat defense/7.0.1
version/cisco firepower threat defense/7.0.1.1
version/cisco firepower threat defense/7.0.2
version/cisco firepower threat defense/7.0.2.1
version/cisco firepower threat defense/7.0.3
version/cisco firepower threat defense/7.1.0.0
version/cisco firepower threat defense/7.1.0.1
version/cisco firepower threat defense/7.1.0.2
version/cisco firepower threat defense/7.2.0
version/cisco firepower threat defense/7.2.0.1
version/cisco adaptive security appliance software/9.14.1
version/cisco adaptive security appliance software/9.14.1.6
version/cisco adaptive security appliance software/9.14.1.10
version/cisco adaptive security appliance software/9.14.1.15
version/cisco adaptive security appliance software/9.14.1.19
version/cisco adaptive security appliance software/9.14.1.30
version/cisco adaptive security appliance software/9.14.2
version/cisco adaptive security appliance software/9.14.2.4