cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-20918,https://securityvulnerability.io/vulnerability/CVE-2022-20918,Remote Access Vulnerability in Cisco FirePOWER Software and Management Center,"This vulnerability in Cisco FirePOWER Software and related products allows unauthenticated remote attackers to perform unauthorized SNMP GET requests due to the use of default credentials in SNMP version 1 and version 2. Attackers can exploit this flaw to retrieve sensitive information from affected devices if SNMP is configured. It's important to note that this vulnerability does not allow write access, but it poses significant risks for information disclosure.",Cisco,"Cisco Firepower Management Center,Cisco Firepower Services Software For Asa",7.5,HIGH,0.0022100000642240047,false,,false,false,true,2024-08-03T03:15:47.000Z,,false,false,,2022-11-15T21:15:00.000Z,0
CVE-2022-20928,https://securityvulnerability.io/vulnerability/CVE-2022-20928,Flaw in Authentication Flow of Cisco VPN Software,"A vulnerability in the VPN authentication and authorization processes of Cisco ASA and FTD software could enable an unauthenticated, remote attacker to connect as a different user. This flaw arises from inadequate verification of authorization during the VPN authentication process. An attacker can exploit this vulnerability by sending a specially crafted packet, necessitating valid credentials for establishing a VPN connection. If successful, the attacker could gain unauthorized access to the network with the privileges of another user, posing significant security risks.",Cisco,"Cisco Adaptive Security Appliance (asa) Software,Cisco Firepower Threat Defense Software,Cisco Firepower Services Software For Asa",5.8,MEDIUM,0.0012199999764561653,false,,false,false,true,2024-08-03T03:15:47.000Z,,false,false,,2022-11-15T21:15:00.000Z,0
CVE-2022-20927,https://securityvulnerability.io/vulnerability/CVE-2022-20927,Denial of Service Vulnerability in Cisco Adaptive Security Appliance and Firepower Threat Defense,"A vulnerability exists in the SSL/TLS client of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software. This issue stems from improper memory management during the initiation of SSL/TLS connections. An authenticated remote attacker can exploit this vulnerability by directing the affected device to connect to an SSL/TLS server configured with specific encryption parameters. If successful, this exploitation can lead to an unexpected reload of the device, resulting in a denial of service condition. It is crucial for organizations using Cisco's ASA and FTD to apply necessary security patches and follow best practices to mitigate this risk.",Cisco,"Cisco Adaptive Security Appliance (asa) Software,Cisco Firepower Threat Defense Software,Cisco Firepower Services Software For Asa",7.7,HIGH,0.0011500000255182385,false,,false,false,true,2024-08-03T03:15:47.000Z,,false,false,,2022-11-10T17:30:39.182Z,0
CVE-2022-20828,https://securityvulnerability.io/vulnerability/CVE-2022-20828,Cisco FirePOWER Software for ASA FirePOWER Module Command Injection Vulnerability,"A vulnerability in the CLI parser of Cisco FirePOWER Software for Adaptive Security Appliance (ASA) FirePOWER module could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected ASA FirePOWER module as the root user. This vulnerability is due to improper handling of undefined command parameters. An attacker could exploit this vulnerability by using a crafted command on the CLI or by submitting a crafted HTTPS request to the web-based management interface of the Cisco ASA that is hosting the ASA FirePOWER module. Note: To exploit this vulnerability, the attacker must have administrative access to the Cisco ASA. A user who has administrative access to a particular Cisco ASA is also expected to have administrative access to the ASA FirePOWER module that is hosted by that Cisco ASA.",Cisco,Cisco Firepower Services Software For Asa,6.5,MEDIUM,0.1171099990606308,false,,false,false,true,2024-08-03T03:15:43.000Z,,false,false,,2022-06-24T16:15:00.000Z,0