CVE-2022-20922

MEDIUM
Published Nov 15, 20223y ago · Modified Jun 22, 20261w ago
6.5 CVSS 3.1
Medium
Find Similar
Published Nov 15, 2022 3y ago
Last Modified Jun 22, 2026 1w ago

Description

Multiple vulnerabilities in the Server Message Block Version 2 (SMB2) processor of the Snort detection engine on multiple Cisco products could allow an unauthenticated, remote attacker to bypass the configured policies or cause a denial of service (DoS) condition on an affected device. These vulnerabilities are due to improper management of system resources when the Snort detection engine is processing SMB2 traffic. An attacker could exploit these vulnerabilities by sending a high rate of certain types of SMB2 packets through an affected device. A successful exploit could allow the attacker to trigger a reload of the Snort process, resulting in a DoS condition. Note: When the snort preserve-connection option is enabled for the Snort detection engine, a successful exploit could also allow the attacker to bypass the configured policies and deliver a malicious payload to the protected network. The snort preserve-connection setting is enabled by default. See the Details ["#details"] section of this advisory for more information. Note: Only products that have Snort 3 configured are affected. Products that are configured with Snort 2 are not affected.

CVSS Details

Base Score
6.5
Exploitability
3.9
Impact
2.5
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction None
Scope Unchanged
Confidentiality None
Integrity Low
Availability Low

Threat Intelligence

No active exploitation signals — not in CISA KEV and no EPSS score yet.

Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-244

Affected Products 57

VendorProductVersionRange
ciscofirepower_threat_defense7.1.0any
ciscofirepower_threat_defense7.1.0.1any
ciscofirepower_threat_defense7.1.0.2any
ciscofirepower_threat_defense7.2.0any
ciscofirepower_threat_defense7.2.0.1any
ciscoumbrella_virtual_appliance1.5.4any
ciscoumbrella_virtual_appliance1.5.5any
ciscoumbrella_virtual_appliance1.5.6any
ciscoumbrella_virtual_appliance2.0.0any
ciscoumbrella_virtual_appliance2.0.2any
ciscoumbrella_virtual_appliance2.0.3any
ciscoumbrella_virtual_appliance2.1.0any
ciscoumbrella_virtual_appliance2.1.2any
ciscoumbrella_virtual_appliance2.1.4any
ciscoumbrella_virtual_appliance2.1.5any
ciscoumbrella_virtual_appliance2.2any
ciscoumbrella_virtual_appliance2.2.1any
ciscoumbrella_virtual_appliance2.3any
ciscoumbrella_virtual_appliance2.3.1any
ciscoumbrella_virtual_appliance2.4any
ciscoumbrella_virtual_appliance2.4.4any
ciscoumbrella_virtual_appliance2.4.6any
ciscoumbrella_virtual_appliance2.4.12any
ciscoumbrella_virtual_appliance2.5any
ciscoumbrella_virtual_appliance2.5.4any
ciscoumbrella_virtual_appliance2.5.5any
ciscoumbrella_virtual_appliance2.5.6any
ciscoumbrella_virtual_appliance2.5.7any
ciscoumbrella_virtual_appliance2.6.0any
ciscoumbrella_virtual_appliance2.6.1any
ciscoumbrella_virtual_appliance2.6.2any
ciscoumbrella_virtual_appliance2.7any
ciscoumbrella_virtual_appliance2.8any
ciscoumbrella_virtual_appliance2.8.9any
ciscoumbrella_virtual_appliance3.0any
ciscoumbrella_virtual_appliance3.1any
ciscoumbrella_virtual_appliance3.2any
ciscocyber_vision3.0.0any
ciscocyber_vision3.0.1any
ciscocyber_vision3.0.2any
ciscocyber_vision3.0.3any
ciscocyber_vision3.0.5any
ciscocyber_vision3.0.6any
ciscocyber_vision3.1.0any
ciscocyber_vision3.1.1any
ciscocyber_vision3.1.2any
ciscocyber_vision3.2.0any
ciscocyber_vision3.2.1any
ciscocyber_vision3.2.2any
ciscocyber_vision3.2.3any
ciscocyber_vision3.2.4any
ciscocyber_vision4.0.0any
ciscocyber_vision4.0.1any
ciscocyber_vision4.0.2any
ciscocyber_vision4.0.3any
ciscocyber_vision4.1.0any
ciscocyber_vision4.1.1any

References 1

  • sec.cloudapps.cisco.com https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-smb-3nfhJtr

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.