PT-2021-7088 · Cisco · Cisco Ftd

Published

2021-11-02

Updated

2022-05-12

CVE-2022-20730

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:C/A:N

Name of the Vulnerable Software and Affected Versions Cisco Firepower Threat Defense (FTD) Software (affected versions not specified)

Description A vulnerability in the Security Intelligence feed feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the Security Intelligence DNS feed. This issue is due to incorrect feed update processing. An attacker could exploit this by sending traffic through an affected device that should be blocked. A successful exploit could allow the attacker to bypass device controls and send traffic to devices expected to be protected.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-241

Related Identifiers

BDU:2022-03260

CVE-2022-20730

Affected Products

Cisco Ftd

PT-2021-7088 · Cisco · Cisco Ftd

CVE-2022-20730

Weakness Enumeration

Related Identifiers

Affected Products

References · 6