CVE-2022-20947

Name of the Vulnerable Software and Affected Versions Cisco Adaptive Security Appliance (ASA) Software (affected versions not specified) Cisco Firepower Threat Defense (FTD) Software (affected versions not specified)

Description A vulnerability in the dynamic access policies (DAP) functionality is due to improper processing of HostScan data received from the Posture (HostScan) module. An attacker could exploit this vulnerability by sending crafted HostScan data to an affected device, allowing them to cause the device to reload, resulting in a denial of service (DoS) condition.

Recommendations For Cisco Adaptive Security Appliance (ASA) Software, update to a version that includes the fix for this issue. For Cisco Firepower Threat Defense (FTD) Software, update to a version that includes the fix for this issue. As a temporary workaround, consider restricting access to the Posture (HostScan) module to minimize the risk of exploitation.