CVE-2022-20924

Name of the Vulnerable Software and Affected Versions Cisco Adaptive Security Appliance (ASA) Software (affected versions not specified) Cisco Firepower Threat Defense (FTD) Software (affected versions not specified)

Description A vulnerability in the Simple Network Management Protocol (SNMP) feature could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This issue is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted SNMP request to an affected device, potentially causing the device to reload and resulting in a DoS condition.

Recommendations For Cisco Adaptive Security Appliance (ASA) Software, consider disabling the SNMP feature until a patch is available. For Cisco Firepower Threat Defense (FTD) Software, restrict access to the SNMP protocol to minimize the risk of exploitation. As a temporary workaround, avoid using the SNMP feature in the affected software until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.