CVE-2022-20918

Name of the Vulnerable Software and Affected Versions Cisco FirePOWER Software for Adaptive Security Appliance (ASA) FirePOWER module (affected versions not specified) Cisco Firepower Management Center (FMC) Software (affected versions not specified) Cisco Next-Generation Intrusion Prevention System (NGIPS) Software (affected versions not specified)

Description A vulnerability in the Simple Network Management Protocol (SNMP) access controls could allow an unauthenticated, remote attacker to perform an SNMP GET request using a default credential. This vulnerability is due to the presence of a default credential for SNMP version 1 (SNMPv1) and SNMP version 2 (SNMPv2). An attacker could exploit this vulnerability by sending an SNMPv1 or SNMPv2 GET request to an affected device. A successful exploit could allow the attacker to retrieve sensitive information from the device using the default credential. This attack will only be successful if SNMP is configured, and the attacker can only perform SNMP GET requests; write access using SNMP is not allowed.

Recommendations For Cisco FirePOWER Software for Adaptive Security Appliance (ASA) FirePOWER module, consider disabling the default credential for SNMP version 1 (SNMPv1) and SNMP version 2 (SNMPv2) as a temporary workaround until a patch is available. For Cisco Firepower Management Center (FMC) Software, restrict access to the SNMP protocol to minimize the risk of exploitation. For Cisco Next-Generation Intrusion Prevention System (NGIPS) Software, avoid using the default credential for SNMP GET requests until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.