Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2022-20713
HistoryAug 10, 2022 - 5:15 p.m.

CVE-2022-20713

2022-08-1017:15:08
CWE-444
CWE-79
[email protected]
web.nvd.nist.gov
9
cisco
vulnerability
browser-based attacks
remote attacker
asa software
ftd software

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EPSS

0.001

Percentile

49.1%

JSON

A vulnerability in the VPN web client services component of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct browser-based attacks against users of an affected device. This vulnerability is due to improper validation of input that is passed to the VPN web client services component before being returned to the browser that is in use. An attacker could exploit this vulnerability by persuading a user to visit a website that is designed to pass malicious requests to a device that is running Cisco ASA Software or Cisco FTD Software and has web services endpoints supporting VPN features enabled. A successful exploit could allow the attacker to reflect malicious input from the affected device to the browser that is in use and conduct browser-based attacks, including cross-site scripting attacks. The attacker could not directly impact the affected device.

Affected configurations

Nvd
Node
ciscofirepower_threat_defenseMatch6.2.3
OR
ciscofirepower_threat_defenseMatch6.2.3.1
OR
ciscofirepower_threat_defenseMatch6.2.3.2
OR
ciscofirepower_threat_defenseMatch6.2.3.3
OR
ciscofirepower_threat_defenseMatch6.2.3.4
OR
ciscofirepower_threat_defenseMatch6.2.3.5
OR
ciscofirepower_threat_defenseMatch6.2.3.6
OR
ciscofirepower_threat_defenseMatch6.2.3.7
OR
ciscofirepower_threat_defenseMatch6.2.3.8
OR
ciscofirepower_threat_defenseMatch6.2.3.9
OR
ciscofirepower_threat_defenseMatch6.2.3.10
OR
ciscofirepower_threat_defenseMatch6.2.3.11
OR
ciscofirepower_threat_defenseMatch6.2.3.12
OR
ciscofirepower_threat_defenseMatch6.2.3.13
OR
ciscofirepower_threat_defenseMatch6.2.3.14
OR
ciscofirepower_threat_defenseMatch6.2.3.15
OR
ciscofirepower_threat_defenseMatch6.2.3.16
OR
ciscofirepower_threat_defenseMatch6.2.3.17
OR
ciscofirepower_threat_defenseMatch6.2.3.18
OR
ciscofirepower_threat_defenseMatch6.4.0
OR
ciscofirepower_threat_defenseMatch6.4.0.1
OR
ciscofirepower_threat_defenseMatch6.4.0.2
OR
ciscofirepower_threat_defenseMatch6.4.0.3
OR
ciscofirepower_threat_defenseMatch6.4.0.4
OR
ciscofirepower_threat_defenseMatch6.4.0.5
OR
ciscofirepower_threat_defenseMatch6.4.0.6
OR
ciscofirepower_threat_defenseMatch6.4.0.7
OR
ciscofirepower_threat_defenseMatch6.4.0.8
OR
ciscofirepower_threat_defenseMatch6.4.0.9
OR
ciscofirepower_threat_defenseMatch6.4.0.10
OR
ciscofirepower_threat_defenseMatch6.4.0.11
OR
ciscofirepower_threat_defenseMatch6.4.0.12
OR
ciscofirepower_threat_defenseMatch6.4.0.13
OR
ciscofirepower_threat_defenseMatch6.4.0.14
OR
ciscofirepower_threat_defenseMatch6.4.0.15
OR
ciscofirepower_threat_defenseMatch6.4.0.16
OR
ciscofirepower_threat_defenseMatch6.6.0
OR
ciscofirepower_threat_defenseMatch6.6.0.1
OR
ciscofirepower_threat_defenseMatch6.6.1
OR
ciscofirepower_threat_defenseMatch6.6.3
OR
ciscofirepower_threat_defenseMatch6.6.4
OR
ciscofirepower_threat_defenseMatch6.6.5
OR
ciscofirepower_threat_defenseMatch6.6.5.1
OR
ciscofirepower_threat_defenseMatch6.6.5.2
OR
ciscofirepower_threat_defenseMatch6.6.7
OR
ciscofirepower_threat_defenseMatch6.6.7.1
OR
ciscofirepower_threat_defenseMatch6.7.0
OR
ciscofirepower_threat_defenseMatch6.7.0.1
OR
ciscofirepower_threat_defenseMatch6.7.0.2
OR
ciscofirepower_threat_defenseMatch6.7.0.3
OR
ciscofirepower_threat_defenseMatch7.0.0
OR
ciscofirepower_threat_defenseMatch7.0.0.1
OR
ciscofirepower_threat_defenseMatch7.0.1
OR
ciscofirepower_threat_defenseMatch7.0.1.1
OR
ciscofirepower_threat_defenseMatch7.0.2
OR
ciscofirepower_threat_defenseMatch7.0.2.1
OR
ciscofirepower_threat_defenseMatch7.0.3
OR
ciscofirepower_threat_defenseMatch7.0.4
OR
ciscofirepower_threat_defenseMatch7.0.5
OR
ciscofirepower_threat_defenseMatch7.1.0
OR
ciscofirepower_threat_defenseMatch7.1.0.1
OR
ciscofirepower_threat_defenseMatch7.1.0.2
OR
ciscofirepower_threat_defenseMatch7.1.0.3
OR
ciscofirepower_threat_defenseMatch7.2.0
OR
ciscofirepower_threat_defenseMatch7.2.0.1
OR
ciscofirepower_threat_defenseMatch7.2.1
OR
ciscofirepower_threat_defenseMatch7.2.2
OR
ciscofirepower_threat_defenseMatch7.2.3
OR
ciscofirepower_threat_defenseMatch7.3.0
OR
ciscofirepower_threat_defenseMatch7.3.1
OR
ciscofirepower_threat_defenseMatch7.3.1.1
OR
ciscoadaptive_security_appliance_softwareMatch9.8.1
OR
ciscoadaptive_security_appliance_softwareMatch9.8.1.5
OR
ciscoadaptive_security_appliance_softwareMatch9.8.1.7
OR
ciscoadaptive_security_appliance_softwareMatch9.8.2
OR
ciscoadaptive_security_appliance_softwareMatch9.8.2.8
OR
ciscoadaptive_security_appliance_softwareMatch9.8.2.14
OR
ciscoadaptive_security_appliance_softwareMatch9.8.2.15
OR
ciscoadaptive_security_appliance_softwareMatch9.8.2.17
OR
ciscoadaptive_security_appliance_softwareMatch9.8.2.20
OR
ciscoadaptive_security_appliance_softwareMatch9.8.2.24
OR
ciscoadaptive_security_appliance_softwareMatch9.8.2.26
OR
ciscoadaptive_security_appliance_softwareMatch9.8.2.28
OR
ciscoadaptive_security_appliance_softwareMatch9.8.2.33
OR
ciscoadaptive_security_appliance_softwareMatch9.8.2.35
OR
ciscoadaptive_security_appliance_softwareMatch9.8.2.38
OR
ciscoadaptive_security_appliance_softwareMatch9.8.3
OR
ciscoadaptive_security_appliance_softwareMatch9.8.3.8
OR
ciscoadaptive_security_appliance_softwareMatch9.8.3.11
OR
ciscoadaptive_security_appliance_softwareMatch9.8.3.14
OR
ciscoadaptive_security_appliance_softwareMatch9.8.3.16
OR
ciscoadaptive_security_appliance_softwareMatch9.8.3.18
OR
ciscoadaptive_security_appliance_softwareMatch9.8.3.21
OR
ciscoadaptive_security_appliance_softwareMatch9.8.3.26
OR
ciscoadaptive_security_appliance_softwareMatch9.8.3.29
OR
ciscoadaptive_security_appliance_softwareMatch9.8.4
OR
ciscoadaptive_security_appliance_softwareMatch9.8.4.3
OR
ciscoadaptive_security_appliance_softwareMatch9.8.4.7
OR
ciscoadaptive_security_appliance_softwareMatch9.8.4.8
OR
ciscoadaptive_security_appliance_softwareMatch9.8.4.10
OR
ciscoadaptive_security_appliance_softwareMatch9.8.4.12
OR
ciscoadaptive_security_appliance_softwareMatch9.8.4.15
OR
ciscoadaptive_security_appliance_softwareMatch9.8.4.17
OR
ciscoadaptive_security_appliance_softwareMatch9.8.4.20
OR
ciscoadaptive_security_appliance_softwareMatch9.8.4.22
OR
ciscoadaptive_security_appliance_softwareMatch9.8.4.25
OR
ciscoadaptive_security_appliance_softwareMatch9.8.4.26
OR
ciscoadaptive_security_appliance_softwareMatch9.8.4.29
OR
ciscoadaptive_security_appliance_softwareMatch9.8.4.32
OR
ciscoadaptive_security_appliance_softwareMatch9.8.4.33
OR
ciscoadaptive_security_appliance_softwareMatch9.8.4.34
OR
ciscoadaptive_security_appliance_softwareMatch9.8.4.35
OR
ciscoadaptive_security_appliance_softwareMatch9.8.4.39
OR
ciscoadaptive_security_appliance_softwareMatch9.8.4.40
OR
ciscoadaptive_security_appliance_softwareMatch9.8.4.41
OR
ciscoadaptive_security_appliance_softwareMatch9.8.4.43
OR
ciscoadaptive_security_appliance_softwareMatch9.8.4.44
OR
ciscoadaptive_security_appliance_softwareMatch9.8.4.45
OR
ciscoadaptive_security_appliance_softwareMatch9.8.4.46
OR
ciscoadaptive_security_appliance_softwareMatch9.12.1
OR
ciscoadaptive_security_appliance_softwareMatch9.12.1.2
OR
ciscoadaptive_security_appliance_softwareMatch9.12.1.3
OR
ciscoadaptive_security_appliance_softwareMatch9.12.2
OR
ciscoadaptive_security_appliance_softwareMatch9.12.2.1
OR
ciscoadaptive_security_appliance_softwareMatch9.12.2.4
OR
ciscoadaptive_security_appliance_softwareMatch9.12.2.5
OR
ciscoadaptive_security_appliance_softwareMatch9.12.2.9
OR
ciscoadaptive_security_appliance_softwareMatch9.12.3
OR
ciscoadaptive_security_appliance_softwareMatch9.12.3.2
OR
ciscoadaptive_security_appliance_softwareMatch9.12.3.7
OR
ciscoadaptive_security_appliance_softwareMatch9.12.3.9
OR
ciscoadaptive_security_appliance_softwareMatch9.12.3.12
OR
ciscoadaptive_security_appliance_softwareMatch9.12.4
OR
ciscoadaptive_security_appliance_softwareMatch9.12.4.2
OR
ciscoadaptive_security_appliance_softwareMatch9.12.4.4
OR
ciscoadaptive_security_appliance_softwareMatch9.12.4.7
OR
ciscoadaptive_security_appliance_softwareMatch9.12.4.8
OR
ciscoadaptive_security_appliance_softwareMatch9.12.4.10
OR
ciscoadaptive_security_appliance_softwareMatch9.12.4.13
OR
ciscoadaptive_security_appliance_softwareMatch9.12.4.18
OR
ciscoadaptive_security_appliance_softwareMatch9.12.4.24
OR
ciscoadaptive_security_appliance_softwareMatch9.12.4.26
OR
ciscoadaptive_security_appliance_softwareMatch9.12.4.29
OR
ciscoadaptive_security_appliance_softwareMatch9.12.4.30
OR
ciscoadaptive_security_appliance_softwareMatch9.12.4.35
OR
ciscoadaptive_security_appliance_softwareMatch9.12.4.37
OR
ciscoadaptive_security_appliance_softwareMatch9.12.4.38
OR
ciscoadaptive_security_appliance_softwareMatch9.12.4.39
OR
ciscoadaptive_security_appliance_softwareMatch9.12.4.40
OR
ciscoadaptive_security_appliance_softwareMatch9.12.4.41
OR
ciscoadaptive_security_appliance_softwareMatch9.12.4.47
OR
ciscoadaptive_security_appliance_softwareMatch9.12.4.48
OR
ciscoadaptive_security_appliance_softwareMatch9.12.4.50
OR
ciscoadaptive_security_appliance_softwareMatch9.12.4.52
OR
ciscoadaptive_security_appliance_softwareMatch9.12.4.54
OR
ciscoadaptive_security_appliance_softwareMatch9.12.4.55
OR
ciscoadaptive_security_appliance_softwareMatch9.14.1
OR
ciscoadaptive_security_appliance_softwareMatch9.14.1.6
OR
ciscoadaptive_security_appliance_softwareMatch9.14.1.10
OR
ciscoadaptive_security_appliance_softwareMatch9.14.1.15
OR
ciscoadaptive_security_appliance_softwareMatch9.14.1.19
OR
ciscoadaptive_security_appliance_softwareMatch9.14.1.30
OR
ciscoadaptive_security_appliance_softwareMatch9.14.2
OR
ciscoadaptive_security_appliance_softwareMatch9.14.2.4
OR
ciscoadaptive_security_appliance_softwareMatch9.14.2.8
OR
ciscoadaptive_security_appliance_softwareMatch9.14.2.13
OR
ciscoadaptive_security_appliance_softwareMatch9.14.2.15
OR
ciscoadaptive_security_appliance_softwareMatch9.14.3
OR
ciscoadaptive_security_appliance_softwareMatch9.14.3.1
OR
ciscoadaptive_security_appliance_softwareMatch9.14.3.9
OR
ciscoadaptive_security_appliance_softwareMatch9.14.3.11
OR
ciscoadaptive_security_appliance_softwareMatch9.14.3.13
OR
ciscoadaptive_security_appliance_softwareMatch9.14.3.15
OR
ciscoadaptive_security_appliance_softwareMatch9.14.3.18
OR
ciscoadaptive_security_appliance_softwareMatch9.14.4
OR
ciscoadaptive_security_appliance_softwareMatch9.14.4.6
OR
ciscoadaptive_security_appliance_softwareMatch9.14.4.7
OR
ciscoadaptive_security_appliance_softwareMatch9.14.4.12
OR
ciscoadaptive_security_appliance_softwareMatch9.14.4.13
OR
ciscoadaptive_security_appliance_softwareMatch9.14.4.14
OR
ciscoadaptive_security_appliance_softwareMatch9.14.4.15
OR
ciscoadaptive_security_appliance_softwareMatch9.14.4.17
OR
ciscoadaptive_security_appliance_softwareMatch9.15.1
OR
ciscoadaptive_security_appliance_softwareMatch9.15.1.1
OR
ciscoadaptive_security_appliance_softwareMatch9.15.1.7
OR
ciscoadaptive_security_appliance_softwareMatch9.15.1.10
OR
ciscoadaptive_security_appliance_softwareMatch9.15.1.15
OR
ciscoadaptive_security_appliance_softwareMatch9.15.1.16
OR
ciscoadaptive_security_appliance_softwareMatch9.15.1.17
OR
ciscoadaptive_security_appliance_softwareMatch9.15.1.21
OR
ciscoadaptive_security_appliance_softwareMatch9.16.1
OR
ciscoadaptive_security_appliance_softwareMatch9.16.1.28
OR
ciscoadaptive_security_appliance_softwareMatch9.16.2
OR
ciscoadaptive_security_appliance_softwareMatch9.16.2.3
OR
ciscoadaptive_security_appliance_softwareMatch9.16.2.7
OR
ciscoadaptive_security_appliance_softwareMatch9.16.2.11
OR
ciscoadaptive_security_appliance_softwareMatch9.16.2.13
OR
ciscoadaptive_security_appliance_softwareMatch9.16.2.14
OR
ciscoadaptive_security_appliance_softwareMatch9.16.3
OR
ciscoadaptive_security_appliance_softwareMatch9.16.3.3
OR
ciscoadaptive_security_appliance_softwareMatch9.16.3.14
OR
ciscoadaptive_security_appliance_softwareMatch9.16.3.15
OR
ciscoadaptive_security_appliance_softwareMatch9.16.3.19
OR
ciscoadaptive_security_appliance_softwareMatch9.16.3.23
OR
ciscoadaptive_security_appliance_softwareMatch9.16.4
OR
ciscoadaptive_security_appliance_softwareMatch9.16.4.9
OR
ciscoadaptive_security_appliance_softwareMatch9.17.1
OR
ciscoadaptive_security_appliance_softwareMatch9.17.1.7
OR
ciscoadaptive_security_appliance_softwareMatch9.17.1.9
OR
ciscoadaptive_security_appliance_softwareMatch9.17.1.10
OR
ciscoadaptive_security_appliance_softwareMatch9.17.1.11
OR
ciscoadaptive_security_appliance_softwareMatch9.17.1.13
OR
ciscoadaptive_security_appliance_softwareMatch9.17.1.15
OR
ciscoadaptive_security_appliance_softwareMatch9.17.1.20
OR
ciscoadaptive_security_appliance_softwareMatch9.18.1
OR
ciscoadaptive_security_appliance_softwareMatch9.18.1.3
OR
ciscoadaptive_security_appliance_softwareMatch9.18.2
OR
ciscoadaptive_security_appliance_softwareMatch9.18.2.5
OR
ciscoadaptive_security_appliance_softwareMatch9.18.2.7
OR
ciscoadaptive_security_appliance_softwareMatch9.18.2.8
OR
ciscoadaptive_security_appliance_softwareMatch9.19.1
VendorProductVersionCPE
ciscofirepower_threat_defense6.2.3cpe:2.3:a:cisco:firepower_threat_defense:6.2.3:*:*:*:*:*:*:*
ciscofirepower_threat_defense6.2.3.1cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.1:*:*:*:*:*:*:*
ciscofirepower_threat_defense6.2.3.2cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.2:*:*:*:*:*:*:*
ciscofirepower_threat_defense6.2.3.3cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.3:*:*:*:*:*:*:*
ciscofirepower_threat_defense6.2.3.4cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.4:*:*:*:*:*:*:*
ciscofirepower_threat_defense6.2.3.5cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.5:*:*:*:*:*:*:*
ciscofirepower_threat_defense6.2.3.6cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.6:*:*:*:*:*:*:*
ciscofirepower_threat_defense6.2.3.7cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.7:*:*:*:*:*:*:*
ciscofirepower_threat_defense6.2.3.8cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.8:*:*:*:*:*:*:*
ciscofirepower_threat_defense6.2.3.9cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.9:*:*:*:*:*:*:*
Rows per page:
1-10 of 2211

Related

cisco 2
prion 1
githubexploit 1
nessus 1
cve 1
cvelist 1
thn 1
cisco
cisco
Cisco Adaptive Security Appliance and Firepower Threat Defense Software VPN Web Client Services Client-Side Request Smuggling Vulnerability
2022-08-10 16:00:00
Cisco Catalyst Digital Building Series Switches and Cisco Catalyst Micro Switches Vulnerabilities
2022-04-13 16:00:00
prion
prion
Cross site scripting
2022-08-10 17:15:00
githubexploit
githubexploit
Exploit for HTTP Request Smuggling in Cisco Firepower Threat Defense
2024-07-12 22:53:45
nessus
nessus
Cisco Adaptive Security Appliance Software Clientless SSL VPN Client-Side Request Smuggling (cisco-sa-asa-webvpn-LOeKsNmO)
2022-08-12 00:00:00
cve
cve
CVE-2022-20713
2022-08-10 17:15:08
cvelist
cvelist
CVE-2022-20713
2022-08-10 16:20:10
thn
thn
Cisco Patches High-Severity Vulnerability Affecting ASA and Firepower Solutions
2022-08-12 08:14:00

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EPSS

0.001

Percentile

49.1%

JSON
Related for NVD:CVE-2022-20713
cisco2prion1githubexploit1nessus1cve1cvelist1thn1