Vulnslist

find the latest Cisco vulnerabilities

CVE-2022-20795

A vulnerability in the implementation of the Datagram TLS (DTLS) protocol in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause high CPU utilization, resulting in a denial of service (DoS) condition. This vulnerability is due to suboptimal processing that occurs when establishing a DTLS tunnel as part of an AnyConnect SSL VPN connection. An attacker could exploit this vulnerability by sending a steady stream of crafted DTLS traffic to an affected device. A successful exploit could allow the attacker to exhaust resources on the affected VPN headend device. This could cause existing DTLS tunnels to stop passing traffic and prevent new DTLS tunnels from establishing, resulting in a DoS condition. Note: When the attack traffic stops, the device recovers gracefully.

SeverityMEDIUM
CVSS5.8
CWECWE-345
KEV
Published
Modified

Related Products

Product Advisory Evidence
Cisco Secure Firewall Threat Defense Virtual cisco-sa-vpndtls-dos-TunzLEV Cisco OpenVuln
Cisco Secure Firewall Threat Defense (FTD) Software cisco-sa-vpndtls-dos-TunzLEV Cisco OpenVuln
Cisco Secure Firewall Adaptive Security Appliance (ASA) Software cisco-sa-vpndtls-dos-TunzLEV Cisco OpenVuln
Cisco Secure Firewall 3100 Series cisco-sa-vpndtls-dos-TunzLEV Cisco OpenVuln
Cisco Firepower Threat Defense Software cisco-sa-vpndtls-dos-TunzLEV Cisco OpenVuln
Cisco Firepower 9000 Series cisco-sa-vpndtls-dos-TunzLEV Cisco OpenVuln
Cisco Firepower 4100 Series cisco-sa-vpndtls-dos-TunzLEV Cisco OpenVuln
Cisco Firepower 2100 Series cisco-sa-vpndtls-dos-TunzLEV Cisco OpenVuln
Cisco Firepower 1000 Series cisco-sa-vpndtls-dos-TunzLEV Cisco OpenVuln
Cisco Adaptive Security Virtual Appliance (ASAv) cisco-sa-vpndtls-dos-TunzLEV Cisco OpenVuln
Cisco Adaptive Security Appliance (ASA) Software cisco-sa-vpndtls-dos-TunzLEV Cisco OpenVuln
Cisco ASA 5500-X Series Firewalls cisco-sa-vpndtls-dos-TunzLEV Cisco OpenVuln
Cisco 3000 Series Industrial Security Appliances (ISA) cisco-sa-vpndtls-dos-TunzLEV Cisco OpenVuln