{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2022-20685","assignerOrgId":"d1c1063e-7a18-46af-9102-31f8928bc633","state":"PUBLISHED","assignerShortName":"cisco","dateReserved":"2021-11-02T13:28:29.055Z","datePublished":"2024-11-15T15:36:31.261Z","dateUpdated":"2025-01-27T17:48:32.910Z"},"containers":{"cna":{"title":"Multiple Cisco Products Snort Modbus Denial of Service Vulnerability","metrics":[{"format":"cvssV3_1","cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"}}],"descriptions":[{"lang":"en","value":"A vulnerability in the Modbus preprocessor of the Snort detection engine could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\r\nThis vulnerability is due to an integer overflow while processing Modbus traffic. An attacker could exploit this vulnerability by sending crafted Modbus traffic through an affected device. A successful exploit could allow the attacker to cause the Snort process to hang, causing traffic inspection to stop.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability."}],"references":[{"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-dos-9D3hJLuj","name":"cisco-sa-snort-dos-9D3hJLuj"},{"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sna-xss-NXOxDhRQ","name":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sna-xss-NXOxDhRQ

Attention: Simplifying the Cisco portfolio includes the renaming of security products under one brand: Cisco Secure. For more information, see Meet Cisco Secure"}],"exploits":[{"lang":"en","value":"The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}],"source":{"advisory":"cisco-sa-snort-dos-9D3hJLuj","discovery":"EXTERNAL","defects":["CSCvz27235"]},"problemTypes":[{"descriptions":[{"lang":"en","description":"Integer Overflow or Wraparound","type":"cwe","cweId":"CWE-190"}]}],"affected":[{"vendor":"Cisco","product":"Cisco Cyber Vision","versions":[{"version":"3.0.0","status":"affected"},{"version":"3.0.2","status":"affected"},{"version":"3.0.3","status":"affected"},{"version":"3.0.1","status":"affected"},{"version":"3.1.0","status":"affected"},{"version":"3.0.4","status":"affected"},{"version":"3.1.1","status":"affected"},{"version":"3.1.2","status":"affected"},{"version":"3.2.0","status":"affected"},{"version":"3.0.5","status":"affected"},{"version":"3.2.1","status":"affected"},{"version":"3.0.6","status":"affected"},{"version":"3.2.2","status":"affected"},{"version":"3.2.3","status":"affected"},{"version":"3.2.4","status":"affected"},{"version":"4.0.0","status":"affected"},{"version":"4.0.1","status":"affected"}],"defaultStatus":"unknown"},{"vendor":"Cisco","product":"Cisco Firepower Threat Defense Software","versions":[{"version":"6.2.3.14","status":"affected"},{"version":"6.4.0.1","status":"affected"},{"version":"6.2.3.7","status":"affected"},{"version":"6.2.3","status":"affected"},{"version":"6.4.0.2","status":"affected"},{"version":"6.2.3.9","status":"affected"},{"version":"6.2.3.1","status":"affected"},{"version":"6.2.3.2","status":"affected"},{"version":"6.4.0.5","status":"affected"},{"version":"6.2.3.10","status":"affected"},{"version":"6.4.0","status":"affected"},{"version":"6.4.0.3","status":"affected"},{"version":"6.2.3.6","status":"affected"},{"version":"6.4.0.4","status":"affected"},{"version":"6.2.3.15","status":"affected"},{"version":"6.2.3.5","status":"affected"},{"version":"6.2.3.4","status":"affected"},{"version":"6.2.3.3","status":"affected"},{"version":"6.2.3.8","status":"affected"},{"version":"6.4.0.6","status":"affected"},{"version":"6.2.3.11","status":"affected"},{"version":"6.2.3.12","status":"affected"},{"version":"6.2.3.13","status":"affected"},{"version":"6.4.0.7","status":"affected"},{"version":"6.4.0.8","status":"affected"},{"version":"6.6.0","status":"affected"},{"version":"6.4.0.9","status":"affected"},{"version":"6.2.3.16","status":"affected"},{"version":"6.6.0.1","status":"affected"},{"version":"6.6.1","status":"affected"},{"version":"6.4.0.10","status":"affected"},{"version":"6.7.0","status":"affected"},{"version":"6.4.0.11","status":"affected"},{"version":"6.6.3","status":"affected"},{"version":"6.7.0.1","status":"affected"},{"version":"6.6.4","status":"affected"},{"version":"6.4.0.12","status":"affected"},{"version":"6.7.0.2","status":"affected"},{"version":"7.0.0","status":"affected"},{"version":"6.2.3.17","status":"affected"},{"version":"7.0.0.1","status":"affected"},{"version":"6.6.5","status":"affected"},{"version":"6.2.3.18","status":"affected"},{"version":"6.7.0.3","status":"affected"}],"defaultStatus":"unknown"},{"vendor":"Cisco","product":"Cisco UTD SNORT IPS Engine Software","versions":[{"version":"3.17.1S","status":"affected"},{"version":"16.12.3","status":"affected"},{"version":"Fuji-16.9.5","status":"affected"},{"version":"16.12.4","status":"affected"},{"version":"17.3.1a","status":"affected"},{"version":"16.6.6","status":"affected"},{"version":"16.12.2","status":"affected"},{"version":"Fuji-16.9.6","status":"affected"},{"version":"3.17.0S","status":"affected"},{"version":"Fuji-16.9.3","status":"affected"},{"version":"Denali-16.3.7","status":"affected"},{"version":"Fuji-16.9.2","status":"affected"},{"version":"Fuji-16.9.4","status":"affected"},{"version":"Everest-16.6.4","status":"affected"},{"version":"Everest-16.6.3","status":"affected"},{"version":"16.6.5","status":"affected"},{"version":"Denali-16.3.5","status":"affected"},{"version":"17.2.1r","status":"affected"},{"version":"17.1.1","status":"affected"},{"version":"Everest-16.6.2","status":"affected"},{"version":"16.6.7a","status":"affected"},{"version":"Denali-16.3.4","status":"affected"},{"version":"16.6.1","status":"affected"},{"version":"Denali-16.3.9","status":"affected"},{"version":"Denali-16.3.3","status":"affected"},{"version":"16.12.1a","status":"affected"},{"version":"17.3.2","status":"affected"},{"version":"17.4.1a","status":"affected"},{"version":"16.12.5","status":"affected"},{"version":"17.5.1","status":"affected"},{"version":"Fuji-16.9.7","status":"affected"},{"version":"16.6.9","status":"affected"},{"version":"17.3.3","status":"affected"},{"version":"17.5.1a","status":"affected"},{"version":"17.3.4","status":"affected"},{"version":"17.3.4a","status":"affected"},{"version":"17.4.2","status":"affected"},{"version":"17.4.1b","status":"affected"},{"version":"17.6.1a","status":"affected"},{"version":"16.6.10","status":"affected"},{"version":"17.7.1a","status":"affected"},{"version":"16.12.6","status":"affected"},{"version":"Fuji-16.9.8","status":"affected"}],"defaultStatus":"unknown"}],"providerMetadata":{"orgId":"d1c1063e-7a18-46af-9102-31f8928bc633","shortName":"cisco","dateUpdated":"2024-11-15T15:36:31.261Z"}},"adp":[{"problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-190","lang":"en","description":"CWE-190 Integer Overflow or Wraparound"}]}],"metrics":[{"cvssV3_1":{"scope":"UNCHANGED","version":"3.1","baseScore":7.5,"attackVector":"NETWORK","baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","integrityImpact":"NONE","userInteraction":"NONE","attackComplexity":"LOW","availabilityImpact":"HIGH","privilegesRequired":"NONE","confidentialityImpact":"NONE"}},{"other":{"type":"ssvc","content":{"timestamp":"2024-11-15T16:20:05.316414Z","id":"CVE-2022-20685","options":[{"Exploitation":"none"},{"Automatable":"yes"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-01-27T17:48:32.910Z"}}]}}