{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-12T11:01:48.502","vulnerabilities":[{"cve":{"id":"CVE-2022-20950","sourceIdentifier":"psirt@cisco.com","published":"2022-11-15T21:15:36.110","lastModified":"2024-11-21T06:43:53.120","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the interaction of SIP and Snort 3 for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the Snort 3 detection engine to restart.\r\n\r This vulnerability is due to a lack of error-checking when SIP bidirectional flows are being inspected by Snort 3. An attacker could exploit this vulnerability by sending a stream of crafted SIP traffic through an interface on the targeted device. A successful exploit could allow the attacker to trigger a restart of the Snort 3 process, resulting in a denial of service (DoS) condition."},{"lang":"es","value":"Una vulnerabilidad en la interacción de SIP y Snort 3 para el software Cisco Firepower Threat Defense (FTD) podría permitir que un atacante remoto no autenticado provoque que el motor de detección de Snort 3 se reinicie. Esta vulnerabilidad se debe a la falta de verificación de errores cuando Snort 3 inspecciona los flujos bidireccionales SIP. Un atacante podría explotar esta vulnerabilidad enviando un flujo de tráfico SIP manipulado a través de una interfaz en el dispositivo objetivo. Un exploit exitoso podría permitir al atacante reiniciar el proceso Snort 3, lo que resultaría en una condición de Denegación de Servicio (DoS)."}],"metrics":{"cvssMetricV31":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L","baseScore":5.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":1.4}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-770"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-754"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:firepower_threat_defense:7.2.0:*:*:*:*:*:*:*","matchCriteriaId":"16FD5D12-CF1A-4990-99B3-1840EFBA5611"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:firepower_threat_defense:7.2.0.1:*:*:*:*:*:*:*","matchCriteriaId":"FCD2D11D-FF08-44E4-BF67-D8DD1E701FCD"}]}]}],"references":[{"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftdsnort3sip-dos-A4cHeArC","source":"psirt@cisco.com"},{"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftdsnort3sip-dos-A4cHeArC","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}