How severe is CVE-2022-20730?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.5 out of 10.

What type of vulnerability is CVE-2022-20730?

This is classified as CWE-241, which is a common weakness in software security.

CVE-2022-20730

HIGH Year: 2022

CVSS v3 Score

7.5

High

CVSS v2 Score

5.0

Medium

Weakness Type

CWE-241

View all →

Vulnerability Description

A vulnerability in the Security Intelligence feed feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the Security Intelligence DNS feed. This vulnerability is due to incorrect feed update processing. An attacker could exploit this vulnerability by sending traffic through an affected device that should be blocked by the affected device. A successful exploit could allow the attacker to bypass device controls and successfully send traffic to devices that are expected to be protected by the affected device.

CVE-2021-39131

HIGH

CVSS:7.5(High)

ced detects character encoding using Google’s compact_enc_det library. In ced v0.1.0, passing data types other than `Buffer` causes the Node.js process to crash. The problem has been patched in ced v1...

CWE-2412021

CVE-2021-40116

HIGH

CVSS:7.5(High)

Multiple Cisco products are affected by a vulnerability in Snort rules that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.The vulne...

CWE-2412021

CVE-2022-1642

HIGH

CVSS:7.5(High)

A program using swift-corelibs-foundation is vulnerable to a denial of service attack caused by a potentially malicious source producing a JSON document containing a type mismatch. This vulnerability ...

CWE-2412022

CVE-2022-24668

HIGH

CVSS:7.5(High)

A program using swift-nio-http2 is vulnerable to a denial of service attack caused by a network peer sending ALTSVC or ORIGIN frames. This attack affects all swift-nio-http2 versions from 1.0.0 to 1.1...

CWE-2412022

CVE-2022-3029

HIGH

CVSS:7.5(High)

In NLnet Labs Routinator 0.9.0 up to and including 0.11.2, due to a mistake in error handling, data in RRDP snapshot and delta files that isn’t correctly base 64 encoded is treated as a fatal error an...

CWE-2412022

CVE-2023-30591

HIGH

CVSS:7.5(High)

Denial-of-service in NodeBB <= v2.8.10 allows unauthenticated attackers to trigger a crash, when invoking `eventName.startsWith()` or `eventName.toString()`, while processing Socket.IO messages via cr...

CWE-2412023

CVE-2022-20730

Vulnerability Description

Related Vulnerabilities

CVE-2021-39131

CVE-2021-40116

CVE-2022-1642

CVE-2022-24668

CVE-2022-3029

CVE-2023-30591