How severe is CVE-2022-20748?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.3 out of 10.

What type of vulnerability is CVE-2022-20748?

This is classified as CWE-664, which is a common weakness in software security.

CVE-2022-20748 - MEDIUM Severity | CVSS 5.3

Vulnerability Description

A vulnerability in the local malware analysis process of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. This vulnerability is due to insufficient error handling in the local malware analysis process of an affected device. An attacker could exploit this vulnerability by sending a crafted file through the device. A successful exploit could allow the attacker to cause the local malware analysis process to crash, which could result in a DoS condition. Notes: Manual intervention may be required to recover from this situation. Malware cloud lookup and dynamic analysis will not be impacted.

Related Vulnerabilities

CVE-2022-27512

MEDIUM

CVSS:5.3(Medium)

Temporary disruption of the ADM license service. The impact of this includes preventing new licenses from being issued or renewed by Citrix ADM.

CWE-6642022

CVE-2020-1620

MEDIUM

CVSS:5.5(Medium)

A local, authenticated user with shell can obtain the hashed values of login passwords via configd streamer log. This issue affects all versions of Junos OS Evolved prior to 19.3R1.

CWE-6642020

CVE-2020-1621

MEDIUM

CVSS:5.5(Medium)

A local, authenticated user with shell can obtain the hashed values of login passwords via configd traces. This issue affects all versions of Junos OS Evolved prior to 19.3R1.

CWE-6642020

CVE-2020-1622

MEDIUM

CVSS:5.5(Medium)

A local, authenticated user with shell can obtain the hashed values of login passwords and shared secrets via the EvoSharedObjStore. This issue affects all versions of Junos OS Evolved prior to 19.1R1...

CWE-6642020

CVE-2020-36774

MEDIUM

CVSS:5.5(Medium)

plugins/gtk+/glade-gtk-box.c in GNOME Glade before 3.38.1 and 3.39.x before 3.40.0 mishandles widget rebuilding for GladeGtkBox, leading to a denial of service (application crash).

CWE-6642020

CVE-2024-45383

MEDIUM

CVSS:5.0(Medium)

A mishandling of IRP requests vulnerability exists in the HDAudBus_DMA interface of Microsoft High Definition Audio Bus Driver 10.0.19041.3636 (WinBuild.160101.0800). A specially crafted application c...

CWE-6642024