What is CVE-2022-20730?

CVE-2022-20730 is a medium-severity vulnerability in Cisco Firepower Threat Defense Software, classified under CWE-241. CVSS score: 4.0/10. Published 2022-05-03.

How severe is CVE-2022-20730?

Medium severity. CVSS v3 base score is 4.0 out of 10.

Vulnerability in Cisco Firepower Threat Defense Software

CVE-2022-20730

A vulnerability in the Security Intelligence feed feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the Security Intelligence DNS feed. This vulnerability is due to incorrect…

EPSS: 0.003 (52.5th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 4.0 (Medium). Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N.

Affected products

Cisco Firepower Threat Defense Software — versions n/a

Weakness classification (CWE)

CWE-241

References

20220427 Cisco Firepower Threat Defense Software Security Intelligence DNS Feed Bypass Vulnerability (vendor-advisory, x_refsource_CISCO)

Frequently asked questions

What is CVE-2022-20730?: CVE-2022-20730 is a medium-severity vulnerability in Cisco Firepower Threat Defense Software, classified under CWE-241. CVSS score: 4.0/10. Published 2022-05-03.
How severe is CVE-2022-20730?: Medium severity. CVSS v3 base score is 4.0 out of 10.