How severe is CVE-2022-20950?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.3 out of 10.

What type of vulnerability is CVE-2022-20950?

This is classified as CWE-770, which is a common weakness in software security.

CVE-2022-20950 - MEDIUM Severity | CVSS 5.3

Vulnerability Description

A vulnerability in the interaction of SIP and Snort 3 for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the Snort 3 detection engine to restart. This vulnerability is due to a lack of error-checking when SIP bidirectional flows are being inspected by Snort 3. An attacker could exploit this vulnerability by sending a stream of crafted SIP traffic through an interface on the targeted device. A successful exploit could allow the attacker to trigger a restart of the Snort 3 process, resulting in a denial of service (DoS) condition.

Related Vulnerabilities

CVE-2005-4650

MEDIUM

CVSS:5.3(Medium)

Joomla! 1.03 does not restrict the number of "Search" Mambots, which allows remote attackers to cause a denial of service (resource consumption) via a large number of Search Mambots.

CWE-7702005

CVE-2008-5180

MEDIUM

CVSS:5.3(Medium)

Microsoft Communicator, and Communicator in Microsoft Office 2010 beta, allows remote attackers to cause a denial of service (memory consumption) via a large number of SIP INVITE requests, which trigg...

CWE-7702008

CVE-2017-18899

MEDIUM

CVSS:5.3(Medium)

An issue was discovered in Mattermost Server before 4.2.0, 4.1.1, and 4.0.5. It mishandles IP-based rate limiting.

CWE-7702017

CVE-2018-0006

MEDIUM

CVSS:5.3(Medium)

A high rate of VLAN authentication attempts sent from an adjacent host on the local broadcast domain can trigger high memory utilization by the BBE subscriber management daemon (bbe-smgd), and lead to...

CWE-7702018

CVE-2019-0005

MEDIUM

CVSS:5.3(Medium)

On EX2300, EX3400, EX4600, QFX3K and QFX5K series, firewall filter configuration cannot perform packet matching on any IPv6 extension headers. This issue may allow IPv6 packets that should have been b...

CWE-7702019

CVE-2019-15165

MEDIUM

CVSS:5.3(Medium)

sf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB header length before allocating memory.

CWE-7702019