{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T04:54:42.783","vulnerabilities":[{"cve":{"id":"CVE-2025-20219","sourceIdentifier":"psirt@cisco.com","published":"2025-08-14T17:15:35.920","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the implementation of access control rules for loopback interfaces in Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to send traffic that should have been blocked to a loopback interface.\r\n\r\nThis vulnerability is due to improper enforcement of access control rules for loopback interfaces. An attacker could exploit this vulnerability by sending traffic to a loopback interface on an affected device. A successful exploit could allow the attacker to bypass configured access control rules and send traffic that should have been blocked to a loopback interface on the device."},{"lang":"es","value":"Una vulnerabilidad en la implementación de las reglas de control de acceso para interfaces de bucle invertido en el software Cisco Secure Firewall Adaptive Security Appliance (ASA) y el software Cisco Secure Firewall Threat Defense (FTD) podría permitir que un atacante remoto no autenticado envíe tráfico que debería estar bloqueado a una interfaz de bucle invertido. Esta vulnerabilidad se debe a la aplicación incorrecta de las reglas de control de acceso para las interfaces de bucle invertido. Un atacante podría explotar esta vulnerabilidad enviando tráfico a una interfaz de bucle invertido en un dispositivo afectado. Una explotación exitosa podría permitir al atacante eludir las reglas de control de acceso configuradas y enviar tráfico que debería estar bloqueado a una interfaz de bucle invertido en el dispositivo."}],"metrics":{"cvssMetricV31":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]}],"references":[{"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-acl-bypass-mtPze9Yh","source":"psirt@cisco.com"}]}}]}