{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T02:07:19.348","vulnerabilities":[{"cve":{"id":"CVE-2025-20244","sourceIdentifier":"psirt@cisco.com","published":"2025-08-14T17:15:38.330","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the Remote Access SSL VPN service for Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow a remote attacker that is authenticated as a VPN user to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition.\r\n\r\nThis vulnerability is due to incomplete error checking when parsing an HTTP header field value. An attacker could exploit this vulnerability by sending a crafted HTTP request to a targeted Remote Access SSL VPN service on an affected device. A successful exploit could allow the attacker to cause a DoS condition, which would cause the affected device to reload."},{"lang":"es","value":"Una vulnerabilidad en el servicio VPN SSL de acceso remoto para el software Cisco Secure Firewall Adaptive Security Appliance (ASA) y el software Cisco Secure Firewall Threat Defense (FTD) podría permitir que un atacante remoto autenticado como usuario de VPN reinicie el dispositivo inesperadamente, lo que resulta en una denegación de servicio (DoS). Esta vulnerabilidad se debe a una comprobación de errores incompleta al analizar el valor de un campo de encabezado HTTP. Un atacante podría explotar esta vulnerabilidad enviando una solicitud HTTP manipulada a un servicio VPN SSL de acceso remoto específico en un dispositivo afectado. Una explotación exitosa podría permitir al atacante provocar una denegación de servicio (DoS), lo que provocaría la recarga del dispositivo afectado."}],"metrics":{"cvssMetricV31":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H","baseScore":7.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.1,"impactScore":4.0}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-1287"}]}],"references":[{"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-vpnwebs-dos-hjBhmBsX","source":"psirt@cisco.com"}]}}]}