{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-20T08:08:52.808","vulnerabilities":[{"cve":{"id":"CVE-2026-20073","sourceIdentifier":"psirt@cisco.com","published":"2026-03-04T18:16:23.640","lastModified":"2026-03-05T19:39:11.967","vulnStatus":"Undergoing Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to send traffic that should be denied through an affected device.\r\n\r\nThis vulnerability is due to improper error handling when an affected device that is joining a cluster runs out of memory while replicating access control rules. An attacker could exploit this vulnerability by sending traffic that should be blocked through the device. A successful exploit could allow the attacker to bypass access controls and reach devices in protected networks."},{"lang":"es","value":"Una vulnerabilidad en el software Cisco Secure Firewall Adaptive Security Appliance (ASA) y el software Cisco Secure Firewall Threat Defense (FTD) podría permitir a un atacante remoto no autenticado enviar tráfico que debería ser denegado a través de un dispositivo afectado.\n\nEsta vulnerabilidad se debe a un manejo de errores inadecuado cuando un dispositivo afectado que se está uniendo a un clúster se queda sin memoria mientras replica reglas de control de acceso. Un atacante podría explotar esta vulnerabilidad enviando tráfico que debería ser bloqueado a través del dispositivo. Un exploit exitoso podría permitir al atacante eludir los controles de acceso y alcanzar dispositivos en redes protegidas."}],"metrics":{"cvssMetricV31":[{"source":"psirt@cisco.com","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N","baseScore":5.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Primary","description":[{"lang":"en","value":"CWE-284"}]}],"references":[{"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-aclbypass-dos-CVxVRSvQ","source":"psirt@cisco.com"}]}}]}