{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-13T17:17:58.284","vulnerabilities":[{"cve":{"id":"CVE-2026-20103","sourceIdentifier":"psirt@cisco.com","published":"2026-03-04T18:16:25.840","lastModified":"2026-04-16T20:28:00.410","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the Remote Access SSL VPN functionality of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to exhaust device memory resulting in a denial of service (DoS) condition to new Remote Access SSL VPN connections. This does not affect the management interface, though it may become temporarily unresponsive. \r\n\r This vulnerability is due to trusting user input without validation. An attacker could exploit this vulnerability by sending crafted packets to the Remote Access SSL VPN server. A successful exploit could allow the attacker to cause the device web interface to stop responding, resulting in a DoS condition."},{"lang":"es","value":"Una vulnerabilidad en la funcionalidad de VPN SSL de Acceso Remoto de Cisco Secure Firewall Adaptive Security Appliance (ASA) Software y Secure Firewall Threat Defense (FTD) Software podría permitir a un atacante remoto no autenticado agotar la memoria del dispositivo, lo que resultaría en una condición de denegación de servicio (DoS) para nuevas conexiones VPN SSL de Acceso Remoto. Esto no afecta la interfaz de gestión, aunque podría dejar de responder temporalmente. Esta vulnerabilidad se debe a confiar en la entrada del usuario sin validación. Un atacante podría explotar esta vulnerabilidad enviando paquetes manipulados al servidor VPN SSL de Acceso Remoto. Un exploit exitoso podría permitir al atacante hacer que la interfaz web del dispositivo deje de responder, lo que resultaría en una condición de DoS."}],"metrics":{"cvssMetricV31":[{"source":"psirt@cisco.com","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H","baseScore":8.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":4.0}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Primary","description":[{"lang":"en","value":"CWE-770"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*","versionStartIncluding":"9.12.1","versionEndExcluding":"9.16.4.85","matchCriteriaId":"74292810-417D-42CC-9123-55166145E91D"},{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*","versionStartIncluding":"9.17.1","versionEndExcluding":"9.18.4.66","matchCriteriaId":"7EFC1809-7619-43ED-80FD-0FC28C876879"},{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*","versionStartIncluding":"9.19.1","versionEndExcluding":"9.20.4","matchCriteriaId":"4988A136-196A-448B-A416-992803647AB2"},{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*","versionStartIncluding":"9.22.1.1","versionEndExcluding":"9.22.2.4","matchCriteriaId":"55B05CD4-4849-471F-ACC5-0E0478568A2D"},{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*","versionStartIncluding":"9.23.1","versionEndExcluding":"9.23.1.7","matchCriteriaId":"61AA6D92-28AC-41E2-8CD3-F7094A079D65"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:firepower_threat_defense_software:*:*:*:*:*:*:*:*","versionStartIncluding":"6.4.0","versionEndExcluding":"7.0.9","matchCriteriaId":"A02019B1-284B-4118-A544-9AA56216E741"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:firepower_threat_defense_software:*:*:*:*:*:*:*:*","versionStartIncluding":"7.1.0","versionEndExcluding":"7.2.11","matchCriteriaId":"3DA98A98-A084-4DB0-B08F-33EB6C8607C0"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:firepower_threat_defense_software:*:*:*:*:*:*:*:*","versionStartIncluding":"7.3.0","versionEndExcluding":"7.4.3","matchCriteriaId":"737DB8CE-EC0B-4221-A8BF-3E64702DE092"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:firepower_threat_defense_software:*:*:*:*:*:*:*:*","versionStartIncluding":"7.6.0","versionEndExcluding":"7.6.4","matchCriteriaId":"26A29A1A-8013-4CE1-8DE5-4C82778A1D96"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:firepower_threat_defense_software:*:*:*:*:*:*:*:*","versionStartIncluding":"7.7.0","versionEndExcluding":"7.7.11","matchCriteriaId":"A267F3D1-7449-4622-91AB-F9CA2DDDB61E"}]}]}],"references":[{"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-vpn-m9sx6MbC","source":"psirt@cisco.com","tags":["Vendor Advisory"]}]}}]}