A vulnerability in the Remote Access SSL VPN, HTTP management and MUS functionality, of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to exhaust device memory resulting in a denial of service (DoS) condition requiring a manual reboot.
This vulnerability is due to trusting user input without validation. An attacker could exploit this vulnerability by sending crafted packets to the Remote Access SSL VPN server. A successful exploit could allow the attacker to cause the device to stop responding, resulting in a DoS condition.
Metrics
Affected Vendors & Products
No data.
No data.
No data.
No data.
References
History
Wed, 04 Mar 2026 17:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A vulnerability in the Remote Access SSL VPN, HTTP management and MUS functionality, of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to exhaust device memory resulting in a denial of service (DoS) condition requiring a manual reboot. This vulnerability is due to trusting user input without validation. An attacker could exploit this vulnerability by sending crafted packets to the Remote Access SSL VPN server. A successful exploit could allow the attacker to cause the device to stop responding, resulting in a DoS condition. | |
| Weaknesses | CWE-401 | |
| References |
| |
| Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: cisco
Published:
Updated: 2026-03-04T17:19:58.117Z
Reserved: 2025-10-08T11:59:15.371Z
Link: CVE-2026-20106
Vulnrichment
No data.
NVD
Status : Received
Published: 2026-03-04T18:16:26.670
Modified: 2026-03-04T18:16:26.670
Link: CVE-2026-20106
Redhat
No data.
OpenCVE Enrichment
No data.