Skip to main content

Cisco CVE-2026-20103

HIGH
Allocation of Resources Without Limits or Throttling (CWE-770)
2026-03-04 psirt@cisco.com
8.6
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
8.6 HIGH
AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

3
Re-analysis Queued
Apr 16, 2026 - 20:37 vuln.today
cvss_changed
Analysis Generated
Mar 12, 2026 - 22:05 vuln.today
CVE Published
Mar 04, 2026 - 18:16 nvd
HIGH 8.6

DescriptionCVE.org

A vulnerability in the Remote Access SSL VPN functionality of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to exhaust device memory resulting in a denial of service (DoS) condition to new Remote Access SSL VPN connections. This does not affect the management interface, though it may become temporarily unresponsive. This vulnerability is due to trusting user input without validation. An attacker could exploit this vulnerability by sending crafted packets to the Remote Access SSL VPN server. A successful exploit could allow the attacker to cause the device web interface to stop responding, resulting in a DoS condition.

AnalysisAI

Denial of service in Cisco Secure Firewall ASA and FTD Remote Access SSL VPN allows unauthenticated remote attackers to exhaust device memory through malformed packets, causing the VPN service to become unresponsive. The vulnerability stems from insufficient input validation on the SSL VPN server and currently has no available patch. While the management interface remains accessible, new VPN connections cannot be established during an attack.

Technical ContextAI

This vulnerability (CWE-770: Allocation of Resources Without Limits or Throttling) exists in the Remote Access SSL VPN component. in the Remote Access SSL VPN functionality of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to exhaust device memory resulting in a denial of service (DoS) condition to new Remote Access SSL VPN connections. This does not affect the management interface, though it may become temporarily unresponsive. This vulnerability is due to trusting user input without validation. An attac

RemediationAI

Monitor vendor advisories for a patch. Restrict network access to the affected service where possible.

Share

CVE-2026-20103 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy