CVE-2026-20101

{"id": "CVE-2026-20101", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "psirt@cisco.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 8.6, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 4.0, "exploitabilityScore": 3.9}]}, "published": "2026-03-04T18:16:25.137", "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-vpn-m9sx6MbC", "source": "psirt@cisco.com"}], "vulnStatus": "Undergoing Analysis", "weaknesses": [{"type": "Primary", "source": "psirt@cisco.com", "description": [{"lang": "en", "value": "CWE-330"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the SAML 2.0 single sign-on (SSO) feature of Cisco Secure Firewall ASA Software and Secure FTD Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a DoS condition.\r\n\r This vulnerability is due to insufficient error checking when processing SAML messages. An attacker could exploit this vulnerability by sending crafted SAML messages to the SAML service. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition."}, {"lang": "es", "value": "Una vulnerabilidad en la funci\u00f3n de inicio de sesi\u00f3n \u00fanico (SSO) SAML 2.0 de Cisco Secure Firewall ASA Software y Secure FTD Software podr\u00eda permitir a un atacante remoto no autenticado provocar que el dispositivo se recargue inesperadamente, lo que resultar\u00eda en una condici\u00f3n de DoS. Esta vulnerabilidad se debe a una comprobaci\u00f3n de errores insuficiente al procesar mensajes SAML. Un atacante podr\u00eda explotar esta vulnerabilidad enviando mensajes SAML manipulados al servicio SAML. Un exploit exitoso podr\u00eda permitir al atacante provocar que el dispositivo se recargue, lo que resultar\u00eda en una condici\u00f3n de DoS."}], "lastModified": "2026-03-05T19:39:11.967", "sourceIdentifier": "psirt@cisco.com"}