5.8
CVE-2026-20054
- EPSS 0.04%
- Veröffentlicht 04.03.2026 17:47:05
- Zuletzt bearbeitet 05.03.2026 19:39:11
- Quelle psirt@cisco.com
- CVE-Watchlists
- Unerledigt
Cisco Secure Firewall Threat Defense Software Snort 3 Visual Basic for Application Infinite Loop Denial of Service Vulnerability
Multiple Cisco products are affected by a vulnerability in the Snort 3 VBA feature that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to crash. This vulnerability is due to improper error checking when decompressing VBA data. An attacker could exploit this vulnerability by sending crafted VBA data to the Snort 3 Detection Engine on the targeted device. A successful exploit could allow the attacker to cause the Snort 3 Detection Engine to enter an infinite loop, causing a DoS condition.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerCisco
≫
Produkt
Cisco Cyber Vision
Default Statusunknown
Version
3.0.0
Status
affected
Version
3.0.2
Status
affected
Version
3.0.3
Status
affected
Version
3.0.1
Status
affected
Version
3.1.0
Status
affected
Version
3.0.4
Status
affected
Version
3.1.1
Status
affected
Version
3.1.2
Status
affected
Version
3.2.0
Status
affected
Version
3.0.5
Status
affected
Version
3.2.1
Status
affected
Version
3.0.6
Status
affected
Version
3.2.2
Status
affected
Version
3.2.3
Status
affected
Version
3.2.4
Status
affected
Version
4.0.0
Status
affected
Version
4.0.1
Status
affected
Version
4.0.2
Status
affected
Version
4.0.3
Status
affected
Version
4.1.0
Status
affected
Version
4.1.1
Status
affected
Version
4.1.2
Status
affected
Version
4.1.3
Status
affected
Version
4.1.4
Status
affected
Version
4.2.0
Status
affected
Version
4.2.1
Status
affected
Version
4.1.5
Status
affected
Version
4.2.2
Status
affected
Version
4.2.X
Status
affected
Version
4.2.3
Status
affected
Version
4.2.4
Status
affected
Version
4.2.6
Status
affected
Version
4.1.6
Status
affected
Version
4.3.0
Status
affected
Version
4.3.1
Status
affected
Version
4.3.2
Status
affected
Version
4.3.3
Status
affected
Version
4.4.0
Status
affected
Version
4.4.1
Status
affected
Version
4.4.2
Status
affected
Version
4.4.3
Status
affected
Version
4.1.7
Status
affected
Version
5.0.0
Status
affected
Version
5.0.1
Status
affected
Version
5.0.2
Status
affected
Version
5.1.0
Status
affected
Version
5.1.1
Status
affected
Version
5.1.2
Status
affected
Version
5.1.3
Status
affected
Version
5.2.0
Status
affected
Version
5.2.1
Status
affected
Version
5.3.0
Status
affected
Version
5.3.1
Status
affected
Version
5.3.2
Status
affected
HerstellerCisco
≫
Produkt
Cisco Secure Firewall Threat Defense (FTD) Software
Default Statusunknown
Version
7.2.0
Status
affected
Version
7.2.0.1
Status
affected
Version
7.2.1
Status
affected
Version
7.3.0
Status
affected
Version
7.2.2
Status
affected
Version
7.2.3
Status
affected
Version
7.3.1
Status
affected
Version
7.2.4
Status
affected
Version
7.2.5
Status
affected
Version
7.2.4.1
Status
affected
Version
7.3.1.1
Status
affected
Version
7.4.0
Status
affected
Version
7.2.5.1
Status
affected
Version
7.4.1
Status
affected
Version
7.2.6
Status
affected
Version
7.4.1.1
Status
affected
Version
7.2.7
Status
affected
Version
7.2.5.2
Status
affected
Version
7.3.1.2
Status
affected
Version
7.2.8
Status
affected
Version
7.6.0
Status
affected
Version
7.4.2
Status
affected
Version
7.2.8.1
Status
affected
Version
7.4.2.1
Status
affected
Version
7.2.9
Status
affected
Version
7.7.0
Status
affected
Version
7.4.2.2
Status
affected
Version
7.2.10
Status
affected
Version
7.6.1
Status
affected
Version
7.4.2.3
Status
affected
Version
7.6.2
Status
affected
Version
7.7.10
Status
affected
Version
7.6.2.1
Status
affected
Version
7.7.10.1
Status
affected
Version
7.4.2.4
Status
affected
Version
7.2.10.2
Status
affected
Version
7.4.3
Status
affected
HerstellerCisco
≫
Produkt
Cisco UTD SNORT IPS Engine Software
Default Statusunknown
Version
3.17.1S
Status
affected
Version
16.12.3
Status
affected
Version
Fuji-16.9.5
Status
affected
Version
16.12.4
Status
affected
Version
17.3.1a
Status
affected
Version
16.6.6
Status
affected
Version
16.12.2
Status
affected
Version
Fuji-16.9.6
Status
affected
Version
3.17.0S
Status
affected
Version
Fuji-16.9.3
Status
affected
Version
Denali-16.3.7
Status
affected
Version
Fuji-16.9.2
Status
affected
Version
Fuji-16.9.4
Status
affected
Version
Everest-16.6.4
Status
affected
Version
Everest-16.6.3
Status
affected
Version
16.6.5
Status
affected
Version
Denali-16.3.5
Status
affected
Version
17.2.1r
Status
affected
Version
17.1.1
Status
affected
Version
Everest-16.6.2
Status
affected
Version
16.6.7a
Status
affected
Version
Denali-16.3.4
Status
affected
Version
16.6.1
Status
affected
Version
Denali-16.3.9
Status
affected
Version
Denali-16.3.3
Status
affected
Version
16.12.1a
Status
affected
Version
17.3.2
Status
affected
Version
17.4.1a
Status
affected
Version
16.12.5
Status
affected
Version
17.5.1
Status
affected
Version
Fuji-16.9.7
Status
affected
Version
16.6.9
Status
affected
Version
17.3.3
Status
affected
Version
17.5.1a
Status
affected
Version
17.3.4
Status
affected
Version
17.3.4a
Status
affected
Version
17.4.2
Status
affected
Version
17.4.1b
Status
affected
Version
17.6.1a
Status
affected
Version
16.6.10
Status
affected
Version
17.7.1a
Status
affected
Version
16.12.6
Status
affected
Version
Fuji-16.9.8
Status
affected
Version
17.6.2
Status
affected
Version
17.8.1a
Status
affected
Version
16.12.7
Status
affected
Version
17.3.5
Status
affected
Version
17.6.3
Status
affected
Version
17.6.3a
Status
affected
Version
17.7.2
Status
affected
Version
17.9.1a
Status
affected
Version
17.6.4
Status
affected
Version
17.10.1a
Status
affected
Version
17.3.6
Status
affected
Version
16.12.8
Status
affected
Version
17.3.7
Status
affected
Version
17.9.2a
Status
affected
Version
17.6.5
Status
affected
Version
17.11.1a
Status
affected
Version
17.9.3a
Status
affected
Version
17.12.1a
Status
affected
Version
17.9.4
Status
affected
Version
17.6.6
Status
affected
Version
17.3.8
Status
affected
Version
17.3.8a
Status
affected
Version
17.6.6a
Status
affected
Version
17.9.4a
Status
affected
Version
17.12.2
Status
affected
Version
17.13.1a
Status
affected
Version
17.9.5a
Status
affected
Version
17.12.3
Status
affected
Version
17.6.7
Status
affected
Version
17.14.1a
Status
affected
Version
17.12.4
Status
affected
Version
17.12.3a
Status
affected
Version
17.15.1a
Status
affected
Version
17.6.8
Status
affected
Version
17.9.6
Status
affected
Version
17.6.8a
Status
affected
Version
17.16.1a
Status
affected
Version
17.9.5e
Status
affected
Version
17.12.4a
Status
affected
Version
17.15.2c
Status
affected
Version
17.9.5f
Status
affected
Version
17.12.4b
Status
affected
Version
17.15.2a
Status
affected
Version
17.12.5
Status
affected
Version
17.17.1
Status
affected
Version
17.12.5a
Status
affected
Version
17.9.7a
Status
affected
Version
17.15.3a
Status
affected
Version
17.15.3
Status
affected
Version
17.12.5b
Status
affected
Version
17.12.5c
Status
affected
Version
17.15.4
Status
affected
Version
17.9.7b
Status
affected
Version
17.18.1
Status
affected
Version
17.18.1a
Status
affected
Version
17.12.6
Status
affected
Version
17.9.8
Status
affected
Version
17.15.4c
Status
affected
Version
17.12.5d
Status
affected
Version
17.18.2
Status
affected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.04% | 0.129 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| psirt@cisco.com | 5.8 | 3.9 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
|
CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')
The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.