CVE-2025-20360

Summary

Multiple Cisco products are affected by a vulnerability in the Snort 3 HTTP Decoder that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to restart.

This vulnerability is due to a lack of complete error checking when the MIME fields of the HTTP header are parsed. An attacker could exploit this vulnerability by sending crafted HTTP packets through an established connection to be parsed by Snort 3. A successful exploit could allow the attacker to cause a DoS condition when the Snort 3 Detection Engine unexpectedly restarts.

Affected Software

VendorProductVersion RangeStatus
CiscoCisco Cyber Vision3.0.0affected
CiscoCisco Cyber Vision3.0.2affected
CiscoCisco Cyber Vision3.0.3affected
CiscoCisco Cyber Vision3.0.1affected
CiscoCisco Cyber Vision3.1.0affected
CiscoCisco Cyber Vision3.0.4affected
CiscoCisco Cyber Vision3.1.1affected
CiscoCisco Cyber Vision3.1.2affected
CiscoCisco Cyber Vision3.2.0affected
CiscoCisco Cyber Vision3.0.5affected
CiscoCisco Cyber Vision3.2.1affected
CiscoCisco Cyber Vision3.0.6affected
CiscoCisco Cyber Vision3.2.2affected
CiscoCisco Cyber Vision3.2.3affected
CiscoCisco Cyber Vision3.2.4affected
CiscoCisco Cyber Vision4.0.0affected
CiscoCisco Cyber Vision4.0.1affected
CiscoCisco Cyber Vision4.0.2affected
CiscoCisco Cyber Vision4.0.3affected
CiscoCisco Cyber Vision4.1.0affected
CiscoCisco Cyber Vision4.1.1affected
CiscoCisco Cyber Vision4.1.2affected
CiscoCisco Cyber Vision4.1.3affected
CiscoCisco Cyber Vision4.1.4affected
CiscoCisco Cyber Vision4.2.0affected
CiscoCisco Cyber Vision4.2.1affected
CiscoCisco Cyber Vision4.1.5affected
CiscoCisco Cyber Vision4.2.2affected
CiscoCisco Cyber Vision4.2.Xaffected
CiscoCisco Cyber Vision4.2.3affected
CiscoCisco Cyber Vision4.2.4affected
CiscoCisco Cyber Vision4.2.6affected
CiscoCisco Cyber Vision4.1.6affected
CiscoCisco Cyber Vision4.3.0affected
CiscoCisco Cyber Vision4.3.1affected
CiscoCisco Cyber Vision4.3.2affected
CiscoCisco Cyber Vision4.3.3affected
CiscoCisco Cyber Vision4.4.0affected
CiscoCisco Cyber Vision4.4.1affected
CiscoCisco Cyber Vision4.4.2affected
CiscoCisco Cyber Vision4.4.3affected
CiscoCisco Cyber Vision4.1.7affected
CiscoCisco Cyber Vision5.0.0affected
CiscoCisco Cyber Vision5.0.1affected
CiscoCisco Cyber Vision5.0.2affected
CiscoCisco Cyber Vision5.1.0affected
CiscoCisco Cyber Vision5.1.1affected
CiscoCisco Cyber Vision5.1.2affected
CiscoCisco Cyber Vision5.1.3affected
CiscoCisco Cyber Vision5.2.0affected
CiscoCisco Cyber Vision5.2.1affected
CiscoCisco Secure Firewall Threat Defense (FTD) Software7.3.0affected
CiscoCisco Secure Firewall Threat Defense (FTD) Software7.3.1affected
CiscoCisco Secure Firewall Threat Defense (FTD) Software7.3.1.1affected
CiscoCisco Secure Firewall Threat Defense (FTD) Software7.4.0affected
CiscoCisco Secure Firewall Threat Defense (FTD) Software7.4.1affected
CiscoCisco Secure Firewall Threat Defense (FTD) Software7.4.1.1affected
CiscoCisco Secure Firewall Threat Defense (FTD) Software7.3.1.2affected
CiscoCisco Secure Firewall Threat Defense (FTD) Software7.6.0affected
CiscoCisco Secure Firewall Threat Defense (FTD) Software7.4.2affected
CiscoCisco Secure Firewall Threat Defense (FTD) Software7.4.2.1affected
CiscoCisco Secure Firewall Threat Defense (FTD) Software7.7.0affected
CiscoCisco Secure Firewall Threat Defense (FTD) Software7.4.2.2affected
CiscoCisco Secure Firewall Threat Defense (FTD) Software7.6.1affected
CiscoCisco Secure Firewall Threat Defense (FTD) Software7.4.2.3affected
CiscoCisco Secure Firewall Threat Defense (FTD) Software7.4.2.4affected

Weaknesses

  • CWE-805: Buffer Access with Incorrect Length Value

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References