CVE-2026-20102

Summary

A vulnerability in the SAML 2.0 single sign-on (SSO) feature of Cisco Secure Firewall ASA Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the SAML feature and access sensitive, browser-based information.

This vulnerability is due to insufficient input validation of multiple HTTP parameters. An attacker could exploit this vulnerability by persuading a user to access a malicious link. A successful exploit could allow the attacker to conduct a reflected XSS attack through an affected device.

Affected Software

VendorProductVersion RangeStatus
CiscoCisco Secure Firewall Adaptive Security Appliance (ASA) Software9.16.1affected
CiscoCisco Secure Firewall Adaptive Security Appliance (ASA) Software9.16.1.28affected
CiscoCisco Secure Firewall Adaptive Security Appliance (ASA) Software9.16.2affected
CiscoCisco Secure Firewall Adaptive Security Appliance (ASA) Software9.16.2.3affected
CiscoCisco Secure Firewall Adaptive Security Appliance (ASA) Software9.16.2.7affected
CiscoCisco Secure Firewall Adaptive Security Appliance (ASA) Software9.17.1affected
CiscoCisco Secure Firewall Adaptive Security Appliance (ASA) Software9.16.2.11affected
CiscoCisco Secure Firewall Adaptive Security Appliance (ASA) Software9.16.2.13affected
CiscoCisco Secure Firewall Adaptive Security Appliance (ASA) Software9.16.2.14affected
CiscoCisco Secure Firewall Adaptive Security Appliance (ASA) Software9.17.1.7affected
CiscoCisco Secure Firewall Adaptive Security Appliance (ASA) Software9.17.1.9affected
CiscoCisco Secure Firewall Adaptive Security Appliance (ASA) Software9.17.1.10affected
CiscoCisco Secure Firewall Adaptive Security Appliance (ASA) Software9.17.1.11affected
CiscoCisco Secure Firewall Adaptive Security Appliance (ASA) Software9.17.1.13affected
CiscoCisco Secure Firewall Adaptive Security Appliance (ASA) Software9.17.1.15affected
CiscoCisco Secure Firewall Adaptive Security Appliance (ASA) Software9.17.1.20affected
CiscoCisco Secure Firewall Adaptive Security Appliance (ASA) Software9.17.1.30affected
CiscoCisco Secure Firewall Adaptive Security Appliance (ASA) Software9.17.1.33affected
CiscoCisco Secure Firewall Adaptive Security Appliance (ASA) Software9.17.1.39affected
CiscoCisco Secure Firewall Adaptive Security Appliance (ASA) Software9.17.1.45affected
CiscoCisco Secure Firewall Adaptive Security Appliance (ASA) Software9.17.1.46affected
CiscoCisco Secure Firewall Adaptive Security Appliance (ASA) Software9.23.1.13affected
CiscoCisco Secure Firewall Adaptive Security Appliance (ASA) Software9.20.4.7affected
CiscoCisco Secure Firewall Adaptive Security Appliance (ASA) Software9.22.2.13affected
CiscoCisco Secure Firewall Adaptive Security Appliance (ASA) Software9.18.4.66affected
CiscoCisco Secure Firewall Adaptive Security Appliance (ASA) Software9.20.4.10affected
CiscoCisco Secure Firewall Adaptive Security Appliance (ASA) Software9.23.1.19affected
CiscoCisco Secure Firewall Adaptive Security Appliance (ASA) Software9.18.4.67affected
CiscoCisco Secure Firewall Threat Defense (FTD) Software7.0.0affected
CiscoCisco Secure Firewall Threat Defense (FTD) Software7.0.0.1affected
CiscoCisco Secure Firewall Threat Defense (FTD) Software7.0.1affected
CiscoCisco Secure Firewall Threat Defense (FTD) Software7.1.0affected
CiscoCisco Secure Firewall Threat Defense (FTD) Software7.0.1.1affected
CiscoCisco Secure Firewall Threat Defense (FTD) Software7.1.0.1affected
CiscoCisco Secure Firewall Threat Defense (FTD) Software7.1.0.2affected
CiscoCisco Secure Firewall Threat Defense (FTD) Software7.1.0.3affected

Weaknesses

  • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References