VDB
CVE-2020-27124
CVE-2020-27124
PUBLISHED
CVSS 8.600000381469727 HIGH
A vulnerability in the SSL/TLS handler of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause the affected device to reload unexpectedly, leading to a denial of service (DoS) condition. The vulnerability is due to improper error handling on established SSL/TLS connections. An attacker could exploit this vulnerability by establishing an SSL/TLS connection with the affected device and then sending a malicious SSL/TLS message within that connection. A successful exploit could allow the attacker to cause the device to reload.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
EPSS 1.77% · 83.0th percentile
Risk Scores
CVSS 3.1
8.600000381469727
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H/RL:X/RC:X/E:X
EPSS Score
1.77%
83.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| cisco | adaptive_security_appliance | 9.13.1.12, 9.14.1.10 |
| Cisco | Adaptive Security Appliance | |
| cisco | adaptive_security_appliance_software | 9.13.1.12, 9.14.1.10, 9.13.1.13 |
| Cisco | Cisco Adaptive Security Appliance (ASA) Software | N/A |
Exploit Intelligence
Timeline
- Nov 18, 2024 CVE Published
- Nov 18, 2024 CVE Updated
- Nov 19, 2024 EPSS Score
- Dec 7, 2024 EPSS Score
- Dec 25, 2024 EPSS Score
- Jan 11, 2025 EPSS Score
- Jan 29, 2025 EPSS Score
- Feb 15, 2025 EPSS Score
- Mar 5, 2025 EPSS Score
- Mar 22, 2025 EPSS Score
- Apr 9, 2025 EPSS Score
- Apr 26, 2025 EPSS Score
References
- cisco-sa-asa-ssl-dos-7uZWwSEy url
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sa-rv-routers-xss-K7Z5U6q3 url
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-xss-bLZw4Ctq url
- https://nvd.nist.gov/vuln/detail/CVE-2020-27124 advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ssl-dos-7uZWwSEy advisory