CVE-2026-20073 - Vulnerability Details

- Cisco Secure Firewall Adaptive Security Appliance Software and Cisco Secure Firewall Threat Defense Software Access Control List Bypass Vulnerability

Description

A vulnerability in Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to send traffic that should be denied through an affected device.

This vulnerability is due to improper error handling when an affected device that is joining a cluster runs out of memory while replicating access control rules. An attacker could exploit this vulnerability by sending traffic that should be blocked through the device. A successful exploit could allow the attacker to bypass access controls and reach devices in protected networks.

Published: 2026-03-04

Score: 5.8 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

The vulnerability arises from improper error handling when an ASA or FTD device that is part of a cluster runs out of memory while replicating access control rules. An unauthenticated, remote attacker can send traffic that should otherwise be denied, allowing that traffic to be forwarded through the device. Successful exploitation would enable the attacker to reach devices within protected networks, compromising network segmentation. The weakness is classified as CWE-284.

Affected Systems

Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software are affected. The issue is tied to devices that participate in a cluster and may require memory for ACL replication; version details are not supplied, so administrators should verify whether their ASA or FTD deployments are clustered and whether the current firmware incorporates the fix.

Risk and Exploitability

The CVSS score of 5.8 indicates moderate severity. The EPSS score of less than 1% reflects a low probability of exploitation, and the vulnerability is not listed in the CISA KEV catalog. The attack vector involves remote, unauthenticated traffic sent to a cluster member under memory pressure; while the trigger may be difficult to achieve, it is feasible with sufficient traffic, leading to a moderate exposure that could enable lateral movement into a protected network.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Cisco

Cisco Secure Firewall Adaptive Security Appliance (ASA) Software

unknown

Version	Status	Constraints
`9.12.3`	affected	—
`9.12.1`	affected	—
`9.12.2`	affected	—
`9.12.4`	affected	—
`9.12.3.2`	affected	—
`9.12.3.7`	affected	—
`9.12.2.5`	affected	—
`9.12.3.12`	affected	—
`9.12.1.3`	affected	—
`9.12.2.4`	affected	—
`9.12.1.2`	affected	—
`9.12.2.9`	affected	—
`9.12.3.9`	affected	—
`9.12.2.1`	affected	—
`9.12.4.2`	affected	—
`9.12.4.4`	affected	—
`9.12.4.7`	affected	—
`9.12.4.8`	affected	—
`9.12.4.10`	affected	—
`9.12.4.13`	affected	—
`9.12.4.18`	affected	—
`9.12.4.24`	affected	—
`9.16.1`	affected	—
`9.12.4.26`	affected	—
`9.16.1.28`	affected	—
`9.12.4.29`	affected	—
`9.16.2`	affected	—
`9.12.4.30`	affected	—
`9.16.2.3`	affected	—
`9.12.4.35`	affected	—
`9.16.2.7`	affected	—
`9.12.4.37`	affected	—
`9.17.1`	affected	—
`9.16.2.11`	affected	—
`9.16.2.13`	affected	—
`9.12.4.39`	affected	—
`9.12.4.38`	affected	—
`9.16.2.14`	affected	—
`9.17.1.7`	affected	—
`9.12.4.40`	affected	—
`9.16.3.3`	affected	—
`9.16.3`	affected	—
`9.16.3.14`	affected	—
`9.17.1.9`	affected	—
`9.12.4.41`	affected	—
`9.17.1.10`	affected	—
`9.18.1`	affected	—
`9.12.4.47`	affected	—
`9.16.3.15`	affected	—
`9.18.1.3`	affected	—
`9.17.1.11`	affected	—
`9.12.4.48`	affected	—
`9.18.2`	affected	—
`9.16.3.19`	affected	—
`9.17.1.13`	affected	—
`9.12.4.50`	affected	—
`9.17.1.15`	affected	—
`9.12.4.52`	affected	—
`9.16.3.23`	affected	—
`9.18.2.5`	affected	—
`9.16.4`	affected	—
`9.12.4.54`	affected	—
`9.17.1.20`	affected	—
`9.18.2.7`	affected	—
`9.19.1`	affected	—
`9.16.4.9`	affected	—
`9.12.4.55`	affected	—
`9.18.2.8`	affected	—
`9.16.4.14`	affected	—
`9.18.3`	affected	—
`9.19.1.5`	affected	—
`9.12.4.56`	affected	—
`9.17.1.30`	affected	—
`9.19.1.9`	affected	—
`9.18.3.39`	affected	—
`9.16.4.19`	affected	—
`9.12.4.58`	affected	—
`9.19.1.12`	affected	—
`9.18.3.46`	affected	—
`9.16.4.27`	affected	—
`9.19.1.18`	affected	—
`9.18.3.53`	affected	—
`9.18.3.55`	affected	—
`9.16.4.38`	affected	—
`9.17.1.33`	affected	—
`9.12.4.62`	affected	—
`9.16.4.39`	affected	—
`9.18.3.56`	affected	—
`9.20.1`	affected	—
`9.16.4.42`	affected	—
`9.19.1.22`	affected	—
`9.18.4`	affected	—
`9.20.1.5`	affected	—
`9.18.4.5`	affected	—
`9.19.1.24`	affected	—
`9.16.4.48`	affected	—
`9.18.4.8`	affected	—
`9.20.2`	affected	—
`9.19.1.27`	affected	—
`9.12.4.65`	affected	—
`9.16.4.55`	affected	—
`9.18.4.22`	affected	—
`9.20.2.10`	affected	—
`9.16.4.57`	affected	—
`9.19.1.28`	affected	—
`9.17.1.39`	affected	—
`9.12.4.67`	affected	—
`9.18.4.24`	affected	—
`9.20.2.21`	affected	—
`9.16.4.61`	affected	—
`9.19.1.31`	affected	—
`9.18.4.29`	affected	—
`9.20.2.22`	affected	—
`9.16.4.62`	affected	—
`9.18.4.34`	affected	—
`9.20.3`	affected	—
`9.16.4.67`	affected	—
`9.16.4.70`	affected	—
`9.18.4.40`	affected	—
`9.23.1`	affected	—
`9.22.1.1`	affected	—
`9.16.4.71`	affected	—
`9.20.3.4`	affected	—
`9.18.4.47`	affected	—
`9.20.3.7`	affected	—
`9.17.1.45`	affected	—
`9.19.1.37`	affected	—
`9.17.1.46`	affected	—
`9.16.4.76`	affected	—
`9.20.3.9`	affected	—
`9.19.1.38`	affected	—
`9.18.4.50`	affected	—
`9.22.1.3`	affected	—
`9.20.3.10`	affected	—
`9.22.1.2`	affected	—
`9.18.4.52`	affected	—
`9.20.3.13`	affected	—
`9.22.1.6`	affected	—
`9.18.4.53`	affected	—
`9.16.4.82`	affected	—
`9.22.2`	affected	—
`9.20.3.16`	affected	—
`9.19.1.42`	affected	—
`9.18.4.57`	affected	—
`9.16.4.84`	affected	—
`9.23.1.3`	affected	—
`9.20.3.20`	affected	—
`9.22.2.4`	affected	—
`9.23.1.7`	affected	—
`9.20.4`	affected	—
`9.22.2.9`	affected	—
`9.23.1.13`	affected	—
`9.20.4.7`	affected	—
`9.22.2.13`	affected	—
`9.18.4.66`	affected	—
`9.20.4.10`	affected	—
`9.23.1.19`	affected	—
`9.18.4.67`	affected	—
`9.18.4.68`	affected	—

Cisco

Cisco Secure Firewall Threat Defense (FTD) Software

unknown

Version	Status	Constraints
`6.4.0.1`	affected	—
`6.4.0.2`	affected	—
`6.4.0.5`	affected	—
`6.4.0`	affected	—
`6.4.0.3`	affected	—
`6.4.0.4`	affected	—
`6.4.0.6`	affected	—
`6.4.0.7`	affected	—
`6.4.0.8`	affected	—
`6.4.0.9`	affected	—
`6.4.0.10`	affected	—
`6.4.0.11`	affected	—
`6.4.0.12`	affected	—
`7.0.0`	affected	—
`7.0.0.1`	affected	—
`7.0.1`	affected	—
`7.1.0`	affected	—
`6.4.0.13`	affected	—
`7.0.1.1`	affected	—
`6.4.0.14`	affected	—
`7.1.0.1`	affected	—
`7.0.2`	affected	—
`6.4.0.15`	affected	—
`7.2.0`	affected	—
`7.0.2.1`	affected	—
`7.0.3`	affected	—
`7.1.0.2`	affected	—
`7.2.0.1`	affected	—
`7.0.4`	affected	—
`7.2.1`	affected	—
`7.0.5`	affected	—
`6.4.0.16`	affected	—
`7.3.0`	affected	—
`7.2.2`	affected	—
`7.2.3`	affected	—
`7.3.1`	affected	—
`7.1.0.3`	affected	—
`7.2.4`	affected	—
`7.0.6`	affected	—
`7.2.5`	affected	—
`7.2.4.1`	affected	—
`7.3.1.1`	affected	—
`7.4.0`	affected	—
`6.4.0.17`	affected	—
`7.0.6.1`	affected	—
`7.2.5.1`	affected	—
`7.4.1`	affected	—
`7.2.6`	affected	—
`7.0.6.2`	affected	—
`7.4.1.1`	affected	—
`6.4.0.18`	affected	—
`7.2.7`	affected	—
`7.2.5.2`	affected	—
`7.3.1.2`	affected	—
`7.2.8`	affected	—
`7.6.0`	affected	—
`7.4.2`	affected	—
`7.2.8.1`	affected	—
`7.0.6.3`	affected	—
`7.4.2.1`	affected	—
`7.2.9`	affected	—
`7.0.7`	affected	—
`7.7.0`	affected	—
`7.4.2.2`	affected	—
`7.2.10`	affected	—
`7.6.1`	affected	—
`7.4.2.3`	affected	—
`7.0.8`	affected	—
`7.6.2`	affected	—
`7.7.10`	affected	—
`7.0.8.1`	affected	—
`7.6.2.1`	affected	—
`7.7.10.1`	affected	—
`7.4.2.4`	affected	—
`7.2.10.2`	affected	—

Configuration 1 [-]

OR	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.1:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.1.2:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.1.3:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.1:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.4:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.5:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.9:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.2:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.7:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.9:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.12:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.2:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.4:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.7:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.8:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.10:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.13:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.18:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.24:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.26:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.29:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.30:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.35:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.37:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.38:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.39:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.40:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.41:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.47:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.48:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.50:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.52:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.54:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.55:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.56:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.58:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.62:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.65:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.67:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.1:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.1.28:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.3:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.7:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.11:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.13:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.14:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.3:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.14:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.15:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.19:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.23:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.9:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.14:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.19:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.27:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.38:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.39:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.42:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.48:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.55:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.57:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.61:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.62:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.67:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.70:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.71:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.76:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.82:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.84:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.7:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.9:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.10:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.11:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.13:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.15:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.20:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.30:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.33:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.39:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.45:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.46:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.1:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.1.3:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2.5:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2.7:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2.8:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.39:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.46:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.53:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.55:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.56:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.4:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.4.5:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.4.8:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.4.22:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.4.24:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.4.29:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.4.34:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.4.40:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.4.47:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.4.50:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.4.52:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.4.53:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.4.57:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.4.66:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.4.67:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.5:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.9:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.12:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.18:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.22:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.24:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.27:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.28:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.31:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.37:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.38:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.42:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.1:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.1.5:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.2:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.2.10:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.2.21:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.2.22:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.3:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.3.4:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.3.7:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.3.9:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.3.10:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.3.13:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.3.16:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.3.20:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.4:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.4.7:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.4.10:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.22.1.1:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.22.1.2:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.22.1.3:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.22.1.6:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.22.2:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.22.2.4:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.22.2.9:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.22.2.13:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.23.1:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.23.1.3:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.23.1.7:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.23.1.13:::::::*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.23.1.19:::::::*

Configuration 2 [-]

OR	cpe:2.3:a:cisco:firepower_threat_defense:6.4.0:::::::*
	cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.1:::::::*
	cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.2:::::::*
	cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.3:::::::*
	cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.4:::::::*
	cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.5:::::::*
	cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.6:::::::*
	cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.7:::::::*
	cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.8:::::::*
	cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.9:::::::*
	cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.10:::::::*
	cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.11:::::::*
	cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.12:::::::*
	cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.13:::::::*
	cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.14:::::::*
	cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.15:::::::*
	cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.16:::::::*
	cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.17:::::::*
	cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.18:::::::*
	cpe:2.3:a:cisco:firepower_threat_defense:7.0.0:::::::*
	cpe:2.3:a:cisco:firepower_threat_defense:7.0.0.1:::::::*
	cpe:2.3:a:cisco:firepower_threat_defense:7.0.1:::::::*
	cpe:2.3:a:cisco:firepower_threat_defense:7.0.1.1:::::::*
	cpe:2.3:a:cisco:firepower_threat_defense:7.0.2:::::::*
	cpe:2.3:a:cisco:firepower_threat_defense:7.0.2.1:::::::*
	cpe:2.3:a:cisco:firepower_threat_defense:7.0.3:::::::*
	cpe:2.3:a:cisco:firepower_threat_defense:7.0.4:::::::*
	cpe:2.3:a:cisco:firepower_threat_defense:7.0.5:::::::*
	cpe:2.3:a:cisco:firepower_threat_defense:7.0.6:::::::*
	cpe:2.3:a:cisco:firepower_threat_defense:7.0.6.1:::::::*
	cpe:2.3:a:cisco:firepower_threat_defense:7.0.6.2:::::::*
	cpe:2.3:a:cisco:firepower_threat_defense:7.0.6.3:::::::*
	cpe:2.3:a:cisco:firepower_threat_defense:7.0.7:::::::*
	cpe:2.3:a:cisco:firepower_threat_defense:7.0.8:::::::*
	cpe:2.3:a:cisco:firepower_threat_defense:7.0.8.1:::::::*
	cpe:2.3:a:cisco:firepower_threat_defense:7.1.0:::::::*
	cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.1:::::::*
	cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.2:::::::*
	cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.3:::::::*
	cpe:2.3:a:cisco:firepower_threat_defense:7.2.0:::::::*
	cpe:2.3:a:cisco:firepower_threat_defense:7.2.0.1:::::::*
	cpe:2.3:a:cisco:firepower_threat_defense:7.2.1:::::::*
	cpe:2.3:a:cisco:firepower_threat_defense:7.2.2:::::::*
	cpe:2.3:a:cisco:firepower_threat_defense:7.2.3:::::::*
	cpe:2.3:a:cisco:firepower_threat_defense:7.2.4:::::::*
	cpe:2.3:a:cisco:firepower_threat_defense:7.2.4.1:::::::*
	cpe:2.3:a:cisco:firepower_threat_defense:7.2.5:::::::*
	cpe:2.3:a:cisco:firepower_threat_defense:7.2.5.1:::::::*
	cpe:2.3:a:cisco:firepower_threat_defense:7.2.5.2:::::::*
	cpe:2.3:a:cisco:firepower_threat_defense:7.2.6:::::::*
	cpe:2.3:a:cisco:firepower_threat_defense:7.2.7:::::::*
	cpe:2.3:a:cisco:firepower_threat_defense:7.2.8:::::::*
	cpe:2.3:a:cisco:firepower_threat_defense:7.2.8.1:::::::*
	cpe:2.3:a:cisco:firepower_threat_defense:7.2.9:::::::*
	cpe:2.3:a:cisco:firepower_threat_defense:7.2.10:::::::*
	cpe:2.3:a:cisco:firepower_threat_defense:7.3.0:::::::*
	cpe:2.3:a:cisco:firepower_threat_defense:7.3.1:::::::*
	cpe:2.3:a:cisco:firepower_threat_defense:7.3.1.1:::::::*
	cpe:2.3:a:cisco:firepower_threat_defense:7.3.1.2:::::::*
	cpe:2.3:a:cisco:firepower_threat_defense:7.4.0:::::::*
	cpe:2.3:a:cisco:firepower_threat_defense:7.4.1:::::::*
	cpe:2.3:a:cisco:firepower_threat_defense:7.4.1.1:::::::*
	cpe:2.3:a:cisco:firepower_threat_defense:7.4.2:::::::*
	cpe:2.3:a:cisco:firepower_threat_defense:7.4.2.1:::::::*
cpe:2.3:a:cisco:firepower_threat_defense:7.4.2.2:::::::*
cpe:2.3:a:cisco:firepower_threat_defense:7.4.2.3:::::::*
cpe:2.3:a:cisco:firepower_threat_defense:7.4.2.4:::::::*
cpe:2.3:a:cisco:firepower_threat_defense:7.6.0:::::::*
cpe:2.3:a:cisco:firepower_threat_defense:7.6.1:::::::*
cpe:2.3:a:cisco:firepower_threat_defense:7.6.2:::::::*
cpe:2.3:a:cisco:firepower_threat_defense:7.6.2.1:::::::*
cpe:2.3:a:cisco:firepower_threat_defense:7.7.0:::::::*
cpe:2.3:a:cisco:firepower_threat_defense:7.7.10:::::::*
cpe:2.3:a:cisco:firepower_threat_defense:7.7.10.1:::::::*

No data.

Vendor Product Confidence Versions

Cisco

Adaptive Security Appliance Software

100%

Version	Status	Scheme	Platform
`9.12.3`	affected	generic	—
`9.12.1`	affected	generic	—
`9.12.2`	affected	generic	—
`9.12.4`	affected	generic	—
`9.12.3.2`	affected	generic	—
`9.12.3.7`	affected	generic	—
`9.12.2.5`	affected	generic	—
`9.12.3.12`	affected	generic	—
`9.12.1.3`	affected	generic	—
`9.12.2.4`	affected	generic	—
`9.12.1.2`	affected	generic	—
`9.12.2.9`	affected	generic	—
`9.12.3.9`	affected	generic	—
`9.12.2.1`	affected	generic	—
`9.12.4.2`	affected	generic	—
`9.12.4.4`	affected	generic	—
`9.12.4.7`	affected	generic	—
`9.12.4.8`	affected	generic	—
`9.12.4.10`	affected	generic	—
`9.12.4.13`	affected	generic	—
`9.12.4.18`	affected	generic	—
`9.12.4.24`	affected	generic	—
`9.16.1`	affected	generic	—
`9.12.4.26`	affected	generic	—
`9.16.1.28`	affected	generic	—
`9.12.4.29`	affected	generic	—
`9.16.2`	affected	generic	—
`9.12.4.30`	affected	generic	—
`9.16.2.3`	affected	generic	—
`9.12.4.35`	affected	generic	—
`9.16.2.7`	affected	generic	—
`9.12.4.37`	affected	generic	—
`9.17.1`	affected	generic	—
`9.16.2.11`	affected	generic	—
`9.16.2.13`	affected	generic	—
`9.12.4.39`	affected	generic	—
`9.12.4.38`	affected	generic	—
`9.16.2.14`	affected	generic	—
`9.17.1.7`	affected	generic	—
`9.12.4.40`	affected	generic	—
`9.16.3.3`	affected	generic	—
`9.16.3`	affected	generic	—
`9.16.3.14`	affected	generic	—
`9.17.1.9`	affected	generic	—
`9.12.4.41`	affected	generic	—
`9.17.1.10`	affected	generic	—
`9.18.1`	affected	generic	—
`9.12.4.47`	affected	generic	—
`9.16.3.15`	affected	generic	—
`9.18.1.3`	affected	generic	—
`9.17.1.11`	affected	generic	—
`9.12.4.48`	affected	generic	—
`9.18.2`	affected	generic	—
`9.16.3.19`	affected	generic	—
`9.17.1.13`	affected	generic	—
`9.12.4.50`	affected	generic	—
`9.17.1.15`	affected	generic	—
`9.12.4.52`	affected	generic	—
`9.16.3.23`	affected	generic	—
`9.18.2.5`	affected	generic	—
`9.16.4`	affected	generic	—
`9.12.4.54`	affected	generic	—
`9.17.1.20`	affected	generic	—
`9.18.2.7`	affected	generic	—
`9.19.1`	affected	generic	—
`9.16.4.9`	affected	generic	—
`9.12.4.55`	affected	generic	—
`9.18.2.8`	affected	generic	—
`9.16.4.14`	affected	generic	—
`9.18.3`	affected	generic	—
`9.19.1.5`	affected	generic	—
`9.12.4.56`	affected	generic	—
`9.17.1.30`	affected	generic	—
`9.19.1.9`	affected	generic	—
`9.18.3.39`	affected	generic	—
`9.16.4.19`	affected	generic	—
`9.12.4.58`	affected	generic	—
`9.19.1.12`	affected	generic	—
`9.18.3.46`	affected	generic	—
`9.16.4.27`	affected	generic	—
`9.19.1.18`	affected	generic	—
`9.18.3.53`	affected	generic	—
`9.18.3.55`	affected	generic	—
`9.16.4.38`	affected	generic	—
`9.17.1.33`	affected	generic	—
`9.12.4.62`	affected	generic	—
`9.16.4.39`	affected	generic	—
`9.18.3.56`	affected	generic	—
`9.20.1`	affected	generic	—
`9.16.4.42`	affected	generic	—
`9.19.1.22`	affected	generic	—
`9.18.4`	affected	generic	—
`9.20.1.5`	affected	generic	—
`9.18.4.5`	affected	generic	—
`9.19.1.24`	affected	generic	—
`9.16.4.48`	affected	generic	—
`9.18.4.8`	affected	generic	—
`9.20.2`	affected	generic	—
`9.19.1.27`	affected	generic	—
`9.12.4.65`	affected	generic	—
`9.16.4.55`	affected	generic	—
`9.18.4.22`	affected	generic	—
`9.20.2.10`	affected	generic	—
`9.16.4.57`	affected	generic	—
`9.19.1.28`	affected	generic	—
`9.17.1.39`	affected	generic	—
`9.12.4.67`	affected	generic	—
`9.18.4.24`	affected	generic	—
`9.20.2.21`	affected	generic	—
`9.16.4.61`	affected	generic	—
`9.19.1.31`	affected	generic	—
`9.18.4.29`	affected	generic	—
`9.20.2.22`	affected	generic	—
`9.16.4.62`	affected	generic	—
`9.18.4.34`	affected	generic	—
`9.20.3`	affected	generic	—
`9.16.4.67`	affected	generic	—
`9.16.4.70`	affected	generic	—
`9.18.4.40`	affected	generic	—
`9.23.1`	affected	generic	—
`9.22.1.1`	affected	generic	—
`9.16.4.71`	affected	generic	—
`9.20.3.4`	affected	generic	—
`9.18.4.47`	affected	generic	—
`9.20.3.7`	affected	generic	—
`9.17.1.45`	affected	generic	—
`9.19.1.37`	affected	generic	—
`9.17.1.46`	affected	generic	—
`9.16.4.76`	affected	generic	—
`9.20.3.9`	affected	generic	—
`9.19.1.38`	affected	generic	—
`9.18.4.50`	affected	generic	—
`9.22.1.3`	affected	generic	—
`9.20.3.10`	affected	generic	—
`9.22.1.2`	affected	generic	—
`9.18.4.52`	affected	generic	—
`9.20.3.13`	affected	generic	—
`9.22.1.6`	affected	generic	—
`9.18.4.53`	affected	generic	—
`9.16.4.82`	affected	generic	—
`9.22.2`	affected	generic	—
`9.20.3.16`	affected	generic	—
`9.19.1.42`	affected	generic	—
`9.18.4.57`	affected	generic	—
`9.16.4.84`	affected	generic	—
`9.23.1.3`	affected	generic	—
`9.20.3.20`	affected	generic	—
`9.22.2.4`	affected	generic	—
`9.23.1.7`	affected	generic	—
`9.20.4`	affected	generic	—
`9.22.2.9`	affected	generic	—
`9.23.1.13`	affected	generic	—
`9.20.4.7`	affected	generic	—
`9.22.2.13`	affected	generic	—
`9.18.4.66`	affected	generic	—
`9.20.4.10`	affected	generic	—
`9.23.1.19`	affected	generic	—
`9.18.4.67`	affected	generic	—
`9.18.4.68`	affected	generic	—

Cisco

Secure Firewall Threat Defense

100%

Version	Status	Scheme	Platform
`6.4.0.1`	affected	generic	—
`6.4.0.2`	affected	generic	—
`6.4.0.5`	affected	generic	—
`6.4.0`	affected	generic	—
`6.4.0.3`	affected	generic	—
`6.4.0.4`	affected	generic	—
`6.4.0.6`	affected	generic	—
`6.4.0.7`	affected	generic	—
`6.4.0.8`	affected	generic	—
`6.4.0.9`	affected	generic	—
`6.4.0.10`	affected	generic	—
`6.4.0.11`	affected	generic	—
`6.4.0.12`	affected	generic	—
`7.0.0`	affected	generic	—
`7.0.0.1`	affected	generic	—
`7.0.1`	affected	generic	—
`7.1.0`	affected	generic	—
`6.4.0.13`	affected	generic	—
`7.0.1.1`	affected	generic	—
`6.4.0.14`	affected	generic	—
`7.1.0.1`	affected	generic	—
`7.0.2`	affected	generic	—
`6.4.0.15`	affected	generic	—
`7.2.0`	affected	generic	—
`7.0.2.1`	affected	generic	—
`6.4.0.16`	affected	generic	—
`7.3.0`	affected	generic	—
`7.2.2`	affected	generic	—
`7.2.3`	affected	generic	—
`7.3.1`	affected	generic	—
`7.1.0.3`	affected	generic	—
`7.2.4`	affected	generic	—
`7.0.6`	affected	generic	—
`7.2.5`	affected	generic	—
`7.2.4.1`	affected	generic	—
`7.3.1.1`	affected	generic	—
`7.4.0`	affected	generic	—
`6.4.0.17`	affected	generic	—
`7.0.6.1`	affected	generic	—
`7.2.5.1`	affected	generic	—
`7.4.1`	affected	generic	—
`7.2.6`	affected	generic	—
`7.0.6.2`	affected	generic	—
`7.4.1.1`	affected	generic	—
`6.4.0.18`	affected	generic	—
`7.2.7`	affected	generic	—
`7.2.5.2`	affected	generic	—
`7.3.1.2`	affected	generic	—
`7.2.8`	affected	generic	—
`7.6.0`	affected	generic	—
`7.4.2`	affected	generic	—
`7.2.8.1`	affected	generic	—
`7.0.6.3`	affected	generic	—
`7.4.2.1`	affected	generic	—
`7.2.9`	affected	generic	—
`7.0.7`	affected	generic	—
`7.7.0`	affected	generic	—
`7.4.2.2`	affected	generic	—
`7.2.10`	affected	generic	—
`7.6.1`	affected	generic	—
`7.4.2.3`	affected	generic	—
`7.0.8`	affected	generic	—
`7.6.2`	affected	generic	—
`7.7.10`	affected	generic	—
`7.0.8.1`	affected	generic	—
`7.6.2.1`	affected	generic	—
`7.7.10.1`	affected	generic	—
`7.4.2.4`	affected	generic	—
`7.2.10.2`	affected	generic	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Apply the latest Cisco ASA or FTD firmware update that addresses the memory–exhaustion error handling in ACL replication.
If a patch is unavailable, isolate the affected device from the cluster replication process or revert it to a non‑clustered configuration to prevent memory exhaustion during ACL updates.
Monitor device logs for anomalous forwarding of traffic that should be denied and verify that ACL enforcement remains intact on all critical interfaces.

Generated by OpenCVE AI on May 4, 2026 at 19:53 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00027.

Exploitation none

Automatable yes

Technical Impact partial

References

Link	Providers
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-aclbypass-dos-CVxVRSvQ

History

Mon, 04 May 2026 17:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Cisco firepower Threat Defense
Weaknesses		NVD-CWE-noinfo
CPEs		cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.10:::::::* cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.11:::::::* cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.12:::::::* cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.13:::::::* cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.14:::::::* cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.15:::::::* cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.16:::::::* cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.17:::::::* cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.18:::::::* cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.1:::::::* cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.2:::::::* cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.3:::::::* cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.4:::::::* cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.5:::::::* cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.6:::::::* cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.7:::::::* cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.8:::::::* cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.9:::::::* cpe:2.3:a:cisco:firepower_threat_defense:6.4.0:::::::* cpe:2.3:a:cisco:firepower_threat_defense:7.0.0.1:::::::* cpe:2.3:a:cisco:firepower_threat_defense:7.0.0:::::::* cpe:2.3:a:cisco:firepower_threat_defense:7.0.1.1:::::::* cpe:2.3:a:cisco:firepower_threat_defense:7.0.1:::::::* cpe:2.3:a:cisco:firepower_threat_defense:7.0.2.1:::::::* cpe:2.3:a:cisco:firepower_threat_defense:7.0.2:::::::* cpe:2.3:a:cisco:firepower_threat_defense:7.0.3:::::::* cpe:2.3:a:cisco:firepower_threat_defense:7.0.4:::::::* cpe:2.3:a:cisco:firepower_threat_defense:7.0.5:::::::* cpe:2.3:a:cisco:firepower_threat_defense:7.0.6.1:::::::* cpe:2.3:a:cisco:firepower_threat_defense:7.0.6.2:::::::* cpe:2.3:a:cisco:firepower_threat_defense:7.0.6.3:::::::* cpe:2.3:a:cisco:firepower_threat_defense:7.0.6:::::::* cpe:2.3:a:cisco:firepower_threat_defense:7.0.7:::::::* cpe:2.3:a:cisco:firepower_threat_defense:7.0.8.1:::::::* cpe:2.3:a:cisco:firepower_threat_defense:7.0.8:::::::* cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.1:::::::* cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.2:::::::* cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.3:::::::* cpe:2.3:a:cisco:firepower_threat_defense:7.1.0:::::::* cpe:2.3:a:cisco:firepower_threat_defense:7.2.0.1:::::::* cpe:2.3:a:cisco:firepower_threat_defense:7.2.0:::::::* cpe:2.3:a:cisco:firepower_threat_defense:7.2.10:::::::* cpe:2.3:a:cisco:firepower_threat_defense:7.2.1:::::::* cpe:2.3:a:cisco:firepower_threat_defense:7.2.2:::::::* cpe:2.3:a:cisco:firepower_threat_defense:7.2.3:::::::* cpe:2.3:a:cisco:firepower_threat_defense:7.2.4.1:::::::* cpe:2.3:a:cisco:firepower_threat_defense:7.2.4:::::::* cpe:2.3:a:cisco:firepower_threat_defense:7.2.5.1:::::::* cpe:2.3:a:cisco:firepower_threat_defense:7.2.5.2:::::::* cpe:2.3:a:cisco:firepower_threat_defense:7.2.5:::::::* cpe:2.3:a:cisco:firepower_threat_defense:7.2.6:::::::* cpe:2.3:a:cisco:firepower_threat_defense:7.2.7:::::::* cpe:2.3:a:cisco:firepower_threat_defense:7.2.8.1:::::::* cpe:2.3:a:cisco:firepower_threat_defense:7.2.8:::::::* cpe:2.3:a:cisco:firepower_threat_defense:7.2.9:::::::* cpe:2.3:a:cisco:firepower_threat_defense:7.3.0:::::::* cpe:2.3:a:cisco:firepower_threat_defense:7.3.1.1:::::::* cpe:2.3:a:cisco:firepower_threat_defense:7.3.1.2:::::::* cpe:2.3:a:cisco:firepower_threat_defense:7.3.1:::::::* cpe:2.3:a:cisco:firepower_threat_defense:7.4.0:::::::* cpe:2.3:a:cisco:firepower_threat_defense:7.4.1.1:::::::* cpe:2.3:a:cisco:firepower_threat_defense:7.4.1:::::::* cpe:2.3:a:cisco:firepower_threat_defense:7.4.2.1:::::::* cpe:2.3:a:cisco:firepower_threat_defense:7.4.2.2:::::::* cpe:2.3:a:cisco:firepower_threat_defense:7.4.2.3:::::::* cpe:2.3:a:cisco:firepower_threat_defense:7.4.2.4:::::::* cpe:2.3:a:cisco:firepower_threat_defense:7.4.2:::::::* cpe:2.3:a:cisco:firepower_threat_defense:7.6.0:::::::* cpe:2.3:a:cisco:firepower_threat_defense:7.6.1:::::::* cpe:2.3:a:cisco:firepower_threat_defense:7.6.2.1:::::::* cpe:2.3:a:cisco:firepower_threat_defense:7.6.2:::::::* cpe:2.3:a:cisco:firepower_threat_defense:7.7.0:::::::* cpe:2.3:a:cisco:firepower_threat_defense:7.7.10.1:::::::* cpe:2.3:a:cisco:firepower_threat_defense:7.7.10:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.1.2:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.1.3:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.1:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.1:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.4:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.5:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.9:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.12:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.2:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.7:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.9:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.10:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.13:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.18:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.24:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.26:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.29:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.2:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.30:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.35:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.37:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.38:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.39:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.40:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.41:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.47:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.48:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.4:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.50:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.52:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.54:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.55:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.56:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.58:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.62:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.65:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.67:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.7:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.8:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.1.28:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.1:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.11:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.13:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.14:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.3:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.7:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.14:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.15:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.19:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.23:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.3:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.14:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.19:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.27:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.38:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.39:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.42:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.48:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.55:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.57:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.61:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.62:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.67:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.70:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.71:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.76:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.82:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.84:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.9:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.10:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.11:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.13:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.15:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.20:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.30:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.33:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.39:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.45:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.46:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.7:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.9:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.1.3:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.1:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2.5:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2.7:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2.8:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.39:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.46:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.53:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.55:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.56:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.4.22:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.4.24:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.4.29:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.4.34:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.4.40:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.4.47:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.4.50:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.4.52:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.4.53:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.4.57:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.4.5:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.4.66:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.4.67:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.4.8:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.4:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.12:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.18:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.22:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.24:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.27:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.28:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.31:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.37:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.38:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.42:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.5:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.9:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.1.5:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.1:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.2.10:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.2.21:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.2.22:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.2:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.3.10:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.3.13:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.3.16:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.3.20:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.3.4:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.3.7:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.3.9:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.3:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.4.10:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.4.7:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.4:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.22.1.1:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.22.1.2:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.22.1.3:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.22.1.6:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.22.2.13:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.22.2.4:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.22.2.9:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.22.2:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.23.1.13:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.23.1.19:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.23.1.3:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.23.1.7:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.23.1:::::::*
Vendors & Products		Cisco firepower Threat Defense

Thu, 05 Mar 2026 09:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Cisco Cisco adaptive Security Appliance Software Cisco secure Firewall Threat Defense
Vendors & Products		Cisco Cisco adaptive Security Appliance Software Cisco secure Firewall Threat Defense

Wed, 04 Mar 2026 18:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Wed, 04 Mar 2026 18:00:00 +0000

Type	Values Removed	Values Added
Description		A vulnerability in Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to send traffic that should be denied through an affected device. This vulnerability is due to improper error handling when an affected device that is joining a cluster runs out of memory while replicating access control rules. An attacker could exploit this vulnerability by sending traffic that should be blocked through the device. A successful exploit could allow the attacker to bypass access controls and reach devices in protected networks.
Title		Cisco Secure Firewall Adaptive Security Appliance Software and Cisco Secure Firewall Threat Defense Software Access Control List Bypass Vulnerability
Weaknesses		CWE-284
References		https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-aclbypass-dos-CVxVRSvQ
Metrics		cvssV3_1 `{'score': 5.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N'}`

Subscriptions

Cisco Adaptive Security Appliance Software Firepower Threat Defense Secure Firewall Threat Defense

MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2026-03-04T17:52:06.331Z

Updated: 2026-03-04T18:07:54.606Z

Reserved: 2025-10-08T11:59:15.362Z

Link: CVE-2026-20073

Vulnrichment

Updated: 2026-03-04T18:07:49.361Z

NVD

Status : Analyzed

Published: 2026-03-04T18:16:23.640

Modified: 2026-05-04T17:08:21.170

Link: CVE-2026-20073

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-05-04T20:00:07Z

Weaknesses

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction None

Exploitation none

Automatable yes

Technical Impact partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object