CNNVD-202508-1684 Information

Aug 14, 2025 cve

CNNVD ID

CNNVD-202508-1684

CVE-2025-20136

CNNVD Published: 2025-08-14

Description (Chinese)

Cisco Secure Firewall Adaptive Security Appliance和Cisco Secure Firewall Threat Defense都是美国思科（Cisco）公司的产品。Cisco Secure Firewall Adaptive Security Appliance是一个企业级防火墙软件。Cisco Secure Firewall Threat Defense是一个集成式防火墙平台。 Cisco Secure Firewall Adaptive Security Appliance和Cisco Secure Firewall Threat Defense存在安全漏洞，该漏洞源于DNS检查功能存在无限循环，可能导致拒绝服务攻击。

Description (English)

Cisco Security Fairive Security Application and Cisco Security Fairwall Threat Defense are all Cisco products. Cisco Security Firewall Adaptive Security Application is an enterprise-level firewall software. Cisco Security Firewall Threat Defense is an integrated firewall platform. There is a security loophole between Cisco Security Fairive Security Application and Cisco Security Fairwall Threat Defense, which stems from the indefinite cycle of the DNS inspection function, which may lead to denial of service attacks.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

思科

Published

2025-08-14

Last Modified

2026-02-24

References

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-nat-dns-dos-bqhynHTM https://nvd.nist.gov/vuln/detail/CVE-2025-20136

Patch

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-nat-dns-dos-bqhynHTM

Share on: