CNNVD-202510-2100 Information
CNNVD ID
CNNVD-202510-2100
Related CVE
- CNNVD Published: 2025-10-15
Description (Chinese)
Cisco IOS XE Software和Cisco Secure Firewall Threat Defense Software都是美国思科(Cisco)公司的产品。Cisco IOS XE Software是一种网络操作系统。Cisco Secure Firewall Threat Defense Software是一个防火墙操作系统。 Cisco多款产品存在安全漏洞,该漏洞源于解析HTTP标头的MIME字段时缺少完整错误检查,可能导致拒绝服务攻击。以下产品受到影响:Cisco Open Source Snort、Cisco Secure Firewall Threat Defense Software和Cisco IOS XE Software。
Description (English)
Cisco IOS XE Software and Cisco Security Fairwall Threat Defense Software are all Cisco products. Cisco IOS XE Software is a network operating system. Cisco Secure Fairewall. There is a safety gap in Cisco ’ s multiple products, which stems from the lack of complete error checks in the analysis of the MIME fields at HTTP header, which could lead to a denial of service attack. The following products were affected: Cisco Open Source Snort, Cisco Security Fairwall Threat Defense Software and Cisco IOS XE Software.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
思科
Published
2025-10-15
Last Modified
2026-02-24
References
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort3-mime-vulns-tTL8PgVH https://vigilance.fr/vulnerability/Snort-denial-of-service-via-HTTP-Decoder-MIME-Error-48506 https://access.redhat.com/security/cve/cve-2025-20360