How severe is CVE-2020-3132?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.8 out of 10.

What type of vulnerability is CVE-2020-3132?

This is classified as CWE-400, which is a common weakness in software security.

CVE-2020-3132

MEDIUM Year: 2020

CVSS v3 Score

6.8

Medium

CVSS v2 Score

7.1

High

Weakness Type

CWE-400

View all →

Vulnerability Description

A vulnerability in the email message scanning feature of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause a temporary denial of service (DoS) condition on an affected device. The vulnerability is due to inadequate parsing mechanisms for specific email body components. An attacker could exploit this vulnerability by sending a malicious email containing a high number of shortened URLs through an affected device. A successful exploit could allow the attacker to consume processing resources, causing a DoS condition on an affected device. To successfully exploit this vulnerability, certain conditions beyond the control of the attacker must occur.

CVE-2016-6172

MEDIUM

CVSS:6.8(Medium)

PowerDNS (aka pdns) Authoritative Server before 4.0.1 allows remote primary DNS servers to cause a denial of service (memory exhaustion and secondary DNS server crash) via a large (1) AXFR or (2) IXFR...

CWE-4002016

CVE-2018-15399

MEDIUM

CVSS:6.8(Medium)

A vulnerability in the TCP syslog module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to exhaus...

CWE-4002018

CVE-2018-20169

MEDIUM

CVSS:6.8(Medium)

An issue was discovered in the Linux kernel before 4.19.9. The USB subsystem mishandles size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core...

CWE-4002018

CVE-2019-1814

MEDIUM

CVSS:6.8(Medium)

A vulnerability in the interactions between the DHCP and TFTP features for Cisco Small Business 300 Series (Sx300) Managed Switches could allow an unauthenticated, remote attacker to cause the device ...

CWE-4002019

CVE-2020-3305

MEDIUM

CVSS:6.8(Medium)

A vulnerability in the implementation of the Border Gateway Protocol (BGP) module in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an u...

CWE-4002020

CVE-2020-3306

MEDIUM

CVSS:6.8(Medium)

A vulnerability in the DHCP module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a deni...

CWE-4002020

CVE-2020-3132

Vulnerability Description

Related Vulnerabilities

CVE-2016-6172

CVE-2018-15399

CVE-2018-20169

CVE-2019-1814

CVE-2020-3305

CVE-2020-3306