What is CVE-2020-3132?

CVE-2020-3132 is a medium-severity vulnerability in Cisco Email Security Appliance (Esa), classified under Uncontrolled Resource Consumption. CVSS score: 6.8/10. Published 2020-02-19.

How severe is CVE-2020-3132?

Medium severity. CVSS v3 base score is 6.8 out of 10.

Resource exhaustion in Cisco Email Security Appliance (Esa)

CVE-2020-3132

A vulnerability in the email message scanning feature of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause a temporary denial of service (DoS) condition on an affected…

Vulnerability class: DoS (Denial of Service)

EPSS: 0.009 (76.3th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.8 (Medium). Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H.

Affected products

Cisco Email Security Appliance (Esa) — versions unspecified

Weakness classification (CWE)

CWE-400 — Uncontrolled Resource Consumption

References

20200219 Cisco Email Security Appliance Shortened URL Denial of Service Vulnerability (vendor-advisory, x_refsource_CISCO)

Frequently asked questions

What is CVE-2020-3132?: CVE-2020-3132 is a medium-severity vulnerability in Cisco Email Security Appliance (Esa), classified under Uncontrolled Resource Consumption. CVSS score: 6.8/10. Published 2020-02-19.
How severe is CVE-2020-3132?: Medium severity. CVSS v3 base score is 6.8 out of 10.