—–BEGIN PGP SIGNED MESSAGE—–

Hash: SHA256

Denial of Service Vulnerability in CISCO 

Indian – Computer Emergency Response Team (https://www.cert-in.org.in)

Severity Rating: MEDIUM

Systems Affected

Open Source Snort 3 

1000 Series Integrated Services Routers (ISRs)

4000 Series ISRs

Catalyst 8000V Edge Software

Catalyst 8200 Series Edge Platforms

Catalyst 8300 Series Edge Platforms

Catalyst 8500L Edge Platforms

Cloud Services Routers 1000V

Integrated Services Virtual Routers

Overview

Multiple vulnerabilities have been reported in HTTP Multipurpose Internet Mail Extensions (MIME) Decoder could allow an   unauthenticated, remote attacker to cause the Snort 3 Detection Engine to leak possible sensitive information or to restart.

Target Audience: 

All IT administrators and individuals responsible for maintaining and updating in HTTP Multipurpose Internet Mail Extensions (MIME) Decoder.

Risk Assessment:

High risk of data manipulation and service disruption.

Impact Assessment:

Potential impact on confidentiality, integrity, and availability of the system.

Description

Information Disclosure Vulnerability ( CVE-2025-20359   )

This vulnerability exists due to an error in the logic of buffer handling when the MIME fields of the HTTP header are parsed. An attacker could exploit this vulnerability by sending crafted HTTP packets through an established connection that is parsed by Snort 3.

Successful exploitation of this vulnerability could allow the attacker to induce one of two possible outcomes: the unexpected restarting of the Snort 3 Detection Engine, which could cause a denial of service (DoS) condition, or information disclosure of sensitive information in the Snort 3 data stream.

Denial of Service Vulnerability ( CVE-2025-20360   )

This vulnerability exists due to a lack of complete error checking when the MIME fields of the HTTP header are parsed. An attacker could exploit this vulnerability by sending crafted HTTP packets through an established connection to be parsed by Snort 3.

Successful exploitation of these vulnerabilities could allow the attacker to cause a DoS condition when the Snort 3 Detection Engine unexpectedly restarts.

Solution

Apply appropriate updates as mentioned in Cisco Advisory

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort3-mime-vulns-tTL8PgVH

Vendor Information

CISCO

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort3-mime-vulns-tTL8PgVH

References

CISCO

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort3-mime-vulns-tTL8PgVH

CVE Name

CVE-2025-20359

CVE-2025-20360

 

– —

Thanks and Regards,

CERT-In

Incident Response Help Desk

e-mail: incident@cert-in.org.in

Phone: +91-11-22902657

Toll Free Number: 1800-11-4949

Toll Free Fax : 1800-11-6969

Web: http://www.cert-in.org.in

PGP Fingerprint: A768 083E 4475 5725 B81A A379 2156 C0C0 B620 D0B4

PGP Key information:

https://www.cert-in.org.in/s2cMainServlet?pageid=CONTACTUS

Postal address:

Indian Computer Emergency Response Team (CERT-In)

Ministry of Electronics and Information Technology

Government of India

Electronics Niketan

6, C.G.O. Complex

New Delhi-110 003

—–BEGIN PGP SIGNATURE—–

iQIzBAEBCAAdFiEE6r4Iam/Ey0c/KakL3jCgcSdcys8FAmjyKMgACgkQ3jCgcSdc

ys/CFQ/8CIuNobEof/KFunBHekf8p9Qps6zwivasG3QcDeEIdR0KkuXb/Bru6ls7

A65A3g9vQpB/lsaa29ZNPc2trR94SxYgaBihlHOdKgc1vCG+iI0r/0eYieRgM0ot

xYntuNKLohAM2jbx/zbvuSV9zJuvurvoLUnP73Imd9elO+3bd8CCXj8S6ceEWO7u

qh5kzq2X1nxtPOqLhTum4/L+I/LCsKlAm82mfIaXJyCNUyk5xkHzb2ibkocMbgfY

UudkjhrS3tFr9CgqG9B9OZA1O1YaNfDuynYJKimJ+m5VyF2dWlMbBJ9Kli5luPov

uJ67QslZnvbh5h8SbOK8S04iKFZhqGbvQsZlKgsOYaLhwT8vcOeorjZ4a+7LvzfK

Bj+UUqMGhq3nS5RXqkUPeX6pJXkoA+8dzbeNiM+gN2KFV7HfFa8+zTrLQcXPbI6q

MOyQSlKcqH9cbZbZ/hlO3KDS6Q5iWekrwMflmIZmyupLxj6ogrZ31Vy1W1jeP1Bu

iuWmFMDqYgshJzFAyM17sZLaGDdAMKBWNed6701uS3ZSC3IdBhy4Q4LAT7zGH1vt

35x2BSjZiGcv4Prk+TEl7vPaVa3a8a7uPexIvgferFehqDOn0V+FJoGbqv7/kTXk

VgJdBKlICVvL4/37GoDwAqI7m51KtwUrDe6E916rUiFHrzEJ2Kg=

=SpzC

—–END PGP SIGNATURE—–