CVE-2020-3548

Name of the Vulnerable Software and Affected Versions: Cisco Email Security Appliance (ESA) versions (affected versions not specified)

Description: A vulnerability in the Transport Layer Security (TLS) protocol implementation could allow an unauthenticated, remote attacker to cause high CPU usage on an affected device, resulting in a denial of service (DoS) condition. The issue is due to inefficient processing of incoming TLS traffic. An attacker could exploit this by sending crafted TLS packets to an affected device, potentially triggering a prolonged state of high CPU utilization and degrading response time and overall performance.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.