- What: Multiple vulnerabilities in the Cisco Snort 3 HTTP MIME Decoder could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to leak sensitive information or restart.
- Impact: Affected Cisco products running Snort 3 are vulnerable to a denial-of-service or information leak.
- Affected: Cisco products using the Snort 3 Detection Engine.
- Patch: Cisco has released software updates to address these vulnerabilities.
- CVE: CVE-2025-20359, CVE-2025-20360
Multiple Cisco products are affected by vulnerabilities in the HTTP Multipurpose Internet Mail Extensions (MIME) Decoder that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to leak possible sensitive information or to restart. For more information about these vulnerabilities, see the Details section of this advisory. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort3-mime-vulns-tTL8PgVH <br/>Security Impact Rating: Medium <br/>CVE: CVE-2025-20359,CVE-2025-20360