VYPR

Adaptive Security Appliance (ASA) Software

by Cisco Systems, Inc.

CVEs (43)

  • CVE-2014-2120MedKEVMar 19, 2014
    Cisco Systems, Inc.
    Cisco Adaptive Security Appliance
    risk 0.53cvss 6.1epss 0.14

    Cross-site scripting (XSS) vulnerability in the WebVPN login page in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCun19025.

  • CVE-2014-2127Apr 10, 2014
    Cisco Systems, Inc.
    Cisco Adaptive Security Appliance
    risk 0.04cvss epss 0.11

    Cisco Adaptive Security Appliance (ASA) Software 8.x before 8.2(5.48), 8.3 before 8.3(2.40), 8.4 before 8.4(7.9), 8.6 before 8.6(1.13), 9.0 before 9.0(4.1), and 9.1 before 9.1(4.3) does not properly process management-session information during privilege validation for SSL VPN…

  • CVE-2014-0653Jan 8, 2014
    Cisco Systems, Inc.
    Cisco Adaptive Security Appliance
    risk 0.01cvss epss 0.07

    The Identity Firewall (IDFW) functionality in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to trigger authentication-state modifications via a crafted NetBIOS logout probe response, aka Bug ID CSCuj45340.

  • CVE-2015-0619Feb 12, 2015
    Cisco Systems, Inc.
    Cisco Adaptive Security Appliance
    risk 0.00cvss epss 0.02

    Memory leak in the embedded web server in the WebVPN subsystem in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to cause a denial of service (memory consumption and SSL outage) via multiple crafted HTTP requests, aka Bug ID CSCue05458.

  • CVE-2013-5557Feb 7, 2015
    Cisco Systems, Inc.
    Cisco Adaptive Security Appliance
    risk 0.00cvss epss 0.02

    The Proxy Bypass Content Rewriter feature in the WebVPN subsystem in Cisco Adaptive Security Appliance (ASA) Software 9.1(.2) and earlier allows remote authenticated users to cause a denial of service (device crash or error-recovery event) via an HTTP request that triggers a…

  • CVE-2015-0578Jan 14, 2015
    Cisco Systems, Inc.
    Cisco Adaptive Security Appliance
    risk 0.00cvss epss 0.01

    Cisco Adaptive Security Appliance (ASA) Software, when a DHCPv6 relay is configured, allows remote attackers to cause a denial of service (device reload) via crafted DHCP packets on the local network, aka Bug ID CSCur45455.

  • CVE-2014-3410Dec 20, 2014
    Cisco Systems, Inc.
    Cisco Adaptive Security Appliance
    risk 0.00cvss epss 0.01

    The syslog-management subsystem in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to obtain an administrator password by waiting for an administrator to copy a file, and then (1) sniffing the network for a syslog message or (2) reading a syslog message…

  • CVE-2014-8012Dec 18, 2014
    Cisco Systems, Inc.
    Cisco Adaptive Security Appliance
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in the WebVPN Portal Login page in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to inject arbitrary web script or HTML via crafted attributes in a cookie, aka Bug ID CSCuh24695.

  • CVE-2014-3407Nov 28, 2014
    Cisco Systems, Inc.
    Cisco Adaptive Security Appliance
    risk 0.00cvss epss 0.02

    The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA) Software 9.3(.2) and earlier does not properly allocate memory blocks during HTTP packet handling, which allows remote attackers to cause a denial of service (memory consumption) via crafted packets, aka Bug…

  • CVE-2014-3399Oct 7, 2014
    Cisco Systems, Inc.
    Cisco Adaptive Security Appliance
    risk 0.00cvss epss 0.01

    The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA) Software 9.2(.2.4) and earlier does not properly manage session information during creation of a SharePoint handler, which allows remote authenticated users to overwrite arbitrary RAMFS cache files or inject…

  • CVE-2014-3398Oct 5, 2014
    Cisco Systems, Inc.
    Cisco Adaptive Security Appliance
    risk 0.00cvss epss 0.02

    The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to obtain potentially sensitive software-version information by reading the verbose response data that is provided for a request to an unspecified URL, aka Bug ID CSCuq65542.

  • CVE-2013-6691Jul 14, 2014
    Cisco Systems, Inc.
    Cisco Adaptive Security Appliance
    risk 0.00cvss epss 0.02

    The WebVPN CIFS implementation in Cisco Adaptive Security Appliance (ASA) Software 9.0(.4.1) and earlier allows remote CIFS servers to cause a denial of service (device reload) via a long share list, aka Bug ID CSCuj83344.

  • CVE-2013-5567Jul 14, 2014
    Cisco Systems, Inc.
    Cisco Adaptive Security Appliance
    risk 0.00cvss epss 0.02

    Cisco Adaptive Security Appliance (ASA) Software 8.4(.6) and earlier, when using an unsupported configuration with overlapping criteria for filtering and inspection, allows remote attackers to cause a denial of service (traffic loop and device crash) via a packet that triggers…

  • CVE-2014-2151Jun 18, 2014
    Cisco Systems, Inc.
    Cisco Adaptive Security Appliance
    risk 0.00cvss epss 0.01

    The WebVPN portal in Cisco Adaptive Security Appliance (ASA) Software 8.4(.7.15) and earlier allows remote authenticated users to obtain sensitive information via a crafted JavaScript file, aka Bug ID CSCui04520.

  • CVE-2014-3264May 20, 2014
    Cisco Systems, Inc.
    Cisco Adaptive Security Appliance
    risk 0.00cvss epss 0.01

    Cisco Adaptive Security Appliance (ASA) Software 9.1(.5) and earlier allows remote authenticated users to cause a denial of service (device reload) via crafted attributes in a RADIUS packet, aka Bug ID CSCun69561.

  • CVE-2014-2181May 7, 2014
    Cisco Systems, Inc.
    Cisco Adaptive Security Appliance
    risk 0.00cvss epss 0.01

    Cisco Adaptive Security Appliance (ASA) Software allows remote authenticated users to read files by sending a crafted URL to the HTTP server, as demonstrated by reading the running configuration, aka Bug ID CSCun78551.

  • CVE-2014-2182Apr 29, 2014
    Cisco Systems, Inc.
    Cisco Adaptive Security Appliance
    risk 0.00cvss epss 0.01

    Cisco Adaptive Security Appliance (ASA) Software, when DHCPv6 replay is configured, allows remote attackers to cause a denial of service (device reload) via a crafted DHCPv6 packet, aka Bug ID CSCun45520.

  • CVE-2014-2154Apr 23, 2014
    Cisco Systems, Inc.
    Cisco Adaptive Security Appliance
    risk 0.00cvss epss 0.02

    Memory leak in the SIP inspection engine in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to cause a denial of service (memory consumption and instability) via crafted SIP packets, aka Bug ID CSCuf67469.

  • CVE-2014-2129Apr 10, 2014
    Cisco Systems, Inc.
    Cisco Adaptive Security Appliance
    risk 0.00cvss epss 0.02

    The SIP inspection engine in Cisco Adaptive Security Appliance (ASA) Software 8.2 before 8.2(5.48), 8.4 before 8.4(6.5), 9.0 before 9.0(3.1), and 9.1 before 9.1(2.5) allows remote attackers to cause a denial of service (memory consumption or device reload) via crafted SIP…

  • CVE-2014-2128Apr 10, 2014
    Cisco Systems, Inc.
    Cisco Adaptive Security Appliance
    risk 0.00cvss epss 0.02

    The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA) Software 8.2 before 8.2(5.47, 8.3 before 8.3(2.40), 8.4 before 8.4(7.3), 8.6 before 8.6(1.13), 9.0 before 9.0(3.8), and 9.1 before 9.1(3.2) allows remote attackers to bypass authentication via (1) a crafted…

Page 1 of 3