VYPR

Cisco Adaptive Security Appliance

by Cisco Systems, Inc.

Cisco's stateful firewall + VPN appliance line.

applianceWebsiteDocs

CVEs (230)

  • CVE-2017-6610HigApr 20, 2017
    risk 0.50cvss 7.7epss 0.03

    A vulnerability in the Internet Key Exchange Version 1 (IKEv1) XAUTH code of Cisco ASA Software could allow an authenticated, remote attacker to cause a reload of an affected system. The vulnerability is due to insufficient validation of the IKEv1 XAUTH parameters passed during…

  • CVE-2017-6609HigApr 20, 2017
    risk 0.50cvss 7.7epss 0.03

    A vulnerability in the IPsec code of Cisco ASA Software could allow an authenticated, remote attacker to cause a reload of the affected system. The vulnerability is due to improper parsing of malformed IPsec packets. An attacker could exploit this vulnerability by sending…

  • CVE-2017-6752HigAug 7, 2017
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) 9.3(3) and 9.6(2) could allow an unauthenticated, remote attacker to determine valid usernames. The attacker could use this information to conduct additional reconnaissance attacks. The…

  • CVE-2016-6431HigOct 27, 2016
    risk 0.49cvss 7.5epss 0.03

    A vulnerability in the local Certificate Authority (CA) feature of Cisco ASA Software before 9.6(1.5) could allow an unauthenticated, remote attacker to cause a reload of the affected system. The vulnerability is due to improper handling of crafted packets during the enrollment…

  • CVE-2016-1367HigApr 21, 2016
    risk 0.49cvss 7.5epss 0.02

    The DHCPv6 relay implementation in Cisco Adaptive Security Appliance (ASA) Software 9.4.1 allows remote attackers to cause a denial of service (device reload) via crafted DHCPv6 packets, aka Bug ID CSCus23248.

  • CVE-2015-6360HigApr 21, 2016
    risk 0.49cvss 7.5epss 0.08

    The encryption-processing feature in Cisco libSRTP before 1.5.3 allows remote attackers to cause a denial of service via crafted fields in SRTP packets, aka Bug ID CSCux00686.

  • CVE-2026-20025MedMar 4, 2026
    risk 0.44cvss 6.8epss 0.00

    A vulnerability in the OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an authenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a DoS condition. To exploit this vulnerability, the attacker…

  • CVE-2026-20024MedMar 4, 2026
    risk 0.44cvss 6.8epss 0.00

    A vulnerability in the OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an authenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a DoS condition. To exploit this vulnerability, the attacker…

  • CVE-2026-20020MedMar 4, 2026
    risk 0.44cvss 6.8epss 0.00

    A vulnerability in the OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a DoS condition. If OSPF authentication is enabled, the…

  • CVE-2016-1379MedMay 28, 2016
    risk 0.42cvss 6.5epss 0.01

    Cisco Adaptive Security Appliance (ASA) Software 9.0 through 9.5.1 mishandles IPsec error processing, which allows remote authenticated users to cause a denial of service (memory consumption) via crafted (1) LAN-to-LAN or (2) Remote Access VPN tunnel packets, aka Bug ID…

  • CVE-2016-1385MedMay 26, 2016
    risk 0.42cvss 6.5epss 0.01

    The XML parser in Cisco Adaptive Security Appliance (ASA) Software through 9.5.2 allows remote authenticated users to cause a denial of service (instability, memory consumption, or device reload) by leveraging (1) administrative access or (2) Clientless SSL VPN access to provide…

  • CVE-2026-20023MedMar 4, 2026
    risk 0.40cvss 6.1epss 0.00

    A vulnerability in the OSPF protocol of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, adjacent attacker to corrupt memory on an affected device, resulting in a denial of…

  • CVE-2026-20022MedMar 4, 2026
    risk 0.40cvss 6.1epss 0.00

    A vulnerability in the OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a DoS condition when OSPF canonicalization debug is enabled…

  • CVE-2026-20102MedMar 4, 2026
    risk 0.40cvss 6.1epss 0.00

    A vulnerability in the SAML 2.0 single sign-on (SSO) feature of Cisco Secure Firewall ASA Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the SAML feature and…

  • CVE-2026-20070MedMar 4, 2026
    risk 0.40cvss 6.1epss 0.00

    A vulnerability in the VPN web services component of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a…

  • CVE-2017-12265MedOct 5, 2017
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device,…

  • CVE-2017-6765MedAug 7, 2017
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco Adaptive Security Appliance (ASA) 9.1(6.11) and 9.4(1.2) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an…

  • CVE-2026-20016MedMar 4, 2026
    risk 0.39cvss 6.0epss 0.00

    A vulnerability in the Cisco FXOS Software CLI feature for Cisco Secure Firewall ASA Software and Secure FTD Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system with root-level privileges. To exploit this…

  • CVE-2026-20008MedMar 4, 2026
    risk 0.39cvss 6.0epss 0.00

    A vulnerability in a small subset of CLI commands that are used on Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, local attacker to craft Lua code that could be used on the…

  • CVE-2026-20073MedMar 4, 2026
    risk 0.38cvss 5.8epss 0.00

    A vulnerability in Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to send traffic that should be denied through an affected device. This vulnerability is…

Page 2 of 12