Cisco Adaptive Security Appliance
Cisco's stateful firewall + VPN appliance line.
CVEs (230)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2014-3382 | 0.00 | — | 0.01 | Oct 10, 2014 | The SQL*Net inspection engine in Cisco ASA Software 7.2 before 7.2(5.13), 8.2 before 8.2(5.50), 8.3 before 8.3(2.42), 8.4 before 8.4(7.15), 8.5 before 8.5(1.21), 8.6 before 8.6(1.14), 8.7 before 8.7(1.13), 9.0 before 9.0(4.5), and 9.1 before 9.1(5.1) allows remote attackers to… | |||
| CVE-2014-3399 | 0.00 | — | 0.01 | Oct 7, 2014 | The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA) Software 9.2(.2.4) and earlier does not properly manage session information during creation of a SharePoint handler, which allows remote authenticated users to overwrite arbitrary RAMFS cache files or inject… | |||
| CVE-2014-3398 | 0.00 | — | 0.02 | Oct 5, 2014 | The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to obtain potentially sensitive software-version information by reading the verbose response data that is provided for a request to an unspecified URL, aka Bug ID CSCuq65542. | |||
| CVE-2013-6691 | 0.00 | — | 0.02 | Jul 14, 2014 | The WebVPN CIFS implementation in Cisco Adaptive Security Appliance (ASA) Software 9.0(.4.1) and earlier allows remote CIFS servers to cause a denial of service (device reload) via a long share list, aka Bug ID CSCuj83344. | |||
| CVE-2013-5567 | 0.00 | — | 0.02 | Jul 14, 2014 | Cisco Adaptive Security Appliance (ASA) Software 8.4(.6) and earlier, when using an unsupported configuration with overlapping criteria for filtering and inspection, allows remote attackers to cause a denial of service (traffic loop and device crash) via a packet that triggers… | |||
| CVE-2014-2151 | 0.00 | — | 0.01 | Jun 18, 2014 | The WebVPN portal in Cisco Adaptive Security Appliance (ASA) Software 8.4(.7.15) and earlier allows remote authenticated users to obtain sensitive information via a crafted JavaScript file, aka Bug ID CSCui04520. | |||
| CVE-2014-3264 | 0.00 | — | 0.01 | May 20, 2014 | Cisco Adaptive Security Appliance (ASA) Software 9.1(.5) and earlier allows remote authenticated users to cause a denial of service (device reload) via crafted attributes in a RADIUS packet, aka Bug ID CSCun69561. | |||
| CVE-2014-2181 | 0.00 | — | 0.01 | May 7, 2014 | Cisco Adaptive Security Appliance (ASA) Software allows remote authenticated users to read files by sending a crafted URL to the HTTP server, as demonstrated by reading the running configuration, aka Bug ID CSCun78551. | |||
| CVE-2014-2182 | 0.00 | — | 0.01 | Apr 29, 2014 | Cisco Adaptive Security Appliance (ASA) Software, when DHCPv6 replay is configured, allows remote attackers to cause a denial of service (device reload) via a crafted DHCPv6 packet, aka Bug ID CSCun45520. | |||
| CVE-2014-2154 | 0.00 | — | 0.02 | Apr 23, 2014 | Memory leak in the SIP inspection engine in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to cause a denial of service (memory consumption and instability) via crafted SIP packets, aka Bug ID CSCuf67469. | |||
| CVE-2014-2129 | 0.00 | — | 0.02 | Apr 10, 2014 | The SIP inspection engine in Cisco Adaptive Security Appliance (ASA) Software 8.2 before 8.2(5.48), 8.4 before 8.4(6.5), 9.0 before 9.0(3.1), and 9.1 before 9.1(2.5) allows remote attackers to cause a denial of service (memory consumption or device reload) via crafted SIP… | |||
| CVE-2014-2128 | 0.00 | — | 0.02 | Apr 10, 2014 | The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA) Software 8.2 before 8.2(5.47, 8.3 before 8.3(2.40), 8.4 before 8.4(7.3), 8.6 before 8.6(1.13), 9.0 before 9.0(3.8), and 9.1 before 9.1(3.2) allows remote attackers to bypass authentication via (1) a crafted… | |||
| CVE-2014-2126 | 0.00 | — | 0.02 | Apr 10, 2014 | Cisco Adaptive Security Appliance (ASA) Software 8.2 before 8.2(5.47), 8.4 before 8.4(7.5), 8.7 before 8.7(1.11), 9.0 before 9.0(3.10), and 9.1 before 9.1(3.4) allows remote authenticated users to gain privileges by leveraging level-0 ASDM access, aka Bug ID CSCuj33496. | |||
| CVE-2014-0739 | 0.00 | — | 0.01 | Feb 22, 2014 | Race condition in the Phone Proxy component in Cisco Adaptive Security Appliance (ASA) Software 9.1(.3) and earlier allows remote attackers to bypass sec_db authentication and provide certain pass-through services to untrusted devices via a crafted configuration-file TFTP… | |||
| CVE-2014-0738 | 0.00 | — | 0.01 | Feb 22, 2014 | The Phone Proxy component in Cisco Adaptive Security Appliance (ASA) Software 9.1(.3) and earlier allows remote attackers to bypass authentication and change trust relationships by injecting a Certificate Trust List (CTL) file, aka Bug ID CSCuj66770. | |||
| CVE-2014-0655 | 0.00 | — | 0.02 | Jan 8, 2014 | The Identity Firewall (IDFW) functionality in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to change the user-cache contents via a replay attack involving crafted RADIUS Change of Authorization (CoA) messages, aka Bug ID CSCuj45332. | |||
| CVE-2013-6707 | 0.00 | — | 0.03 | Dec 7, 2013 | Memory leak in the connection-manager implementation in Cisco Adaptive Security Appliance (ASA) Software 9.1(.3) and earlier allows remote attackers to cause a denial of service (multi-protocol management outage) by making multiple management session requests, aka Bug ID… | |||
| CVE-2013-6696 | 0.00 | — | 0.01 | Dec 2, 2013 | Cisco Adaptive Security Appliance (ASA) Software does not properly handle errors during the processing of DNS responses, which allows remote attackers to cause a denial of service (device reload) via a malformed response, aka Bug ID CSCuj28861. | |||
| CVE-2013-6682 | 0.00 | — | 0.01 | Nov 13, 2013 | The phone-proxy implementation in Cisco Adaptive Security Appliance (ASA) Software 9.0.3.6 and earlier does not properly validate X.509 certificates, which allows remote attackers to cause a denial of service (connection-database corruption) via an invalid entry, aka Bug ID… | |||
| CVE-2013-5568 | 0.00 | — | 0.01 | Nov 13, 2013 | The auto-update implementation in Cisco Adaptive Security Appliance (ASA) Software 9.0.3.6 and earlier allows remote attackers to cause a denial of service (device reload) via crafted update data, aka Bug ID CSCui33308. |
- CVE-2014-3382Oct 10, 2014risk 0.00cvss —epss 0.01
The SQL*Net inspection engine in Cisco ASA Software 7.2 before 7.2(5.13), 8.2 before 8.2(5.50), 8.3 before 8.3(2.42), 8.4 before 8.4(7.15), 8.5 before 8.5(1.21), 8.6 before 8.6(1.14), 8.7 before 8.7(1.13), 9.0 before 9.0(4.5), and 9.1 before 9.1(5.1) allows remote attackers to…
- CVE-2014-3399Oct 7, 2014risk 0.00cvss —epss 0.01
The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA) Software 9.2(.2.4) and earlier does not properly manage session information during creation of a SharePoint handler, which allows remote authenticated users to overwrite arbitrary RAMFS cache files or inject…
- CVE-2014-3398Oct 5, 2014risk 0.00cvss —epss 0.02
The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to obtain potentially sensitive software-version information by reading the verbose response data that is provided for a request to an unspecified URL, aka Bug ID CSCuq65542.
- CVE-2013-6691Jul 14, 2014risk 0.00cvss —epss 0.02
The WebVPN CIFS implementation in Cisco Adaptive Security Appliance (ASA) Software 9.0(.4.1) and earlier allows remote CIFS servers to cause a denial of service (device reload) via a long share list, aka Bug ID CSCuj83344.
- CVE-2013-5567Jul 14, 2014risk 0.00cvss —epss 0.02
Cisco Adaptive Security Appliance (ASA) Software 8.4(.6) and earlier, when using an unsupported configuration with overlapping criteria for filtering and inspection, allows remote attackers to cause a denial of service (traffic loop and device crash) via a packet that triggers…
- CVE-2014-2151Jun 18, 2014risk 0.00cvss —epss 0.01
The WebVPN portal in Cisco Adaptive Security Appliance (ASA) Software 8.4(.7.15) and earlier allows remote authenticated users to obtain sensitive information via a crafted JavaScript file, aka Bug ID CSCui04520.
- CVE-2014-3264May 20, 2014risk 0.00cvss —epss 0.01
Cisco Adaptive Security Appliance (ASA) Software 9.1(.5) and earlier allows remote authenticated users to cause a denial of service (device reload) via crafted attributes in a RADIUS packet, aka Bug ID CSCun69561.
- CVE-2014-2181May 7, 2014risk 0.00cvss —epss 0.01
Cisco Adaptive Security Appliance (ASA) Software allows remote authenticated users to read files by sending a crafted URL to the HTTP server, as demonstrated by reading the running configuration, aka Bug ID CSCun78551.
- CVE-2014-2182Apr 29, 2014risk 0.00cvss —epss 0.01
Cisco Adaptive Security Appliance (ASA) Software, when DHCPv6 replay is configured, allows remote attackers to cause a denial of service (device reload) via a crafted DHCPv6 packet, aka Bug ID CSCun45520.
- CVE-2014-2154Apr 23, 2014risk 0.00cvss —epss 0.02
Memory leak in the SIP inspection engine in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to cause a denial of service (memory consumption and instability) via crafted SIP packets, aka Bug ID CSCuf67469.
- CVE-2014-2129Apr 10, 2014risk 0.00cvss —epss 0.02
The SIP inspection engine in Cisco Adaptive Security Appliance (ASA) Software 8.2 before 8.2(5.48), 8.4 before 8.4(6.5), 9.0 before 9.0(3.1), and 9.1 before 9.1(2.5) allows remote attackers to cause a denial of service (memory consumption or device reload) via crafted SIP…
- CVE-2014-2128Apr 10, 2014risk 0.00cvss —epss 0.02
The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA) Software 8.2 before 8.2(5.47, 8.3 before 8.3(2.40), 8.4 before 8.4(7.3), 8.6 before 8.6(1.13), 9.0 before 9.0(3.8), and 9.1 before 9.1(3.2) allows remote attackers to bypass authentication via (1) a crafted…
- CVE-2014-2126Apr 10, 2014risk 0.00cvss —epss 0.02
Cisco Adaptive Security Appliance (ASA) Software 8.2 before 8.2(5.47), 8.4 before 8.4(7.5), 8.7 before 8.7(1.11), 9.0 before 9.0(3.10), and 9.1 before 9.1(3.4) allows remote authenticated users to gain privileges by leveraging level-0 ASDM access, aka Bug ID CSCuj33496.
- CVE-2014-0739Feb 22, 2014risk 0.00cvss —epss 0.01
Race condition in the Phone Proxy component in Cisco Adaptive Security Appliance (ASA) Software 9.1(.3) and earlier allows remote attackers to bypass sec_db authentication and provide certain pass-through services to untrusted devices via a crafted configuration-file TFTP…
- CVE-2014-0738Feb 22, 2014risk 0.00cvss —epss 0.01
The Phone Proxy component in Cisco Adaptive Security Appliance (ASA) Software 9.1(.3) and earlier allows remote attackers to bypass authentication and change trust relationships by injecting a Certificate Trust List (CTL) file, aka Bug ID CSCuj66770.
- CVE-2014-0655Jan 8, 2014risk 0.00cvss —epss 0.02
The Identity Firewall (IDFW) functionality in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to change the user-cache contents via a replay attack involving crafted RADIUS Change of Authorization (CoA) messages, aka Bug ID CSCuj45332.
- CVE-2013-6707Dec 7, 2013risk 0.00cvss —epss 0.03
Memory leak in the connection-manager implementation in Cisco Adaptive Security Appliance (ASA) Software 9.1(.3) and earlier allows remote attackers to cause a denial of service (multi-protocol management outage) by making multiple management session requests, aka Bug ID…
- CVE-2013-6696Dec 2, 2013risk 0.00cvss —epss 0.01
Cisco Adaptive Security Appliance (ASA) Software does not properly handle errors during the processing of DNS responses, which allows remote attackers to cause a denial of service (device reload) via a malformed response, aka Bug ID CSCuj28861.
- CVE-2013-6682Nov 13, 2013risk 0.00cvss —epss 0.01
The phone-proxy implementation in Cisco Adaptive Security Appliance (ASA) Software 9.0.3.6 and earlier does not properly validate X.509 certificates, which allows remote attackers to cause a denial of service (connection-database corruption) via an invalid entry, aka Bug ID…
- CVE-2013-5568Nov 13, 2013risk 0.00cvss —epss 0.01
The auto-update implementation in Cisco Adaptive Security Appliance (ASA) Software 9.0.3.6 and earlier allows remote attackers to cause a denial of service (device reload) via crafted update data, aka Bug ID CSCui33308.
Page 6 of 12