VYPR

Adaptive Security Appliance Cx Context Aware Security Software

by Cisco Systems, Inc.

CVEs (180)

  • CVE-2023-20234MedAug 23, 2023
    risk 0.29cvss 4.4epss 0.00

    A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to create a file or overwrite any file on the filesystem of an affected device, including system files. The vulnerability occurs because there is no validation of parameters when a…

  • CVE-2026-20021MedMar 4, 2026
    risk 0.28cvss 4.3epss 0.00

    A vulnerability in the OSPF protocol of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, adjacent attacker to exhaust memory on an affected device, resulting in a denial of…

  • CVE-2026-20069MedMar 4, 2026
    risk 0.28cvss 4.3epss 0.00

    A vulnerability in the VPN web services component of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct browser-based attacks against users of an…

  • CVE-2025-20135MedAug 14, 2025
    risk 0.28cvss 4.3epss 0.00

    A vulnerability in the DHCP client functionality of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, adjacent attacker to exhaust available memory. This vulnerability is…

  • CVE-2022-20713MedAug 10, 2022
    risk 0.28cvss 4.3epss 0.01

    A vulnerability in the VPN web client services component of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct browser-based attacks against users of an affected device.…

  • CVE-2023-20275MedDec 12, 2023
    risk 0.27cvss 4.1epss 0.00

    A vulnerability in the AnyConnect SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to send packets with another VPN user's source IP address. This vulnerability is…

  • CVE-2018-15398MedOct 5, 2018
    risk 0.26cvss 4.0epss 0.02

    A vulnerability in the per-user-override feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass an access control list (ACL) that is configured for an interface of an…

  • CVE-2025-20362KEVSep 25, 2025
    risk 0.15cvss epss 0.86

    Update: On November 5, 2025, Cisco became aware of a new attack variant against devices running Cisco Secure ASA Software or Cisco Secure FTD Software releases that are affected by CVE-2025-20333 and CVE-2025-20362. This attack can cause unpatched devices to unexpectedly reload,…

  • CVE-2025-20333KEVSep 25, 2025
    risk 0.14cvss epss 0.40

    A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability…

  • CVE-2025-20363Sep 25, 2025
    risk 0.01cvss epss 0.08

    A vulnerability in the web services of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software, Cisco Secure Firewall Threat Defense (FTD) Software, Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, remote attacker…

  • CVE-2026-20012Mar 25, 2026
    risk 0.00cvss epss 0.00

    A vulnerability in the Internet Key Exchange version 2 (IKEv2) feature of Cisco IOS Software, Cisco IOS XE Software, Cisco Secure Firewall Adaptive Security Appliance (ASA) Software, and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote…

  • CVE-2026-20062Mar 4, 2026
    risk 0.00cvss epss 0.00

    A vulnerability in the CLI of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software in multiple context mode could allow an authenticated, local attacker with administrative privileges in one context to copy files to or from another context, including configuration…

  • CVE-2025-20127Aug 14, 2025
    risk 0.00cvss epss 0.01

    A vulnerability in the TLS 1.3 implementation for a specific cipher for Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software for Cisco Firepower 3100 and 4200 Series devices could allow an authenticated, remote…

  • CVE-2015-4239Jul 3, 2015
    risk 0.00cvss epss 0.01

    Cisco Adaptive Security Appliance (ASA) Software 9.3(2.243) and 100.13(0.21) allows remote attackers to cause a denial of service (device reload) by sending crafted OSPFv2 packets on the local network, aka Bug ID CSCus84220.

  • CVE-2014-8023Feb 17, 2015
    risk 0.00cvss epss 0.02

    Cisco Adaptive Security Appliance (ASA) Software 9.2(.3) and earlier, when challenge-response authentication is used, does not properly select tunnel groups, which allows remote authenticated users to bypass intended resource-access restrictions via a crafted tunnel-group…

  • CVE-2013-5561Nov 4, 2013
    risk 0.00cvss epss 0.01

    The Safe Search enforcement feature in Cisco Adaptive Security Appliance (ASA) CX Context-Aware Security Software does not properly perform filtering, which allows remote attackers to bypass intended policy restrictions via unspecified vectors, aka Bug ID CSCui94622.

  • CVE-2012-5717Jan 18, 2013
    risk 0.00cvss epss 0.01

    Cisco Adaptive Security Appliances (ASA) devices with firmware 8.x through 8.4(1) do not properly manage SSH sessions, which allows remote authenticated users to cause a denial of service (device crash) by establishing multiple sessions, aka Bug ID CSCtc59462.

  • CVE-2012-4662Oct 29, 2012
    risk 0.00cvss epss 0.02

    The DCERPC inspection engine on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.3 before 8.3(2.25), 8.4 before 8.4(2.5), and 8.5 before 8.5(1.13) and the Firewall Services…

  • CVE-2012-4659Oct 29, 2012
    risk 0.00cvss epss 0.03

    The AAA functionality in the IPv4 SSL VPN implementations on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.2 before 8.2(5.30) and 8.3 before 8.3(2.34) allows remote…

  • CVE-2011-4006May 2, 2012
    risk 0.00cvss epss 0.01

    The ESMTP inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.2 through 8.5 allows remote attackers to cause a denial of service (CPU consumption) via an unspecified closing sequence, aka Bug ID CSCtt32565.

Page 9 of 9