CVSS: 8.6EPSS: 0%CPEs: 49EXPL: 0CVE-2021-34792 – Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Resource Exhaustion Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2021-34792
27 Oct 2021 — A vulnerability in the memory management of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper resource management when connection rates are high. An attacker could exploit this vulnerability by opening a significant number of connections on an affected device. A successful exploit could allow the attacker to cause... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-dos-Unk689XY • CWE-400: Uncontrolled Resource Consumption CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 8.6EPSS: 0%CPEs: 58EXPL: 0CVE-2020-3196 – Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL/TLS Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2020-3196
06 May 2020 — A vulnerability in the Secure Sockets Layer (SSL)/Transport Layer Security (TLS) handler of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to exhaust memory resources on the affected device, leading to a denial of service (DoS) condition. The vulnerability is due to improper resource management for inbound SSL/TLS connections. An attacker could exploit this vulnerability by establishing multiple SSL/TLS conne... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ssl-vpn-dos-qY7BHpjN • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.3EPSS: 0%CPEs: 38EXPL: 0CVE-2020-3188 – Cisco Firepower Threat Defense Software Management Interface Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2020-3188
06 May 2020 — A vulnerability in how Cisco Firepower Threat Defense (FTD) Software handles session timeouts for management connections could allow an unauthenticated, remote attacker to cause a buildup of remote management connections to an affected device, which could result in a denial of service (DoS) condition. The vulnerability exists because the default session timeout period for specific to-the-box remote management connections is too long. An attacker could exploit this vulnerability by sending a large and sustai... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-mgmt-interface-dos-FkG4MuTU • CWE-399: Resource Management Errors CWE-613: Insufficient Session Expiration •
CVSS: 8.6EPSS: 0%CPEs: 38EXPL: 0CVE-2020-3179 – Cisco Firepower Threat Defense Software Generic Routing Encapsulation Tunnel IPv6 Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2020-3179
06 May 2020 — A vulnerability in the generic routing encapsulation (GRE) tunnel decapsulation feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a memory handling error when GRE over IPv6 traffic is processed. An attacker could exploit this vulnerability by sending crafted GRE over IPv6 packets with either IPv4 or IPv6 payload through an affected device. A successful exploi... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-2-sS2h7aWe • CWE-415: Double Free •
CVSS: 5.3EPSS: 0%CPEs: 39EXPL: 0CVE-2020-3186 – Cisco Firepower Threat Defense Software Management Access List Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2020-3186
06 May 2020 — A vulnerability in the management access list configuration of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured management interface access list on an affected system. The vulnerability is due to the configuration of different management access lists, with ports allowed in one access list and denied in another. An attacker could exploit this vulnerability by sending crafted remote management traffic to the local IP address of an affected sy... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-accesslist-bypass-5dZs5qZp • CWE-284: Improper Access Control •
CVSS: 8.6EPSS: 0%CPEs: 39EXPL: 0CVE-2019-15256 – Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IKEv1 Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2019-15256
02 Oct 2019 — A vulnerability in the Internet Key Exchange version 1 (IKEv1) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper management of system memory. An attacker could exploit this vulnerability by sending malicious IKEv1 traffic to an affected device. The attacker does not need va... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-ftd-ikev1-dos • CWE-399: Resource Management Errors CWE-400: Uncontrolled Resource Consumption •