CVSS: 9.0EPSS: 0%CPEs: 13EXPL: 0CVE-2019-15992 – Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-15992
A vulnerability in the implementation of the Lua interpreter integrated in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to execute arbitrary code with root privileges on the underlying Linux operating system of an affected device. The vulnerability is due to insufficient restrictions on the allowed Lua function calls within the context of user-supplied Lua scripts. A successful exploit could allow the attacker to trigger a heap overflow condition and execute arbitrary code with root privileges on the underlying Linux operating system of an affected device. Una vulnerabilidad en la implementación del intérprete Lua integrado en Cisco Adaptive Security Appliance (ASA) Software y Cisco Firepower Threat Defense (FTD) Software, podría permitir a un atacante remoto autenticado ejecutar código arbitrario con privilegios root en el sistema operativo Linux subyacente de un dispositivo afectado. La vulnerabilidad es debido a restricciones insuficientes en las llamadas a funciones Lua permitidas dentro del contexto de los scripts Lua suministrados por el usuario. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191112-asa-ftd-lua-rce • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 0CVE-2020-3306 – Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software DHCP Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2020-3306
A vulnerability in the DHCP module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. The vulnerability is due to incorrect processing of certain DHCP packets. An attacker could exploit this vulnerability by sending a crafted DHCP packet to the affected device. A successful exploit could allow the attacker to cause a DoS condition on the affected device. Una vulnerabilidad en el módulo DHCP del Cisco Adaptive Security Appliance (ASA) Software y el Cisco Firepower Threat Defense (FTD) Software, podría permitir a un atacante remoto no autenticado causar una condición de denegación de servicio (DoS) sobre el dispositivo afectado. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dos-qk8cTGLz • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 0CVE-2020-3305 – Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software BGP Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2020-3305
A vulnerability in the implementation of the Border Gateway Protocol (BGP) module in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incorrect processing of certain BGP packets. An attacker could exploit this vulnerability by sending a crafted BGP packet. A successful exploit could allow the attacker to cause a DoS condition on the affected device. Una vulnerabilidad en la implementación del módulo Border Gateway Protocol (BGP) en el Cisco Adaptive Security Appliance (ASA) Software y el Cisco Firepower Threat Defense (FTD) Software, podría permitir a un atacante remoto no autenticado causar una condición de denegación de servicio (DoS). • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-dos-P43GCE5j • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 0CVE-2020-3303 – Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IKEv1 Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2020-3303
A vulnerability in the Internet Key Exchange version 1 (IKEv1) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to improper management of system memory. An attacker could exploit this vulnerability by sending malicious IKEv1 traffic to an affected device. A successful exploit could allow the attacker to cause a DoS condition on the affected device. Una vulnerabilidad en la funcionalidad Internet Key Exchange versión 1 (IKEv1) del Cisco Adaptive Security Appliance (ASA) Software y el Cisco Firepower Threat Defense (FTD) Software, podría permitir a un atacante remoto no autenticado causar una condición de denegación de servicio (DoS). • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-dos-BqYFRJt9 • CWE-399: Resource Management Errors CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 19EXPL: 0CVE-2019-12698 – Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software WebVPN CPU Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2019-12698
A vulnerability in the WebVPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause increased CPU utilization on an affected device. The vulnerability is due to excessive processing load for a specific WebVPN HTTP page request. An attacker could exploit this vulnerability by sending multiple WebVPN HTTP page load requests for a specific URL. A successful exploit could allow the attacker to increase CPU load on the device, resulting in a denial of service (DoS) condition, which could cause traffic to be delayed through the device. Una vulnerabilidad en la funcionalidad WebVPN del Software Cisco Adaptive Security Appliance (ASA) y el Software Cisco Firepower Threat Defense (FTD), podría permitir a un atacante remoto no autenticado causar una mayor utilización de la CPU en un dispositivo afectado. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-ftd-dos • CWE-400: Uncontrolled Resource Consumption •