CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2018-15397 – Cisco Adaptive Security Appliance IPsec VPN Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2018-15397
05 Oct 2018 — A vulnerability in the implementation of Traffic Flow Confidentiality (TFC) over IPsec functionality in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to restart unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to an error that may occur if the affected software renegotiates the encryption key for an IPsec tunnel when certain TFC traffic is i... • http://www.securitytracker.com/id/1041786 • CWE-320: Key Management Errors •
CVSS: 7.5EPSS: 94%CPEs: 14EXPL: 11CVE-2018-0296 – Cisco Adaptive Security Appliance (ASA) Denial-of-Service Vulnerability
https://notcve.org/view.php?id=CVE-2018-0296
07 Jun 2018 — A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. It is also possible on certain software releases that the ASA will not reload, but an attacker could view sensitive system information without authentication by using directory traversal techniques. The vulnerability is due to lack of proper input validation of the HTTP URL. An... • https://packetstorm.news/files/id/181032 • CWE-20: Improper Input Validation CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 8.6EPSS: 5%CPEs: 11EXPL: 0CVE-2018-0228
https://notcve.org/view.php?id=CVE-2018-0228
19 Apr 2018 — A vulnerability in the ingress flow creation functionality of Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause the CPU to increase upwards of 100% utilization, causing a denial of service (DoS) condition on an affected system. The vulnerability is due to incorrect handling of an internal software lock that could prevent other system processes from getting CPU cycles, causing a high CPU condition. An attacker could exploit this vulnerability by sending a steady... • http://www.securityfocus.com/bid/104220 • CWE-20: Improper Input Validation CWE-667: Improper Locking •
CVSS: 8.6EPSS: 0%CPEs: 4EXPL: 0CVE-2018-0231
https://notcve.org/view.php?id=CVE-2018-0231
19 Apr 2018 — A vulnerability in the Transport Layer Security (TLS) library of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of the affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a malicious TLS message to an interface enabled for Secure Layer Socket (S... • http://www.securitytracker.com/id/1040725 • CWE-20: Improper Input Validation CWE-787: Out-of-bounds Write •
CVSS: 8.6EPSS: 1%CPEs: 52EXPL: 0CVE-2018-0240
https://notcve.org/view.php?id=CVE-2018-0240
19 Apr 2018 — Multiple vulnerabilities in the Application Layer Protocol Inspection feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerabilities are due to logical errors during traffic inspection. An attacker could exploit these vulnerabilities by sending a high volume of malicious traffic across an affected devic... • http://www.securityfocus.com/bid/103934 • CWE-399: Resource Management Errors •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2018-0251
https://notcve.org/view.php?id=CVE-2018-0251
19 Apr 2018 — A vulnerability in the Web Server Authentication Required screen of the Clientless Secure Sockets Layer (SSL) VPN portal of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of that portal on an affected device. The vulnerability is due to insufficient validation of user-supplied input by the web-based interface of an affected device. An attacker could exploit this vulnerability by persuading a user ... • http://www.securityfocus.com/bid/103926 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 10.0EPSS: 90%CPEs: 13EXPL: 5CVE-2018-0101 – Cisco ASA - Crash (PoC)
https://notcve.org/view.php?id=CVE-2018-0101
29 Jan 2018 — A vulnerability in the Secure Sockets Layer (SSL) VPN functionality of the Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code. The vulnerability is due to an attempt to double free a region of memory when the webvpn feature is enabled on the Cisco ASA device. An attacker could exploit this vulnerability by sending multiple, crafted XML packets to a webvpn-configured interface on the affected sy... • https://packetstorm.news/files/id/146296 • CWE-415: Double Free •
CVSS: 4.2EPSS: 0%CPEs: 3788EXPL: 0CVE-2017-6770
https://notcve.org/view.php?id=CVE-2017-6770
07 Aug 2017 — Cisco IOS 12.0 through 15.6, Adaptive Security Appliance (ASA) Software 7.0.1 through 9.7.1.2, NX-OS 4.0 through 12.0, and IOS XE 3.6 through 3.18 are affected by a vulnerability involving the Open Shortest Path First (OSPF) Routing Protocol Link State Advertisement (LSA) database. This vulnerability could allow an unauthenticated, remote attacker to take full control of the OSPF Autonomous System (AS) domain routing table, allowing the attacker to intercept or black-hole traffic. The attacker could exploit... • http://www.securityfocus.com/bid/100005 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2015-4239
https://notcve.org/view.php?id=CVE-2015-4239
03 Jul 2015 — Cisco Adaptive Security Appliance (ASA) Software 9.3(2.243) and 100.13(0.21) allows remote attackers to cause a denial of service (device reload) by sending crafted OSPFv2 packets on the local network, aka Bug ID CSCus84220. Cisco Adaptive Security Appliance (ASA) Software 9.3(2.243) y 100.13(0.21) permite a atacantes remotos causar una denegación de servicio (recarga de dispositivo) mediante el envío de paquetes OSPFv2 manipulados en la red local, también conocido como Bug ID CSCus84220. • http://tools.cisco.com/security/center/viewAlert.x?alertId=39612 • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 1%CPEs: 11EXPL: 0CVE-2015-0742
https://notcve.org/view.php?id=CVE-2015-0742
21 May 2015 — The Protocol Independent Multicast (PIM) application in Cisco Adaptive Security Appliance (ASA) Software 9.2(0.0), 9.2(0.104), 9.2(3.1), 9.2(3.4), 9.3(1.105), 9.3(2.100), 9.4(0.115), 100.13(0.21), 100.13(20.3), 100.13(21.9), and 100.14(1.1) does not properly implement multicast-forwarding registration, which allows remote attackers to cause a denial of service (forwarding outage) via a crafted multicast packet, aka Bug ID CSCus74398. La aplicación Protocol Independent Multicast (PIM) en el software Cisco Ad... • http://tools.cisco.com/security/center/viewAlert.x?alertId=38937 • CWE-399: Resource Management Errors •