CVSS: 8.5EPSS: 0%CPEs: 20EXPL: 0CVE-2013-5542
https://notcve.org/view.php?id=CVE-2013-5542
21 Oct 2013 — Cisco Adaptive Security Appliance (ASA) Software 8.4 before 8.4(7.2), 8.7 before 8.7(1.8), 9.0 before 9.0(3.6), and 9.1 before 9.1(2.8) allows remote attackers to cause a denial of service (firewall-session disruption or device reload) via crafted ICMP packets, aka Bug ID CSCui77398. Cisco Adaptive Security Appliance (ASA) Software 8.4 antes de 8.4 (7.2) 8.7 antes de 8.7 (1.8) 9.0 antes de 9.0 (3.6) y 9.1 antes de 9.1 (2.8) permite a atacantes remotos provocar una denegación de servicio (interrupción de ses... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131009-asa • CWE-399: Resource Management Errors •
CVSS: 10.0EPSS: 0%CPEs: 44EXPL: 0CVE-2013-5511
https://notcve.org/view.php?id=CVE-2013-5511
13 Oct 2013 — The Adaptive Security Device Management (ASDM) remote-management feature in Cisco Adaptive Security Appliance (ASA) Software 8.2.x before 8.2(5.46), 8.3.x before 8.3(2.39), 8.4.x before 8.4(6), 8.5.x before 8.5(1.18), 8.6.x before 8.6(1.12), 8.7.x before 8.7(1.7), 9.0.x before 9.0(3.1), and 9.1.x before 9.1(2.6) does not properly implement the authentication-certificate option, which allows remote attackers to bypass authentication via a TCP session to an ASDM interface, aka Bug ID CSCuh44815. La funcionali... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131009-asa • CWE-287: Improper Authentication •
CVSS: 7.5EPSS: 0%CPEs: 168EXPL: 0CVE-2013-5508
https://notcve.org/view.php?id=CVE-2013-5508
13 Oct 2013 — The SQL*Net inspection engine in Cisco Adaptive Security Appliance (ASA) Software 7.x before 7.2(5.12), 8.x before 8.2(5.44), 8.3.x before 8.3(2.39), 8.4.x before 8.4(6), 8.5.x before 8.5(1.18), 8.6.x before 8.6(1.12), 8.7.x before 8.7(1.6), 9.0.x before 9.0(2.10), and 9.1.x before 9.1(2) and Firewall Services Module (FWSM) 3.1.x and 3.2.x before 3.2(27) and 4.x before 4.1(14) allows remote attackers to cause a denial of service (device reload) via crafted segmented Transparent Network Substrate (TNS) packe... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131009-asa • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2013-5509
https://notcve.org/view.php?id=CVE-2013-5509
13 Oct 2013 — The SSL implementation in Cisco Adaptive Security Appliance (ASA) Software 9.0 before 9.0(2.6) and 9.1 before 9.1(2) allows remote attackers to bypass authentication, and obtain VPN access or administrative access, via a crafted X.509 client certificate, aka Bug ID CSCuf52468. La implementación SSL en Cisco Adaptive Security Appliance (ASA) 9.0 anterior a 9.0(2.6) y 9.1 anterior a 9.1(2) permite a atacantes remotos sortear la autenticación y obtener acceso VPN o acceso administrativo a través de un certific... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131009-asa • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 0%CPEs: 31EXPL: 0CVE-2013-5513
https://notcve.org/view.php?id=CVE-2013-5513
13 Oct 2013 — Cisco Adaptive Security Appliance (ASA) Software 8.2.x before 8.2(5.46), 8.3.x before 8.3(2.39), 8.4.x before 8.4(7), 8.5.x before 8.5(1.18), 8.6.x before 8.6(1.12), 8.7.x before 8.7(1.7), 9.0.x before 9.0(3.3), and 9.1.x before 9.1(1.8), when the DNS ALPI engine is enabled for TCP, allows remote attackers to cause a denial of service (device reload) via crafted TCP DNS packets, aka Bug ID CSCug03975. Cisco Adaptive Security Appliance (ASA) 8.2.x Software anterior a 8,2 (5,46), 8.3.x anterior a 8,3 (2,39), ... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131009-asa • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 0%CPEs: 85EXPL: 0CVE-2013-5510
https://notcve.org/view.php?id=CVE-2013-5510
13 Oct 2013 — The remote-access VPN implementation in Cisco Adaptive Security Appliance (ASA) Software 7.x before 7.2(5.12), 8.x before 8.2(5.46), 8.3.x before 8.3(2.39), 8.4.x before 8.4(6), 8.6.x before 8.6(1.12), 9.0.x before 9.0(3.1), and 9.1.x before 9.1(2.5), when an override-account-disable option is enabled, does not properly parse AAA LDAP responses, which allows remote attackers to bypass authentication via a VPN connection attempt, aka Bug ID CSCug83401. La implementación de acceso remoto VPN en Cisco Adaptive... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131009-asa • CWE-287: Improper Authentication •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2013-3415
https://notcve.org/view.php?id=CVE-2013-3415
13 Oct 2013 — Cisco Adaptive Security Appliance (ASA) Software 8.4.x before 8.4(3) and 8.6.x before 8.6(1.3) does not properly manage memory upon an AnyConnect SSL VPN client disconnection, which allows remote attackers to cause a denial of service (memory consumption, and forwarding outage or system hang) via packets to the disconnected machine's IP address, aka Bug ID CSCtt36737. Cisco Adaptive Security Appliance (ASA) Software 8.4.x anteriores a 8.4(3) y 8.6.x aanteriores 8.6(1.3) no maneja apropiadamente la memorua h... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131009-asa • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2013-5507
https://notcve.org/view.php?id=CVE-2013-5507
13 Oct 2013 — The IPsec implementation in Cisco Adaptive Security Appliance (ASA) Software 9.1 before 9.1(1.7), when an IPsec VPN tunnel is enabled, allows remote attackers to cause a denial of service (device reload) via a (1) ICMP or (2) ICMPv6 packet that is improperly handled during decryption, aka Bug ID CSCue18975. La implementacion IPSec en Cisco Adaptive Security Appliance (ASA) 9.1 anteriores a 9.2(1.7), cuando un tunel IPSec VPN está habilitado, permite a atacantes remotos causar una denegación de servicio (rec... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131009-asa • CWE-310: Cryptographic Issues •
CVSS: 7.8EPSS: 0%CPEs: 40EXPL: 0CVE-2013-5515
https://notcve.org/view.php?id=CVE-2013-5515
13 Oct 2013 — The Clientless SSL VPN feature in Cisco Adaptive Security Appliance (ASA) Software 8.x before 8.2(5.44), 8.3.x before 8.3(2.39), 8.4.x before 8.4(5.7), 8.6.x before 8.6(1.12), 9.0.x before 9.0(2.6), and 9.1.x before 9.1(1.7) allows remote attackers to cause a denial of service (device reload) via crafted HTTPS requests, aka Bug ID CSCua22709. La función de Clientless SSL VPN de Cisco Adaptive Security Appliance (ASA) Software 8.x anteiror a 8,2 (5,44), 8.3.x anterior a 8,3 (2,39), 8.4.x anterior a 8,4 (5,7)... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131009-asa • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.1EPSS: 0%CPEs: 33EXPL: 0CVE-2013-5512
https://notcve.org/view.php?id=CVE-2013-5512
13 Oct 2013 — Race condition in the HTTP Deep Packet Inspection (DPI) feature in Cisco Adaptive Security Appliance (ASA) Software 8.2.x before 8.2(5.46), 8.3.x before 8.3(2.39), 8.4.x before 8.4(5.5), 8.5.x before 8.5(1.18), 8.6.x before 8.6(1.12), 8.7.x before 8.7(1.4), 9.0.x before 9.0(1.4), and 9.1.x before 9.1(1.2), in certain conditions involving the spoof-server option or ActiveX or Java response inspection, allows remote attackers to cause a denial of service (device reload) via a crafted HTTP response, aka Bug ID... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131009-asa • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •