CVSS: 7.8EPSS: 0%CPEs: 151EXPL: 0CVE-2013-1149
https://notcve.org/view.php?id=CVE-2013-1149
Cisco Adaptive Security Appliances (ASA) devices with software 7.x before 7.2(5.10), 8.0 before 8.0(5.28), 8.1 and 8.2 before 8.2(5.35), 8.3 before 8.3(2.34), 8.4 before 8.4(4.11), 8.6 before 8.6(1.10), and 8.7 before 8.7(1.3), and Cisco Firewall Services Module (FWSM) software 3.1 and 3.2 before 3.2(24.1) and 4.0 and 4.1 before 4.1(11.1), allow remote attackers to cause a denial of service (device reload) via a crafted IKEv1 message, aka Bug IDs CSCub85692 and CSCud20267. Cisco Adaptive Security Appliances (ASA) los dispositivos con v7.x de software antes de v7.2(5.10) v8.0, antes de v8.0(5.28), v8.1 y v8.2 antes de v8.2(5.35), v8.3 antes de v8.3(2.34), v8.4 antes de v8.4(4.11), v8.6 antes de v8.6(1.10), y v8.7 antes de v8.7(1.3), y Cisco Firewall Services Module (FWSM) software v3.1 y v3.2 antes de v3.2(24.1) y v4.0 y v401 antes de v4.1(11.1), permite a atacantes remotos provocar una denegación de servicio (recarga de dispositivo) a través de un elaborado IKEv1 mensaje, también conocido como Bug ID CSCub85692 y CSCud20267. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-asa http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-fwsm •
CVSS: 7.1EPSS: 0%CPEs: 83EXPL: 0CVE-2013-1151
https://notcve.org/view.php?id=CVE-2013-1151
Cisco Adaptive Security Appliances (ASA) devices with software 7.x before 7.2(5.10), 8.0 before 8.0(5.31), 8.1 and 8.2 before 8.2(5.38), 8.3 before 8.3(2.37), 8.4 before 8.4(5), 8.5 before 8.5(1.17), 8.6 before 8.6(1.10), and 8.7 before 8.7(1.3) allow remote attackers to cause a denial of service (device reload) via a crafted certificate, aka Bug ID CSCuc72408. Cisco Adaptive Security Appliances (ASA) los dispositivos con software v7.x antes de v7.2(5.10), v8.0, antes de v8.0(5.31), v8.1 y v8.2 antes de v8.2(5.38), 8.3 antes de v8.3(2.37), v8.4 antes de v8.4(5), v8.5 antes de v8.5(1.17), v8.6 antes de v8.6(1.10), y v8.7 antes de v8.7(1.3) permite a atacantes remotos provocar una denegación de servicio (recarga del dispositivo) a través de un certificado hecho a mano, también conocido como Bug ID CSCuc72408. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-asa • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 107EXPL: 0CVE-2013-1150
https://notcve.org/view.php?id=CVE-2013-1150
The authentication-proxy implementation on Cisco Adaptive Security Appliances (ASA) devices with software 7.x before 7.2(5.10), 8.0 before 8.0(5.31), 8.1 and 8.2 before 8.2(5.38), 8.3 before 8.3(2.37), 8.4 before 8.4(5.3), 8.5 and 8.6 before 8.6(1.10), 8.7 before 8.7(1.4), 9.0 before 9.0(1.1), and 9.1 before 9.1(1.2) allows remote attackers to cause a denial of service (device reload) via a crafted URL, aka Bug ID CSCud16590. La implementación de autenticación de proxy de Cisco Adaptive Security Appliances (ASA) los dispositivos con v7.x antes de 7.2(5.10), v8.0 antes de 8.0(5.31), v8.1 y 8.2 antes de v8.2(5.38), v8.3 antes de v8.3(2.37), v8.4 antes de v8.4(5.3), v8.5 y v8.6 antes de v8.6(1.10), v8.7 antes de v8.7(1.4), v9.0 antes de 9.0(1.1), y v9.1 antes de 9.1(1.2) permite a atacantes remotos provocar una denegación de servicio (recarga del dispositivo) a través de un URL elaborado, CSCud16590 también conocido como Bug ID. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-asa http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1150 • CWE-287: Improper Authentication •
CVSS: 5.0EPSS: 0%CPEs: 93EXPL: 0CVE-2013-1138
https://notcve.org/view.php?id=CVE-2013-1138
The NAT process on Cisco Adaptive Security Appliances (ASA) devices allows remote attackers to cause a denial of service (connections-table memory consumption) via crafted packets, aka Bug ID CSCue46386. El proceso de NAT en Cisco Adaptive Security Appliances (ASA) de dispositivos permite a atacantes remotos provocar una denegación de servicio (tabla de conexiones, consumo de memoria) a través de paquetes hechos a mano, también conocido como Bug ID CSCue46386. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1138 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 2%CPEs: 89EXPL: 0CVE-2012-0358
https://notcve.org/view.php?id=CVE-2012-0358
Buffer overflow in the Cisco Port Forwarder ActiveX control in cscopf.ocx, as distributed through the Clientless VPN feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.0 through 7.2 before 7.2(5.6), 8.0 before 8.0(5.26), 8.1 before 8.1(2.53), 8.2 before 8.2(5.18), 8.3 before 8.3(2.28), 8.2 before 8.4(2.16), and 8.6 before 8.6(1.1), allows remote attackers to execute arbitrary code via unspecified vectors, aka Bug ID CSCtr00165. Desbordamiento de búfer en el puerto de Cisco Forwarder control ActiveX en cscopf.ocx, ya que distribuyen a través de la función Clientless VPN de Cisco Adaptive Security Appliances (ASA) 5500 dispositivos de la serie con el software v7.0 a v7.2 antes de v7.2 (5.6), v8.0 antes de v8.0 (5.26), v8.1 antes de v8.1 (2.53), v8.2 antes de v8.2 (5.18), v8.3 antes de v8.3 (2.28), v8.2 antes de v8.4 (2.16), y v8.6 antes de v8.6 (1.1), permite a atacantes remotos ejecutar código arbitrario a través de vectores no especificados, también conocido como Bug ID CSCtr00165. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120314-asaclient http://www.kb.cert.org/vuls/id/339177 http://www.securitytracker.com/id?1026799 https://exchange.xforce.ibmcloud.com/vulnerabilities/74027 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •