CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-4241
https://notcve.org/view.php?id=CVE-2015-4241
08 Jul 2015 — Cisco Adaptive Security Appliance (ASA) Software 9.3(2) allows remote attackers to cause a denial of service (system reload) by sending crafted OSPFv2 packets on the local network, aka Bug ID CSCut52679. Cisco Adaptive Security Appliance (ASA) Software 9.3(2) permite a atacantes remotos causar una denegación de servicio (recarga de sistema) mediante el envío de paquetes OSPFv2 manipulados en la red local, también conocido como Bug ID CSCut52679. • http://tools.cisco.com/security/center/viewAlert.x?alertId=39641 •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2015-4239
https://notcve.org/view.php?id=CVE-2015-4239
03 Jul 2015 — Cisco Adaptive Security Appliance (ASA) Software 9.3(2.243) and 100.13(0.21) allows remote attackers to cause a denial of service (device reload) by sending crafted OSPFv2 packets on the local network, aka Bug ID CSCus84220. Cisco Adaptive Security Appliance (ASA) Software 9.3(2.243) y 100.13(0.21) permite a atacantes remotos causar una denegación de servicio (recarga de dispositivo) mediante el envío de paquetes OSPFv2 manipulados en la red local, también conocido como Bug ID CSCus84220. • http://tools.cisco.com/security/center/viewAlert.x?alertId=39612 • CWE-399: Resource Management Errors •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2015-4238
https://notcve.org/view.php?id=CVE-2015-4238
02 Jul 2015 — The SNMP implementation in Cisco Adaptive Security Appliance (ASA) Software 8.4(7) and 8.6(1.2) allows remote authenticated users to cause a denial of service (device reload) by sending many SNMP requests during a time of high network traffic, aka Bug ID CSCul02601. La implementación SNMP en Cisco Adaptive Security Appliance (ASA) Software 8.4(7) y 8.6(1.2) permite a usuarios remotos autenticados causar una denegación de servicio (recarga de dispositivo) mediante el envío de muchas solicitudes SNMP durante ... • http://tools.cisco.com/security/center/viewAlert.x?alertId=39611 • CWE-399: Resource Management Errors •
CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0CVE-2015-4550
https://notcve.org/view.php?id=CVE-2015-4550
17 Jun 2015 — The Cavium cryptographic-module firmware on Cisco Adaptive Security Appliance (ASA) devices with software 9.3(3) and 9.4(1.1) does not verify the AES-GCM Integrity Check Value (ICV) octets, which makes it easier for man-in-the-middle attackers to spoof IPSec and IKEv2 traffic by modifying packet data, aka Bug ID CSCuu66218. El firmware del módulo criptográfico Cavium en los dispositivos Cisco Adaptive Security Appliance (ASA) con software 9.3(3) y 9.4(1.1) no verifica los octetos AES-GCM Integrity Check Val... • http://tools.cisco.com/security/center/viewAlert.x?alertId=39366 • CWE-310: Cryptographic Issues •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-0760
https://notcve.org/view.php?id=CVE-2015-0760
04 Jun 2015 — The IKEv1 implementation in Cisco ASA Software 7.x, 8.0.x, 8.1.x, and 8.2.x before 8.2.2.13 allows remote authenticated users to bypass XAUTH authentication via crafted IKEv1 packets, aka Bug ID CSCus47259. La implementación IKEv1 en Cisco ASA Software 7.x, 8.0.x, 8.1.x, y 8.2.x anterior a 8.2.2.13 permite a usuarios remotos autenticados evadir la autenticación XAUTH a través de paquetes IKEv1 manipulados, también conocido como Bug ID CSCus47259. • http://tools.cisco.com/security/center/viewAlert.x?alertId=39157 • CWE-20: Improper Input Validation CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 1%CPEs: 11EXPL: 0CVE-2015-0742
https://notcve.org/view.php?id=CVE-2015-0742
21 May 2015 — The Protocol Independent Multicast (PIM) application in Cisco Adaptive Security Appliance (ASA) Software 9.2(0.0), 9.2(0.104), 9.2(3.1), 9.2(3.4), 9.3(1.105), 9.3(2.100), 9.4(0.115), 100.13(0.21), 100.13(20.3), 100.13(21.9), and 100.14(1.1) does not properly implement multicast-forwarding registration, which allows remote attackers to cause a denial of service (forwarding outage) via a crafted multicast packet, aka Bug ID CSCus74398. La aplicación Protocol Independent Multicast (PIM) en el software Cisco Ad... • http://tools.cisco.com/security/center/viewAlert.x?alertId=38937 • CWE-399: Resource Management Errors •
CVSS: 9.1EPSS: 0%CPEs: 23EXPL: 0CVE-2015-0675
https://notcve.org/view.php?id=CVE-2015-0675
13 Apr 2015 — The failover ipsec implementation in Cisco Adaptive Security Appliance (ASA) Software 9.1 before 9.1(6), 9.2 before 9.2(3.3), and 9.3 before 9.3(3) does not properly validate failover communication messages, which allows remote attackers to reconfigure an ASA device, and consequently obtain administrative control, by sending crafted UDP packets over the local network to the failover interface, aka Bug ID CSCur21069. La implementación failover ipsec en Software Cisco Adaptive Security Appliance (ASA) 9.1 ant... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150408-asa • CWE-284: Improper Access Control •
CVSS: 7.1EPSS: 0%CPEs: 241EXPL: 0CVE-2015-0676
https://notcve.org/view.php?id=CVE-2015-0676
13 Apr 2015 — The DNS implementation in Cisco Adaptive Security Appliance (ASA) Software 7.2 before 7.2(5.16), 8.2 before 8.2(5.57), 8.3 before 8.3(2.44), 8.4 before 8.4(7.28), 8.5 before 8.5(1.24), 8.6 before 8.6(1.17), 8.7 before 8.7(1.16), 9.0 before 9.0(4.33), 9.1 before 9.1(6.1), 9.2 before 9.2(3.4), and 9.3 before 9.3(3) allows man-in-the-middle attackers to cause a denial of service (memory consumption or device outage) by triggering outbound DNS queries and then sending crafted responses to these queries, aka Bug... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150408-asa • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 1%CPEs: 70EXPL: 0CVE-2015-0677
https://notcve.org/view.php?id=CVE-2015-0677
13 Apr 2015 — The XML parser in Cisco Adaptive Security Appliance (ASA) Software 8.4 before 8.4(7.28), 8.6 before 8.6(1.17), 9.0 before 9.0(4.33), 9.1 before 9.1(6), 9.2 before 9.2(3.4), and 9.3 before 9.3(3), when Clientless SSL VPN, AnyConnect SSL VPN, or AnyConnect IKEv2 VPN is used, allows remote attackers to cause a denial of service (VPN outage or device reload) via a crafted XML document, aka Bug ID CSCus95290. El analizador sintáctico de XML en Software Cisco Adaptive Security Appliance (ASA) Software 8.4 anterio... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150408-asa • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2014-8023
https://notcve.org/view.php?id=CVE-2014-8023
17 Feb 2015 — Cisco Adaptive Security Appliance (ASA) Software 9.2(.3) and earlier, when challenge-response authentication is used, does not properly select tunnel groups, which allows remote authenticated users to bypass intended resource-access restrictions via a crafted tunnel-group parameter, aka Bug ID CSCtz48533. Cisco Adaptive Security Appliance (ASA) Software 9.2(.3) y anteriores, cuando la autenticación de las respuestas de desafió está habilitada, no selecciona correctamente los grupos de túnel, lo que permite ... • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-8023 • CWE-264: Permissions, Privileges, and Access Controls •