CVSS: 8.6EPSS: 0%CPEs: 4EXPL: 0CVE-2018-0231
https://notcve.org/view.php?id=CVE-2018-0231
19 Apr 2018 — A vulnerability in the Transport Layer Security (TLS) library of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of the affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a malicious TLS message to an interface enabled for Secure Layer Socket (S... • http://www.securitytracker.com/id/1040725 • CWE-20: Improper Input Validation CWE-787: Out-of-bounds Write •
CVSS: 5.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-0243
https://notcve.org/view.php?id=CVE-2018-0243
19 Apr 2018 — A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass a configured file action policy that is intended to drop the Server Message Block Version 2 (SMB2) and SMB Version 3 (SMB3) protocols if malware is detected. The vulnerability is due to incorrect detection of an SMB2 or SMB3 file based on the total file length. An attacker could exploit this vulnerability by sending a crafted SMB2 or SMB3 transfer request through the targeted ... • http://www.securityfocus.com/bid/103943 • CWE-693: Protection Mechanism Failure •
CVSS: 5.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-0244
https://notcve.org/view.php?id=CVE-2018-0244
19 Apr 2018 — A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass a configured file action policy to drop the Server Message Block (SMB) protocol if a malware file is detected. The vulnerability is due to how the SMB protocol handles a case in which a large file transfer fails. This case occurs when some pieces of the file are successfully transferred to the remote endpoint, but ultimately the file transfer fails and is reset. An attacker co... • http://www.securityfocus.com/bid/103945 • CWE-693: Protection Mechanism Failure •
CVSS: 5.3EPSS: 0%CPEs: 34EXPL: 0CVE-2018-0254
https://notcve.org/view.php?id=CVE-2018-0254
19 Apr 2018 — A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass configured file action policies if an Intelligent Application Bypass (IAB) with a drop percentage threshold is also configured. The vulnerability is due to incorrect counting of the percentage of dropped traffic. An attacker could exploit this vulnerability by sending network traffic to a targeted device. An exploit could allow the attacker to bypass configured file action pol... • http://www.securityfocus.com/bid/103940 • CWE-693: Protection Mechanism Failure •
CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 0CVE-2018-0227
https://notcve.org/view.php?id=CVE-2018-0227
19 Apr 2018 — A vulnerability in the Secure Sockets Layer (SSL) Virtual Private Network (VPN) Client Certificate Authentication feature for Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to establish an SSL VPN connection and bypass certain SSL certificate verification steps. The vulnerability is due to incorrect verification of the SSL Client Certificate. An attacker could exploit this vulnerability by connecting to the ASA VPN without a proper private key and certificate pair. A... • http://www.securityfocus.com/bid/104018 • CWE-295: Improper Certificate Validation •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2018-0138
https://notcve.org/view.php?id=CVE-2018-0138
08 Feb 2018 — A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass file policies that are configured to block files transmitted to an affected device via the BitTorrent protocol. The vulnerability exists because the affected software does not detect BitTorrent handshake messages correctly. An attacker could exploit this vulnerability by sending a crafted BitTorrent connection request to an affected device. A successful exploit could allow the... • http://www.securityfocus.com/bid/102978 • CWE-693: Protection Mechanism Failure •
CVSS: 10.0EPSS: 86%CPEs: 13EXPL: 5CVE-2018-0101 – Cisco ASA - Crash (PoC)
https://notcve.org/view.php?id=CVE-2018-0101
29 Jan 2018 — A vulnerability in the Secure Sockets Layer (SSL) VPN functionality of the Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code. The vulnerability is due to an attempt to double free a region of memory when the webvpn feature is enabled on the Cisco ASA device. An attacker could exploit this vulnerability by sending multiple, crafted XML packets to a webvpn-configured interface on the affected sy... • https://packetstorm.news/files/id/146296 • CWE-415: Double Free •
CVSS: 7.8EPSS: 1%CPEs: 11EXPL: 0CVE-2017-6632
https://notcve.org/view.php?id=CVE-2017-6632
22 May 2017 — A vulnerability in the logging configuration of Secure Sockets Layer (SSL) policies for Cisco FirePOWER System Software 5.3.0 through 6.2.2 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to high consumption of system resources. The vulnerability is due to the logging of certain TCP packets by the affected software. An attacker could exploit this vulnerability by sending a flood of crafted TCP packets to an affected device. A successful exploit could allow th... • http://www.securityfocus.com/bid/98523 • CWE-399: Resource Management Errors CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.1EPSS: 0%CPEs: 7EXPL: 0CVE-2017-6625
https://notcve.org/view.php?id=CVE-2017-6625
03 May 2017 — A "Cisco Firepower Threat Defense 6.0.0 through 6.2.2 and Cisco ASA with FirePOWER Module Denial of Service" vulnerability in the access control policy of Cisco Firepower System Software could allow an authenticated, remote attacker to cause an affected system to stop inspecting and processing packets, resulting in a denial of service (DoS) condition. The vulnerability is due to improper SSL policy handling by the affected software when packets are passed through the sensing interfaces of an affected system... • http://www.securityfocus.com/bid/98292 • CWE-399: Resource Management Errors •
CVSS: 5.9EPSS: 0%CPEs: 3EXPL: 0CVE-2017-3887
https://notcve.org/view.php?id=CVE-2017-3887
07 Apr 2017 — A vulnerability in the detection engine that handles Secure Sockets Layer (SSL) packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition because the Snort process unexpectedly restarts. This vulnerability affects Cisco Firepower System Software prior to the first fixed release when it is configured with an SSL Decrypt-Resign policy. More Information: CSCvb62292. Known Affected Releases: 6.0.1 6.1.0 6.2.0. Known Fixed Releases: 6... • http://www.securityfocus.com/bid/97453 • CWE-755: Improper Handling of Exceptional Conditions •