CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2020-3555 – Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SIP Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2020-3555
21 Oct 2020 — A vulnerability in the SIP inspection process of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a crash and reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to a watchdog timeout and crash during the cleanup of threads that are associated with a SIP connection that is being deleted from the connection list. An attacker could exploit this vulnera... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-sipdos-3DGvdjvg • CWE-404: Improper Resource Shutdown or Release •
CVSS: 4.7EPSS: 0%CPEs: 11EXPL: 0CVE-2020-3561 – Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software WebVPN CRLF Injection Vulnerability
https://notcve.org/view.php?id=CVE-2020-3561
21 Oct 2020 — A vulnerability in the Clientless SSL VPN (WebVPN) of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to inject arbitrary HTTP headers in the responses of the affected system. The vulnerability is due to improper input sanitization. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to conduct a CRLF injectio... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-crlf-inj-BX9uRwSn • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-93: Improper Neutralization of CRLF Sequences ('CRLF Injection') •
CVSS: 5.8EPSS: 0%CPEs: 11EXPL: 0CVE-2020-3564 – Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software FTP Inspection Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2020-3564
21 Oct 2020 — A vulnerability in the FTP inspection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass FTP inspection. The vulnerability is due to ineffective flow tracking of FTP traffic. An attacker could exploit this vulnerability by sending crafted FTP traffic through an affected device. A successful exploit could allow the attacker to bypass FTP inspection and successfully complete FTP connections. Una... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ftpbypass-HY3UTxYu • CWE-284: Improper Access Control CWE-436: Interpretation Conflict •
CVSS: 8.6EPSS: 0%CPEs: 10EXPL: 0CVE-2020-3572 – Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL/TLS Session Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2020-3572
21 Oct 2020 — A vulnerability in the SSL/TLS session handler of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a memory leak when closing SSL/TLS connections in a specific state. An attacker could exploit this vulnerability by establishing several SSL/TLS sessions and ensuring they are closed under certain conditions. A successf... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-tcp-dos-N3DMnU4T • CWE-400: Uncontrolled Resource Consumption CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 6.1EPSS: 0%CPEs: 7EXPL: 0CVE-2020-3599 – Cisco Adaptive Security Appliance Software Web-Based Management Interface Reflected Cross-Site Scripting Vulnerability
https://notcve.org/view.php?id=CVE-2020-3599
21 Oct 2020 — A vulnerability in the web-based management interface of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to exec... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-rxss-L54Htxp • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.6EPSS: 0%CPEs: 11EXPL: 0CVE-2020-3304 – Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2020-3304
21 Oct 2020 — A vulnerability in the web interface of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to a lack of proper input validation of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. An exploit could allow the attacker to cause a ... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-webdos-fBzM5Ynw • CWE-20: Improper Input Validation CWE-400: Uncontrolled Resource Consumption •
CVSS: 8.6EPSS: 0%CPEs: 12EXPL: 0CVE-2020-3436 – Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services File Upload Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2020-3436
21 Oct 2020 — A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to upload arbitrary-sized files to specific folders on an affected device, which could lead to an unexpected device reload. The vulnerability exists because the affected software does not efficiently handle the writing of large files to specific folders on the local file system. An attacker could exploit this vulnerability ... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-fileup-dos-zvC7wtys • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 8.6EPSS: 0%CPEs: 11EXPL: 0CVE-2020-3528 – Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software OSPFv2 Link-Local Signaling Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2020-3528
21 Oct 2020 — A vulnerability in the OSPF Version 2 (OSPFv2) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to incomplete input validation when the affected software processes certain OSPFv2 packets with Link-Local Signaling (LLS) data. An attacker could exploit this vulnerability by sending a... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ospflls-37Xy2q6r • CWE-400: Uncontrolled Resource Consumption •
CVSS: 8.6EPSS: 0%CPEs: 11EXPL: 0CVE-2020-3529 – Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL VPN Direct Memory Access Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2020-3529
21 Oct 2020 — A vulnerability in the SSL VPN negotiation process for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to inefficient direct memory access (DMA) memory management during the negotiation phase of an SSL VPN connection. An attacker could exploit this vulnerability by sending a steady stream of craf... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-sslvpndma-dos-HRrqB9Yx • CWE-400: Uncontrolled Resource Consumption •
CVSS: 9.0EPSS: 0%CPEs: 13EXPL: 0CVE-2019-15992 – Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-15992
23 Sep 2020 — A vulnerability in the implementation of the Lua interpreter integrated in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to execute arbitrary code with root privileges on the underlying Linux operating system of an affected device. The vulnerability is due to insufficient restrictions on the allowed Lua function calls within the context of user-supplied Lua scripts. A successful exploit could allow the attacke... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191112-asa-ftd-lua-rce • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •