CVSS: 8.6EPSS: 0%CPEs: 223EXPL: 0CVE-2023-20086
https://notcve.org/view.php?id=CVE-2023-20086
01 Nov 2023 — A vulnerability in ICMPv6 processing of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to improper processing of ICMPv6 messages. An attacker could exploit this vulnerability by sending crafted ICMPv6 messages to a targeted Cisco ASA or FTD system with IPv6 enabled. A successful exploit could allow the attacker to cause the device to relo... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-icmpv6-t5TzqwNd • CWE-248: Uncaught Exception •
CVSS: 9.4EPSS: 0%CPEs: 491EXPL: 0CVE-2023-20269 – Cisco Adaptive Security Appliance and Firepower Threat Defense Unauthorized Access Vulnerability
https://notcve.org/view.php?id=CVE-2023-20269
06 Sep 2023 — A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a brute force attack in an attempt to identify valid username and password combinations or an authenticated, remote attacker to establish a clientless SSL VPN session with an unauthorized user. This vulnerability is due to improper separation of authentication, authorization, and accounting (AAA) betw... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ravpn-auth-8LyfCkeC • CWE-288: Authentication Bypass Using an Alternate Path or Channel CWE-863: Incorrect Authorization •
CVSS: 8.6EPSS: 0%CPEs: 10EXPL: 0CVE-2023-20006
https://notcve.org/view.php?id=CVE-2023-20006
28 Jun 2023 — A vulnerability in the hardware-based SSL/TLS cryptography functionality of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Appliances could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to an implementation error within the cryptographic functions for SSL/TLS traffic processing when they are offloaded t... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ssl-dos-uu7mV5p6 • CWE-681: Incorrect Conversion between Numeric Types •
CVSS: 7.2EPSS: 0%CPEs: 19EXPL: 0CVE-2022-20826
https://notcve.org/view.php?id=CVE-2022-20826
10 Nov 2022 — A vulnerability in the secure boot implementation of Cisco Secure Firewalls 3100 Series that are running Cisco Adaptive Security Appliance (ASA) Software or Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated attacker with physical access to the device to bypass the secure boot functionality. This vulnerability is due to a logic error in the boot process. An attacker could exploit this vulnerability by injecting malicious code into a specific memory location during the boot process ... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fw3100-secure-boot-5M8mUh26 • CWE-501: Trust Boundary Violation •
CVSS: 7.7EPSS: 0%CPEs: 65EXPL: 0CVE-2022-20924
https://notcve.org/view.php?id=CVE-2022-20924
10 Nov 2022 — A vulnerability in the Simple Network Management Protocol (SNMP) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted SNMP request to an affected device. A successful exploit could allow the attacker to cause the af... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-snmp-dos-qsqBNM6x • CWE-20: Improper Input Validation CWE-703: Improper Check or Handling of Exceptional Conditions •
CVSS: 7.8EPSS: 19%CPEs: 37EXPL: 1CVE-2022-20866 – Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software RSA Private Key Leak Vulnerability
https://notcve.org/view.php?id=CVE-2022-20866
10 Aug 2022 — A vulnerability in the handling of RSA keys on devices running Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to retrieve an RSA private key. This vulnerability is due to a logic error when the RSA key is stored in memory on a hardware platform that performs hardware-based cryptography. An attacker could exploit this vulnerability by using a Lenstra side-channel attack against the targeted device. A successfu... • https://github.com/CiscoPSIRT/CVE-2022-20866 • CWE-203: Observable Discrepancy •
CVSS: 6.4EPSS: 3%CPEs: 221EXPL: 0CVE-2022-20713
https://notcve.org/view.php?id=CVE-2022-20713
10 Aug 2022 — A vulnerability in the VPN web client services component of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct browser-based attacks against users of an affected device. This vulnerability is due to improper validation of input that is passed to the VPN web client services component before being returned to the browser that is in use. An attacker could exploit this vulnerability by persuading a user to... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-webvpn-LOeKsNmO • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 8.6EPSS: 5%CPEs: 11EXPL: 0CVE-2018-0228
https://notcve.org/view.php?id=CVE-2018-0228
19 Apr 2018 — A vulnerability in the ingress flow creation functionality of Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause the CPU to increase upwards of 100% utilization, causing a denial of service (DoS) condition on an affected system. The vulnerability is due to incorrect handling of an internal software lock that could prevent other system processes from getting CPU cycles, causing a high CPU condition. An attacker could exploit this vulnerability by sending a steady... • http://www.securityfocus.com/bid/104220 • CWE-20: Improper Input Validation CWE-667: Improper Locking •
CVSS: 8.6EPSS: 0%CPEs: 4EXPL: 0CVE-2018-0231
https://notcve.org/view.php?id=CVE-2018-0231
19 Apr 2018 — A vulnerability in the Transport Layer Security (TLS) library of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of the affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a malicious TLS message to an interface enabled for Secure Layer Socket (S... • http://www.securitytracker.com/id/1040725 • CWE-20: Improper Input Validation CWE-787: Out-of-bounds Write •
CVSS: 4.2EPSS: 0%CPEs: 3788EXPL: 0CVE-2017-6770
https://notcve.org/view.php?id=CVE-2017-6770
07 Aug 2017 — Cisco IOS 12.0 through 15.6, Adaptive Security Appliance (ASA) Software 7.0.1 through 9.7.1.2, NX-OS 4.0 through 12.0, and IOS XE 3.6 through 3.18 are affected by a vulnerability involving the Open Shortest Path First (OSPF) Routing Protocol Link State Advertisement (LSA) database. This vulnerability could allow an unauthenticated, remote attacker to take full control of the OSPF Autonomous System (AS) domain routing table, allowing the attacker to intercept or black-hole traffic. The attacker could exploit... • http://www.securityfocus.com/bid/100005 • CWE-20: Improper Input Validation •