Page 20 of 122 results (0.016 seconds)

CVSS: 7.8EPSS: 1%CPEs: 63EXPL: 0

Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.0 before 7.0(8.12), 7.1 and 7.2 before 7.2(5.2), 8.0 before 8.0(5.21), 8.1 before 8.1(2.49), 8.2 before 8.2(3.6), and 8.3 before 8.3(2.7) and Cisco PIX Security Appliances 500 series devices, when transparent firewall mode is configured but IPv6 is not configured, allow remote attackers to cause a denial of service (packet buffer exhaustion and device outage) via IPv6 traffic, aka Bug ID CSCtj04707. Dispositivos de la serie Cisco Adaptive Security Appliances (ASA) 5500 con el software v7.0 anterior a v7.0(8.12), v7.1 y v7.2 anterior a v7.2(5.2), v8.0 anterior a v8.0 (5.21), v8.1 anterior a v8.1 (2.49), v8.2 anterior a v8.2 (3.6), y v8.3 anterior a v8.3 (2.7); dispositivos Cisco PIX Security Appliances Serie 500 cuando el modo de cortafuegos transparente se configura pero IPv6 no está configurado, permite a atacantes remotos provocar una denegación de servicio (packet buffer exhaustion y corte del dispositivo) a través de tráfico IPv6, también conocido como error ID CSCtj04707. • http://secunia.com/advisories/43488 http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e14d.shtml http://www.securitytracker.com/id?1025108 http://www.vupen.com/english/advisories/2011/0493 https://exchange.xforce.ibmcloud.com/vulnerabilities/65589 • CWE-399: Resource Management Errors •

CVSS: 7.8EPSS: 1%CPEs: 62EXPL: 0

Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.3(2) allows remote attackers to cause a denial of service (device crash) via multicast traffic, aka Bug IDs CSCtg61810 and CSCtg69742. Vulnerabilidad no especificada en dispositivos Cisco Adaptive Security Appliances (ASA) serie 5500 con software anteriore a v8.3 (2) permite a atacantes remotos provocar una denegación de servicio (caída del dispositivo) a través del tráfico multicast, también conocido como error ID CSCtg61810 y CSCtg69742. • http://secunia.com/advisories/42931 http://www.cisco.com/en/US/docs/security/asa/asa83/release/notes/asarn83.pdf http://www.securityfocus.com/bid/45768 http://www.securitytracker.com/id?1024963 https://exchange.xforce.ibmcloud.com/vulnerabilities/64573 •

CVSS: 7.8EPSS: 0%CPEs: 62EXPL: 0

Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.3(2) do not properly preserve ACL behavior after a migration, which allows remote attackers to bypass intended access restrictions via an unspecified type of network traffic that had previously been denied, aka Bug ID CSCte46460. Dispositivos Cisco Adaptive Security Appliances (ASA) serie 5500 con software anterior a v8.3 (2) no previene de forma adecuada el comportamiento de las listas de control de acceso ACL después de una migración, que permite a atacantes remotos evitar las restricciones de acceso previsto a través de un tipo no especificado de tráfico de red que se había negado previamente, también conocido como ID de error CSCte46460. • http://www.cisco.com/en/US/docs/security/asa/asa83/release/notes/asarn83.pdf http://www.securityfocus.com/bid/45768 http://www.securitytracker.com/id?1024963 https://exchange.xforce.ibmcloud.com/vulnerabilities/64575 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 5.0EPSS: 0%CPEs: 62EXPL: 0

The Mobile User Security (MUS) service on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.3(2) does not properly authenticate HTTP requests from a Web Security appliance (WSA), which might allow remote attackers to obtain sensitive information via a HEAD request, aka Bug ID CSCte53635. El servicio Mobile User Segurity (MUS) en dispositivos Cisco Adaptive Security Appliances (ASA) series 5500 con software anterior a v8.3 (2) no autentican correctamente a las peticiones HTTP de un aplicativo Web Security (WSA), que podría permitir a atacantes remotos obtener información sensible a través de una solicitud HEAD, alias CSCte53635 error de identificación. • http://secunia.com/advisories/42931 http://www.cisco.com/en/US/docs/security/asa/asa83/release/notes/asarn83.pdf http://www.securityfocus.com/bid/45768 http://www.securitytracker.com/id?1024963 https://exchange.xforce.ibmcloud.com/vulnerabilities/64574 • CWE-287: Improper Authentication •

CVSS: 7.8EPSS: 1%CPEs: 62EXPL: 0

Unspecified vulnerability in the SIP inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.3(2) allows remote attackers to cause a denial of service (device crash) by making many SIP calls, aka Bug ID CSCte20030. Vulnerabilidad no especificada en la función de inspección de SIP en dispositivos Cisco Adaptive Security Appliances (ASA) serie 5500 con software anterior a v8.3 (2) permite a atacantes remotos causar una denegación de servicio (caída del dispositivo) haciendo muchas llamadas SIP, también conocido como ID de error CSCte20030. • http://secunia.com/advisories/42931 http://www.cisco.com/en/US/docs/security/asa/asa83/release/notes/asarn83.pdf http://www.securityfocus.com/bid/45768 http://www.securitytracker.com/id?1024963 https://exchange.xforce.ibmcloud.com/vulnerabilities/64576 •