CVSS: 7.8EPSS: 0%CPEs: 27EXPL: 0CVE-2011-0396
https://notcve.org/view.php?id=CVE-2011-0396
Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.0 before 8.0(5.23), 8.1 before 8.1(2.49), 8.2 before 8.2(4.1), and 8.3 before 8.3(2.13), when a Certificate Authority (CA) is configured, allow remote attackers to read arbitrary files via unspecified vectors, aka Bug ID CSCtk12352. Dispositivos de la serie Cisco Adaptive Security Appliances (ASA) 5500 con el software v8.0 anterior a v8.0 (5.23), v8.1 anterior a v8.1 (2.49), v8.2 anterior a v8.2 (4.1), y v8.3 anterior a v8.3 (2.13), cuando una entidad emisora de certificados (CA) está configurada, permite a atacantes remotos leer archivos arbitrarios a través de vectores no especificados, también conocido como error ID CSCtk12352 • http://secunia.com/advisories/43488 http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e14d.shtml http://www.securitytracker.com/id?1025108 http://www.vupen.com/english/advisories/2011/0493 https://exchange.xforce.ibmcloud.com/vulnerabilities/65591 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.9EPSS: 12%CPEs: 108EXPL: 0CVE-2011-0379
https://notcve.org/view.php?id=CVE-2011-0379
Buffer overflow on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 1.6.x; Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x; Cisco TelePresence endpoint devices with software 1.2.x through 1.6.x; and Cisco TelePresence Manager 1.2.x, 1.3.x, 1.4.x, 1.5.x, and 1.6.2 allows remote attackers to execute arbitrary code via a crafted Cisco Discovery Protocol packet, aka Bug IDs CSCtd75769, CSCtd75766, CSCtd75754, and CSCtd75761. Desbordamiento de búfer en dispositivos Cisco Adaptive Security Appliances (ASA) 5500 con el software v1.6.x; Cisco TelePresence Multipoint Switch (CTMS) con software v1.0.x, v1.1.x, v1.5.x, y v1.6.x; Cisco TelePresence endpoint con software v1.2.x hasta v1.6.x; y Cisco TelePresence Manager v1.2.x, v1.3.x, v1.4.x, v1.5.x, y v1.6.2 permite a atacantes remotos ejecutar código arbitrario mediante un paquete Cisco Discovery Protocol, también conocido como error IDs CSCtd75769, CSCtd75766, CSCtd75754, y CSCtd75761. • http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e11d.shtml http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e14e.shtml http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e14f.shtml http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e152.shtml http://www.securitytracker.com/id?1025111 http://www.securitytracker.com/id?1025112 http://www.securitytracker.com/id?1025113 http://www.securitytracker.com/id?1025114 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.0EPSS: 0%CPEs: 62EXPL: 0CVE-2010-4690
https://notcve.org/view.php?id=CVE-2010-4690
The Mobile User Security (MUS) service on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.3(2) does not properly authenticate HTTP requests from a Web Security appliance (WSA), which might allow remote attackers to obtain sensitive information via a HEAD request, aka Bug ID CSCte53635. El servicio Mobile User Segurity (MUS) en dispositivos Cisco Adaptive Security Appliances (ASA) series 5500 con software anterior a v8.3 (2) no autentican correctamente a las peticiones HTTP de un aplicativo Web Security (WSA), que podría permitir a atacantes remotos obtener información sensible a través de una solicitud HEAD, alias CSCte53635 error de identificación. • http://secunia.com/advisories/42931 http://www.cisco.com/en/US/docs/security/asa/asa83/release/notes/asarn83.pdf http://www.securityfocus.com/bid/45768 http://www.securitytracker.com/id?1024963 https://exchange.xforce.ibmcloud.com/vulnerabilities/64574 • CWE-287: Improper Authentication •
CVSS: 7.8EPSS: 0%CPEs: 62EXPL: 0CVE-2010-4689
https://notcve.org/view.php?id=CVE-2010-4689
Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.3(2) do not properly preserve ACL behavior after a migration, which allows remote attackers to bypass intended access restrictions via an unspecified type of network traffic that had previously been denied, aka Bug ID CSCte46460. Dispositivos Cisco Adaptive Security Appliances (ASA) serie 5500 con software anterior a v8.3 (2) no previene de forma adecuada el comportamiento de las listas de control de acceso ACL después de una migración, que permite a atacantes remotos evitar las restricciones de acceso previsto a través de un tipo no especificado de tráfico de red que se había negado previamente, también conocido como ID de error CSCte46460. • http://www.cisco.com/en/US/docs/security/asa/asa83/release/notes/asarn83.pdf http://www.securityfocus.com/bid/45768 http://www.securitytracker.com/id?1024963 https://exchange.xforce.ibmcloud.com/vulnerabilities/64575 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 1%CPEs: 62EXPL: 0CVE-2010-4692
https://notcve.org/view.php?id=CVE-2010-4692
Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.3(2) allows remote attackers to cause a denial of service (device crash) via a large number of LAN-to-LAN (aka L2L) IPsec sessions, aka Bug ID CSCth36592. Vulnerabilidad no especifica en dispositivos Cisco Adaptive Security Appliances (ASA) de las serie 5500 con software anterior a la v8.3 (2) permite a atacantes remotos causar una denegación de servicio (caída del dispositivo) a través de un número alto de sesiones IPSec LAN-to-LAN (también conocido como L2L), error conocido como ID CSCth36592. • http://secunia.com/advisories/42931 http://www.cisco.com/en/US/docs/security/asa/asa83/release/notes/asarn83.pdf http://www.securityfocus.com/bid/45768 http://www.securitytracker.com/id?1024963 https://exchange.xforce.ibmcloud.com/vulnerabilities/64572 •