CVSS: 7.8EPSS: 0%CPEs: 19EXPL: 0CVE-2019-1687 – Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software TCP Proxy Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2019-1687
03 May 2019 — A vulnerability in the TCP proxy functionality for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to an error in TCP-based packet inspection, which could cause the TCP packet to have an invalid Layer 2 (L2)-formatted header. An attacker could exploit this vulnerability by sending a crafted T... • http://www.securityfocus.com/bid/108176 • CWE-20: Improper Input Validation •
CVSS: 8.6EPSS: 0%CPEs: 17EXPL: 0CVE-2018-15388 – Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software WebVPN Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2018-15388
03 May 2019 — A vulnerability in the WebVPN login process of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause increased CPU utilization on an affected device. The vulnerability is due to excessive processing load for existing WebVPN login operations. An attacker could exploit this vulnerability by sending multiple WebVPN login requests to the device. A successful exploit could allow the attacker to increase CPU load... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-sd-cpu-dos • CWE-400: Uncontrolled Resource Consumption •
CVSS: 8.1EPSS: 0%CPEs: 5EXPL: 1CVE-2018-15465 – Cisco Adaptive Security Appliance Software Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2018-15465
24 Dec 2018 — A vulnerability in the authorization subsystem of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, but unprivileged (levels 0 and 1), remote attacker to perform privileged actions by using the web management interface. The vulnerability is due to improper validation of user privileges when using the web management interface. An attacker could exploit this vulnerability by sending specific HTTP requests via HTTPS to an affected device as an unprivileged user. An exploit could al... • http://www.securityfocus.com/bid/106256 • CWE-285: Improper Authorization CWE-863: Incorrect Authorization •
CVSS: 10.0EPSS: 87%CPEs: 13EXPL: 5CVE-2018-0101 – Cisco ASA - Crash (PoC)
https://notcve.org/view.php?id=CVE-2018-0101
29 Jan 2018 — A vulnerability in the Secure Sockets Layer (SSL) VPN functionality of the Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code. The vulnerability is due to an attempt to double free a region of memory when the webvpn feature is enabled on the Cisco ASA device. An attacker could exploit this vulnerability by sending multiple, crafted XML packets to a webvpn-configured interface on the affected sy... • https://packetstorm.news/files/id/146296 • CWE-415: Double Free •
CVSS: 4.2EPSS: 0%CPEs: 3788EXPL: 0CVE-2017-6770
https://notcve.org/view.php?id=CVE-2017-6770
07 Aug 2017 — Cisco IOS 12.0 through 15.6, Adaptive Security Appliance (ASA) Software 7.0.1 through 9.7.1.2, NX-OS 4.0 through 12.0, and IOS XE 3.6 through 3.18 are affected by a vulnerability involving the Open Shortest Path First (OSPF) Routing Protocol Link State Advertisement (LSA) database. This vulnerability could allow an unauthenticated, remote attacker to take full control of the OSPF Autonomous System (AS) domain routing table, allowing the attacker to intercept or black-hole traffic. The attacker could exploit... • http://www.securityfocus.com/bid/100005 • CWE-20: Improper Input Validation •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2012-5010
https://notcve.org/view.php?id=CVE-2012-5010
27 Jun 2017 — ASA 5515-X Adaptive Security Appliance Adaptive Security Appliance (ASA) Software 9.4.x before 9.4.1 Interim, 9.2.x before 9.2.4 Interim, ASA 5510 Adaptive Security Appliance Adaptive Security Appliance (ASA) Software 8.4.x before 8.4.7 Interim, 8.2.x before 8.2.5 Interim, 9.1.x before 9.1.6 Interim, ASA 5555-X Adaptive Security Appliance ASA for Application Centric Infrastructure (ACI) Device Package 1.2.4.x before 1.2.4.8, ASA 5512-X Adaptive Security Appliance ASA for Application Centric Infrastructure (... • http://www.securityfocus.com/bid/99332 • CWE-254: 7PK - Security Features •
CVSS: 5.3EPSS: 0%CPEs: 10EXPL: 0CVE-2017-3867
https://notcve.org/view.php?id=CVE-2017-3867
17 Mar 2017 — A vulnerability in the Border Gateway Protocol (BGP) Bidirectional Forwarding Detection (BFD) implementation of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to bypass the access control list (ACL) for specific TCP and UDP traffic. More Information: CSCvc68229. Known Affected Releases: 9.6(2). Known Fixed Releases: 99.1(20.1) 99.1(10.2) 98.1(12.7) 98.1(1.49) 97.1(6.58) 97.1(0.134) 96.2(0.109) 9.7(1.1) 9.6(2.99) 9.6(2.8). Una vulnerabilidad en la implementac... • http://www.securityfocus.com/bid/96926 • CWE-287: Improper Authentication •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-0760
https://notcve.org/view.php?id=CVE-2015-0760
04 Jun 2015 — The IKEv1 implementation in Cisco ASA Software 7.x, 8.0.x, 8.1.x, and 8.2.x before 8.2.2.13 allows remote authenticated users to bypass XAUTH authentication via crafted IKEv1 packets, aka Bug ID CSCus47259. La implementación IKEv1 en Cisco ASA Software 7.x, 8.0.x, 8.1.x, y 8.2.x anterior a 8.2.2.13 permite a usuarios remotos autenticados evadir la autenticación XAUTH a través de paquetes IKEv1 manipulados, también conocido como Bug ID CSCus47259. • http://tools.cisco.com/security/center/viewAlert.x?alertId=39157 • CWE-20: Improper Input Validation CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2014-8023
https://notcve.org/view.php?id=CVE-2014-8023
17 Feb 2015 — Cisco Adaptive Security Appliance (ASA) Software 9.2(.3) and earlier, when challenge-response authentication is used, does not properly select tunnel groups, which allows remote authenticated users to bypass intended resource-access restrictions via a crafted tunnel-group parameter, aka Bug ID CSCtz48533. Cisco Adaptive Security Appliance (ASA) Software 9.2(.3) y anteriores, cuando la autenticación de las respuestas de desafió está habilitada, no selecciona correctamente los grupos de túnel, lo que permite ... • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-8023 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2013-5557
https://notcve.org/view.php?id=CVE-2013-5557
07 Feb 2015 — The Proxy Bypass Content Rewriter feature in the WebVPN subsystem in Cisco Adaptive Security Appliance (ASA) Software 9.1(.2) and earlier allows remote authenticated users to cause a denial of service (device crash or error-recovery event) via an HTTP request that triggers a rewrite, aka Bug ID CSCug91577. La caracteristica Proxy Bypass Content Rewriter en el subsistema WebVPN en Cisco Adaptive Security Appliance (ASA) Software 9.1(.2) y anteriores permite a usuarios remotos autenticados causar una denegaci... • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5557 •