CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2014-8023
https://notcve.org/view.php?id=CVE-2014-8023
17 Feb 2015 — Cisco Adaptive Security Appliance (ASA) Software 9.2(.3) and earlier, when challenge-response authentication is used, does not properly select tunnel groups, which allows remote authenticated users to bypass intended resource-access restrictions via a crafted tunnel-group parameter, aka Bug ID CSCtz48533. Cisco Adaptive Security Appliance (ASA) Software 9.2(.3) y anteriores, cuando la autenticación de las respuestas de desafió está habilitada, no selecciona correctamente los grupos de túnel, lo que permite ... • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-8023 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2013-5557
https://notcve.org/view.php?id=CVE-2013-5557
07 Feb 2015 — The Proxy Bypass Content Rewriter feature in the WebVPN subsystem in Cisco Adaptive Security Appliance (ASA) Software 9.1(.2) and earlier allows remote authenticated users to cause a denial of service (device crash or error-recovery event) via an HTTP request that triggers a rewrite, aka Bug ID CSCug91577. La caracteristica Proxy Bypass Content Rewriter en el subsistema WebVPN en Cisco Adaptive Security Appliance (ASA) Software 9.1(.2) y anteriores permite a usuarios remotos autenticados causar una denegaci... • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5557 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2014-3407
https://notcve.org/view.php?id=CVE-2014-3407
28 Nov 2014 — The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA) Software 9.3(.2) and earlier does not properly allocate memory blocks during HTTP packet handling, which allows remote attackers to cause a denial of service (memory consumption) via crafted packets, aka Bug ID CSCuq68888. La implementación SSL VPN en Cisco Adaptive Security Appliance (ASA) Software 9.3(.2) y anteriores no designa debidamente los bloques de memoria durante el manejo de paquetes HTTP, lo que permite a atacantes remotos cau... • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3407 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2014-3399
https://notcve.org/view.php?id=CVE-2014-3399
07 Oct 2014 — The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA) Software 9.2(.2.4) and earlier does not properly manage session information during creation of a SharePoint handler, which allows remote authenticated users to overwrite arbitrary RAMFS cache files or inject Lua programs, and consequently cause a denial of service (portal outage or system reload), via crafted HTTP requests, aka Bug ID CSCup54208. La implementación SSL VPN en el software Cisco Adaptive Security Appliance (ASA) 9.2(.2.4) y ... • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3399 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2013-6691
https://notcve.org/view.php?id=CVE-2013-6691
14 Jul 2014 — The WebVPN CIFS implementation in Cisco Adaptive Security Appliance (ASA) Software 9.0(.4.1) and earlier allows remote CIFS servers to cause a denial of service (device reload) via a long share list, aka Bug ID CSCuj83344. La implementación WebVPN CIFS en Cisco Adaptive Security Appliance (ASA) Software 9.0(.4.1) y anteriores permite a servidores CIFS remotos causar una denegación de servicio (reinicio de dispositivo) a través de una lista larga de recursos compartidos, también conocido como Bug ID CSCuj833... • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6691 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2013-5567
https://notcve.org/view.php?id=CVE-2013-5567
14 Jul 2014 — Cisco Adaptive Security Appliance (ASA) Software 8.4(.6) and earlier, when using an unsupported configuration with overlapping criteria for filtering and inspection, allows remote attackers to cause a denial of service (traffic loop and device crash) via a packet that triggers multiple matches, aka Bug ID CSCui45606. Cisco Adaptive Security Appliance (ASA) Software 8.4(.6) y anteriores, cuando utilice una configuración no soportada con criterios sobrepuestos para el filtrado y la inspección, permite a ataca... • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5567 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2014-2151
https://notcve.org/view.php?id=CVE-2014-2151
18 Jun 2014 — The WebVPN portal in Cisco Adaptive Security Appliance (ASA) Software 8.4(.7.15) and earlier allows remote authenticated users to obtain sensitive information via a crafted JavaScript file, aka Bug ID CSCui04520. El portal WebVPN en Cisco Adaptive Security Appliance (ASA) Software 8.4(.7.15) y anteriores permite a usuarios remotos autenticados obtener información sensible a través de un fichero JavaScript manipulado, también conocido como Bug ID CSCui04520. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2151 •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2014-3264
https://notcve.org/view.php?id=CVE-2014-3264
20 May 2014 — Cisco Adaptive Security Appliance (ASA) Software 9.1(.5) and earlier allows remote authenticated users to cause a denial of service (device reload) via crafted attributes in a RADIUS packet, aka Bug ID CSCun69561. Cisco Adaptive Security Appliance (ASA) Software 9.1(.5) y anteriores permite a usuarios remotos autenticados causar una denegación de servicio (reinicio de dispositivo) a través de atributos manipulados en un paquete RADIUS, también conocido como Bug ID CSCun69561. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3264 •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2013-6707
https://notcve.org/view.php?id=CVE-2013-6707
07 Dec 2013 — Memory leak in the connection-manager implementation in Cisco Adaptive Security Appliance (ASA) Software 9.1(.3) and earlier allows remote attackers to cause a denial of service (multi-protocol management outage) by making multiple management session requests, aka Bug ID CSCug33233. Fuga de memoria en la implementación del connection-manager en Cisco Adaptive Security Appliance (ASA) Software 9.1 (.3) y anteriores permite a atacantes remotos causar denegación de servicio (interrupción de la gestión multi-pr... • http://osvdb.org/100682 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 7.5EPSS: 0%CPEs: 114EXPL: 0CVE-2013-6682
https://notcve.org/view.php?id=CVE-2013-6682
13 Nov 2013 — The phone-proxy implementation in Cisco Adaptive Security Appliance (ASA) Software 9.0.3.6 and earlier does not properly validate X.509 certificates, which allows remote attackers to cause a denial of service (connection-database corruption) via an invalid entry, aka Bug ID CSCui33299. La implementación phone-proxy en Cisco Adaptive Security Appliance (ASA) Software 9.0.3.6 y anteriores versiones no valida adecuadamente certificados X.509, lo que permite a atacantes remotos provocar una denegación de servic... • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6682 • CWE-20: Improper Input Validation •