CVSS: 7.8EPSS: 2%CPEs: 6EXPL: 0CVE-2010-0150
https://notcve.org/view.php?id=CVE-2010-0150
Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 before 7.0(8.10), 7.2 before 7.2(4.45), 8.0 before 8.0(5.2), 8.1 before 8.1(2.37), and 8.2 before 8.2(1.16); and Cisco PIX 500 Series Security Appliance; allows remote attackers to cause a denial of service (device reload) via malformed SIP messages, aka Bug ID CSCsy91157. Vulnerabilidad no especificada en Cisco ASA 5500 Series Adaptive Security Appliance v7.0 anterior a v7.0(8.10), v7.2 anterior a v7.2(4.45), v8.0 anterior a v8.0(5.2), 8.1 anterior a v8.1(2.37), y v8.2 anterior a v8.2(1.16) y Cisco PIX 500 Series Security Appliance, permite a atacantes remotos causar una denegación de servicio (reinicio del dispositivo) a través de mensajes SIP con formato incorrecto, también conocido como Bug ID CSCsy91157. • http://osvdb.org/62434 http://secunia.com/advisories/38618 http://secunia.com/advisories/38636 http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910c.shtml http://www.securityfocus.com/bid/38277 http://www.securitytracker.com/id?1023612 http://www.vupen.com/english/advisories/2010/0415 https://exchange.xforce.ibmcloud.com/vulnerabilities/56338 •
CVSS: 5.0EPSS: 2%CPEs: 6EXPL: 0CVE-2010-0567
https://notcve.org/view.php?id=CVE-2010-0567
Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 before 7.0(8.10), 7.2 before 7.2(4.45), 8.0 before 8.0(5.1), 8.1 before 8.1(2.37), and 8.2 before 8.2(1.15); and Cisco PIX 500 Series Security Appliance; allows remote attackers to cause a denial of service (active IPsec tunnel loss and prevention of new tunnels) via a malformed IKE message through an existing tunnel to UDP port 4500, aka Bug ID CSCtc47782. Vulnerabilidad no especificada en Cisco ASA 5500 Series Adaptive Security Appliance v7.0 anterior a v7.0(8.10), v7.2 anterior a v7.2(4.45), v8.0 anterior a v8.0(5.1), 8.1 anterior a v8.1(2.37), y v8.2 anterior a v8.2(1.15), y Cisco PIX 500 Series Security Appliance, permite a atacantes remotos provocar una denegación de servicio (pérdida del túnel IPsec activo y la prevención de nuevos túneles) mediante un mensaje IKE malformado a través de un túnel existente en el puerto UDP 4500, también conocido como Bug ID CSCtc47782. • http://osvdb.org/62436 http://secunia.com/advisories/38618 http://secunia.com/advisories/38636 http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910c.shtml http://www.securityfocus.com/bid/38279 http://www.securitytracker.com/id?1023612 http://www.vupen.com/english/advisories/2010/0415 https://exchange.xforce.ibmcloud.com/vulnerabilities/56341 •
CVSS: 7.1EPSS: 0%CPEs: 6EXPL: 0CVE-2010-0568
https://notcve.org/view.php?id=CVE-2010-0568
Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 before 7.0(8.10), 7.2 before 7.2(4.45), 8.0 before 8.0(5.7), 8.1 before 8.1(2.40), and 8.2 before 8.2(2.1); and Cisco PIX 500 Series Security Appliance; allows remote attackers to bypass NTLMv1 authentication via a crafted username, aka Bug ID CSCte21953. Vulnerabilidad no especificada en Cisco ASA 5500 Series Adaptive Security Appliance v7.0 anterior a v7.0(8.10), v7.2 anterior a v7.2(4.45), v8.0 anterior a v8.0(5.2), 8.1 anterior a v8.1(2.40), y v8.2 anterior a v8.2(2.1), y Cisco PIX 500 Series Security Appliance, permite a atacantes remotos evitar la autenticación a través de un nombre de usuario NTLMv1 manipulado, también conocido como Bug ID CSCte21953. • http://osvdb.org/62437 http://secunia.com/advisories/38618 http://secunia.com/advisories/38636 http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910c.shtml http://www.securityfocus.com/bid/38279 http://www.securitytracker.com/id?1023612 http://www.vupen.com/english/advisories/2010/0415 https://exchange.xforce.ibmcloud.com/vulnerabilities/56342 •
CVSS: 7.8EPSS: 1%CPEs: 6EXPL: 0CVE-2010-0565
https://notcve.org/view.php?id=CVE-2010-0565
Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.2 before 7.2(4.45), 8.0 before 8.0(4.44), 8.1 before 8.1(2.35), and 8.2 before 8.2(1.10), allows remote attackers to cause a denial of service (page fault and device reload) via a malformed DTLS message, aka Bug ID CSCtb64913 and "WebVPN DTLS Denial of Service Vulnerability." Vulnerabilidad no especificada en Cisco ASA 5500 Series Adaptive Security Appliance v7.2 anterior a v7.2(4.45), v8.0 anterior a v8.0(4.44), 8.1 anterior a v8.1(2.35), y v8.2 anterior a v8.2(1.10), permite a atacantes remotos provocar una denegación de servicio (fallo de página y reinicio del dispositivo) a través de un mensaje DTLS incorrecto , también conocido como Bug ID CSCtb64913 y "WebVPN DTLS Vulnerabilidad de Denegación de Servicio." • http://osvdb.org/62430 http://secunia.com/advisories/38618 http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910c.shtml http://www.securityfocus.com/bid/38280 http://www.securitytracker.com/id?1023612 http://www.vupen.com/english/advisories/2010/0415 https://exchange.xforce.ibmcloud.com/vulnerabilities/56339 •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2009-1155
https://notcve.org/view.php?id=CVE-2009-1155
Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.1(1) through 7.1(2)82, 7.2 before 7.2(4)27, 8.0 before 8.0(4)25, and 8.1 before 8.1(2)15, when AAA override-account-disable is entered in a general-attributes field, allow remote attackers to bypass authentication and establish a VPN session to an ASA device via unspecified vectors. Cisco Adaptive Security Appliances (ASA) 5500 Series y PIX Security Appliances v7.1(1) hasta v7.1(2)82, v7.2 anteriores a v7.2(4)27, v8.0 anteriores a v8.0(4)25, y v8.1 anteriores a v8.1(2)15, cuando introducimos en un campo de atributo general AAA, permite a atacantes remotos saltarse la autenticación y establecer una sesión VPN a un dispositivo ASO mediante vectores no especificados. • http://osvdb.org/53441 http://secunia.com/advisories/34607 http://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtml http://www.securityfocus.com/bid/34429 http://www.securitytracker.com/id?1022016 http://www.vupen.com/english/advisories/2009/0981 • CWE-287: Improper Authentication •