CVSS: 7.1EPSS: 0%CPEs: 241EXPL: 0CVE-2015-0676
https://notcve.org/view.php?id=CVE-2015-0676
13 Apr 2015 — The DNS implementation in Cisco Adaptive Security Appliance (ASA) Software 7.2 before 7.2(5.16), 8.2 before 8.2(5.57), 8.3 before 8.3(2.44), 8.4 before 8.4(7.28), 8.5 before 8.5(1.24), 8.6 before 8.6(1.17), 8.7 before 8.7(1.16), 9.0 before 9.0(4.33), 9.1 before 9.1(6.1), 9.2 before 9.2(3.4), and 9.3 before 9.3(3) allows man-in-the-middle attackers to cause a denial of service (memory consumption or device outage) by triggering outbound DNS queries and then sending crafted responses to these queries, aka Bug... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150408-asa • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2014-8023
https://notcve.org/view.php?id=CVE-2014-8023
17 Feb 2015 — Cisco Adaptive Security Appliance (ASA) Software 9.2(.3) and earlier, when challenge-response authentication is used, does not properly select tunnel groups, which allows remote authenticated users to bypass intended resource-access restrictions via a crafted tunnel-group parameter, aka Bug ID CSCtz48533. Cisco Adaptive Security Appliance (ASA) Software 9.2(.3) y anteriores, cuando la autenticación de las respuestas de desafió está habilitada, no selecciona correctamente los grupos de túnel, lo que permite ... • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-8023 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2013-5557
https://notcve.org/view.php?id=CVE-2013-5557
07 Feb 2015 — The Proxy Bypass Content Rewriter feature in the WebVPN subsystem in Cisco Adaptive Security Appliance (ASA) Software 9.1(.2) and earlier allows remote authenticated users to cause a denial of service (device crash or error-recovery event) via an HTTP request that triggers a rewrite, aka Bug ID CSCug91577. La caracteristica Proxy Bypass Content Rewriter en el subsistema WebVPN en Cisco Adaptive Security Appliance (ASA) Software 9.1(.2) y anteriores permite a usuarios remotos autenticados causar una denegaci... • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5557 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2014-3407
https://notcve.org/view.php?id=CVE-2014-3407
28 Nov 2014 — The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA) Software 9.3(.2) and earlier does not properly allocate memory blocks during HTTP packet handling, which allows remote attackers to cause a denial of service (memory consumption) via crafted packets, aka Bug ID CSCuq68888. La implementación SSL VPN en Cisco Adaptive Security Appliance (ASA) Software 9.3(.2) y anteriores no designa debidamente los bloques de memoria durante el manejo de paquetes HTTP, lo que permite a atacantes remotos cau... • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3407 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 8.2EPSS: 0%CPEs: 102EXPL: 0CVE-2014-3393
https://notcve.org/view.php?id=CVE-2014-3393
10 Oct 2014 — The Clientless SSL VPN portal customization framework in Cisco ASA Software 8.2 before 8.2(5.51), 8.3 before 8.3(2.42), 8.4 before 8.4(7.23), 8.6 before 8.6(1.14), 9.0 before 9.0(4.24), 9.1 before 9.1(5.12), and 9.2 before 9.2(2.4) does not properly implement authentication, which allows remote attackers to modify RAMFS customization objects via unspecified vectors, as demonstrated by inserting XSS sequences or capturing credentials, aka Bug ID CSCup36829. El Framework de la personalización de portales Clie... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141008-asa • CWE-287: Improper Authentication •
CVSS: 8.3EPSS: 0%CPEs: 105EXPL: 0CVE-2014-3392
https://notcve.org/view.php?id=CVE-2014-3392
10 Oct 2014 — The Clientless SSL VPN portal in Cisco ASA Software 8.2 before 8.2(5.51), 8.3 before 8.3(2.42), 8.4 before 8.4(7.23), 8.6 before 8.6(1.15), 9.0 before 9.0(4.24), 9.1 before 9.1(5.12), 9.2 before 9.2(2.8), and 9.3 before 9.3(1.1) allows remote attackers to obtain sensitive information from process memory or modify memory contents via crafted parameters, aka Bug ID CSCuq29136. El portal Clientless SSL VPN en Cisco ASA Software 8.2 anterior a 8.2(5.51), 8.3 anterior a 8.3(2.42), 8.4 anterior a 8.4(7.23), 8.6 a... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141008-asa •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2014-3399
https://notcve.org/view.php?id=CVE-2014-3399
07 Oct 2014 — The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA) Software 9.2(.2.4) and earlier does not properly manage session information during creation of a SharePoint handler, which allows remote authenticated users to overwrite arbitrary RAMFS cache files or inject Lua programs, and consequently cause a denial of service (portal outage or system reload), via crafted HTTP requests, aka Bug ID CSCup54208. La implementación SSL VPN en el software Cisco Adaptive Security Appliance (ASA) 9.2(.2.4) y ... • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3399 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2013-5567
https://notcve.org/view.php?id=CVE-2013-5567
14 Jul 2014 — Cisco Adaptive Security Appliance (ASA) Software 8.4(.6) and earlier, when using an unsupported configuration with overlapping criteria for filtering and inspection, allows remote attackers to cause a denial of service (traffic loop and device crash) via a packet that triggers multiple matches, aka Bug ID CSCui45606. Cisco Adaptive Security Appliance (ASA) Software 8.4(.6) y anteriores, cuando utilice una configuración no soportada con criterios sobrepuestos para el filtrado y la inspección, permite a ataca... • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5567 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2013-6691
https://notcve.org/view.php?id=CVE-2013-6691
14 Jul 2014 — The WebVPN CIFS implementation in Cisco Adaptive Security Appliance (ASA) Software 9.0(.4.1) and earlier allows remote CIFS servers to cause a denial of service (device reload) via a long share list, aka Bug ID CSCuj83344. La implementación WebVPN CIFS en Cisco Adaptive Security Appliance (ASA) Software 9.0(.4.1) y anteriores permite a servidores CIFS remotos causar una denegación de servicio (reinicio de dispositivo) a través de una lista larga de recursos compartidos, también conocido como Bug ID CSCuj833... • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6691 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2014-2151
https://notcve.org/view.php?id=CVE-2014-2151
18 Jun 2014 — The WebVPN portal in Cisco Adaptive Security Appliance (ASA) Software 8.4(.7.15) and earlier allows remote authenticated users to obtain sensitive information via a crafted JavaScript file, aka Bug ID CSCui04520. El portal WebVPN en Cisco Adaptive Security Appliance (ASA) Software 8.4(.7.15) y anteriores permite a usuarios remotos autenticados obtener información sensible a través de un fichero JavaScript manipulado, también conocido como Bug ID CSCui04520. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2151 •