CVSS: 9.0EPSS: 0%CPEs: 58EXPL: 0CVE-2010-4680
https://notcve.org/view.php?id=CVE-2010-4680
The WebVPN implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) permits the viewing of CIFS shares even when CIFS file browsing has been disabled, which allows remote authenticated users to bypass intended access restrictions via CIFS requests, aka Bug ID CSCsz80777. La aplicación WebVPN en dispositivos Cisco Adaptive Security Appliances (ASA) series 5500 con software anterior a v8.2 (3) permite la visualización de recursos compartidos de CIFS, incluso cuando se ha desactivado la navegación en los ficheros CIFS, lo que permite a usuarios remotos autenticados para eludir las restricciones de acceso previstas a través de peticiones CIFS, error conocido como CSCsz80777. • http://secunia.com/advisories/42931 http://www.cisco.com/en/US/docs/security/asa/asa82/release/notes/asarn82.pdf http://www.securityfocus.com/bid/45767 http://www.securitytracker.com/id?1024963 https://exchange.xforce.ibmcloud.com/vulnerabilities/64606 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 0%CPEs: 58EXPL: 0CVE-2010-4678
https://notcve.org/view.php?id=CVE-2010-4678
Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) permit packets to pass before the configuration has been loaded, which might allow remote attackers to bypass intended access restrictions by sending network traffic during device startup, aka Bug ID CSCsy86769. Dispositivos Cisco Adaptive Security Appliances (ASA) series 5500 con software anterior a v8.2(3) permite a los paquetes pasar antes de que la configuración se haya cargado, lo que podría permitir a atacantes remotos evitar las restricciones de acceso previstas, mediante el envío de tráfico por la red durante el inicio del dispositivo, también conocido como Bug ID CSCsy86769 • http://secunia.com/advisories/42931 http://www.cisco.com/en/US/docs/security/asa/asa82/release/notes/asarn82.pdf http://www.securityfocus.com/bid/45767 http://www.securitytracker.com/id?1024963 https://exchange.xforce.ibmcloud.com/vulnerabilities/64604 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.0EPSS: 1%CPEs: 58EXPL: 0CVE-2009-5037
https://notcve.org/view.php?id=CVE-2009-5037
Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) allow remote attackers to cause a denial of service (ASDM syslog outage) via a long URL, aka Bug IDs CSCsm11264 and CSCtb92911. Los dispositivos Cisco Adaptive Security Appliances (ASA) 5500 series con software anterior a 8.2(3) permiten a atacantes remotos provocar una denegación de servicio (caída del syslog ASDM) a través de una URL extensa. También conocido como Bug IDs CSCsm11264 y CSCtb92911. • http://www.cisco.com/en/US/docs/security/asa/asa82/release/notes/asarn82.pdf http://www.securitytracker.com/id?1024963 https://exchange.xforce.ibmcloud.com/vulnerabilities/64732 https://supportforums.cisco.com/thread/2018112 https://supportforums.cisco.com/thread/238724 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 60EXPL: 0CVE-2010-4673
https://notcve.org/view.php?id=CVE-2010-4673
Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.2(4) and earlier allow remote attackers to cause a denial of service via a flood of packets, aka Bug ID CSCtg06316. Dispositivos Cisco Adaptive Security Appliances (ASA) series 5500, con software v8.2(4) y anteriores permite a atacantes remotos causar una denegación de servicio a través de una inundación de paquetes, también conocido como ID de error CSCtg06316. • http://www.cisco.com/en/US/docs/security/asa/asa82/release/notes/asarn82.pdf http://www.securityfocus.com/bid/45766 http://www.securitytracker.com/id?1024963 https://exchange.xforce.ibmcloud.com/vulnerabilities/64599 • CWE-399: Resource Management Errors •
CVSS: 9.0EPSS: 0%CPEs: 58EXPL: 0CVE-2010-4675
https://notcve.org/view.php?id=CVE-2010-4675
Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) do not properly determine the interfaces for which TELNET connections should be permitted, which allows remote authenticated users to bypass intended access restrictions via vectors involving the "lowest security level interface," aka Bug ID CSCsv40504. Los dispositivos Cisco Adaptive Security Appliances (ASA) 5500 series con software anterior a 8.2(3) no determinan apropiadamente los interfaces para los que las conexiones TELNET están permitidas, lo que permite a usuarios autenticados remotos evitar las restricciones de acceso previstas a través de vectores que involucran el interfaz de nivel de seguridad más bajo ("lowest security level interface"). También conocido como Bug ID CSCsv40504. • http://secunia.com/advisories/42931 http://www.cisco.com/en/US/docs/security/asa/asa82/release/notes/asarn82.pdf http://www.securityfocus.com/bid/45767 http://www.securitytracker.com/id?1024963 https://exchange.xforce.ibmcloud.com/vulnerabilities/64601 • CWE-264: Permissions, Privileges, and Access Controls •