CVSS: 6.1EPSS: 0%CPEs: 19EXPL: 0CVE-2019-12695 – Cisco Adaptive Security Appliance and Firepower Threat Defense Software WebVPN Cross-Site Scripting Vulnerability
https://notcve.org/view.php?id=CVE-2019-12695
02 Oct 2019 — A vulnerability in the Clientless SSL VPN (WebVPN) portal of Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persua... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-xss • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.8EPSS: 0%CPEs: 15EXPL: 0CVE-2019-12693 – Cisco Adaptive Security Appliance Software Secure Copy Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2019-12693
02 Oct 2019 — A vulnerability in the Secure Copy (SCP) feature of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to the use of an incorrect data type for a length variable. An attacker could exploit this vulnerability by initiating the transfer of a large file to an affected device via SCP. To exploit this vulnerability, the attacker would need to have valid privilege level 15 credentials on the affected... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-scp-dos • CWE-190: Integer Overflow or Wraparound CWE-704: Incorrect Type Conversion or Cast •
CVSS: 8.6EPSS: 0%CPEs: 19EXPL: 0CVE-2019-12678 – Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SIP Inspection Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2019-12678
02 Oct 2019 — A vulnerability in the Session Initiation Protocol (SIP) inspection module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper parsing of SIP messages. An attacker could exploit this vulnerability by sending a malicious SIP packet through an affected device. A successful exploit could allow the attacker to t... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-ftd-sip-dos • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 7.4EPSS: 0%CPEs: 17EXPL: 0CVE-2019-12676 – Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software OSPF LSA Processing Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2019-12676
02 Oct 2019 — A vulnerability in the Open Shortest Path First (OSPF) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability exists because the affected software improperly parses certain options in OSPF link-state advertisement (LSA) type 11 packets. An attacker could exploit this vulnerability by sendin... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-ospf-lsa-dos • CWE-20: Improper Input Validation •
CVSS: 8.6EPSS: 0%CPEs: 17EXPL: 0CVE-2019-12673 – Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software FTP Inspection Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2019-12673
02 Oct 2019 — A vulnerability in the FTP inspection engine of Cisco Adaptive Security (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient validation of FTP data. An attacker could exploit this vulnerability by sending malicious FTP traffic through an affected device. A successful exploit could allow the attacker to cause a DoS condition on the affected d... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-dos • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.2EPSS: 0%CPEs: 3788EXPL: 0CVE-2017-6770
https://notcve.org/view.php?id=CVE-2017-6770
07 Aug 2017 — Cisco IOS 12.0 through 15.6, Adaptive Security Appliance (ASA) Software 7.0.1 through 9.7.1.2, NX-OS 4.0 through 12.0, and IOS XE 3.6 through 3.18 are affected by a vulnerability involving the Open Shortest Path First (OSPF) Routing Protocol Link State Advertisement (LSA) database. This vulnerability could allow an unauthenticated, remote attacker to take full control of the OSPF Autonomous System (AS) domain routing table, allowing the attacker to intercept or black-hole traffic. The attacker could exploit... • http://www.securityfocus.com/bid/100005 • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 15%CPEs: 324EXPL: 1CVE-2017-3807 – Cisco ASA - WebVPN CIFS Handling Buffer Overflow
https://notcve.org/view.php?id=CVE-2017-3807
09 Feb 2017 — A vulnerability in Common Internet Filesystem (CIFS) code in the Clientless SSL VPN functionality of Cisco ASA Software, Major Releases 9.0-9.6, could allow an authenticated, remote attacker to cause a heap overflow. The vulnerability is due to insufficient validation of user supplied input. An attacker could exploit this vulnerability by sending a crafted URL to the affected system. An exploit could allow the remote attacker to cause a reload of the affected system or potentially execute code. Note: Only t... • https://www.exploit-db.com/exploits/41369 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.1EPSS: 0%CPEs: 241EXPL: 0CVE-2015-0676
https://notcve.org/view.php?id=CVE-2015-0676
13 Apr 2015 — The DNS implementation in Cisco Adaptive Security Appliance (ASA) Software 7.2 before 7.2(5.16), 8.2 before 8.2(5.57), 8.3 before 8.3(2.44), 8.4 before 8.4(7.28), 8.5 before 8.5(1.24), 8.6 before 8.6(1.17), 8.7 before 8.7(1.16), 9.0 before 9.0(4.33), 9.1 before 9.1(6.1), 9.2 before 9.2(3.4), and 9.3 before 9.3(3) allows man-in-the-middle attackers to cause a denial of service (memory consumption or device outage) by triggering outbound DNS queries and then sending crafted responses to these queries, aka Bug... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150408-asa • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 114EXPL: 0CVE-2013-6682
https://notcve.org/view.php?id=CVE-2013-6682
13 Nov 2013 — The phone-proxy implementation in Cisco Adaptive Security Appliance (ASA) Software 9.0.3.6 and earlier does not properly validate X.509 certificates, which allows remote attackers to cause a denial of service (connection-database corruption) via an invalid entry, aka Bug ID CSCui33299. La implementación phone-proxy en Cisco Adaptive Security Appliance (ASA) Software 9.0.3.6 y anteriores versiones no valida adecuadamente certificados X.509, lo que permite a atacantes remotos provocar una denegación de servic... • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6682 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 118EXPL: 0CVE-2013-5560
https://notcve.org/view.php?id=CVE-2013-5560
13 Nov 2013 — The IPv6 implementation in Cisco Adaptive Security Appliance (ASA) Software 9.1.3 and earlier, when NAT64 or NAT66 is enabled, does not properly process NAT rules, which allows remote attackers to cause a denial of service (device reload) via crafted packets, aka Bug ID CSCue34342. La implementación IPv6 en Cisco Adaptive Security Appliance (ASA) Software 9.1.3 y anteriores versiones, cuando NAT64 o NAT66 están activados, no procesan adecuadamente reglas NAT, lo que permite a atacantes remotos provocar una ... • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5560 • CWE-20: Improper Input Validation •