CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2014-3399
https://notcve.org/view.php?id=CVE-2014-3399
07 Oct 2014 — The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA) Software 9.2(.2.4) and earlier does not properly manage session information during creation of a SharePoint handler, which allows remote authenticated users to overwrite arbitrary RAMFS cache files or inject Lua programs, and consequently cause a denial of service (portal outage or system reload), via crafted HTTP requests, aka Bug ID CSCup54208. La implementación SSL VPN en el software Cisco Adaptive Security Appliance (ASA) 9.2(.2.4) y ... • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3399 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2013-5567
https://notcve.org/view.php?id=CVE-2013-5567
14 Jul 2014 — Cisco Adaptive Security Appliance (ASA) Software 8.4(.6) and earlier, when using an unsupported configuration with overlapping criteria for filtering and inspection, allows remote attackers to cause a denial of service (traffic loop and device crash) via a packet that triggers multiple matches, aka Bug ID CSCui45606. Cisco Adaptive Security Appliance (ASA) Software 8.4(.6) y anteriores, cuando utilice una configuración no soportada con criterios sobrepuestos para el filtrado y la inspección, permite a ataca... • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5567 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2013-6691
https://notcve.org/view.php?id=CVE-2013-6691
14 Jul 2014 — The WebVPN CIFS implementation in Cisco Adaptive Security Appliance (ASA) Software 9.0(.4.1) and earlier allows remote CIFS servers to cause a denial of service (device reload) via a long share list, aka Bug ID CSCuj83344. La implementación WebVPN CIFS en Cisco Adaptive Security Appliance (ASA) Software 9.0(.4.1) y anteriores permite a servidores CIFS remotos causar una denegación de servicio (reinicio de dispositivo) a través de una lista larga de recursos compartidos, también conocido como Bug ID CSCuj833... • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6691 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2014-2151
https://notcve.org/view.php?id=CVE-2014-2151
18 Jun 2014 — The WebVPN portal in Cisco Adaptive Security Appliance (ASA) Software 8.4(.7.15) and earlier allows remote authenticated users to obtain sensitive information via a crafted JavaScript file, aka Bug ID CSCui04520. El portal WebVPN en Cisco Adaptive Security Appliance (ASA) Software 8.4(.7.15) y anteriores permite a usuarios remotos autenticados obtener información sensible a través de un fichero JavaScript manipulado, también conocido como Bug ID CSCui04520. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2151 •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2014-3264
https://notcve.org/view.php?id=CVE-2014-3264
20 May 2014 — Cisco Adaptive Security Appliance (ASA) Software 9.1(.5) and earlier allows remote authenticated users to cause a denial of service (device reload) via crafted attributes in a RADIUS packet, aka Bug ID CSCun69561. Cisco Adaptive Security Appliance (ASA) Software 9.1(.5) y anteriores permite a usuarios remotos autenticados causar una denegación de servicio (reinicio de dispositivo) a través de atributos manipulados en un paquete RADIUS, también conocido como Bug ID CSCun69561. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3264 •
CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 1CVE-2014-2127 – Cisco ASA SSL VPN Privilege Escalation
https://notcve.org/view.php?id=CVE-2014-2127
10 Apr 2014 — Cisco Adaptive Security Appliance (ASA) Software 8.x before 8.2(5.48), 8.3 before 8.3(2.40), 8.4 before 8.4(7.9), 8.6 before 8.6(1.13), 9.0 before 9.0(4.1), and 9.1 before 9.1(4.3) does not properly process management-session information during privilege validation for SSL VPN portal connections, which allows remote authenticated users to gain privileges by establishing a Clientless SSL VPN session and entering crafted URLs, aka Bug ID CSCul70099. Cisco Adaptive Security Appliance (ASA) Software 8.x anterio... • https://packetstorm.news/files/id/181167 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2014-2129
https://notcve.org/view.php?id=CVE-2014-2129
10 Apr 2014 — The SIP inspection engine in Cisco Adaptive Security Appliance (ASA) Software 8.2 before 8.2(5.48), 8.4 before 8.4(6.5), 9.0 before 9.0(3.1), and 9.1 before 9.1(2.5) allows remote attackers to cause a denial of service (memory consumption or device reload) via crafted SIP packets, aka Bug ID CSCuh44052. El motor de inspección SIP en Cisco Adaptive Security Appliance (ASA) Software 8.2 anterior a 8.2(5.48), 8.4 anterior a 8.4(6.5), 9.0 anterior a 9.0(3.1) y 9.1 anterior a 9.1(2.5) permite a atacantes remotos... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-asa • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2014-2126
https://notcve.org/view.php?id=CVE-2014-2126
10 Apr 2014 — Cisco Adaptive Security Appliance (ASA) Software 8.2 before 8.2(5.47), 8.4 before 8.4(7.5), 8.7 before 8.7(1.11), 9.0 before 9.0(3.10), and 9.1 before 9.1(3.4) allows remote authenticated users to gain privileges by leveraging level-0 ASDM access, aka Bug ID CSCuj33496. Cisco Adaptive Security Appliance (ASA) Software 8.2 anterior a 8.2(5.47), 8.4 anterior a 8.4(7.5), 8.7 anterior a 8.7(1.11), 9.0 anterior a 9.0(3.10) y 9.1 anterior a 9.1(3.4) permite a usuarios remotos autenticados ganar privilegios median... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-asa • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.1EPSS: 0%CPEs: 6EXPL: 0CVE-2014-2128
https://notcve.org/view.php?id=CVE-2014-2128
10 Apr 2014 — The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA) Software 8.2 before 8.2(5.47, 8.3 before 8.3(2.40), 8.4 before 8.4(7.3), 8.6 before 8.6(1.13), 9.0 before 9.0(3.8), and 9.1 before 9.1(3.2) allows remote attackers to bypass authentication via (1) a crafted cookie value within modified HTTP POST data or (2) a crafted URL, aka Bug ID CSCua85555. La implementación SSL VPN en Cisco Adaptive Security Appliance (ASA) Software 8.2 anterior a 8.2(5.47, 8.3 anterior a 8.3(2.40), 8.4 anterior a 8.... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-asa • CWE-287: Improper Authentication •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2013-6707
https://notcve.org/view.php?id=CVE-2013-6707
07 Dec 2013 — Memory leak in the connection-manager implementation in Cisco Adaptive Security Appliance (ASA) Software 9.1(.3) and earlier allows remote attackers to cause a denial of service (multi-protocol management outage) by making multiple management session requests, aka Bug ID CSCug33233. Fuga de memoria en la implementación del connection-manager en Cisco Adaptive Security Appliance (ASA) Software 9.1 (.3) y anteriores permite a atacantes remotos causar denegación de servicio (interrupción de la gestión multi-pr... • http://osvdb.org/100682 • CWE-772: Missing Release of Resource after Effective Lifetime •