CVE-2021-1504 – Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services VPN Denial of Service Vulnerabilities
https://notcve.org/view.php?id=CVE-2021-1504
Multiple vulnerabilities in Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. These vulnerabilities are due to lack of proper input validation of the HTTPS request. An attacker could exploit these vulnerabilities by sending a crafted HTTPS request to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Note: This vulnerability affects only specific AnyConnect and WebVPN configurations. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-vpn-dos-fpBcpEcD • CWE-787: Out-of-bounds Write •
CVE-2021-1501 – Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Software SIP Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2021-1501
A vulnerability in the SIP inspection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a crash and reload of an affected device, resulting in a denial of service (DoS) condition.The vulnerability is due to a crash that occurs during a hash lookup for a SIP pinhole connection. An attacker could exploit this vulnerability by sending crafted SIP traffic through an affected device. A successful exploit could allow the attacker to cause a crash and reload of the affected device. Una vulnerabilidad en el motor de inspección SIP del Software Cisco Adaptive Security Appliance (ASA) y el software Cisco Firepower Threat Defense (FTD), podría permitir a un atacante remoto no autenticado causar un bloqueo y la recarga de un dispositivo afectado, resultando en una denegación de servicio ( DoS). La vulnerabilidad es debido a un bloqueo que ocurre durante una búsqueda de hash para una conexión SIP pinhole. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-sipdos-GGwmMerC • CWE-613: Insufficient Session Expiration •
CVE-2021-1493 – Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Buffer Overflow Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2021-1493
A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause a buffer overflow on an affected system. The vulnerability is due to insufficient boundary checks for specific data that is provided to the web services interface of an affected system. An attacker could exploit this vulnerability by sending a malicious HTTP request. A successful exploit could allow the attacker to cause a buffer overflow condition on the affected system, which could disclose data fragments or cause the device to reload, resulting in a denial of service (DoS) condition. Una vulnerabilidad en la interfaz de servicios web del software Cisco Adaptive Security Appliance (ASA) y el software Cisco Firepower Threat Defense (FTD), podría permitir a un atacante remoto autenticado causar un desbordamiento del búfer en un sistema afectado. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-memc-dos-fncTyYKG • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2021-1445 – Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services VPN Denial of Service Vulnerabilities
https://notcve.org/view.php?id=CVE-2021-1445
Multiple vulnerabilities in Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. These vulnerabilities are due to lack of proper input validation of the HTTPS request. An attacker could exploit these vulnerabilities by sending a crafted HTTPS request to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Note: This vulnerability affects only specific AnyConnect and WebVPN configurations. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-vpn-dos-fpBcpEcD • CWE-787: Out-of-bounds Write •
CVE-2020-3555 – Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SIP Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2020-3555
A vulnerability in the SIP inspection process of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a crash and reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to a watchdog timeout and crash during the cleanup of threads that are associated with a SIP connection that is being deleted from the connection list. An attacker could exploit this vulnerability by sending a high rate of crafted SIP traffic through an affected device. A successful exploit could allow the attacker to cause a watchdog timeout and crash, resulting in a crash and reload of the affected device. Una vulnerabilidad en el proceso de inspección SIP de Cisco Adaptive Security Appliance (ASA) Software y Cisco Firepower Threat Defense (FTD) Software, podría permitir a un atacante remoto no autenticado causar un bloqueo y la recarga de un dispositivo afectado, resultando en una condición de denegación de servicio ( DoS). • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-sipdos-3DGvdjvg • CWE-404: Improper Resource Shutdown or Release •