CVSS: 7.5EPSS: 0%CPEs: 114EXPL: 0CVE-2013-6682
https://notcve.org/view.php?id=CVE-2013-6682
13 Nov 2013 — The phone-proxy implementation in Cisco Adaptive Security Appliance (ASA) Software 9.0.3.6 and earlier does not properly validate X.509 certificates, which allows remote attackers to cause a denial of service (connection-database corruption) via an invalid entry, aka Bug ID CSCui33299. La implementación phone-proxy en Cisco Adaptive Security Appliance (ASA) Software 9.0.3.6 y anteriores versiones no valida adecuadamente certificados X.509, lo que permite a atacantes remotos provocar una denegación de servic... • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6682 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 118EXPL: 0CVE-2013-5560
https://notcve.org/view.php?id=CVE-2013-5560
13 Nov 2013 — The IPv6 implementation in Cisco Adaptive Security Appliance (ASA) Software 9.1.3 and earlier, when NAT64 or NAT66 is enabled, does not properly process NAT rules, which allows remote attackers to cause a denial of service (device reload) via crafted packets, aka Bug ID CSCue34342. La implementación IPv6 en Cisco Adaptive Security Appliance (ASA) Software 9.1.3 y anteriores versiones, cuando NAT64 o NAT66 están activados, no procesan adecuadamente reglas NAT, lo que permite a atacantes remotos provocar una ... • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5560 • CWE-20: Improper Input Validation •
CVSS: 8.5EPSS: 0%CPEs: 20EXPL: 0CVE-2013-5542
https://notcve.org/view.php?id=CVE-2013-5542
21 Oct 2013 — Cisco Adaptive Security Appliance (ASA) Software 8.4 before 8.4(7.2), 8.7 before 8.7(1.8), 9.0 before 9.0(3.6), and 9.1 before 9.1(2.8) allows remote attackers to cause a denial of service (firewall-session disruption or device reload) via crafted ICMP packets, aka Bug ID CSCui77398. Cisco Adaptive Security Appliance (ASA) Software 8.4 antes de 8.4 (7.2) 8.7 antes de 8.7 (1.8) 9.0 antes de 9.0 (3.6) y 9.1 antes de 9.1 (2.8) permite a atacantes remotos provocar una denegación de servicio (interrupción de ses... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131009-asa • CWE-399: Resource Management Errors •
CVSS: 10.0EPSS: 0%CPEs: 44EXPL: 0CVE-2013-5511
https://notcve.org/view.php?id=CVE-2013-5511
13 Oct 2013 — The Adaptive Security Device Management (ASDM) remote-management feature in Cisco Adaptive Security Appliance (ASA) Software 8.2.x before 8.2(5.46), 8.3.x before 8.3(2.39), 8.4.x before 8.4(6), 8.5.x before 8.5(1.18), 8.6.x before 8.6(1.12), 8.7.x before 8.7(1.7), 9.0.x before 9.0(3.1), and 9.1.x before 9.1(2.6) does not properly implement the authentication-certificate option, which allows remote attackers to bypass authentication via a TCP session to an ASDM interface, aka Bug ID CSCuh44815. La funcionali... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131009-asa • CWE-287: Improper Authentication •
CVSS: 7.5EPSS: 0%CPEs: 168EXPL: 0CVE-2013-5508
https://notcve.org/view.php?id=CVE-2013-5508
13 Oct 2013 — The SQL*Net inspection engine in Cisco Adaptive Security Appliance (ASA) Software 7.x before 7.2(5.12), 8.x before 8.2(5.44), 8.3.x before 8.3(2.39), 8.4.x before 8.4(6), 8.5.x before 8.5(1.18), 8.6.x before 8.6(1.12), 8.7.x before 8.7(1.6), 9.0.x before 9.0(2.10), and 9.1.x before 9.1(2) and Firewall Services Module (FWSM) 3.1.x and 3.2.x before 3.2(27) and 4.x before 4.1(14) allows remote attackers to cause a denial of service (device reload) via crafted segmented Transparent Network Substrate (TNS) packe... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131009-asa • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2013-5509
https://notcve.org/view.php?id=CVE-2013-5509
13 Oct 2013 — The SSL implementation in Cisco Adaptive Security Appliance (ASA) Software 9.0 before 9.0(2.6) and 9.1 before 9.1(2) allows remote attackers to bypass authentication, and obtain VPN access or administrative access, via a crafted X.509 client certificate, aka Bug ID CSCuf52468. La implementación SSL en Cisco Adaptive Security Appliance (ASA) 9.0 anterior a 9.0(2.6) y 9.1 anterior a 9.1(2) permite a atacantes remotos sortear la autenticación y obtener acceso VPN o acceso administrativo a través de un certific... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131009-asa • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 0%CPEs: 31EXPL: 0CVE-2013-5513
https://notcve.org/view.php?id=CVE-2013-5513
13 Oct 2013 — Cisco Adaptive Security Appliance (ASA) Software 8.2.x before 8.2(5.46), 8.3.x before 8.3(2.39), 8.4.x before 8.4(7), 8.5.x before 8.5(1.18), 8.6.x before 8.6(1.12), 8.7.x before 8.7(1.7), 9.0.x before 9.0(3.3), and 9.1.x before 9.1(1.8), when the DNS ALPI engine is enabled for TCP, allows remote attackers to cause a denial of service (device reload) via crafted TCP DNS packets, aka Bug ID CSCug03975. Cisco Adaptive Security Appliance (ASA) 8.2.x Software anterior a 8,2 (5,46), 8.3.x anterior a 8,3 (2,39), ... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131009-asa • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 0%CPEs: 85EXPL: 0CVE-2013-5510
https://notcve.org/view.php?id=CVE-2013-5510
13 Oct 2013 — The remote-access VPN implementation in Cisco Adaptive Security Appliance (ASA) Software 7.x before 7.2(5.12), 8.x before 8.2(5.46), 8.3.x before 8.3(2.39), 8.4.x before 8.4(6), 8.6.x before 8.6(1.12), 9.0.x before 9.0(3.1), and 9.1.x before 9.1(2.5), when an override-account-disable option is enabled, does not properly parse AAA LDAP responses, which allows remote attackers to bypass authentication via a VPN connection attempt, aka Bug ID CSCug83401. La implementación de acceso remoto VPN en Cisco Adaptive... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131009-asa • CWE-287: Improper Authentication •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2013-3415
https://notcve.org/view.php?id=CVE-2013-3415
13 Oct 2013 — Cisco Adaptive Security Appliance (ASA) Software 8.4.x before 8.4(3) and 8.6.x before 8.6(1.3) does not properly manage memory upon an AnyConnect SSL VPN client disconnection, which allows remote attackers to cause a denial of service (memory consumption, and forwarding outage or system hang) via packets to the disconnected machine's IP address, aka Bug ID CSCtt36737. Cisco Adaptive Security Appliance (ASA) Software 8.4.x anteriores a 8.4(3) y 8.6.x aanteriores 8.6(1.3) no maneja apropiadamente la memorua h... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131009-asa • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2013-5507
https://notcve.org/view.php?id=CVE-2013-5507
13 Oct 2013 — The IPsec implementation in Cisco Adaptive Security Appliance (ASA) Software 9.1 before 9.1(1.7), when an IPsec VPN tunnel is enabled, allows remote attackers to cause a denial of service (device reload) via a (1) ICMP or (2) ICMPv6 packet that is improperly handled during decryption, aka Bug ID CSCue18975. La implementacion IPSec en Cisco Adaptive Security Appliance (ASA) 9.1 anteriores a 9.2(1.7), cuando un tunel IPSec VPN está habilitado, permite a atacantes remotos causar una denegación de servicio (rec... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131009-asa • CWE-310: Cryptographic Issues •