CVSS: 4.2EPSS: 0%CPEs: 3788EXPL: 0CVE-2017-6770
https://notcve.org/view.php?id=CVE-2017-6770
Cisco IOS 12.0 through 15.6, Adaptive Security Appliance (ASA) Software 7.0.1 through 9.7.1.2, NX-OS 4.0 through 12.0, and IOS XE 3.6 through 3.18 are affected by a vulnerability involving the Open Shortest Path First (OSPF) Routing Protocol Link State Advertisement (LSA) database. This vulnerability could allow an unauthenticated, remote attacker to take full control of the OSPF Autonomous System (AS) domain routing table, allowing the attacker to intercept or black-hole traffic. The attacker could exploit this vulnerability by injecting crafted OSPF packets. Successful exploitation could cause the targeted router to flush its routing table and propagate the crafted OSPF LSA type 1 update throughout the OSPF AS domain. To exploit this vulnerability, an attacker must accurately determine certain parameters within the LSA database on the target router. • http://www.securityfocus.com/bid/100005 http://www.securitytracker.com/id/1039005 http://www.securitytracker.com/id/1039006 http://www.securitytracker.com/id/1039007 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170727-ospf • CWE-20: Improper Input Validation •
CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 0CVE-2013-1215
https://notcve.org/view.php?id=CVE-2013-1215
The vpnclient program in the Easy VPN component on Cisco Adaptive Security Appliances (ASA) 5505 devices allows local users to gain privileges via unspecified vectors, aka Bug ID CSCuf85295. El programa vpnclient en el componente de Easy VPN de Cisco Adaptive Security Appliances (ASA) dispositivos 5505 permite a usuarios locales conseguir privilegios a través de vectores no especificados, también conocido como Bug ID CSCuf85295. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1215 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.4EPSS: 0%CPEs: 4EXPL: 0CVE-2012-5415
https://notcve.org/view.php?id=CVE-2012-5415
Race condition on Cisco Adaptive Security Appliances (ASA) devices allows remote attackers to cause a denial of service (CPU consumption or device reload) by establishing multiple connections, leading to improper handling of hash lookups for secondary flows, aka Bug IDs CSCue31622 and CSCuc71272. Condición de carrera en dispositivos Cisco Adaptive Security Appliances (ASA) permite a atacantes remotos causar una denegación de servicio (consumo CPU o reinicio del dispositivo) mediante el establecimiento de múltiples conexiones, dando lugar a una incorrecta gestion de las búsquedas para flujos secundarios, también conocido como Bug IDs CSCue31622 and CSCuc71272. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-5415 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.8EPSS: 0%CPEs: 151EXPL: 0CVE-2013-1149
https://notcve.org/view.php?id=CVE-2013-1149
Cisco Adaptive Security Appliances (ASA) devices with software 7.x before 7.2(5.10), 8.0 before 8.0(5.28), 8.1 and 8.2 before 8.2(5.35), 8.3 before 8.3(2.34), 8.4 before 8.4(4.11), 8.6 before 8.6(1.10), and 8.7 before 8.7(1.3), and Cisco Firewall Services Module (FWSM) software 3.1 and 3.2 before 3.2(24.1) and 4.0 and 4.1 before 4.1(11.1), allow remote attackers to cause a denial of service (device reload) via a crafted IKEv1 message, aka Bug IDs CSCub85692 and CSCud20267. Cisco Adaptive Security Appliances (ASA) los dispositivos con v7.x de software antes de v7.2(5.10) v8.0, antes de v8.0(5.28), v8.1 y v8.2 antes de v8.2(5.35), v8.3 antes de v8.3(2.34), v8.4 antes de v8.4(4.11), v8.6 antes de v8.6(1.10), y v8.7 antes de v8.7(1.3), y Cisco Firewall Services Module (FWSM) software v3.1 y v3.2 antes de v3.2(24.1) y v4.0 y v401 antes de v4.1(11.1), permite a atacantes remotos provocar una denegación de servicio (recarga de dispositivo) a través de un elaborado IKEv1 mensaje, también conocido como Bug ID CSCub85692 y CSCud20267. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-asa http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-fwsm •
CVSS: 7.8EPSS: 0%CPEs: 30EXPL: 0CVE-2012-4660
https://notcve.org/view.php?id=CVE-2012-4660
The SIP inspection engine on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.2 before 8.2(5.17), 8.3 before 8.3(2.28), 8.4 before 8.4(2.13), 8.5 before 8.5(1.4), and 8.6 before 8.6(1.5) allows remote attackers to cause a denial of service (device reload) via a crafted SIP media-update packet, aka Bug ID CSCtr63728. El motor de inspección SIP en los dispositivos Cisco Adaptive Security Appliances (ASA) 5500, y el Módulo de Servicios de ASA (ASASM) en los dispositivos Cisco Catalyst 6500, con la versión del software anterior a la v8.2(5.17), v8.3 antes de v8.3(2.28), v8.4 antes de v8.4 (2.13) y v8.5 antes de v8.5(1.4) y v8.6 antes de v8.6(1.5), permite a atacantes remotos provocar una denegación de servicio (reinicio del dispositivo) a través de un paquete SIP modificado, también conocido como bug CSCtr63728. • http://osvdb.org/86144 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-asa http://www.securityfocus.com/bid/55864 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •