CVSS: 7.5EPSS: 0%CPEs: 24EXPL: 0CVE-2011-2054 – Cisco ASA Secondary Authentication Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2011-2054
19 Feb 2020 — A vulnerability in the Cisco ASA that could allow a remote attacker to successfully authenticate using the Cisco AnyConnect VPN client if the Secondary Authentication type is LDAP and the password is left blank, providing the primary credentials are correct. The vulnerabilities is due to improper input validation of certain parameters passed to the affected software. An attacker must have the correct primary credentials in order to successfully exploit this vulnerability. Una vulnerabilidad en el Cisco ASA ... • https://quickview.cloudapps.cisco.com/quickview/bug/CSCtq58884 • CWE-287: Improper Authentication •
CVSS: 7.5EPSS: 0%CPEs: 26EXPL: 0CVE-2019-12697 – Cisco Firepower System Software Detection Engine RTF and RAR Malware and File Policy Bypass Vulnerabilities
https://notcve.org/view.php?id=CVE-2019-12697
02 Oct 2019 — Multiple vulnerabilities in the Cisco Firepower System Software Detection Engine could allow an unauthenticated, remote attacker to bypass configured Malware and File Policies for RTF and RAR file types. For more information about these vulnerabilities, see the Details section of this advisory. Múltiples vulnerabilidades en el Cisco Firepower System Software Detection Engine, podrían permitir a un atacante remoto no autenticado omitir las Políticas de Malware y Archivos configuradas para los tipos de archiv... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-firepwr-bypass • CWE-693: Protection Mechanism Failure •
CVSS: 7.5EPSS: 0%CPEs: 26EXPL: 0CVE-2019-12696 – Cisco Firepower System Software Detection Engine RTF and RAR Malware and File Policy Bypass Vulnerabilities
https://notcve.org/view.php?id=CVE-2019-12696
02 Oct 2019 — Multiple vulnerabilities in the Cisco Firepower System Software Detection Engine could allow an unauthenticated, remote attacker to bypass configured Malware and File Policies for RTF and RAR file types. For more information about these vulnerabilities, see the Details section of this advisory. Múltiples vulnerabilidades en el Cisco Firepower System Software Detection Engine, podrían permitir a un atacante remoto no autenticado omitir las Políticas de Malware y Archivos configuradas para los tipos de archiv... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-firepwr-bypass • CWE-693: Protection Mechanism Failure •
CVSS: 7.2EPSS: 0%CPEs: 211EXPL: 0CVE-2019-1649 – Cisco Secure Boot Hardware Tampering Vulnerability
https://notcve.org/view.php?id=CVE-2019-1649
13 May 2019 — A vulnerability in the logic that handles access control to one of the hardware components in Cisco's proprietary Secure Boot implementation could allow an authenticated, local attacker to write a modified firmware image to the component. This vulnerability affects multiple Cisco products that support hardware-based Secure Boot functionality. The vulnerability is due to an improper check on the area of code that manages on-premise updates to a Field Programmable Gate Array (FPGA) part of the Secure Boot har... • http://www.securityfocus.com/bid/108350 • CWE-284: Improper Access Control CWE-667: Improper Locking •
CVSS: 7.5EPSS: 0%CPEs: 13EXPL: 0CVE-2019-1715 – Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Low-Entropy Keys Vulnerability
https://notcve.org/view.php?id=CVE-2019-1715
03 May 2019 — A vulnerability in the Deterministic Random Bit Generator (DRBG), also known as Pseudorandom Number Generator (PRNG), used in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a cryptographic collision, enabling the attacker to discover the private key of an affected device. The vulnerability is due to insufficient entropy in the DRBG when generating cryptographic keys. An attacker could exploit this vu... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftd-entropy • CWE-332: Insufficient Entropy in PRNG •
CVSS: 8.8EPSS: 92%CPEs: 52EXPL: 6CVE-2016-6366 – Cisco Adaptive Security Appliance (ASA) SNMP Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2016-6366
18 Aug 2016 — Buffer overflow in Cisco Adaptive Security Appliance (ASA) Software through 9.4.2.3 on ASA 5500, ASA 5500-X, ASA Services Module, ASA 1000V, ASAv, Firepower 9300 ASA Security Module, PIX, and FWSM devices allows remote authenticated users to execute arbitrary code via crafted IPv4 SNMP packets, aka Bug ID CSCva92151 or EXTRABACON. Desbordamiento de búfer en Cisco Adaptive Security Applicance (ASA) Software hasta la versión 9.4.2.3 en dispositivos ASA 5500, ASA 5500-X, ASA Services Module, ASA 1000V, ASAv, F... • https://packetstorm.news/files/id/180758 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 38%CPEs: 31EXPL: 3CVE-2016-6367 – Cisco Adaptive Security Appliance (ASA) CLI Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-6367
18 Aug 2016 — Cisco Adaptive Security Appliance (ASA) Software before 8.4(1) on ASA 5500, ASA 5500-X, PIX, and FWSM devices allows local users to gain privileges via invalid CLI commands, aka Bug ID CSCtu74257 or EPICBANANA. Cisco Adaptive Security Applicance (ASA) Software en versiones anteriores a 8.4(1) en dispositivos ASA 5500, ASA 5500-X, PIX y FWSM permite a usuarios locales obtener privilegios a través de comandos CLI no válidos, también conocido como Bug ID CSCtu74257 o EPICBANANA. A vulnerability in the command-... • https://www.exploit-db.com/exploits/40271 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 7.8EPSS: 1%CPEs: 2EXPL: 0CVE-2016-1312
https://notcve.org/view.php?id=CVE-2016-1312
09 Mar 2016 — The HTTPS inspection engine in the Content Security and Control Security Services Module (CSC-SSM) 6.6 before 6.6.1164.0 for Cisco ASA 5500 devices allows remote attackers to cause a denial of service (memory consumption or device reload) via a flood of HTTPS packets, aka Bug ID CSCue76147. El motor de inspección HTTPS en Content Security y Control Security Services Module (CSC-SSM) 6.6 en versiones anteriores a 6.6.1164.0 para dispositivos Cisco ASA 5500 permite a atacantes remotos provocar una denegación ... • http://www.securityfocus.com/bid/84281 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-399: Resource Management Errors •
CVSS: 9.1EPSS: 1%CPEs: 566EXPL: 0CVE-2013-0149
https://notcve.org/view.php?id=CVE-2013-0149
03 Aug 2013 — The OSPF implementation in Cisco IOS 12.0 through 12.4 and 15.0 through 15.3, IOS-XE 2.x through 3.9.xS, ASA and PIX 7.x through 9.1, FWSM, NX-OS, and StarOS before 14.0.50488 does not properly validate Link State Advertisement (LSA) type 1 packets before performing operations on the LSA database, which allows remote attackers to cause a denial of service (routing disruption) or obtain sensitive packet information via a (1) unicast or (2) multicast packet, aka Bug IDs CSCug34485, CSCug34469, CSCug39762, CSC... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130801-lsaospf •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2013-1218
https://notcve.org/view.php?id=CVE-2013-1218
18 Jul 2013 — Cisco Intrusion Prevention System (IPS) Software in ASA 5500-X IPS-SSP software modules before 7.1(7)sp1E4 allows remote attackers to cause a denial of service (Analysis Engine process hang or device reload) via fragmented (1) IPv4 or (2) IPv6 packets, aka Bug ID CSCue51272. Cisco Intrusion Prevention System (IPS) Software en ASA 5500-X IPS-SSP anterior a v7.1(7)sp1E4 permite a atacantes remotos causar una denegación de servicio (cuelgue del proceso Analysis Engine o reinicio del dispositivo) mediante paque... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130717-ips • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •