Command injection

2013-10-1310:20:00

PRIOn knowledge base

www.prio-n.com

7.1 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

43.4%

JSON

The Clientless SSL VPN feature in Cisco Adaptive Security Appliance (ASA) Software 8.x before 8.2(5.44), 8.3.x before 8.3(2.39), 8.4.x before 8.4(5.7), 8.6.x before 8.6(1.12), 9.0.x before 9.0(2.6), and 9.1.x before 9.1(1.7) allows remote attackers to cause a denial of service (device reload) via crafted HTTPS requests, aka Bug ID CSCua22709.

CPENameOperatorVersion
adaptive_security_appliance_softwareeq8.4.0
adaptive_security_appliance_softwareeq8.32.34
adaptive_security_appliance_softwareeq8.25.38
adaptive_security_appliance_softwareeq8.23.0
adaptive_security_appliance_softwareeq8.1
adaptive_security_appliance_softwareeq8.24.0
adaptive_security_appliance_softwareeq8.3.0
adaptive_security_appliance_softwareeq8.23.9
adaptive_security_appliance_softwareeq8.0.2
adaptive_security_appliance_softwareeq8.25.0

Name	Operator	Version
adaptive_security_appliance_software	eq	8.4.0
adaptive_security_appliance_software	eq	8.32.34
adaptive_security_appliance_software	eq	8.25.38
adaptive_security_appliance_software	eq	8.23.0
adaptive_security_appliance_software	eq	8.1
adaptive_security_appliance_software	eq	8.24.0
adaptive_security_appliance_software	eq	8.3.0
adaptive_security_appliance_software	eq	8.23.9
adaptive_security_appliance_software	eq	8.0.2
adaptive_security_appliance_software	eq	8.25.0