Lucene search

K

Cisco Adaptive Security Appliance (ASA) Software Security Vulnerabilities

cve
cve

CVE-2019-12676

A vulnerability in the Open Shortest Path First (OSPF) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service...

7.4CVSS

7.3AI Score

0.001EPSS

2019-10-02 07:15 PM
29
cve
cve

CVE-2019-1934

A vulnerability in the web-based management interface of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker to elevate privileges and execute administrative functions on an affected device. The vulnerability is due to insufficient authorization...

8.8CVSS

8.5AI Score

0.002EPSS

2019-08-07 10:15 PM
72
cve
cve

CVE-2019-1945

Multiple vulnerabilities in the smart tunnel functionality of Cisco Adaptive Security Appliance (ASA) could allow an authenticated, local attacker to elevate privileges to the root user or load a malicious library file while the tunnel is being established. For more information about these...

7.8CVSS

7.2AI Score

0.0004EPSS

2019-08-07 10:15 PM
87
cve
cve

CVE-2019-1944

Multiple vulnerabilities in the smart tunnel functionality of Cisco Adaptive Security Appliance (ASA) could allow an authenticated, local attacker to elevate privileges to the root user or load a malicious library file while the tunnel is being established. For more information about these...

7.3CVSS

7.1AI Score

0.0004EPSS

2019-08-07 10:15 PM
75
cve
cve

CVE-2019-1873

A vulnerability in the cryptographic driver for Cisco Adaptive Security Appliance Software (ASA) and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reboot unexpectedly. The vulnerability is due to incomplete input validation of a...

8.6CVSS

8.5AI Score

0.002EPSS

2019-07-10 06:15 PM
97
cve
cve

CVE-2019-1715

A vulnerability in the Deterministic Random Bit Generator (DRBG), also known as Pseudorandom Number Generator (PRNG), used in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a cryptographic.....

7.5CVSS

7.5AI Score

0.003EPSS

2019-05-03 05:29 PM
30
cve
cve

CVE-2019-1714

A vulnerability in the implementation of Security Assertion Markup Language (SAML) 2.0 Single Sign-On (SSO) for Clientless SSL VPN (WebVPN) and AnyConnect Remote Access VPN in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an...

8.6CVSS

8.6AI Score

0.002EPSS

2019-05-03 05:29 PM
29
cve
cve

CVE-2019-1713

A vulnerability in the web-based management interface of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. The vulnerability is due to insufficient CSRF protections for the...

8.8CVSS

8.8AI Score

0.001EPSS

2019-05-03 05:29 PM
37
cve
cve

CVE-2019-1705

A vulnerability in the remote access VPN session manager of Cisco Adaptive Security Appliance (ASA) Software could allow a unauthenticated, remote attacker to cause a denial of service (DoS) condition on the remote access VPN services. The vulnerability is due to an issue with the remote access...

5.9CVSS

5.8AI Score

0.002EPSS

2019-05-03 04:29 PM
27
cve
cve

CVE-2019-1697

A vulnerability in the implementation of the Lightweight Directory Access Protocol (LDAP) feature in Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a...

7.5CVSS

7.6AI Score

0.002EPSS

2019-05-03 04:29 PM
18
cve
cve

CVE-2019-1706

A vulnerability in the software cryptography module of the Cisco Adaptive Security Virtual Appliance (ASAv) and Firepower 2100 Series running Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause an unexpected reload of the device that results in....

8.6CVSS

8.3AI Score

0.001EPSS

2019-05-03 04:29 PM
36
cve
cve

CVE-2019-1708

A vulnerability in the Internet Key Exchange Version 2 Mobility and Multihoming Protocol (MOBIKE) feature for the Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a memory leak or a reload of....

8.6CVSS

8.4AI Score

0.002EPSS

2019-05-03 04:29 PM
30
cve
cve

CVE-2019-1701

Multiple vulnerabilities in the WebVPN service of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the WebVPN portal of an affected...

4.8CVSS

5AI Score

0.001EPSS

2019-05-03 04:29 PM
22
cve
cve

CVE-2019-1694

A vulnerability in the TCP processing engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The...

8.6CVSS

8.3AI Score

0.002EPSS

2019-05-03 03:29 PM
24
cve
cve

CVE-2019-1695

A vulnerability in the detection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent attacker to send data directly to the kernel of an affected device. The vulnerability exists because the software...

6.5CVSS

6.3AI Score

0.001EPSS

2019-05-03 03:29 PM
22
cve
cve

CVE-2019-1687

A vulnerability in the TCP proxy functionality for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. The...

7.5CVSS

7.5AI Score

0.001EPSS

2019-05-03 03:29 PM
34
cve
cve

CVE-2018-15388

A vulnerability in the WebVPN login process of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause increased CPU utilization on an affected device. The vulnerability is due to excessive...

8.6CVSS

8.4AI Score

0.002EPSS

2019-05-03 03:29 PM
18
cve
cve

CVE-2019-1693

A vulnerability in the WebVPN service of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper...

6.5CVSS

6.4AI Score

0.001EPSS

2019-05-03 03:29 PM
20
cve
cve

CVE-2018-15465

A vulnerability in the authorization subsystem of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, but unprivileged (levels 0 and 1), remote attacker to perform privileged actions by using the web management interface. The vulnerability is due to improper validation...

8.1CVSS

8AI Score

0.006EPSS

2018-12-24 02:29 PM
61
cve
cve

CVE-2018-15454

A vulnerability in the Session Initiation Protocol (SIP) inspection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload or trigger high CPU, resulting in a....

8.6CVSS

8.4AI Score

0.047EPSS

2018-11-01 12:29 PM
59
cve
cve

CVE-2018-15399

A vulnerability in the TCP syslog module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to exhaust the 1550-byte buffers on an affected device, resulting in a denial of service (DoS) condition....

6.8CVSS

6.7AI Score

0.001EPSS

2018-10-05 02:29 PM
47
cve
cve

CVE-2018-15397

A vulnerability in the implementation of Traffic Flow Confidentiality (TFC) over IPsec functionality in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to restart...

6.8CVSS

6.8AI Score

0.001EPSS

2018-10-05 02:29 PM
55
cve
cve

CVE-2018-15398

A vulnerability in the per-user-override feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass an access control list (ACL) that is configured for an interface of an affected device....

4CVSS

4.6AI Score

0.002EPSS

2018-10-05 02:29 PM
42
cve
cve

CVE-2018-15383

A vulnerability in the cryptographic hardware accelerator driver of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a temporary denial of service...

7.5CVSS

7.6AI Score

0.001EPSS

2018-10-05 02:29 PM
48
cve
cve

CVE-2018-0472

A vulnerability in the IPsec driver code of multiple Cisco IOS XE Software platforms and the Cisco ASA 5500-X Series Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause the device to reload. The vulnerability is due to improper processing of malformed IPsec...

8.6CVSS

8.6AI Score

0.007EPSS

2018-10-05 02:29 PM
55
cve
cve

CVE-2018-0296

A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. It is also possible on certain software releases that the ASA...

7.5CVSS

7.8AI Score

0.974EPSS

2018-06-07 12:29 PM
1045
In Wild
9
cve
cve

CVE-2018-0251

A vulnerability in the Web Server Authentication Required screen of the Clientless Secure Sockets Layer (SSL) VPN portal of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of that portal.....

6.1CVSS

6AI Score

0.001EPSS

2018-04-19 08:29 PM
55
cve
cve

CVE-2018-0233

A vulnerability in the Secure Sockets Layer (SSL) packet reassembly functionality of the detection engine in Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause the detection engine to consume excessive system memory on an affected device, which could cause a...

8.6CVSS

8.3AI Score

0.001EPSS

2018-04-19 08:29 PM
21
cve
cve

CVE-2018-0227

A vulnerability in the Secure Sockets Layer (SSL) Virtual Private Network (VPN) Client Certificate Authentication feature for Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to establish an SSL VPN connection and bypass certain SSL certificate verification...

7.5CVSS

8.1AI Score

0.001EPSS

2018-04-19 08:29 PM
33
2
cve
cve

CVE-2018-0240

Multiple vulnerabilities in the Application Layer Protocol Inspection feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of...

8.6CVSS

8.5AI Score

0.002EPSS

2018-04-19 08:29 PM
47
3
cve
cve

CVE-2018-0228

A vulnerability in the ingress flow creation functionality of Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause the CPU to increase upwards of 100% utilization, causing a denial of service (DoS) condition on an affected system. The vulnerability is...

8.6CVSS

8.5AI Score

0.004EPSS

2018-04-19 08:29 PM
60
cve
cve

CVE-2018-0229

A vulnerability in the implementation of Security Assertion Markup Language (SAML) Single Sign-On (SSO) authentication for Cisco AnyConnect Secure Mobility Client for Desktop Platforms, Cisco Adaptive Security Appliance (ASA) Software, and Cisco Firepower Threat Defense (FTD) Software could allow.....

6.5CVSS

7.3AI Score

0.002EPSS

2018-04-19 08:29 PM
58
cve
cve

CVE-2018-0242

A vulnerability in the WebVPN web-based management interface of Cisco Adaptive Security Appliance could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulnerability is due to...

6.1CVSS

5.9AI Score

0.001EPSS

2018-04-19 08:29 PM
27
cve
cve

CVE-2018-0231

A vulnerability in the Transport Layer Security (TLS) library of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of the affected device, resulting in a denial of service (DoS)...

8.6CVSS

8.6AI Score

0.003EPSS

2018-04-19 08:29 PM
59
cve
cve

CVE-2018-0101

A vulnerability in the Secure Sockets Layer (SSL) VPN functionality of the Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code. The vulnerability is due to an attempt to double free a.....

10CVSS

9.6AI Score

0.942EPSS

2018-01-29 08:29 PM
274
4
cve
cve

CVE-2017-12244

A vulnerability in the detection engine parsing of IPv6 packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause high CPU utilization or to cause a denial of service (DoS) condition because the Snort process restarts unexpectedly. The vulnerability is...

8.6CVSS

8.5AI Score

0.001EPSS

2017-10-05 07:29 AM
38
cve
cve

CVE-2017-12245

A vulnerability in SSL traffic decryption for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause depletion of system memory, aka a Firepower Detection Engine SSL Decryption Memory Consumption Denial of Service vulnerability. If this memory leak...

8.6CVSS

8.4AI Score

0.001EPSS

2017-10-05 07:29 AM
33
cve
cve

CVE-2017-12265

A vulnerability in the web-based management interface of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device, aka HREF XSS. The...

6.1CVSS

5.9AI Score

0.001EPSS

2017-10-05 07:29 AM
28
cve
cve

CVE-2017-12246

A vulnerability in the implementation of the direct authentication feature in Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause an affected device to unexpectedly reload, resulting in a denial of service (DoS) condition. The vulnerability is.....

8.6CVSS

8.5AI Score

0.002EPSS

2017-10-05 07:29 AM
31
cve
cve

CVE-2017-6770

Cisco IOS 12.0 through 15.6, Adaptive Security Appliance (ASA) Software 7.0.1 through 9.7.1.2, NX-OS 4.0 through 12.0, and IOS XE 3.6 through 3.18 are affected by a vulnerability involving the Open Shortest Path First (OSPF) Routing Protocol Link State Advertisement (LSA) database. This...

4.2CVSS

3.5AI Score

0.004EPSS

2017-08-07 06:29 AM
90
cve
cve

CVE-2017-6764

A vulnerability in the web-based management interface of Cisco Adaptive Security Appliance (ASA) 9.5(1) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulnerability is due.....

5.4CVSS

5.2AI Score

0.002EPSS

2017-08-07 06:29 AM
26
cve
cve

CVE-2017-6752

A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) 9.3(3) and 9.6(2) could allow an unauthenticated, remote attacker to determine valid usernames. The attacker could use this information to conduct additional reconnaissance attacks. The vulnerability is due to the.....

7.5CVSS

7.3AI Score

0.002EPSS

2017-08-07 06:29 AM
35
cve
cve

CVE-2017-6765

A vulnerability in the web-based management interface of Cisco Adaptive Security Appliance (ASA) 9.1(6.11) and 9.4(1.2) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device, aka...

6.1CVSS

5.9AI Score

0.001EPSS

2017-08-07 06:29 AM
26
cve
cve

CVE-2017-6608

A vulnerability in the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) code of Cisco ASA Software could allow an unauthenticated, remote attacker to cause a reload of the affected system. The vulnerability is due to improper parsing of crafted SSL or TLS packets. An attacker could...

8.6CVSS

8.6AI Score

0.003EPSS

2017-04-20 10:59 PM
24
cve
cve

CVE-2016-6368

A vulnerability in the detection engine parsing of Pragmatic General Multicast (PGM) protocol packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to the Snort process unexpectedly restarting. The vulnerability....

8.6CVSS

8.4AI Score

0.004EPSS

2017-04-20 10:59 PM
21
cve
cve

CVE-2017-3793

A vulnerability in the TCP normalizer of Cisco Adaptive Security Appliance (ASA) Software (8.0 through 8.7 and 9.0 through 9.6) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause Cisco ASA and FTD to drop any further incoming traffic on all...

4CVSS

4.7AI Score

0.002EPSS

2017-04-20 10:59 PM
26
cve
cve

CVE-2017-6607

A vulnerability in the DNS code of Cisco ASA Software could allow an unauthenticated, remote attacker to cause an affected device to reload or corrupt the information present in the device's local DNS cache. The vulnerability is due to a flaw in handling crafted DNS response messages. An attacker.....

8.7CVSS

8.7AI Score

0.005EPSS

2017-04-20 10:59 PM
29
2
cve
cve

CVE-2017-6610

A vulnerability in the Internet Key Exchange Version 1 (IKEv1) XAUTH code of Cisco ASA Software could allow an authenticated, remote attacker to cause a reload of an affected system. The vulnerability is due to insufficient validation of the IKEv1 XAUTH parameters passed during an IKEv1...

7.7CVSS

7.5AI Score

0.002EPSS

2017-04-20 10:59 PM
28
cve
cve

CVE-2017-6609

A vulnerability in the IPsec code of Cisco ASA Software could allow an authenticated, remote attacker to cause a reload of the affected system. The vulnerability is due to improper parsing of malformed IPsec packets. An attacker could exploit this vulnerability by sending malformed IPsec packets...

7.7CVSS

7.6AI Score

0.002EPSS

2017-04-20 10:59 PM
26
cve
cve

CVE-2017-3867

A vulnerability in the Border Gateway Protocol (BGP) Bidirectional Forwarding Detection (BFD) implementation of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to bypass the access control list (ACL) for specific TCP and UDP traffic. More...

5.3CVSS

5.4AI Score

0.002EPSS

2017-03-17 10:59 PM
27
Total number of security vulnerabilities155