CVE-2020-3528

A vulnerability in the OSPF Version 2 OSPFv2 implementation of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS condition. The...

CVE-2020-3436

A vulnerability in the web services interface of Cisco Adaptive Security Appliance ASA and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to upload arbitrary-sized files to specific folders on an affected device, which could lead to an unexpected devic...

CVE-2020-3436

A vulnerability in the web services interface of Cisco Adaptive Security Appliance ASA and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to upload arbitrary-sized files to specific folders on an affected device, which could lead to an unexpected devic...

Design/Logic Flaw

A vulnerability in the web services interface of Cisco Adaptive Security Appliance ASA and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to upload arbitrary-sized files to specific folders on an affected device, which could lead to an unexpected devic...

CVE-2020-3562 Cisco Firepower 2100 Series SSL/TLS Inspection Denial of Service Vulnerability

A vulnerability in the SSL/TLS inspection of Cisco Firepower Threat Defense FTD Software for Cisco Firepower 2100 Series firewalls could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper input validatio...

CVE-2020-3563 Cisco Firepower Threat Defense Software TCP Flood Denial of Service Vulnerability

A vulnerability in the packet processing functionality of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to inefficient memory management. An attacker could...

CVE-2020-3563 Cisco Firepower Threat Defense Software TCP Flood Denial of Service Vulnerability

A vulnerability in the packet processing functionality of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to inefficient memory management. An attacker could...

CVE-2020-3571 Cisco Firepower 4110 ICMP Flood Denial of Service Vulnerability

A vulnerability in the ICMP ingress packet processing of Cisco Firepower Threat Defense FTD Software for Cisco Firepower 4110 appliances could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to incomplete input...

CVE-2020-3304 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Denial of Service Vulnerability

A vulnerability in the web interface of Cisco Adaptive Security Appliance ASA Software and Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service DoS condition. The vulnerability is...

CVE-2020-3436 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services File Upload Denial of Service Vulnerability

A vulnerability in the web services interface of Cisco Adaptive Security Appliance ASA and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to upload arbitrary-sized files to specific folders on an affected device, which could lead to an unexpected devic...

PT-2020-4463 · Cisco · Cisco Ftd +1

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA Software affected versions not specified Cisco Firepower Threat Defense FTD Software affected versions not specified Description: A vulnerability in the SSL VPN negotiation process could allow an...

PT-2020-4459 · Cisco · Cisco Ftd +1

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA and Cisco Firepower Threat Defense FTD Software affected versions not specified Description: A vulnerability in the web services interface could allow an unauthenticated, remote attacker to upload...

VulnCheck KEV: CVE-2020-3118

Cisco IOS XR improperly validates string input from certain fields in Cisco Discovery Protocol messages. Exploitation could allow an unauthenticated, adjacent attacker to execute code with administrative privileges or cause a reload on an affected device...

Authentication Bypass

picketbox is vulnerable to authentication bypass. An attacker is able to bypass authentication via JBoss EAP reload to admin-only mode...

Cisco IOS XE & Cisco IOS XE SDWAN Ethernet Frame DoS (cisco-sa-le-drTOB625)

According to its self-reported version, Cisco IOS XE or Cisco IOS XE SDWAN is affected by a denial of service DoS vulnerability in its networking component due to a failure to handle malformed ethernet frames. An unauthenticated, adjacent attacker can exploit this issue, by sending specially...

picketbox: JBoss EAP reload to admin-only mode allows authentication bypass

A flaw was found in JBoss EAP, where the authentication configuration is set-up using a legacy SecurityRealm, to delegate to a legacy PicketBox SecurityDomain, and then reloaded to admin-only mode. This flaw allows an attacker to perform a complete authentication bypass by using an arbitrary user...

CVE-2020-3544

A vulnerability in the Cisco Discovery Protocol implementation for Cisco Video Surveillance 8000 Series IP Cameras could allow an unauthenticated, adjacent attacker to execute arbitrary code on an affected device or cause the device to reload. This vulnerability is due to missing checks when an I...

Cisco IOS XE Software Catalyst 9000 Family SNMP Trap DoS (cisco-sa-iosxe-ewlc-snmp-dos-wNkedg9K)

According to its self-reported version, IOS XE Software is affected by a DoS vulnerability in the Simple Network Management Protocol SNMP trap generation for wireless clients due to the lack of input validation of the information used to generate an SNMP trap in relation to a wireless client...

Cisco IOS XE Software Split DNS DoS (cisco-sa-splitdns-SPWqpdGW)

According to its self-reported version, Cisco IOS XE Software is affected by a denial of service DoS vulnerability as the Split DNS feature's regular expression regex engine may time out when processing the DNS name list configuration. An unauthenticated, remote attacker could cause an affected...

Cisco IOS Software Split DNS DoS (cisco-sa-splitdns-SPWqpdGW)

According to its self-reported version, Cisco IOS Software is affected by a denial of service DoS vulnerability as the Split DNS feature's regular expression regex engine may time out when processing the DNS name list configuration. An unauthenticated, remote attacker could cause an affected devi...