44 matches found
Cisco Firepower Threat Defense Software Web Services Interface Privilege Escalation (cisco-sa-asaftd-mgmt-privesc-BMFMUvye)
A vulnerability in the web services interface for remote access VPN features of Cisco Firepower Threat Defense FTD Software could allow an authenticated, but unprivileged, remote attacker to elevate privileges to level 15. This vulnerability is due to improper separation of authentication and...
Cisco Adaptive Security Appliance Software Web Services Interface Privilege Escalation (cisco-sa-asaftd-mgmt-privesc-BMFMUvye)
A vulnerability in the web services interface for remote access VPN features of Cisco Adaptive Security Appliance ASA Software could allow an authenticated, but unprivileged, remote attacker to elevate privileges to level 15. This vulnerability is due to improper separation of authentication and...
CVE-2022-20745
A vulnerability in the web services interface for remote access VPN features of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. This vulnerability is due to...
CVE-2022-20745
A vulnerability in the web services interface for remote access VPN features of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. This vulnerability is due to...
CVE-2022-20759
A vulnerability in the web services interface for remote access VPN features of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an authenticated, but unprivileged, remote attacker to elevate privileges to level 15. This vulnerability is d...
Cisco Adaptive Security Appliance XSS (cisco-sa-asaftd-xss-webui-gQLSFyPM)
According to its self-reported version, Cisco ASA Software is affected by a cross-site scripting XSS vulnerability in its web services interface due to improper validation of user-supplied input before returning it to users. An unauthenticated, remote attacker can exploit this, by convincing a us...
Cisco Firepower Threat Defense XSS (cisco-sa-asaftd-xss-webui-gQLSFyPM)
According to its self-reported version, Cisco FTD Software is affected by a cross-site scripting XSS vulnerability in its web services interface due to improper validation of user-supplied input before returning it to users. An unauthenticated, remote attacker can exploit this, by convincing a us...
PT-2021-4615 · Cisco · Cisco Ftd +1
Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA Software affected versions not specified Cisco Firepower Threat Defense FTD Software affected versions not specified Description: A vulnerability in the web services interface could allow an...
PT-2021-4722 · Cisco · Cisco Ftd +1
Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA Software affected versions not specified Cisco Firepower Threat Defense FTD Software affected versions not specified Description: A vulnerability in the web services interface of Cisco Adaptive Security...
PT-2021-4606 · Cisco · Cisco Ftd +1
Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA Software affected versions not specified Cisco Firepower Threat Defense FTD Software affected versions not specified Description: A vulnerability in the web services interface could allow an...
U.S. Dept Of Defense: XSS due to CVE-2020-3580 [██████]
Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the web services interface of an...
MTN Group: Reflected Cross Site Scripting Cisco ASA on myvpn.mtncameroon.net CVE-2020-3580
The Cisco ASA Adaptive Security Appliance and Cisco Firepower Threat Defense FTD Software were found to contain vulnerabilities in their web services interface. These vulnerabilities could have allowed an unauthenticated, remote attacker to conduct cross-site scripting XSS attacks against a user ...
CVE-2021-1493
A vulnerability in the web services interface of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an authenticated, remote attacker to cause a buffer overflow on an affected system. The vulnerability is due to insufficient boundary checks...
Qualcomm UTILS Input Validation Error Vulnerability
Qualcomm UTILS is a Qualcomm Incorporated USA support component used in chips. A security vulnerability exists in Qualcomm UTILS that originates from a BSI module that may result in memory corruption due to improper parameter count validation...
CVE-2020-3582
Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the web services interface of an...
CVE-2020-3581
Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the web services interface of an...
CVE-2020-3583
Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the web services interface of an...
CVE-2020-3583 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Interface Cross-Site Scripting Vulnerabilities
Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the web services interface of an...
CVE-2020-3582 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Interface Cross-Site Scripting Vulnerabilities
Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the web services interface of an...
CVE-2020-3582
CVE-2020-3582 involves multiple XSS vulnerabilities in the web services interface of Cisco ASA and Firepower Threat Defense (FTD) software. The root cause is insufficient validation of user-supplied input in the device’s web interface, allowing an unauthenticated, remote attacker to persuade a us...