Lucene search
K

44 matches found

Tenable Nessus
Tenable Nessus
added 2022/05/13 12:0 a.m.37 views

Cisco Firepower Threat Defense Software Web Services Interface Privilege Escalation (cisco-sa-asaftd-mgmt-privesc-BMFMUvye)

A vulnerability in the web services interface for remote access VPN features of Cisco Firepower Threat Defense FTD Software could allow an authenticated, but unprivileged, remote attacker to elevate privileges to level 15. This vulnerability is due to improper separation of authentication and...

8.8CVSS8.3AI score0.28369EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2022/05/13 12:0 a.m.35 views

Cisco Adaptive Security Appliance Software Web Services Interface Privilege Escalation (cisco-sa-asaftd-mgmt-privesc-BMFMUvye)

A vulnerability in the web services interface for remote access VPN features of Cisco Adaptive Security Appliance ASA Software could allow an authenticated, but unprivileged, remote attacker to elevate privileges to level 15. This vulnerability is due to improper separation of authentication and...

8.8CVSS8.3AI score0.28369EPSS
Exploits1References4
OSV
OSV
added 2022/05/03 4:15 a.m.2 views

CVE-2022-20745

A vulnerability in the web services interface for remote access VPN features of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. This vulnerability is due to...

7.5CVSS7.1AI score0.01385EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/04/27 4:0 p.m.5 views

CVE-2022-20745

A vulnerability in the web services interface for remote access VPN features of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. This vulnerability is due to...

8.6CVSS7.2AI score0.01385EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/04/27 4:0 p.m.5 views

CVE-2022-20759

A vulnerability in the web services interface for remote access VPN features of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an authenticated, but unprivileged, remote attacker to elevate privileges to level 15. This vulnerability is d...

8.8CVSS7.5AI score0.28369EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2021/11/23 12:0 a.m.22 views

Cisco Adaptive Security Appliance XSS (cisco-sa-asaftd-xss-webui-gQLSFyPM)

According to its self-reported version, Cisco ASA Software is affected by a cross-site scripting XSS vulnerability in its web services interface due to improper validation of user-supplied input before returning it to users. An unauthenticated, remote attacker can exploit this, by convincing a us...

6.1CVSS5.4AI score0.00419EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2021/11/23 12:0 a.m.24 views

Cisco Firepower Threat Defense XSS (cisco-sa-asaftd-xss-webui-gQLSFyPM)

According to its self-reported version, Cisco FTD Software is affected by a cross-site scripting XSS vulnerability in its web services interface due to improper validation of user-supplied input before returning it to users. An unauthenticated, remote attacker can exploit this, by convincing a us...

6.1CVSS5.4AI score0.00419EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2021/10/27 12:0 a.m.4 views

PT-2021-4615 · Cisco · Cisco Ftd +1

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA Software affected versions not specified Cisco Firepower Threat Defense FTD Software affected versions not specified Description: A vulnerability in the web services interface could allow an...

8.6CVSS7.4AI score0.01307EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2021/10/27 12:0 a.m.3 views

PT-2021-4722 · Cisco · Cisco Ftd +1

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA Software affected versions not specified Cisco Firepower Threat Defense FTD Software affected versions not specified Description: A vulnerability in the web services interface of Cisco Adaptive Security...

8.6CVSS7.5AI score0.01307EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2021/10/27 12:0 a.m.3 views

PT-2021-4606 · Cisco · Cisco Ftd +1

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA Software affected versions not specified Cisco Firepower Threat Defense FTD Software affected versions not specified Description: A vulnerability in the web services interface could allow an...

6.4CVSS6.2AI score0.00419EPSS
Exploits0References5
Hacker One
Hacker One
added 2021/07/25 8:33 p.m.87 views

U.S. Dept Of Defense: XSS due to CVE-2020-3580 [██████]

Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the web services interface of an...

2.6CVSS1.5AI score0.85439EPSS
Exploits2
Hacker One
Hacker One
added 2021/06/30 1:7 a.m.21 views

MTN Group: Reflected Cross Site Scripting Cisco ASA on myvpn.mtncameroon.net CVE-2020-3580

The Cisco ASA Adaptive Security Appliance and Cisco Firepower Threat Defense FTD Software were found to contain vulnerabilities in their web services interface. These vulnerabilities could have allowed an unauthenticated, remote attacker to conduct cross-site scripting XSS attacks against a user ...

6.1CVSS6.5AI score0.85439EPSS
Exploits2
OSV
OSV
added 2021/04/29 6:15 p.m.4 views

CVE-2021-1493

A vulnerability in the web services interface of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an authenticated, remote attacker to cause a buffer overflow on an affected system. The vulnerability is due to insufficient boundary checks...

7.1CVSS6.1AI score0.01197EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/02/01 12:0 a.m.7 views

Qualcomm UTILS Input Validation Error Vulnerability

Qualcomm UTILS is a Qualcomm Incorporated USA support component used in chips. A security vulnerability exists in Qualcomm UTILS that originates from a BSI module that may result in memory corruption due to improper parameter count validation...

7.8CVSS7.1AI score0.00161EPSS
Exploits0References3
OSV
OSV
added 2020/10/21 7:15 p.m.3 views

CVE-2020-3582

Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the web services interface of an...

6.1CVSS7AI score0.01145EPSS
Exploits0References1
OSV
OSV
added 2020/10/21 7:15 p.m.4 views

CVE-2020-3581

Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the web services interface of an...

6.1CVSS7AI score0.01145EPSS
Exploits0References1
OSV
OSV
added 2020/10/21 7:15 p.m.2 views

CVE-2020-3583

Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the web services interface of an...

6.1CVSS7AI score0.01049EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2020/10/21 6:36 p.m.10 views

CVE-2020-3583 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Interface Cross-Site Scripting Vulnerabilities

Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the web services interface of an...

6.1CVSS6.2AI score0.01049EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2020/10/21 6:36 p.m.10 views

CVE-2020-3582 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Interface Cross-Site Scripting Vulnerabilities

Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the web services interface of an...

6.1CVSS6.2AI score0.01145EPSS
Exploits0References1
CVE
CVE
added 2020/10/21 6:36 p.m.109 views

CVE-2020-3582

CVE-2020-3582 involves multiple XSS vulnerabilities in the web services interface of Cisco ASA and Firepower Threat Defense (FTD) software. The root cause is insufficient validation of user-supplied input in the device’s web interface, allowing an unauthenticated, remote attacker to persuade a us...

6.1CVSS6.1AI score0.01145EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder