CVE-2020-3259 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Information Disclosure Vulnerability

A vulnerability in the web services interface of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to retrieve memory contents on an affected device, which could lead to the disclosure of confidential...

CVE-2020-3259 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Information Disclosure Vulnerability

A vulnerability in the web services interface of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to retrieve memory contents on an affected device, which could lead to the disclosure of confidential...

CVE-2020-3259

CVE-2020-3259 is Cisco ASA/FTD Web Services Information Disclosure: an unauthenticated attacker could retrieve memory contents via crafted GET requests due to a buffer-tracking issue, with impact limited to specific AnyConnect/WebVPN configurations. Cisco and CVE listings confirm information disc...

CVE-2020-3187

Cisco ASA/FTD web services interface (Cisco ASA Software and Cisco Firepower Threat Defense) is vulnerable to CVE-2020-3187 via directory traversal. The authenticated or unauthenticated attacker can craft HTTP requests (e.g., to /+CSCOE+/session_password.html) to view and delete files within the ...

CVE-2020-3187 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Path Traversal Vulnerability

A vulnerability in the web services interface of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to conduct directory traversal attacks and obtain read and delete access to sensitive files on a targeted...

CVE-2020-3187 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Path Traversal Vulnerability

A vulnerability in the web services interface of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to conduct directory traversal attacks and obtain read and delete access to sensitive files on a targeted...

Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Path Traversal Vulnerability

A vulnerability in the web services interface of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to conduct directory traversal attacks and obtain read and delete access to sensitive files on a targeted...

Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Information Disclosure Vulnerability

A vulnerability in the web services interface of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to retrieve memory contents on an affected device, which could lead to the disclosure of confidential...

CVE-2020-3259

A vulnerability in the web services interface of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to retrieve memory contents on an affected device, which could lead to the disclosure of confidential...

Cisco Firepower Threat Defense Software WebVPN XSS (cisco-sa-20191002-asa-xss)

A vulnerability in the Clientless SSL VPN WebVPN portal of Cisco Firepower Threat Defense Software FTD allows an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due to...

PT-2020-09: Path Traversal vulnerability in Cisco ASA and Cisco FTD

A vulnerability in Cisco ASA and Cisco FTD allows attackers to read some WebVPN-related files, which may contain sensitive information like WebVPN configuration data of Cisco ASA users, bookmarks, cookies, web content, and HTTP URLs. Advisory status: February 13, 2020 - Vendor notification date...

The vulnerability of the WebVPN function in Cisco Adaptive Security Appliance and Firepower Threat Defense micro-programming systems allows a perpetrator to induce a service failure.

The vulnerability of the WebVPN function in Cisco Adaptive Security Appliance and Firepower Threat Defense microprogramming systems is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause a service failure by requesting the loading ...

Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Resource Management Error Vulnerability

Cisco Firepower Threat Defense FTD and Cisco Adaptive Security Appliances Software ASA Software are both products of Cisco, Inc.Cisco Firepower Threat Defense is a set of unified software that provides next-generation firewall services. Defense is a set of unified software to provide...

Cisco Adaptive Security Appliance WebVPN XSS (cisco-sa-20191002-asa-xss)

A vulnerability in the Clientless SSL VPN WebVPN portal of Cisco Adaptive Security Appliance ASA allows an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due to...

CVE-2019-12698

A vulnerability in the WebVPN feature of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause increased CPU utilization on an affected device. The vulnerability is due to excessive processing load f...

Design/Logic Flaw

A vulnerability in the WebVPN feature of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause increased CPU utilization on an affected device. The vulnerability is due to excessive processing load f...

CVE-2019-12698 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software WebVPN CPU Denial of Service Vulnerability

A vulnerability in the WebVPN feature of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause increased CPU utilization on an affected device. The vulnerability is due to excessive processing load f...

CVE-2019-12698 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software WebVPN CPU Denial of Service Vulnerability

A vulnerability in the WebVPN feature of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause increased CPU utilization on an affected device. The vulnerability is due to excessive processing load f...

CVE-2019-12698

Cisco ASA Software and Cisco FTD WebVPN CPU Denial of Service (CVE-2019-12698) allows unauthenticated remote attackers to trigger high CPU by repeated WebVPN HTTP page requests, causing DoS. Affected ASA/FTD versions are mitigated by Cisco software updates; there are no supported workarounds per ...

CVE-2019-12695

CVE-2019-12695 affects Cisco ASA and Cisco Firepower Threat Defense (FTD) WebVPN portals. The issue arises from insufficient validation of user-supplied input in the web-based management interface, enabling an unauthenticated, remote attacker to lure a user into clicking a crafted link and execut...