Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Authenticated Command Injection Vulnerabilities

Multiple vulnerabilities in the CLI feature of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an authenticated, local attacker to cause a device to execute commands with elevated privileges or reload unexpectedly,...

EUVD-2017-3872

Malware in sbrugna...

CVE-2017-12299

A vulnerability exists in the process of creating default IP blocks during device initialization for Cisco ASA Next-Generation Firewall Services that could allow an unauthenticated, remote attacker to send traffic to the local IP address of the device, bypassing any filters that are configured to...

Cisco Releases Security Advisories

Cisco has released four security advisories to address multiple vulnerabilities. These vulnerabilities may allow a remote attacker to execute arbitrary code on a vulnerable system or cause a denial-of-service condition. US-CERT encourages users and administrators to review the following Cisco...

Cisco Adaptive Security Appliance insecurely logs passwords

Overview The Cisco Adaptive Security Appliance ASA firewall may log user credentials, including passwords, as plain text when AAA authentication is enabled. Description The Cisco Adapative Security Appliance ASA is a firewall with Intrusion Protection System IPS, Stateful Packet Inspection SPI, a...