Lucene search
K

7 matches found

Tenable Nessus
Tenable Nessus
added 2024/06/14 12:0 a.m.19 views

Cisco Adaptive Security Appliance Software Authorization Bypass (cisco-sa-asaftd-saml-bypass-KkNvXyKW)

A vulnerability in the implementation of SAML 2.0 single sign-on SSO for remote access VPN services in Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an authenticated, remote attacker to successfully establish a VPN session on an affecte...

5CVSS5.7AI score0.00333EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/06/14 12:0 a.m.17 views

Cisco Firepower Threat Defense Software Authorization Bypass (cisco-sa-asaftd-saml-bypass-KkNvXyKW)

A vulnerability in the implementation of SAML 2.0 single sign-on SSO for remote access VPN services in Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an authenticated, remote attacker to successfully establish a VPN session on an affecte...

5CVSS5.7AI score0.00333EPSS
Exploits0References3
Cisco
Cisco
added 2024/05/22 4:0 p.m.31 views

Cisco Adaptive Security Appliance and Firepower Threat Defense Software Authorization Bypass Vulnerability

A vulnerability in the implementation of SAML 2.0 single sign-on SSO for remote access VPN services in Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an authenticated, remote attacker to successfully establish a VPN session on an affecte...

5CVSS5.1AI score0.00333EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/05/22 12:0 a.m.7 views

PT-2024-4160

Name of the Vulnerable Software and Affected Versions Cisco Adaptive Security Appliance ASA Software affected versions not specified Cisco Firepower Threat Defense FTD Software affected versions not specified Description A vulnerability in the implementation of SAML 2.0 single sign-on SSO for...

5CVSS5.8AI score0.00333EPSS
Exploits0References9
Cvelist
Cvelist
added 2015/02/17 1:0 a.m.23 views

CVE-2014-8023

Cisco Adaptive Security Appliance ASA Software 9.2.3 and earlier, when challenge-response authentication is used, does not properly select tunnel groups, which allows remote authenticated users to bypass intended resource-access restrictions via a crafted tunnel-group parameter, aka Bug ID...

6.4AI score0.01782EPSS
Exploits0References5
CVE
CVE
added 2015/02/17 1:0 a.m.65 views

CVE-2014-8023

Cisco ASA Software 9.2(.3) and earlier is affected by a vulnerability in challenge‑response tunnel group selection. Improper implementation allows an authenticated remote attacker to bypass resource access restrictions by crafting a tunnel-group parameter, potentially enabling access to resources...

4CVSS6.6AI score0.01782EPSS
Exploits0References5Affected Software1
Cisco
Cisco
added 2015/02/16 7:55 p.m.31 views

Cisco ASA Challenge-Response Tunnel Group Selection Bypass Vulnerability

A vulnerability in the authentication code of Cisco ASA Software could allow an authenticated, remote attacker to access resources of a VPN tunnel group. The vulnerability is due to improper implementation of the tunnel group selection when a user authenticates to the remote access VPN via the...

4CVSS6.6AI score0.01782EPSS
Exploits0References1
Rows per page
Query Builder