351 matches found
CVE-2020-3452
CVE-2020-3452 affects Cisco ASA Software and Cisco Firepower Threat Defense (FTD) web services. The issue is due to improper input validation of URLs in HTTP requests, enabling unauthenticated, remote attackers to perform directory traversal and read files from the web services filesystem (enable...
CVE-2018-0296
CVE-2018-0296 affects Cisco ASA and related FTD/FTD-based offerings, where an improper input validation of HTTP URLs in the web interface allows unauthenticated remote access to trigger DoS (device reload) or, on some releases, expose sensitive information via directory traversal. Public referenc...
CVE-2020-3580
Cisco ASA/FTD web services suffer XSS due to insufficient input validation in the web UI, allowing unauthenticated, remote attackers to induce script execution or access browser data via crafted links. Affected products include Cisco ASA and FTD with specific AnyConnect/WebVPN configurations. Imp...
CVE-2023-20269
Cisco ASA/FTD remote access VPN vulnerability CVE-2023-20269 allows an unauthenticated, remote attacker to perform brute force against credentials or, for older releases (
CVE-2016-6366
CVE-2016-6366 is a buffer overflow in Cisco ASA software (SNMP code) that allows an authenticated, remote attacker to cause a reload or remotely execute code via crafted IPv4 SNMP packets. The vulnerability affects multiple Cisco devices and ASA platforms, including ASA 5500, 5500-X, ASA Services...
CVE-2016-6367
The CVE-2016-6367 issue affects Cisco ASA Software on ASA 5500/5500-X, PIX, and FWSM where an authenticated, local attacker can trigger the CLI parser with invalid commands to gain privileges and potentially execute code or cause DoS. The root cause is improper handling of invalid CLI input in th...
CVE-2023-20006
CVE-2023-20006 affects Cisco ASA/FTD on Cisco Firepower 2100 Series appliances, where the hardware SSL/TLS offload cryptography implementation error can cause an unauthenticated attacker to trigger a device reload and DoS. The root cause is an implementation flaw in hardware-based SSL/TLS process...
CVE-2025-20333
CVE-2025-20333 affects Cisco Secure Firewall ASA/FTD VPN web server. The issue stems from improper validation of HTTP(S) input in VPN requests, allowing an authenticated remote attacker with VPN credentials to execute arbitrary code as root and potentially fully compromise the device. A related v...
CVE-2025-20362
CVE-2025-20362 affects Cisco Secure Firewall ASA/FTD VPN web server. Root cause: improper validation of user-supplied input in HTTP(S) requests, allowing an unauthenticated remote attacker to access restricted VPN-related URL endpoints. Impact: potential DoS via unexpected reloads (and in some re...
CVE-2024-20359
CVE-2024-20359 affects Cisco ASA and Cisco FTD. A legacy capability flaw allows an authenticated local attacker to exploit improper validation of a file read from flash memory by copying a crafted file to disk0:, enabling arbitrary code execution with root privileges after the next device reload....
CVE-2024-20353
CVE-2024-20353 affects Cisco ASA/FTD Web Services. The vulnerability stems from incomplete error checking when parsing HTTP headers, allowing an unauthenticated remote attacker to trigger a reload and cause a DoS. Exploitation is referenced by multiple sources, including CISA’s Known Exploited Vu...
CVE-2020-3187
Cisco ASA/FTD web services interface (Cisco ASA Software and Cisco Firepower Threat Defense) is vulnerable to CVE-2020-3187 via directory traversal. The authenticated or unauthenticated attacker can craft HTTP requests (e.g., to /+CSCOE+/session_password.html) to view and delete files within the ...
CVE-2018-0101
CVE-2018-0101 concerns Cisco ASA webvpn: a double-free in the webvpn component can allow an unauthenticated remote attacker to trigger a reload or execute arbitrary code by sending crafted XML packets to a webvpn-configured interface. Public PoCs and PoC sources exist (exploit-db, GitHub), illust...
CVE-2020-3259
CVE-2020-3259 is Cisco ASA/FTD Web Services Information Disclosure: an unauthenticated attacker could retrieve memory contents via crafted GET requests due to a buffer-tracking issue, with impact limited to specific AnyConnect/WebVPN configurations. Cisco and CVE listings confirm information disc...
CVE-2022-20759
Cisco ASA and Firepower Threat Defense (FTD) web services interface for remote access VPN features contains a privilege-escalation flaw due to improper separation of authentication and authorization scopes. An authenticated but unprivileged remote attacker can send crafted HTTPS requests to the w...
CVE-2014-2120
CVE-2014-2120 affects Cisco ASA WebVPN login page, with a cross-site scripting (XSS) vulnerability that allows remote attackers to inject arbitrary script/HTML via an unspecified parameter (Bug ID CSCun19025). Multiple sources (Cisco advisory, NVD/NIST CVE entry, CISCO-SA, OpenVAS) consistently d...
CVE-2023-20275
CVE-2023-20275 affects Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software, specifically the AnyConnect SSL VPN feature. The root cause is improper validation of the inner source IP address after decryption, allowing an authenticated, remote attacker to send packets that appear t...
CVE-2017-6770
CVE-2017-6770 affects Cisco IOS, ASA, NX-OS, and IOS XE platforms (OSPF LSA database). The issue enables an unauthenticated, remote attacker to seize control of the OSPF AS routing table by injecting crafted OSPF LSA type 1 packets, potentially intercepting or black-holing traffic. The vulnerabil...
CVE-2022-20737
CVE-2022-20737 affects Cisco ASA’s Clientless SSL VPN Portal. The issue is an insufficient bounds check when parsing HTTP authentication messages in the portal, allowing an authenticated, remote attacker to trigger a DoS (device reload) or to read portions of the device process memory. Exploitati...
CVE-2025-20363
CVE-2025-20363 affects Cisco Secure Firewall ASA/FTD web services and several Cisco IOS families. The issue arises from improper validation of user-supplied input in HTTP requests, allowing an unauthenticated remote attacker (ASA/FTD) or an authenticated, low-privilege remote attacker (IOS/IOS XE...
CVE-2022-20715
The CVE-2022-20715 issue affects Cisco ASA and Cisco FTD remote access SSL VPN. Affected components are the remote access VPN error handling related to client connections; improper validation of errors could allow an unauthenticated, remote attacker to trigger a restart and DoS by sending crafted...
CVE-2022-20760
The CVE-2022-20760 entry concerns Cisco ASA Software and Firepower Threat Defense (FTD) DNS inspection handler. The vulnerability arises from improper processing of incoming DNS requests, enabling an unauthenticated, remote attacker to trigger a denial-of-service condition by sending crafted DNS ...
CVE-2015-6360
CVE-2015-6360 affects libsrtp/libSRTP, with several advisories noting that the encryption-processing feature allows remote DoS via crafted SRTP packets. The root cause in the reports is improper handling of CSRC count and extension header length in RTP headers, leading to vulnerable RTP processin...
CVE-2022-20795
The CVE-2022-20795 issue affects Cisco ASA/FTD DTLS handling during AnyConnect SSL VPN, where suboptimal DTLS tunnel processing can be exploited by an unauthenticated remote attacker to cause high CPU utilization and a DoS. Affected software runs DTLS as part of establishing VPN tunnels; payload ...
CVE-2022-20742
Cisco ASA Software and Firepower Threat Defense (FTD) Software contain an IPsec IKEv2 VPN information disclosure vulnerability (CVE-2022-20742) due to improper GCM cipher implementation. An unauthenticated, remote attacker in a man-in-the-middle position can intercept encrypted messages across an...
CVE-2022-20927
CVE-2022-20927 affects Cisco ASA and Cisco FTD SSL/TLS client software. The issue stems from improper memory management when the device initiates SSL/TLS connections, enabling an authenticated, remote attacker to provoke an unexpected reload and DoS by ensuring the device connects to an SSL/TLS s...
CVE-2023-20081
CVE-2023-20081 affects Cisco ASA, FTD, IOS, and IOS XE IPv6 DHCP (DHCPv6) client. Root cause: insufficient validation of DHCPv6 messages in the client module, enabling an unauthenticated remote attacker to trigger a device reload and cause a DoS. Exploitation requires control of the DHCPv6 server...
CVE-2026-20039
CVE-2026-20039 affects Cisco Secure Firewall ASA/FTD VPN web server. The root cause is ineffective memory management in the VPN web server, which can be exploited by sending a large flood of crafted HTTP requests, potentially causing the device to reload and suffer a denial-of-service. The affect...
CVE-2022-20745
CVE-2022-20745 affects Cisco ASA (ASAs) and Cisco Firepower Threat Defense (FTD) web services interface for remote access VPN. Root cause: improper input validation when parsing HTTPS requests, allowing unauthenticated remote attackers to trigger a reload and DoS. Affected products include ASA/FT...
CVE-2022-20713
CVE-2022-20713 affects Cisco ASA/FTD VPN web client services. Root cause: improper input validation sent to the VPN web client, enabling an unauthenticated user to trigger browser-based attacks (e.g., cross-site scripting) by persuading a user to visit a crafted site. Impact is browser-executable...
CVE-2020-3578
CVE-2020-3578 affects Cisco ASA and Cisco Firepower Threat Defense (FTD) web services interface. The issue is an insufficient validation of URLs in portal access rules, enabling an unauthenticated, remote attacker to bypass a configured access rule and reach parts of the WebVPN portal that should...
CVE-2019-1945
Cisco ASA Smart Tunnel Vulnerabilities (CVE-2019-1945) affect the smart tunnel functionality in Cisco ASA Software. Authenticated local attackers could escalate privileges to root or load a malicious library during tunnel establishment. The issue is described across multiple sources (Cisco adviso...
CVE-2023-20095
The CVE-2023-20095 issue affects Cisco ASA and Cisco Firepower Threat Defense (FTD) remote access VPN. The root cause is improper handling of HTTPS requests, allowing an unauthenticated remote attacker to trigger resource exhaustion and a DoS on affected devices. Connected sources confirm this vu...
CVE-2024-20358
Cisco ASA/FTD restore-functionality command-injection vulnerability (CVE-2024-20358) allows an authenticated, local attacker to execute arbitrary root commands by restoring a crafted backup file. Root access is required, with administrator privileges. Cisco has released updates to fix this vulner...
CVE-2019-1934
CVE-2019-1934 affects Cisco ASA Software: a privilege-escalation flaw in the web-based management interface caused by insufficient authorization validation. An authenticated attacker with low privileges can log in and send crafted HTTPS requests to perform administrative actions, potentially comp...
CVE-2024-20481
The CVE-2024-20481 entry concerns Cisco ASA/FTD Remote Access VPN (RAVPN) DoS from resource exhaustion. Affected components: ASA and FTD software; vulnerability arises when an unauthenticated, remote attacker sends a flood of VPN authentication requests, exhausting device resources and potentiall...
CVE-2020-3529
The CVE-2020-3529 issue affects Cisco ** ASA** and FTD software. It is a vulnerability in the SSL VPN negotiation process caused by inefficient direct memory access (DMA) memory management during SSL VPN negotiation. An unauthenticated, remote attacker could send a steady stream of crafted DTLS t...
CVE-2020-3582
CVE-2020-3582 involves multiple XSS vulnerabilities in the web services interface of Cisco ASA and Firepower Threat Defense (FTD) software. The root cause is insufficient validation of user-supplied input in the device’s web interface, allowing an unauthenticated, remote attacker to persuade a us...
CVE-2022-20826
CVE-2022-20826 affects Cisco Secure Firewalls 3100 Series running ASA or FTD software. Root cause is a logic error in the secure boot boot process, enabling an unauthenticated attacker with physical access to bypass secure boot, inject code at a specific memory location, and execute persistent co...
CVE-2019-1944
The CVE-2019-1944 entry covers multiple vulnerabilities in Cisco ASA’s Smart Tunnel feature that could let an authenticated, local attacker elevate privileges to root or load a malicious library during tunnel establishment. Affected product: Cisco Adaptive Security Appliance (ASA) Software (Smart...
CVE-2020-3166
CVE-2020-3166 : Cisco FXOS Software contains a CLI input validation flaw in the FXOS CLI command path that allows an authenticated, local attacker to read or write arbitrary files on the OS. The issue is triggered by crafted arguments to a specific CLI command, enabling partial to high impact on ...
CVE-2022-20947
CVE-2022-20947 affects Cisco ASA and Firepower Threat Defense (FTD) software via the Dynamic Access Policies (DAP) feature. The root cause is improper processing of HostScan data from the Posture module, allowing an unauthenticated, remote attacker to cause an affected device to reload and suffer...
CVE-2018-0251
Cisco ASA/SSL VPN Clientless portal XSS (CVE-2018-0251) results from insufficient validation of user input in the Web Server Authentication Required page. An unauthenticated remote attacker can entice a user to click a crafted link, potentially executing arbitrary script in the portal context or ...
CVE-2022-20866
CVE-2022-20866 is a Cisco RSA private-key leakage flaw affecting Cisco ASA/FTD software due to a logic error in in-memory RSA key handling on hardware crypto platforms. An unauthenticated, remote attacker could perform a Lenstra side-channel attack to recover private keys, potentially impersonate...
CVE-2018-0230
Cisco Firepower 2100 Series appliances running FTD 6.2.1–6.2.2 are vulnerable due to improper validation of fragmented IPv4/IPv6 packets after reassembly in the internal packet-processing path, causing Snort processes to reach 100% CPU and a DoS. Exploitation requires sending malicious fragmented...
CVE-2018-15397
The CVE is for Cisco ASA/FTD: a vulnerability in Traffic Flow Confidentiality (TFC) over IPsec could allow an unauthenticated, remote attacker to restart the device, causing a DoS. Root cause: an error during IPsec tunnel key renegotiation when TFC traffic is in flight may crash a daemon, leading...
CVE-2020-3554
CVE-2020-3554 affects Cisco ASA and FTD TCP packet processing due to a memory exhaustion condition, allowing unauthenticated remote DoS via high-rate crafted TCP traffic. Real-world impact per sources: potential exhaustion of device resources and DoS for transit traffic. Connected advisories conf...
CVE-2020-3528
CVE-2020-3528 describes a DoS vulnerability in the OSPFv2 implementation of Cisco ASA and Firepower Threat Defense (FTD) software. The issue arises from incomplete input validation when processing certain OSPFv2 packets with Link-Local Signaling (LLS) data, which could allow an unauthenticated, r...
CVE-2023-20086
CVE-2023-20086 affects Cisco ASA and Cisco FTD software, where improper ICMPv6 message processing could let an unauthenticated, remote attacker trigger a DoS by forcing a device reload. This is a network-facing issue (CVSS v3.1: 8.6, HIGH, NO privileges required; CPU/network target), with exploit...
CVE-2018-0228
The CVE-2018-0228 issue is a vulnerability in the ingress flow creation in Cisco ASA/FTD software. The root cause is improper handling of an internal software lock that can starve other processes of CPU cycles, causing a high CPU condition and DoS when an attacker sends a steady stream of malicio...