Lucene search
K
CiscoAdaptive Security Appliance Software

351 matches found

CVE
CVE
added 2020/07/22 8:0 p.m.1527 views

CVE-2020-3452

CVE-2020-3452 affects Cisco ASA Software and Cisco Firepower Threat Defense (FTD) web services. The issue is due to improper input validation of URLs in HTTP requests, enabling unauthenticated, remote attackers to perform directory traversal and read files from the web services filesystem (enable...

7.5CVSS7.5AI score0.99992EPSS
In wildWeb
CVE
CVE
added 2018/06/07 12:0 p.m.1242 views

CVE-2018-0296

CVE-2018-0296 affects Cisco ASA and related FTD/FTD-based offerings, where an improper input validation of HTTP URLs in the web interface allows unauthenticated remote access to trigger DoS (device reload) or, on some releases, expose sensitive information via directory traversal. Public referenc...

7.5CVSS7.8AI score0.99903EPSS
In wildWeb
CVE
CVE
added 2020/10/21 6:40 p.m.1201 views

CVE-2020-3580

Cisco ASA/FTD web services suffer XSS due to insufficient input validation in the web UI, allowing unauthenticated, remote attackers to induce script execution or access browser data via crafted links. Affected products include Cisco ASA and FTD with specific AnyConnect/WebVPN configurations. Imp...

6.1CVSS6.4AI score0.85439EPSS
In wild
CVE
CVE
added 2023/09/06 5:9 p.m.1010 views

CVE-2023-20269

Cisco ASA/FTD remote access VPN vulnerability CVE-2023-20269 allows an unauthenticated, remote attacker to perform brute force against credentials or, for older releases (

9.1CVSS8.7AI score0.21583EPSS
In wild
CVE
CVE
added 2016/08/18 6:0 p.m.957 views

CVE-2016-6366

CVE-2016-6366 is a buffer overflow in Cisco ASA software (SNMP code) that allows an authenticated, remote attacker to cause a reload or remotely execute code via crafted IPv4 SNMP packets. The vulnerability affects multiple Cisco devices and ASA platforms, including ASA 5500, 5500-X, ASA Services...

8.8CVSS8.8AI score0.87503EPSS
In wild
CVE
CVE
added 2016/08/18 6:0 p.m.883 views

CVE-2016-6367

The CVE-2016-6367 issue affects Cisco ASA Software on ASA 5500/5500-X, PIX, and FWSM where an authenticated, local attacker can trigger the CLI parser with invalid commands to gain privileges and potentially execute code or cause DoS. The root cause is improper handling of invalid CLI input in th...

7.8CVSS7.6AI score0.22583EPSS
In wild
CVE
CVE
added 2023/06/28 12:0 a.m.649 views

CVE-2023-20006

CVE-2023-20006 affects Cisco ASA/FTD on Cisco Firepower 2100 Series appliances, where the hardware SSL/TLS offload cryptography implementation error can cause an unauthenticated attacker to trigger a device reload and DoS. The root cause is an implementation flaw in hardware-based SSL/TLS process...

8.6CVSS7.5AI score0.00919EPSS
CVE
CVE
added 2025/09/25 4:12 p.m.638 views

CVE-2025-20333

CVE-2025-20333 affects Cisco Secure Firewall ASA/FTD VPN web server. The issue stems from improper validation of HTTP(S) input in VPN requests, allowing an authenticated remote attacker with VPN credentials to execute arbitrary code as root and potentially fully compromise the device. A related v...

9.9CVSS7.4AI score0.40391EPSS
In wild
CVE
CVE
added 2025/09/25 4:12 p.m.540 views

CVE-2025-20362

CVE-2025-20362 affects Cisco Secure Firewall ASA/FTD VPN web server. Root cause: improper validation of user-supplied input in HTTP(S) requests, allowing an unauthenticated remote attacker to access restricted VPN-related URL endpoints. Impact: potential DoS via unexpected reloads (and in some re...

8.6CVSS9AI score0.85543EPSS
In wild
CVE
CVE
added 2024/04/24 6:16 p.m.500 views

CVE-2024-20359

CVE-2024-20359 affects Cisco ASA and Cisco FTD. A legacy capability flaw allows an authenticated local attacker to exploit improper validation of a file read from flash memory by copying a crafted file to disk0:, enabling arbitrary code execution with root privileges after the next device reload....

6CVSS7.3AI score0.19434EPSS
In wild
CVE
CVE
added 2024/04/24 6:15 p.m.470 views

CVE-2024-20353

CVE-2024-20353 affects Cisco ASA/FTD Web Services. The vulnerability stems from incomplete error checking when parsing HTTP headers, allowing an unauthenticated remote attacker to trigger a reload and cause a DoS. Exploitation is referenced by multiple sources, including CISA’s Known Exploited Vu...

8.6CVSS8.4AI score0.70686EPSS
In wild
CVE
CVE
added 2020/05/06 4:41 p.m.375 views

CVE-2020-3187

Cisco ASA/FTD web services interface (Cisco ASA Software and Cisco Firepower Threat Defense) is vulnerable to CVE-2020-3187 via directory traversal. The authenticated or unauthenticated attacker can craft HTTP requests (e.g., to /+CSCOE+/session_password.html) to view and delete files within the ...

9.1CVSS8.9AI score0.96595EPSS
In wildWeb
CVE
CVE
added 2018/01/29 8:0 p.m.366 views

CVE-2018-0101

CVE-2018-0101 concerns Cisco ASA webvpn: a double-free in the webvpn component can allow an unauthenticated remote attacker to trigger a reload or execute arbitrary code by sending crafted XML packets to a webvpn-configured interface. Public PoCs and PoC sources exist (exploit-db, GitHub), illust...

10CVSS9.6AI score0.87397EPSS
CVE
CVE
added 2020/05/06 4:41 p.m.351 views

CVE-2020-3259

CVE-2020-3259 is Cisco ASA/FTD Web Services Information Disclosure: an unauthenticated attacker could retrieve memory contents via crafted GET requests due to a buffer-tracking issue, with impact limited to specific AnyConnect/WebVPN configurations. Cisco and CVE listings confirm information disc...

7.5CVSS7.7AI score0.71789EPSS
In wild
CVE
CVE
added 2022/05/03 3:15 a.m.257 views

CVE-2022-20759

Cisco ASA and Firepower Threat Defense (FTD) web services interface for remote access VPN features contains a privilege-escalation flaw due to improper separation of authentication and authorization scopes. An authenticated but unprivileged remote attacker can send crafted HTTPS requests to the w...

8.8CVSS8.9AI score0.28369EPSS
CVE
CVE
added 2014/03/19 1:0 a.m.230 views

CVE-2014-2120

CVE-2014-2120 affects Cisco ASA WebVPN login page, with a cross-site scripting (XSS) vulnerability that allows remote attackers to inject arbitrary script/HTML via an unspecified parameter (Bug ID CSCun19025). Multiple sources (Cisco advisory, NVD/NIST CVE entry, CISCO-SA, OpenVAS) consistently d...

6.1CVSS5.9AI score0.14029EPSS
In wild
CVE
CVE
added 2023/12/12 6:6 p.m.203 views

CVE-2023-20275

CVE-2023-20275 affects Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software, specifically the AnyConnect SSL VPN feature. The root cause is improper validation of the inner source IP address after decryption, allowing an authenticated, remote attacker to send packets that appear t...

4.3CVSS4.6AI score0.00412EPSS
CVE
CVE
added 2017/08/07 6:0 a.m.168 views

CVE-2017-6770

CVE-2017-6770 affects Cisco IOS, ASA, NX-OS, and IOS XE platforms (OSPF LSA database). The issue enables an unauthenticated, remote attacker to seize control of the OSPF AS routing table by injecting crafted OSPF LSA type 1 packets, potentially intercepting or black-holing traffic. The vulnerabil...

4.2CVSS3.5AI score0.01693EPSS
CVE
CVE
added 2022/05/03 3:16 a.m.153 views

CVE-2022-20737

CVE-2022-20737 affects Cisco ASA’s Clientless SSL VPN Portal. The issue is an insufficient bounds check when parsing HTTP authentication messages in the portal, allowing an authenticated, remote attacker to trigger a DoS (device reload) or to read portions of the device process memory. Exploitati...

8.5CVSS7.7AI score0.01101EPSS
CVE
CVE
added 2025/09/25 4:12 p.m.144 views

CVE-2025-20363

CVE-2025-20363 affects Cisco Secure Firewall ASA/FTD web services and several Cisco IOS families. The issue arises from improper validation of user-supplied input in HTTP requests, allowing an unauthenticated remote attacker (ASA/FTD) or an authenticated, low-privilege remote attacker (IOS/IOS XE...

9CVSS7.2AI score0.0752EPSS
In wild
CVE
CVE
added 2022/05/03 3:16 a.m.136 views

CVE-2022-20715

The CVE-2022-20715 issue affects Cisco ASA and Cisco FTD remote access SSL VPN. Affected components are the remote access VPN error handling related to client connections; improper validation of errors could allow an unauthenticated, remote attacker to trigger a restart and DoS by sending crafted...

8.6CVSS8.5AI score0.01256EPSS
CVE
CVE
added 2022/05/03 3:15 a.m.136 views

CVE-2022-20760

The CVE-2022-20760 entry concerns Cisco ASA Software and Firepower Threat Defense (FTD) DNS inspection handler. The vulnerability arises from improper processing of incoming DNS requests, enabling an unauthenticated, remote attacker to trigger a denial-of-service condition by sending crafted DNS ...

8.6CVSS7.8AI score0.0149EPSS
CVE
CVE
added 2016/04/21 10:0 a.m.128 views

CVE-2015-6360

CVE-2015-6360 affects libsrtp/libSRTP, with several advisories noting that the encryption-processing feature allows remote DoS via crafted SRTP packets. The root cause in the reports is improper handling of CSRC count and extension header length in RTP headers, leading to vulnerable RTP processin...

7.8CVSS7.1AI score0.08277EPSS
CVE
CVE
added 2022/04/21 6:50 p.m.128 views

CVE-2022-20795

The CVE-2022-20795 issue affects Cisco ASA/FTD DTLS handling during AnyConnect SSL VPN, where suboptimal DTLS tunnel processing can be exploited by an unauthenticated remote attacker to cause high CPU utilization and a DoS. Affected software runs DTLS as part of establishing VPN tunnels; payload ...

7.5CVSS6.4AI score0.00685EPSS
CVE
CVE
added 2022/05/03 3:16 a.m.125 views

CVE-2022-20742

Cisco ASA Software and Firepower Threat Defense (FTD) Software contain an IPsec IKEv2 VPN information disclosure vulnerability (CVE-2022-20742) due to improper GCM cipher implementation. An unauthenticated, remote attacker in a man-in-the-middle position can intercept encrypted messages across an...

7.4CVSS7.2AI score0.00425EPSS
CVE
CVE
added 2022/11/10 5:30 p.m.125 views

CVE-2022-20927

CVE-2022-20927 affects Cisco ASA and Cisco FTD SSL/TLS client software. The issue stems from improper memory management when the device initiates SSL/TLS connections, enabling an authenticated, remote attacker to provoke an unexpected reload and DoS by ensuring the device connects to an SSL/TLS s...

7.7CVSS6.4AI score0.00495EPSS
CVE
CVE
added 2023/03/23 12:0 a.m.123 views

CVE-2023-20081

CVE-2023-20081 affects Cisco ASA, FTD, IOS, and IOS XE IPv6 DHCP (DHCPv6) client. Root cause: insufficient validation of DHCPv6 messages in the client module, enabling an unauthenticated remote attacker to trigger a device reload and cause a DoS. Exploitation requires control of the DHCPv6 server...

6.8CVSS6.2AI score0.00678EPSS
CVE
CVE
added 2026/03/04 5:17 p.m.123 views

CVE-2026-20039

CVE-2026-20039 affects Cisco Secure Firewall ASA/FTD VPN web server. The root cause is ineffective memory management in the VPN web server, which can be exploited by sending a large flood of crafted HTTP requests, potentially causing the device to reload and suffer a denial-of-service. The affect...

8.6CVSS6AI score0.00358EPSS
CVE
CVE
added 2022/05/03 3:15 a.m.122 views

CVE-2022-20745

CVE-2022-20745 affects Cisco ASA (ASAs) and Cisco Firepower Threat Defense (FTD) web services interface for remote access VPN. Root cause: improper input validation when parsing HTTPS requests, allowing unauthenticated remote attackers to trigger a reload and DoS. Affected products include ASA/FT...

8.6CVSS7.9AI score0.01385EPSS
CVE
CVE
added 2022/08/10 4:20 p.m.117 views

CVE-2022-20713

CVE-2022-20713 affects Cisco ASA/FTD VPN web client services. Root cause: improper input validation sent to the VPN web client, enabling an unauthenticated user to trigger browser-based attacks (e.g., cross-site scripting) by persuading a user to visit a crafted site. Impact is browser-executable...

6.1CVSS6.4AI score0.01302EPSS
CVE
CVE
added 2020/10/21 6:40 p.m.116 views

CVE-2020-3578

CVE-2020-3578 affects Cisco ASA and Cisco Firepower Threat Defense (FTD) web services interface. The issue is an insufficient validation of URLs in portal access rules, enabling an unauthenticated, remote attacker to bypass a configured access rule and reach parts of the WebVPN portal that should...

6.5CVSS5.8AI score0.01217EPSS
CVE
CVE
added 2019/08/07 9:25 p.m.115 views

CVE-2019-1945

Cisco ASA Smart Tunnel Vulnerabilities (CVE-2019-1945) affect the smart tunnel functionality in Cisco ASA Software. Authenticated local attackers could escalate privileges to root or load a malicious library during tunnel establishment. The issue is described across multiple sources (Cisco adviso...

7.8CVSS6.8AI score0.00298EPSS
CVE
CVE
added 2023/11/01 5:14 p.m.115 views

CVE-2023-20095

The CVE-2023-20095 issue affects Cisco ASA and Cisco Firepower Threat Defense (FTD) remote access VPN. The root cause is improper handling of HTTPS requests, allowing an unauthenticated remote attacker to trigger resource exhaustion and a DoS on affected devices. Connected sources confirm this vu...

8.6CVSS8.3AI score0.0064EPSS
CVE
CVE
added 2024/04/24 7:38 p.m.111 views

CVE-2024-20358

Cisco ASA/FTD restore-functionality command-injection vulnerability (CVE-2024-20358) allows an authenticated, local attacker to execute arbitrary root commands by restoring a crafted backup file. Root access is required, with administrator privileges. Cisco has released updates to fix this vulner...

6.7CVSS6.4AI score0.00705EPSS
In wild
CVE
CVE
added 2019/08/07 9:20 p.m.110 views

CVE-2019-1934

CVE-2019-1934 affects Cisco ASA Software: a privilege-escalation flaw in the web-based management interface caused by insufficient authorization validation. An authenticated attacker with low privileges can log in and send crafted HTTPS requests to perform administrative actions, potentially comp...

8.8CVSS8.7AI score0.01593EPSS
CVE
CVE
added 2024/10/23 5:51 p.m.110 views

CVE-2024-20481

The CVE-2024-20481 entry concerns Cisco ASA/FTD Remote Access VPN (RAVPN) DoS from resource exhaustion. Affected components: ASA and FTD software; vulnerability arises when an unauthenticated, remote attacker sends a flood of VPN authentication requests, exhausting device resources and potentiall...

5.8CVSS6.1AI score0.15953EPSS
In wild
CVE
CVE
added 2020/10/21 6:35 p.m.109 views

CVE-2020-3529

The CVE-2020-3529 issue affects Cisco ** ASA** and FTD software. It is a vulnerability in the SSL VPN negotiation process caused by inefficient direct memory access (DMA) memory management during SSL VPN negotiation. An unauthenticated, remote attacker could send a steady stream of crafted DTLS t...

8.6CVSS7.9AI score0.01833EPSS
CVE
CVE
added 2020/10/21 6:36 p.m.109 views

CVE-2020-3582

CVE-2020-3582 involves multiple XSS vulnerabilities in the web services interface of Cisco ASA and Firepower Threat Defense (FTD) software. The root cause is insufficient validation of user-supplied input in the device’s web interface, allowing an unauthenticated, remote attacker to persuade a us...

6.1CVSS6.1AI score0.01145EPSS
CVE
CVE
added 2022/11/10 5:31 p.m.109 views

CVE-2022-20826

CVE-2022-20826 affects Cisco Secure Firewalls 3100 Series running ASA or FTD software. Root cause is a logic error in the secure boot boot process, enabling an unauthenticated attacker with physical access to bypass secure boot, inject code at a specific memory location, and execute persistent co...

6.8CVSS6.7AI score0.00323EPSS
CVE
CVE
added 2019/08/07 9:20 p.m.107 views

CVE-2019-1944

The CVE-2019-1944 entry covers multiple vulnerabilities in Cisco ASA’s Smart Tunnel feature that could let an authenticated, local attacker elevate privileges to root or load a malicious library during tunnel establishment. Affected product: Cisco Adaptive Security Appliance (ASA) Software (Smart...

7.3CVSS6.8AI score0.00275EPSS
CVE
CVE
added 2020/02/26 4:51 p.m.107 views

CVE-2020-3166

CVE-2020-3166 : Cisco FXOS Software contains a CLI input validation flaw in the FXOS CLI command path that allows an authenticated, local attacker to read or write arbitrary files on the OS. The issue is triggered by crafted arguments to a specific CLI command, enabling partial to high impact on ...

6.7CVSS5.1AI score0.00285EPSS
CVE
CVE
added 2022/11/10 5:29 p.m.107 views

CVE-2022-20947

CVE-2022-20947 affects Cisco ASA and Firepower Threat Defense (FTD) software via the Dynamic Access Policies (DAP) feature. The root cause is improper processing of HostScan data from the Posture module, allowing an unauthenticated, remote attacker to cause an affected device to reload and suffer...

8.6CVSS7.5AI score0.00866EPSS
CVE
CVE
added 2018/04/19 8:0 p.m.106 views

CVE-2018-0251

Cisco ASA/SSL VPN Clientless portal XSS (CVE-2018-0251) results from insufficient validation of user input in the Web Server Authentication Required page. An unauthenticated remote attacker can entice a user to click a crafted link, potentially executing arbitrary script in the portal context or ...

6.1CVSS6AI score0.0189EPSS
CVE
CVE
added 2022/08/10 4:20 p.m.106 views

CVE-2022-20866

CVE-2022-20866 is a Cisco RSA private-key leakage flaw affecting Cisco ASA/FTD software due to a logic error in in-memory RSA key handling on hardware crypto platforms. An unauthenticated, remote attacker could perform a Lenstra side-channel attack to recover private keys, potentially impersonate...

7.5CVSS7.6AI score0.16647EPSS
CVE
CVE
added 2018/04/19 8:0 p.m.105 views

CVE-2018-0230

Cisco Firepower 2100 Series appliances running FTD 6.2.1–6.2.2 are vulnerable due to improper validation of fragmented IPv4/IPv6 packets after reassembly in the internal packet-processing path, causing Snort processes to reach 100% CPU and a DoS. Exploitation requires sending malicious fragmented...

8.6CVSS8.4AI score0.0184EPSS
CVE
CVE
added 2018/10/05 2:0 p.m.103 views

CVE-2018-15397

The CVE is for Cisco ASA/FTD: a vulnerability in Traffic Flow Confidentiality (TFC) over IPsec could allow an unauthenticated, remote attacker to restart the device, causing a DoS. Root cause: an error during IPsec tunnel key renegotiation when TFC traffic is in flight may crash a daemon, leading...

7.1CVSS6.8AI score0.01196EPSS
CVE
CVE
added 2020/10/21 6:41 p.m.103 views

CVE-2020-3554

CVE-2020-3554 affects Cisco ASA and FTD TCP packet processing due to a memory exhaustion condition, allowing unauthenticated remote DoS via high-rate crafted TCP traffic. Real-world impact per sources: potential exhaustion of device resources and DoS for transit traffic. Connected advisories conf...

8.6CVSS7.5AI score0.02633EPSS
CVE
CVE
added 2020/10/21 6:35 p.m.102 views

CVE-2020-3528

CVE-2020-3528 describes a DoS vulnerability in the OSPFv2 implementation of Cisco ASA and Firepower Threat Defense (FTD) software. The issue arises from incomplete input validation when processing certain OSPFv2 packets with Link-Local Signaling (LLS) data, which could allow an unauthenticated, r...

8.6CVSS8AI score0.01415EPSS
CVE
CVE
added 2023/11/01 4:42 p.m.102 views

CVE-2023-20086

CVE-2023-20086 affects Cisco ASA and Cisco FTD software, where improper ICMPv6 message processing could let an unauthenticated, remote attacker trigger a DoS by forcing a device reload. This is a network-facing issue (CVSS v3.1: 8.6, HIGH, NO privileges required; CPU/network target), with exploit...

8.6CVSS8.4AI score0.00652EPSS
CVE
CVE
added 2018/04/19 8:0 p.m.100 views

CVE-2018-0228

The CVE-2018-0228 issue is a vulnerability in the ingress flow creation in Cisco ASA/FTD software. The root cause is improper handling of an internal software lock that can starve other processes of CPU cycles, causing a high CPU condition and DoS when an attacker sends a steady stream of malicio...

8.6CVSS8.5AI score0.03612EPSS
Total number of security vulnerabilities351