Adaptive Security Appliance Software@- Security Vulnerabilities and Issues — Adaptive Security Appliance Software@- CVE List

Lucene search

CiscoAdaptive Security Appliance Software-

8 matches found

CVE•added 2014/03/19 1:15 a.m.•183 views

CVE-2014-2120

Cross-site scripting (XSS) vulnerability in the WebVPN login page in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCun19025.

6.1CVSS5.9AI score0.80116EPSS

CVE•added 2014/10/05 1:55 a.m.•60 views

CVE-2014-3398

The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to obtain potentially sensitive software-version information by reading the verbose response data that is provided for a request to an unspecified URL, aka Bug ID CSCuq65542.

5CVSS6.3AI score0.009EPSS

CVE•added 2014/05/07 10:55 a.m.•56 views

CVE-2014-2181

Cisco Adaptive Security Appliance (ASA) Software allows remote authenticated users to read files by sending a crafted URL to the HTTP server, as demonstrated by reading the running configuration, aka Bug ID CSCun78551.

6.8CVSS6.3AI score0.00309EPSS

CVE•added 2014/02/22 9:55 p.m.•45 views

CVE-2014-0738

The Phone Proxy component in Cisco Adaptive Security Appliance (ASA) Software 9.1(.3) and earlier allows remote attackers to bypass authentication and change trust relationships by injecting a Certificate Trust List (CTL) file, aka Bug ID CSCuj66770.

4.3CVSS7.2AI score0.00098EPSS

CVE•added 2014/04/29 10:37 a.m.•41 views

CVE-2014-2182

Cisco Adaptive Security Appliance (ASA) Software, when DHCPv6 replay is configured, allows remote attackers to cause a denial of service (device reload) via a crafted DHCPv6 packet, aka Bug ID CSCun45520.

6.1CVSS6.8AI score0.00575EPSS

CVE•added 2014/12/20 12:59 a.m.•40 views

CVE-2014-3410

The syslog-management subsystem in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to obtain an administrator password by waiting for an administrator to copy a file, and then (1) sniffing the network for a syslog message or (2) reading a syslog message in a file on a syslo...

4.3CVSS7AI score0.00375EPSS

CVE•added 2014/04/23 11:52 a.m.•39 views

CVE-2014-2154

Memory leak in the SIP inspection engine in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to cause a denial of service (memory consumption and instability) via crafted SIP packets, aka Bug ID CSCuf67469.

5CVSS6.8AI score0.00918EPSS

CVE•added 2014/12/18 4:59 p.m.•38 views

CVE-2014-8012

Cross-site scripting (XSS) vulnerability in the WebVPN Portal Login page in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to inject arbitrary web script or HTML via crafted attributes in a cookie, aka Bug ID CSCuh24695.

4.3CVSS5.8AI score0.00296EPSS