Adaptive Security Appliance Software@9.3.3 Security Vulnerabilities and Issues — Adaptive Security Appliance Software@9.3.3 CVE List

Lucene search

CiscoAdaptive Security Appliance Software9.3.3

8 matches found

CVE•added 2017/08/07 6:29 a.m.•148 views

CVE-2017-6770

Cisco IOS 12.0 through 15.6, Adaptive Security Appliance (ASA) Software 7.0.1 through 9.7.1.2, NX-OS 4.0 through 12.0, and IOS XE 3.6 through 3.18 are affected by a vulnerability involving the Open Shortest Path First (OSPF) Routing Protocol Link State Advertisement (LSA) database. This vulnerabili...

4.2CVSS3.5AI score0.00583EPSS

CVE•added 2017/08/07 6:29 a.m.•79 views

CVE-2017-6752

A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) 9.3(3) and 9.6(2) could allow an unauthenticated, remote attacker to determine valid usernames. The attacker could use this information to conduct additional reconnaissance attacks. The vulnerability is due to the i...

7.5CVSS7.3AI score0.00856EPSS

CVE•added 2017/04/20 10:59 p.m.•58 views

CVE-2017-3793

A vulnerability in the TCP normalizer of Cisco Adaptive Security Appliance (ASA) Software (8.0 through 8.7 and 9.0 through 9.6) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause Cisco ASA and FTD to drop any further incoming traffic on all in...

4.3CVSS4.7AI score0.00407EPSS

CVE•added 2017/04/20 10:59 p.m.•50 views

CVE-2017-6609

A vulnerability in the IPsec code of Cisco ASA Software could allow an authenticated, remote attacker to cause a reload of the affected system. The vulnerability is due to improper parsing of malformed IPsec packets. An attacker could exploit this vulnerability by sending malformed IPsec packets to...

7.7CVSS7.6AI score0.00797EPSS

CVE•added 2017/04/20 10:59 p.m.•45 views

CVE-2017-6610

A vulnerability in the Internet Key Exchange Version 1 (IKEv1) XAUTH code of Cisco ASA Software could allow an authenticated, remote attacker to cause a reload of an affected system. The vulnerability is due to insufficient validation of the IKEv1 XAUTH parameters passed during an IKEv1 negotiation...

7.7CVSS7.5AI score0.00623EPSS

CVE•added 2017/02/09 5:59 p.m.•44 views

CVE-2017-3807

A vulnerability in Common Internet Filesystem (CIFS) code in the Clientless SSL VPN functionality of Cisco ASA Software, Major Releases 9.0-9.6, could allow an authenticated, remote attacker to cause a heap overflow. The vulnerability is due to insufficient validation of user supplied input. An att...

8.8CVSS8.7AI score0.15271EPSS

CVE•added 2017/04/20 10:59 p.m.•44 views

CVE-2017-6607

A vulnerability in the DNS code of Cisco ASA Software could allow an unauthenticated, remote attacker to cause an affected device to reload or corrupt the information present in the device's local DNS cache. The vulnerability is due to a flaw in handling crafted DNS response messages. An attacker c...

8.7CVSS8.7AI score0.00998EPSS

CVE•added 2017/04/20 10:59 p.m.•43 views

CVE-2017-6608

A vulnerability in the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) code of Cisco ASA Software could allow an unauthenticated, remote attacker to cause a reload of the affected system. The vulnerability is due to improper parsing of crafted SSL or TLS packets. An attacker could exp...

8.6CVSS8.6AI score0.00424EPSS