Adaptive Security Appliance Software Security Vulnerabilities and Issues — Adaptive Security Appliance Software CVE List

Lucene search

CiscoAdaptive Security Appliance Software

7 matches found

CVE•added 2014/10/05 1:55 a.m.•60 views

CVE-2014-3398

The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to obtain potentially sensitive software-version information by reading the verbose response data that is provided for a request to an unspecified URL, aka Bug ID CSCuq65542.

5CVSS6.3AI score0.009EPSS

CVE•added 2014/10/07 10:55 a.m.•55 views

CVE-2014-3399

The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA) Software 9.2(.2.4) and earlier does not properly manage session information during creation of a SharePoint handler, which allows remote authenticated users to overwrite arbitrary RAMFS cache files or inject Lua programs, and con...

5.5CVSS6.7AI score0.00115EPSS

CVE•added 2014/10/10 10:55 a.m.•46 views

CVE-2014-3392

The Clientless SSL VPN portal in Cisco ASA Software 8.2 before 8.2(5.51), 8.3 before 8.3(2.42), 8.4 before 8.4(7.23), 8.6 before 8.6(1.15), 9.0 before 9.0(4.24), 9.1 before 9.1(5.12), 9.2 before 9.2(2.8), and 9.3 before 9.3(1.1) allows remote attackers to obtain sensitive information from process m...

8.3CVSS6.2AI score0.00489EPSS

CVE•added 2014/10/10 10:55 a.m.•44 views

CVE-2014-3393

The Clientless SSL VPN portal customization framework in Cisco ASA Software 8.2 before 8.2(5.51), 8.3 before 8.3(2.42), 8.4 before 8.4(7.23), 8.6 before 8.6(1.14), 9.0 before 9.0(4.24), 9.1 before 9.1(5.12), and 9.2 before 9.2(2.4) does not properly implement authentication, which allows remote att...

4.3CVSS6.1AI score0.00785EPSS

CVE•added 2014/10/10 10:55 a.m.•39 views

CVE-2014-3391

Untrusted search path vulnerability in Cisco ASA Software 8.x before 8.4(3), 8.5, and 8.7 before 8.7(1.13) allows local users to gain privileges by placing a Trojan horse library file in external memory, leading to library use after device reload because of an incorrect LD_LIBRARY_PATH value, aka B...

6.8CVSS6.5AI score0.00095EPSS

CVE•added 2014/10/10 10:55 a.m.•39 views

CVE-2014-3394

The Smart Call Home (SCH) implementation in Cisco ASA Software 8.2 before 8.2(5.50), 8.4 before 8.4(7.15), 8.6 before 8.6(1.14), 8.7 before 8.7(1.13), 9.0 before 9.0(4.8), and 9.1 before 9.1(5.1) allows remote attackers to bypass certificate validation via an arbitrary VeriSign certificate, aka Bug...

5CVSS6.9AI score0.00091EPSS

CVE•added 2014/10/10 10:55 a.m.•38 views

CVE-2014-3390

The Virtual Network Management Center (VNMC) policy implementation in Cisco ASA Software 8.7 before 8.7(1.14), 9.2 before 9.2(2.8), and 9.3 before 9.3(1.1) allows local users to obtain Linux root access by leveraging administrative privileges and executing a crafted script, aka Bug IDs CSCuq41510 a...

6.8CVSS6.2AI score0.00324EPSS