Adaptive Security Appliance@* Security Vulnerabilities and Issues — Adaptive Security Appliance@* CVE List

Lucene search

CiscoAdaptive Security Appliance*

11 matches found

CVE•added 2013/01/18 9:55 p.m.•50 views

CVE-2012-5717

Cisco Adaptive Security Appliances (ASA) devices with firmware 8.x through 8.4(1) do not properly manage SSH sessions, which allows remote authenticated users to cause a denial of service (device crash) by establishing multiple sessions, aka Bug ID CSCtc59462.

6.3CVSS6.6AI score0.0034EPSS

CVE•added 2013/04/18 6:55 p.m.•47 views

CVE-2013-1194

The ISAKMP implementation on Cisco Adaptive Security Appliances (ASA) devices generates different responses for IKE aggressive-mode messages depending on whether invalid VPN groups are specified, which allows remote attackers to enumerate groups via a series of messages, aka Bug ID CSCue73708.

5CVSS6.8AI score0.00375EPSS

CVE•added 2013/12/02 10:55 p.m.•46 views

CVE-2013-6696

Cisco Adaptive Security Appliance (ASA) Software does not properly handle errors during the processing of DNS responses, which allows remote attackers to cause a denial of service (device reload) via a malformed response, aka Bug ID CSCuj28861.

7.1CVSS6.8AI score0.00758EPSS

CVE•added 2013/04/11 10:55 a.m.•42 views

CVE-2013-1152

Cisco Adaptive Security Appliances (ASA) devices with software 9.0 before 9.0(1.2) allow remote attackers to cause a denial of service (device reload) via a crafted field in a DNS message, aka Bug ID CSCuc80080.

7.8CVSS6.8AI score0.0071EPSS

CVE•added 2013/04/18 6:55 p.m.•42 views

CVE-2013-1199

Race condition in the CIFS implementation in the rewriter module in the Clientless SSL VPN component on Cisco Adaptive Security Appliances (ASA) devices allows remote authenticated users to cause a denial of service (device reload) by accessing resources within multiple sessions, aka Bug ID CSCub58...

4.9CVSS6.5AI score0.00469EPSS

CVE•added 2013/08/30 1:55 a.m.•42 views

CVE-2013-3463

The protocol-inspection feature on Cisco Adaptive Security Appliances (ASA) devices does not properly implement the idle timeout, which allows remote attackers to cause a denial of service (connection-table exhaustion) via crafted requests that use an inspected protocol, aka Bug ID CSCuh13899.

4.3CVSS6.9AI score0.01166EPSS

CVE•added 2013/04/16 2:4 p.m.•38 views

CVE-2012-5415

Race condition on Cisco Adaptive Security Appliances (ASA) devices allows remote attackers to cause a denial of service (CPU consumption or device reload) by establishing multiple connections, leading to improper handling of hash lookups for secondary flows, aka Bug IDs CSCue31622 and CSCuc71272.

5.4CVSS7.1AI score0.0033EPSS

CVE•added 2013/01/18 9:55 p.m.•37 views

CVE-2012-6395

Cisco Adaptive Security Appliances (ASA) devices with firmware 8.4 do not properly validate unspecified input related to UNC share pathnames, which allows remote authenticated users to cause a denial of service (device crash) via unknown vectors, aka Bug ID CSCuc65775.

6.3CVSS6.7AI score0.00988EPSS

CVE•added 2013/02/25 8:55 p.m.•37 views

CVE-2013-1138

The NAT process on Cisco Adaptive Security Appliances (ASA) devices allows remote attackers to cause a denial of service (connections-table memory consumption) via crafted packets, aka Bug ID CSCue46386.

5CVSS6.9AI score0.00438EPSS

CVE•added 2013/04/11 10:55 a.m.•37 views

CVE-2013-1150

The authentication-proxy implementation on Cisco Adaptive Security Appliances (ASA) devices with software 7.x before 7.2(5.10), 8.0 before 8.0(5.31), 8.1 and 8.2 before 8.2(5.38), 8.3 before 8.3(2.37), 8.4 before 8.4(5.3), 8.5 and 8.6 before 8.6(1.10), 8.7 before 8.7(1.4), 9.0 before 9.0(1.1), and ...

7.8CVSS6.8AI score0.00692EPSS

CVE•added 2013/07/25 3:53 p.m.•36 views

CVE-2013-3414

Cross-site scripting (XSS) vulnerability in the WebVPN portal login page on Cisco Adaptive Security Appliances (ASA) devices allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCug83080.

4.3CVSS5.8AI score0.00521EPSS