Adaptive Security Appliance Security Vulnerabilities and Issues — Adaptive Security Appliance CVE List

Lucene search

CiscoAdaptive Security Appliance

9 matches found

cve•added 2009/12/04 11:30 a.m.•63 views

CVE-2009-2631

Multiple clientless SSL VPN products that run in web browsers, including Stonesoft StoneGate; Cisco ASA; SonicWALL E-Class SSL VPN and SonicWALL SSL VPN; SafeNet SecureWire Access Gateway; Juniper Networks Secure Access; Nortel CallPilot; Citrix Access Gateway; and other products, when running in c...

6.8CVSS6.2AI score0.00845EPSS

cve•added 2019/10/02 7:15 p.m.•61 views

CVE-2019-12695

A vulnerability in the Clientless SSL VPN (WebVPN) portal of Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface ...

6.1CVSS6AI score0.00153EPSS

cve•added 2020/10/21 7:15 p.m.•57 views

CVE-2020-3599

A vulnerability in the web-based management interface of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the web-based management interf...

6.1CVSS6AI score0.00346EPSS

cve•added 2009/06/25 5:30 p.m.•50 views

CVE-2009-1203

WebVPN on the Cisco Adaptive Security Appliances (ASA) device with software 8.0(4), 8.1.2, and 8.2.1 does not properly distinguish its own login screen from the login screens it produces for third-party (1) FTP and (2) CIFS servers, which makes it easier for remote attackers to trick a user into se...

6CVSS6.8AI score0.03501EPSS

cve•added 2013/01/18 9:55 p.m.•50 views

CVE-2012-5717

Cisco Adaptive Security Appliances (ASA) devices with firmware 8.x through 8.4(1) do not properly manage SSH sessions, which allows remote authenticated users to cause a denial of service (device crash) by establishing multiple sessions, aka Bug ID CSCtc59462.

6.3CVSS6.6AI score0.0034EPSS

cve•added 2019/10/02 7:15 p.m.•46 views

CVE-2019-12693

A vulnerability in the Secure Copy (SCP) feature of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to the use of an incorrect data type for a length variable. An attacker could exp...

6.8CVSS5.3AI score0.00378EPSS

cve•added 2017/10/05 7:29 a.m.•44 views

CVE-2017-12265

A vulnerability in the web-based management interface of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device, aka HREF XSS. The vuln...

6.1CVSS5.9AI score0.0017EPSS

cve•added 2006/08/23 10:4 p.m.•43 views

CVE-2006-4312

Cisco PIX 500 Series Security Appliances and ASA 5500 Series Adaptive Security Appliances, when running 7.0(x) up to 7.0(5) and 7.1(x) up to 7.1(2.4), and Firewall Services Module (FWSM) 3.1(x) up to 3.1(1.6), causes the EXEC password, local user passwords, and the enable password to be changed to ...

6.8CVSS7.2AI score0.0007EPSS

cve•added 2013/01/18 9:55 p.m.•37 views

CVE-2012-6395

Cisco Adaptive Security Appliances (ASA) devices with firmware 8.4 do not properly validate unspecified input related to UNC share pathnames, which allows remote authenticated users to cause a denial of service (device crash) via unknown vectors, aka Bug ID CSCuc65775.

6.3CVSS6.7AI score0.00988EPSS