Filtered by vendor Cisco
Subscriptions
Filtered by product Adaptive Security Appliance Software
Subscriptions
Total
347 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-6608 | 1 Cisco | 1 Adaptive Security Appliance Software | 2025-04-20 | N/A |
| A vulnerability in the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) code of Cisco ASA Software could allow an unauthenticated, remote attacker to cause a reload of the affected system. The vulnerability is due to improper parsing of crafted SSL or TLS packets. An attacker could exploit this vulnerability by sending a crafted packet to the affected system. Note: Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability affects systems configured in routed and transparent firewall mode and in single or multiple context mode. This vulnerability can be triggered by IPv4 and IPv6 traffic. A valid SSL or TLS session is needed to exploit this vulnerability. This vulnerability affects Cisco ASA Software running on the following products: Cisco ASA 1000V Cloud Firewall, Cisco ASA 5500 Series Adaptive Security Appliances, Cisco ASA 5500-X Series Next-Generation Firewalls, Cisco ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Cisco Adaptive Security Virtual Appliance (ASAv), Cisco Firepower 9300 ASA Security Module, Cisco ISA 3000 Industrial Security Appliance. Fixed versions: 8.4(7.31) 9.0(4.39) 9.1(7) 9.2(4.6) 9.3(3.8) 9.4(2) 9.5(2). Cisco Bug IDs: CSCuv48243. | ||||
| CVE-2014-2154 | 1 Cisco | 1 Adaptive Security Appliance Software | 2025-04-12 | N/A |
| Memory leak in the SIP inspection engine in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to cause a denial of service (memory consumption and instability) via crafted SIP packets, aka Bug ID CSCuf67469. | ||||
| CVE-2014-2126 | 1 Cisco | 1 Adaptive Security Appliance Software | 2025-04-12 | N/A |
| Cisco Adaptive Security Appliance (ASA) Software 8.2 before 8.2(5.47), 8.4 before 8.4(7.5), 8.7 before 8.7(1.11), 9.0 before 9.0(3.10), and 9.1 before 9.1(3.4) allows remote authenticated users to gain privileges by leveraging level-0 ASDM access, aka Bug ID CSCuj33496. | ||||
| CVE-2013-6691 | 1 Cisco | 1 Adaptive Security Appliance Software | 2025-04-12 | N/A |
| The WebVPN CIFS implementation in Cisco Adaptive Security Appliance (ASA) Software 9.0(.4.1) and earlier allows remote CIFS servers to cause a denial of service (device reload) via a long share list, aka Bug ID CSCuj83344. | ||||
| CVE-2014-8023 | 1 Cisco | 1 Adaptive Security Appliance Software | 2025-04-12 | N/A |
| Cisco Adaptive Security Appliance (ASA) Software 9.2(.3) and earlier, when challenge-response authentication is used, does not properly select tunnel groups, which allows remote authenticated users to bypass intended resource-access restrictions via a crafted tunnel-group parameter, aka Bug ID CSCtz48533. | ||||
| CVE-2014-2129 | 1 Cisco | 1 Adaptive Security Appliance Software | 2025-04-12 | N/A |
| The SIP inspection engine in Cisco Adaptive Security Appliance (ASA) Software 8.2 before 8.2(5.48), 8.4 before 8.4(6.5), 9.0 before 9.0(3.1), and 9.1 before 9.1(2.5) allows remote attackers to cause a denial of service (memory consumption or device reload) via crafted SIP packets, aka Bug ID CSCuh44052. | ||||
| CVE-2016-1385 | 1 Cisco | 2 Adaptive Security Appliance, Adaptive Security Appliance Software | 2025-04-12 | N/A |
| The XML parser in Cisco Adaptive Security Appliance (ASA) Software through 9.5.2 allows remote authenticated users to cause a denial of service (instability, memory consumption, or device reload) by leveraging (1) administrative access or (2) Clientless SSL VPN access to provide a crafted XML document, aka Bug ID CSCut14209. | ||||
| CVE-2014-3399 | 1 Cisco | 1 Adaptive Security Appliance Software | 2025-04-12 | N/A |
| The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA) Software 9.2(.2.4) and earlier does not properly manage session information during creation of a SharePoint handler, which allows remote authenticated users to overwrite arbitrary RAMFS cache files or inject Lua programs, and consequently cause a denial of service (portal outage or system reload), via crafted HTTP requests, aka Bug ID CSCup54208. | ||||
| CVE-2014-3407 | 1 Cisco | 1 Adaptive Security Appliance Software | 2025-04-12 | N/A |
| The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA) Software 9.3(.2) and earlier does not properly allocate memory blocks during HTTP packet handling, which allows remote attackers to cause a denial of service (memory consumption) via crafted packets, aka Bug ID CSCuq68888. | ||||
| CVE-2014-3393 | 1 Cisco | 1 Adaptive Security Appliance Software | 2025-04-12 | N/A |
| The Clientless SSL VPN portal customization framework in Cisco ASA Software 8.2 before 8.2(5.51), 8.3 before 8.3(2.42), 8.4 before 8.4(7.23), 8.6 before 8.6(1.14), 9.0 before 9.0(4.24), 9.1 before 9.1(5.12), and 9.2 before 9.2(2.4) does not properly implement authentication, which allows remote attackers to modify RAMFS customization objects via unspecified vectors, as demonstrated by inserting XSS sequences or capturing credentials, aka Bug ID CSCup36829. | ||||
| CVE-2014-8012 | 1 Cisco | 1 Adaptive Security Appliance Software | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in the WebVPN Portal Login page in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to inject arbitrary web script or HTML via crafted attributes in a cookie, aka Bug ID CSCuh24695. | ||||
| CVE-2014-3394 | 1 Cisco | 11 Adaptive Security Appliance Software, Adaptive Security Virtual Appliance, Asa 1000v Cloud Firewall and 8 more | 2025-04-12 | N/A |
| The Smart Call Home (SCH) implementation in Cisco ASA Software 8.2 before 8.2(5.50), 8.4 before 8.4(7.15), 8.6 before 8.6(1.14), 8.7 before 8.7(1.13), 9.0 before 9.0(4.8), and 9.1 before 9.1(5.1) allows remote attackers to bypass certificate validation via an arbitrary VeriSign certificate, aka Bug ID CSCun10916. | ||||
| CVE-2014-3410 | 1 Cisco | 1 Adaptive Security Appliance Software | 2025-04-12 | N/A |
| The syslog-management subsystem in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to obtain an administrator password by waiting for an administrator to copy a file, and then (1) sniffing the network for a syslog message or (2) reading a syslog message in a file on a syslog server, aka Bug IDs CSCuq22357 and CSCur41860. | ||||
| CVE-2014-3391 | 1 Cisco | 1 Adaptive Security Appliance Software | 2025-04-12 | N/A |
| Untrusted search path vulnerability in Cisco ASA Software 8.x before 8.4(3), 8.5, and 8.7 before 8.7(1.13) allows local users to gain privileges by placing a Trojan horse library file in external memory, leading to library use after device reload because of an incorrect LD_LIBRARY_PATH value, aka Bug ID CSCtq52661. | ||||
| CVE-2016-6424 | 1 Cisco | 1 Adaptive Security Appliance Software | 2025-04-12 | N/A |
| The DHCP Relay implementation in Cisco Adaptive Security Appliance (ASA) Software 8.4.7.29 and 9.1.7.4 allows remote attackers to cause a denial of service (interface wedge) via a crafted rate of DHCP packet transmission, aka Bug ID CSCuy66942. | ||||
| CVE-2014-3264 | 1 Cisco | 1 Adaptive Security Appliance Software | 2025-04-12 | N/A |
| Cisco Adaptive Security Appliance (ASA) Software 9.1(.5) and earlier allows remote authenticated users to cause a denial of service (device reload) via crafted attributes in a RADIUS packet, aka Bug ID CSCun69561. | ||||
| CVE-2015-0677 | 1 Cisco | 1 Adaptive Security Appliance Software | 2025-04-12 | N/A |
| The XML parser in Cisco Adaptive Security Appliance (ASA) Software 8.4 before 8.4(7.28), 8.6 before 8.6(1.17), 9.0 before 9.0(4.33), 9.1 before 9.1(6), 9.2 before 9.2(3.4), and 9.3 before 9.3(3), when Clientless SSL VPN, AnyConnect SSL VPN, or AnyConnect IKEv2 VPN is used, allows remote attackers to cause a denial of service (VPN outage or device reload) via a crafted XML document, aka Bug ID CSCus95290. | ||||
| CVE-2014-3390 | 1 Cisco | 1 Adaptive Security Appliance Software | 2025-04-12 | N/A |
| The Virtual Network Management Center (VNMC) policy implementation in Cisco ASA Software 8.7 before 8.7(1.14), 9.2 before 9.2(2.8), and 9.3 before 9.3(1.1) allows local users to obtain Linux root access by leveraging administrative privileges and executing a crafted script, aka Bug IDs CSCuq41510 and CSCuq47574. | ||||
| CVE-2014-2182 | 1 Cisco | 1 Adaptive Security Appliance Software | 2025-04-12 | N/A |
| Cisco Adaptive Security Appliance (ASA) Software, when DHCPv6 replay is configured, allows remote attackers to cause a denial of service (device reload) via a crafted DHCPv6 packet, aka Bug ID CSCun45520. | ||||
| CVE-2014-3392 | 1 Cisco | 1 Adaptive Security Appliance Software | 2025-04-12 | N/A |
| The Clientless SSL VPN portal in Cisco ASA Software 8.2 before 8.2(5.51), 8.3 before 8.3(2.42), 8.4 before 8.4(7.23), 8.6 before 8.6(1.15), 9.0 before 9.0(4.24), 9.1 before 9.1(5.12), 9.2 before 9.2(2.8), and 9.3 before 9.3(1.1) allows remote attackers to obtain sensitive information from process memory or modify memory contents via crafted parameters, aka Bug ID CSCuq29136. | ||||