Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Adaptive_security_appliance
(Cisco)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 64 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2011-02-25 | CVE-2011-0394 | Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.0 before 7.0(8.11), 7.1 and 7.2 before 7.2(5.1), 8.0 before 8.0(5.19), 8.1 before 8.1(2.47), 8.2 before 8.2(2.19), and 8.3 before 8.3(1.8); Cisco PIX Security Appliances 500 series devices; and Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(20), 3.2 before 3.2(20), 4.0 before 4.0(15), and 4.1 before 4.1(5) allow remote attackers to cause a denial of service (device reload) via a malformed Skinny Client... | 5500_series_adaptive_security_appliance, Adaptive_security_appliance, Adaptive_security_appliance_software, Asa_5500, Firewall_services_module, Firewall_services_module_software, Pix_500 | N/A | ||
| 2011-02-25 | CVE-2011-0395 | Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.0 before 8.0(5.20), 8.1 before 8.1(2.48), 8.2 before 8.2(3), and 8.3 before 8.3(2.1), when the RIP protocol and the Cisco Phone Proxy functionality are configured, allow remote attackers to cause a denial of service (device reload) via a RIP update, aka Bug ID CSCtg66583. | Adaptive_security_appliance, Adaptive_security_appliance_software, Asa_5500, Asa_5505, Asa_5510, Asa_5520, Asa_5540, Asa_5550, Asa_5580, Pix_500, Pix_501, Pix_506e, Pix_firewall_506, Pix_firewall_515, Pix_firewall_520, Pix_firewall_525, Pix_firewall_535 | N/A | ||
| 2011-02-25 | CVE-2011-0396 | Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.0 before 8.0(5.23), 8.1 before 8.1(2.49), 8.2 before 8.2(4.1), and 8.3 before 8.3(2.13), when a Certificate Authority (CA) is configured, allow remote attackers to read arbitrary files via unspecified vectors, aka Bug ID CSCtk12352. | Adaptive_security_appliance, Adaptive_security_appliance_software, Asa_5500, Asa_5505, Asa_5510, Asa_5520, Asa_5540, Asa_5550, Asa_5580, Pix_500, Pix_501, Pix_506e, Pix_firewall_506, Pix_firewall_515, Pix_firewall_520, Pix_firewall_525, Pix_firewall_535 | N/A | ||
| 2013-04-18 | CVE-2013-1194 | The ISAKMP implementation on Cisco Adaptive Security Appliances (ASA) devices generates different responses for IKE aggressive-mode messages depending on whether invalid VPN groups are specified, which allows remote attackers to enumerate groups via a series of messages, aka Bug ID CSCue73708. | Adaptive_security_appliance, Adaptive_security_appliance_software | N/A | ||
| 2013-04-18 | CVE-2013-1199 | Race condition in the CIFS implementation in the rewriter module in the Clientless SSL VPN component on Cisco Adaptive Security Appliances (ASA) devices allows remote authenticated users to cause a denial of service (device reload) by accessing resources within multiple sessions, aka Bug ID CSCub58996. | Adaptive_security_appliance, Adaptive_security_appliance_clientless_ssl_vpn, Adaptive_security_appliance_software | N/A | ||
| 2013-07-25 | CVE-2013-3414 | Cross-site scripting (XSS) vulnerability in the WebVPN portal login page on Cisco Adaptive Security Appliances (ASA) devices allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCug83080. | Adaptive_security_appliance, Adaptive_security_appliance_software | N/A | ||
| 2013-08-30 | CVE-2013-3463 | The protocol-inspection feature on Cisco Adaptive Security Appliances (ASA) devices does not properly implement the idle timeout, which allows remote attackers to cause a denial of service (connection-table exhaustion) via crafted requests that use an inspected protocol, aka Bug ID CSCuh13899. | Adaptive_security_appliance, Adaptive_security_appliance_software | N/A | ||
| 2013-12-02 | CVE-2013-6696 | Cisco Adaptive Security Appliance (ASA) Software does not properly handle errors during the processing of DNS responses, which allows remote attackers to cause a denial of service (device reload) via a malformed response, aka Bug ID CSCuj28861. | Adaptive_security_appliance, Adaptive_security_appliance_software | N/A | ||
| 2017-10-05 | CVE-2017-12265 | A vulnerability in the web-based management interface of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device, aka HREF XSS. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of... | Adaptive_security_appliance | 6.1 | ||
| 2014-01-08 | CVE-2014-0655 | The Identity Firewall (IDFW) functionality in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to change the user-cache contents via a replay attack involving crafted RADIUS Change of Authorization (CoA) messages, aka Bug ID CSCuj45332. | Adaptive_security_appliance | N/A |