Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Adaptive_security_appliance_software
(Cisco)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 310 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2013-04-18 | CVE-2013-1194 | The ISAKMP implementation on Cisco Adaptive Security Appliances (ASA) devices generates different responses for IKE aggressive-mode messages depending on whether invalid VPN groups are specified, which allows remote attackers to enumerate groups via a series of messages, aka Bug ID CSCue73708. | Adaptive_security_appliance, Adaptive_security_appliance_software | N/A | ||
| 2013-04-18 | CVE-2013-1199 | Race condition in the CIFS implementation in the rewriter module in the Clientless SSL VPN component on Cisco Adaptive Security Appliances (ASA) devices allows remote authenticated users to cause a denial of service (device reload) by accessing resources within multiple sessions, aka Bug ID CSCub58996. | Adaptive_security_appliance, Adaptive_security_appliance_clientless_ssl_vpn, Adaptive_security_appliance_software | N/A | ||
| 2013-04-24 | CVE-2013-1195 | The time-based ACL implementation on Cisco Adaptive Security Appliances (ASA) devices, and in Cisco Firewall Services Module (FWSM), does not properly handle periodic statements for the time-range command, which allows remote attackers to bypass intended access restrictions by sending network traffic during denied time periods, aka Bug IDs CSCuf79091 and CSCug45850. | Adaptive_security_appliance_software, Firewall_services_module | N/A | ||
| 2013-04-25 | CVE-2013-1215 | The vpnclient program in the Easy VPN component on Cisco Adaptive Security Appliances (ASA) 5505 devices allows local users to gain privileges via unspecified vectors, aka Bug ID CSCuf85295. | 5500_series_adaptive_security_appliance, Adaptive_security_appliance_software, Asa_5500 | N/A | ||
| 2013-07-25 | CVE-2013-3414 | Cross-site scripting (XSS) vulnerability in the WebVPN portal login page on Cisco Adaptive Security Appliances (ASA) devices allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCug83080. | Adaptive_security_appliance, Adaptive_security_appliance_software | N/A | ||
| 2013-08-30 | CVE-2013-3463 | The protocol-inspection feature on Cisco Adaptive Security Appliances (ASA) devices does not properly implement the idle timeout, which allows remote attackers to cause a denial of service (connection-table exhaustion) via crafted requests that use an inspected protocol, aka Bug ID CSCuh13899. | Adaptive_security_appliance, Adaptive_security_appliance_software | N/A | ||
| 2013-10-22 | CVE-2013-5544 | The VPN authentication functionality in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to cause a denial of service (device reload) by sending many username-from-cert IKE requests, aka Bug ID CSCua91108. | Adaptive_security_appliance_software | N/A | ||
| 2013-11-01 | CVE-2013-5551 | Cisco Adaptive Security Appliance (ASA) Software, when certain same-security-traffic and management-access options are enabled, allows remote authenticated users to cause a denial of service (stack overflow and device reload) by using the clientless SSL VPN portal for internal-resource browsing, aka Bug ID CSCui51199. | Adaptive_security_appliance_software | N/A | ||
| 2013-12-02 | CVE-2013-6696 | Cisco Adaptive Security Appliance (ASA) Software does not properly handle errors during the processing of DNS responses, which allows remote attackers to cause a denial of service (device reload) via a malformed response, aka Bug ID CSCuj28861. | Adaptive_security_appliance, Adaptive_security_appliance_software | N/A | ||
| 2014-02-22 | CVE-2014-0738 | The Phone Proxy component in Cisco Adaptive Security Appliance (ASA) Software 9.1(.3) and earlier allows remote attackers to bypass authentication and change trust relationships by injecting a Certificate Trust List (CTL) file, aka Bug ID CSCuj66770. | Adaptive_security_appliance_software | N/A |