Cisco

Adaptive Security Appliance Software

36 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4

CVE-2014-8023

  • EPSS 0.41%
  • Veröffentlicht 17.02.2015 01:59:02
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Cisco Adaptive Security Appliance (ASA) Software 9.2(.3) and earlier, when challenge-response authentication is used, does not properly select tunnel groups, which allows remote authenticated users to bypass intended resource-access restrictions via ...

6.3

CVE-2013-5557

  • EPSS 0.35%
  • Veröffentlicht 07.02.2015 04:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The Proxy Bypass Content Rewriter feature in the WebVPN subsystem in Cisco Adaptive Security Appliance (ASA) Software 9.1(.2) and earlier allows remote authenticated users to cause a denial of service (device crash or error-recovery event) via an HTT...

5

CVE-2014-3407

  • EPSS 0.38%
  • Veröffentlicht 28.11.2014 02:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA) Software 9.3(.2) and earlier does not properly allocate memory blocks during HTTP packet handling, which allows remote attackers to cause a denial of service (memory consumption) v...

6.8

CVE-2014-3391

  • EPSS 0.1%
  • Veröffentlicht 10.10.2014 10:55:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Untrusted search path vulnerability in Cisco ASA Software 8.x before 8.4(3), 8.5, and 8.7 before 8.7(1.13) allows local users to gain privileges by placing a Trojan horse library file in external memory, leading to library use after device reload bec...

6.8

CVE-2014-3390

  • EPSS 0.32%
  • Veröffentlicht 10.10.2014 10:55:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The Virtual Network Management Center (VNMC) policy implementation in Cisco ASA Software 8.7 before 8.7(1.14), 9.2 before 9.2(2.8), and 9.3 before 9.3(1.1) allows local users to obtain Linux root access by leveraging administrative privileges and exe...

5.5

CVE-2014-3399

  • EPSS 0.12%
  • Veröffentlicht 07.10.2014 10:55:04
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA) Software 9.2(.2.4) and earlier does not properly manage session information during creation of a SharePoint handler, which allows remote authenticated users to overwrite arbitrary ...

6.8

CVE-2013-6691

  • EPSS 0.73%
  • Veröffentlicht 14.07.2014 21:55:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The WebVPN CIFS implementation in Cisco Adaptive Security Appliance (ASA) Software 9.0(.4.1) and earlier allows remote CIFS servers to cause a denial of service (device reload) via a long share list, aka Bug ID CSCuj83344.

5.4

CVE-2013-5567

  • EPSS 1.5%
  • Veröffentlicht 14.07.2014 21:55:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Cisco Adaptive Security Appliance (ASA) Software 8.4(.6) and earlier, when using an unsupported configuration with overlapping criteria for filtering and inspection, allows remote attackers to cause a denial of service (traffic loop and device crash)...

4

CVE-2014-2151

  • EPSS 0.32%
  • Veröffentlicht 18.06.2014 16:55:07
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The WebVPN portal in Cisco Adaptive Security Appliance (ASA) Software 8.4(.7.15) and earlier allows remote authenticated users to obtain sensitive information via a crafted JavaScript file, aka Bug ID CSCui04520.

6.3

CVE-2014-3264

  • EPSS 0.3%
  • Veröffentlicht 20.05.2014 11:13:37
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Cisco Adaptive Security Appliance (ASA) Software 9.1(.5) and earlier allows remote authenticated users to cause a denial of service (device reload) via crafted attributes in a RADIUS packet, aka Bug ID CSCun69561.