Cisco

Adaptive Security Appliance Software

36 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4

CVE-2014-8023

  • EPSS 0.41%
  • Published 17.02.2015 01:59:02
  • Last modified 12.04.2025 10:46:40

Cisco Adaptive Security Appliance (ASA) Software 9.2(.3) and earlier, when challenge-response authentication is used, does not properly select tunnel groups, which allows remote authenticated users to bypass intended resource-access restrictions via ...

6.3

CVE-2013-5557

  • EPSS 0.35%
  • Published 07.02.2015 04:59:00
  • Last modified 12.04.2025 10:46:40

The Proxy Bypass Content Rewriter feature in the WebVPN subsystem in Cisco Adaptive Security Appliance (ASA) Software 9.1(.2) and earlier allows remote authenticated users to cause a denial of service (device crash or error-recovery event) via an HTT...

5

CVE-2014-3407

  • EPSS 0.38%
  • Published 28.11.2014 02:59:00
  • Last modified 12.04.2025 10:46:40

The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA) Software 9.3(.2) and earlier does not properly allocate memory blocks during HTTP packet handling, which allows remote attackers to cause a denial of service (memory consumption) v...

6.8

CVE-2014-3391

  • EPSS 0.1%
  • Published 10.10.2014 10:55:06
  • Last modified 12.04.2025 10:46:40

Untrusted search path vulnerability in Cisco ASA Software 8.x before 8.4(3), 8.5, and 8.7 before 8.7(1.13) allows local users to gain privileges by placing a Trojan horse library file in external memory, leading to library use after device reload bec...

6.8

CVE-2014-3390

  • EPSS 0.32%
  • Published 10.10.2014 10:55:06
  • Last modified 12.04.2025 10:46:40

The Virtual Network Management Center (VNMC) policy implementation in Cisco ASA Software 8.7 before 8.7(1.14), 9.2 before 9.2(2.8), and 9.3 before 9.3(1.1) allows local users to obtain Linux root access by leveraging administrative privileges and exe...

5.5

CVE-2014-3399

  • EPSS 0.12%
  • Published 07.10.2014 10:55:04
  • Last modified 12.04.2025 10:46:40

The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA) Software 9.2(.2.4) and earlier does not properly manage session information during creation of a SharePoint handler, which allows remote authenticated users to overwrite arbitrary ...

6.8

CVE-2013-6691

  • EPSS 0.73%
  • Published 14.07.2014 21:55:05
  • Last modified 12.04.2025 10:46:40

The WebVPN CIFS implementation in Cisco Adaptive Security Appliance (ASA) Software 9.0(.4.1) and earlier allows remote CIFS servers to cause a denial of service (device reload) via a long share list, aka Bug ID CSCuj83344.

5.4

CVE-2013-5567

  • EPSS 1.5%
  • Published 14.07.2014 21:55:05
  • Last modified 12.04.2025 10:46:40

Cisco Adaptive Security Appliance (ASA) Software 8.4(.6) and earlier, when using an unsupported configuration with overlapping criteria for filtering and inspection, allows remote attackers to cause a denial of service (traffic loop and device crash)...

4

CVE-2014-2151

  • EPSS 0.32%
  • Published 18.06.2014 16:55:07
  • Last modified 12.04.2025 10:46:40

The WebVPN portal in Cisco Adaptive Security Appliance (ASA) Software 8.4(.7.15) and earlier allows remote authenticated users to obtain sensitive information via a crafted JavaScript file, aka Bug ID CSCui04520.

6.3

CVE-2014-3264

  • EPSS 0.3%
  • Published 20.05.2014 11:13:37
  • Last modified 12.04.2025 10:46:40

Cisco Adaptive Security Appliance (ASA) Software 9.1(.5) and earlier allows remote authenticated users to cause a denial of service (device reload) via crafted attributes in a RADIUS packet, aka Bug ID CSCun69561.