Cisco

Adaptive Security Appliance Software

305 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.1

CVE-2013-5512

  • EPSS 0.11%
  • Published 13.10.2013 10:20:04
  • Last modified 11.04.2025 00:51:21

Race condition in the HTTP Deep Packet Inspection (DPI) feature in Cisco Adaptive Security Appliance (ASA) Software 8.2.x before 8.2(5.46), 8.3.x before 8.3(2.39), 8.4.x before 8.4(5.5), 8.5.x before 8.5(1.18), 8.6.x before 8.6(1.12), 8.7.x before 8....

7.1

CVE-2013-5513

  • EPSS 0.19%
  • Published 13.10.2013 10:20:04
  • Last modified 11.04.2025 00:51:21

Cisco Adaptive Security Appliance (ASA) Software 8.2.x before 8.2(5.46), 8.3.x before 8.3(2.39), 8.4.x before 8.4(7), 8.5.x before 8.5(1.18), 8.6.x before 8.6(1.12), 8.7.x before 8.7(1.7), 9.0.x before 9.0(3.3), and 9.1.x before 9.1(1.8), when the DN...

7.8

CVE-2013-5515

  • EPSS 0.28%
  • Published 13.10.2013 10:20:04
  • Last modified 11.04.2025 00:51:21

The Clientless SSL VPN feature in Cisco Adaptive Security Appliance (ASA) Software 8.x before 8.2(5.44), 8.3.x before 8.3(2.39), 8.4.x before 8.4(5.7), 8.6.x before 8.6(1.12), 9.0.x before 9.0(2.6), and 9.1.x before 9.1(1.7) allows remote attackers t...

7.8

CVE-2013-3415

  • EPSS 0.62%
  • Published 13.10.2013 10:20:03
  • Last modified 11.04.2025 00:51:21

Cisco Adaptive Security Appliance (ASA) Software 8.4.x before 8.4(3) and 8.6.x before 8.6(1.3) does not properly manage memory upon an AnyConnect SSL VPN client disconnection, which allows remote attackers to cause a denial of service (memory consump...

7.1

CVE-2013-3458

  • EPSS 0.49%
  • Published 08.09.2013 03:17:39
  • Last modified 11.04.2025 00:51:21

Cisco Adaptive Security Appliances (ASA) devices, when SMP is used, do not properly process X.509 certificates, which allows remote attackers to cause a denial of service (device crash) via a large volume of (1) SSL or (2) TLS traffic, aka Bug ID CSC...

4.3

CVE-2013-3463

  • EPSS 1.17%
  • Published 30.08.2013 01:55:08
  • Last modified 11.04.2025 00:51:21

The protocol-inspection feature on Cisco Adaptive Security Appliances (ASA) devices does not properly implement the idle timeout, which allows remote attackers to cause a denial of service (connection-table exhaustion) via crafted requests that use a...

4.3

CVE-2013-3414

  • EPSS 0.52%
  • Published 25.07.2013 15:53:16
  • Last modified 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in the WebVPN portal login page on Cisco Adaptive Security Appliances (ASA) devices allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCug83080.

6.8

CVE-2013-1215

  • EPSS 0.32%
  • Published 25.04.2013 20:55:09
  • Last modified 11.04.2025 00:51:21

The vpnclient program in the Easy VPN component on Cisco Adaptive Security Appliances (ASA) 5505 devices allows local users to gain privileges via unspecified vectors, aka Bug ID CSCuf85295.

5

CVE-2013-1195

  • EPSS 0.16%
  • Published 24.04.2013 10:28:37
  • Last modified 11.04.2025 00:51:21

The time-based ACL implementation on Cisco Adaptive Security Appliances (ASA) devices, and in Cisco Firewall Services Module (FWSM), does not properly handle periodic statements for the time-range command, which allows remote attackers to bypass inte...

4.9

CVE-2013-1199

  • EPSS 0.47%
  • Published 18.04.2013 18:55:07
  • Last modified 11.04.2025 00:51:21

Race condition in the CIFS implementation in the rewriter module in the Clientless SSL VPN component on Cisco Adaptive Security Appliances (ASA) devices allows remote authenticated users to cause a denial of service (device reload) by accessing resou...