Filtered by vendor Cisco
Subscribe
Filtered by product Adaptive Security Appliance Software
Subscribe
Total
309 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2016-1385 | 1 Cisco | 2 Adaptive Security Appliance, Adaptive Security Appliance Software | 2024-11-21 | 6.8 MEDIUM | 6.5 MEDIUM |
The XML parser in Cisco Adaptive Security Appliance (ASA) Software through 9.5.2 allows remote authenticated users to cause a denial of service (instability, memory consumption, or device reload) by leveraging (1) administrative access or (2) Clientless SSL VPN access to provide a crafted XML document, aka Bug ID CSCut14209. | |||||
CVE-2016-1379 | 1 Cisco | 1 Adaptive Security Appliance Software | 2024-11-21 | 6.8 MEDIUM | 6.5 MEDIUM |
Cisco Adaptive Security Appliance (ASA) Software 9.0 through 9.5.1 mishandles IPsec error processing, which allows remote authenticated users to cause a denial of service (memory consumption) via crafted (1) LAN-to-LAN or (2) Remote Access VPN tunnel packets, aka Bug ID CSCuv70576. | |||||
CVE-2016-1367 | 1 Cisco | 1 Adaptive Security Appliance Software | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
The DHCPv6 relay implementation in Cisco Adaptive Security Appliance (ASA) Software 9.4.1 allows remote attackers to cause a denial of service (device reload) via crafted DHCPv6 packets, aka Bug ID CSCus23248. | |||||
CVE-2016-1295 | 1 Cisco | 1 Adaptive Security Appliance Software | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
Cisco Adaptive Security Appliance (ASA) Software 8.4 allows remote attackers to obtain sensitive information via an AnyConnect authentication attempt, aka Bug ID CSCuo65775. | |||||
CVE-2016-1287 | 1 Cisco | 1 Adaptive Security Appliance Software | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
Buffer overflow in the IKEv1 and IKEv2 implementations in Cisco ASA Software before 8.4(7.30), 8.7 before 8.7(1.18), 9.0 before 9.0(4.38), 9.1 before 9.1(7), 9.2 before 9.2(4.5), 9.3 before 9.3(3.7), 9.4 before 9.4(2.4), and 9.5 before 9.5(2.2) on ASA 5500 devices, ASA 5500-X devices, ASA Services Module for Cisco Catalyst 6500 and Cisco 7600 devices, ASA 1000V devices, Adaptive Security Virtual Appliance (aka ASAv), Firepower 9300 ASA Security Module, and ISA 3000 devices allows remote attackers to execute arbitrary code or cause a denial of service (device reload) via crafted UDP packets, aka Bug IDs CSCux29978 and CSCux42019. | |||||
CVE-2015-6423 | 1 Cisco | 1 Adaptive Security Appliance Software | 2024-11-21 | 3.5 LOW | 4.3 MEDIUM |
The DCERPC Inspection implementation in Cisco Adaptive Security Appliance (ASA) Software 9.4.1 through 9.5.1 allows remote authenticated users to bypass an intended DCERPC-only ACL by sending arbitrary network traffic, aka Bug ID CSCuu67782. | |||||
CVE-2015-6379 | 1 Cisco | 1 Adaptive Security Appliance Software | 2024-11-21 | 6.8 MEDIUM | N/A |
The XML parser in the management interface in Cisco Adaptive Security Appliance (ASA) Software 8.4 allows remote authenticated users to cause a denial of service (device crash) via a crafted XML document, aka Bug ID CSCut14223. | |||||
CVE-2015-6360 | 1 Cisco | 14 Adaptive Security Appliance Software, Dx Series Ip Phones Firmware, Ios Xe and 11 more | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
The encryption-processing feature in Cisco libSRTP before 1.5.3 allows remote attackers to cause a denial of service via crafted fields in SRTP packets, aka Bug ID CSCux00686. | |||||
CVE-2015-6327 | 1 Cisco | 1 Adaptive Security Appliance Software | 2024-11-21 | 7.8 HIGH | N/A |
The IKEv1 implementation in Cisco Adaptive Security Appliance (ASA) software 7.2 and 8.2 before 8.2(5.58), 8.3 and 8.4 before 8.4(7.29), 8.5 through 8.7 before 8.7(1.17), 9.0 before 9.0(4.37), 9.1 before 9.1(6.8), 9.2 before 9.2(4), and 9.3 before 9.3(3) allows remote attackers to cause a denial of service (device reload) via crafted ISAKMP UDP packets, aka Bug ID CSCus94026. | |||||
CVE-2015-6326 | 1 Cisco | 1 Adaptive Security Appliance Software | 2024-11-21 | 7.8 HIGH | N/A |
Cisco Adaptive Security Appliance (ASA) software 7.2 and 8.2 before 8.2(5.58), 8.3 and 8.4 before 8.4(7.29), 8.5 through 8.7 before 8.7(1.17), 9.0 before 9.0(4.37), 9.1 before 9.1(6.6), 9.2 before 9.2(4), 9.3 before 9.3(3.5), and 9.4 before 9.4(1.5) allows remote attackers to cause a denial of service (device reload) via a crafted DNS response, aka Bug ID CSCuu07799. | |||||
CVE-2015-6325 | 1 Cisco | 1 Adaptive Security Appliance Software | 2024-11-21 | 7.1 HIGH | N/A |
Cisco Adaptive Security Appliance (ASA) software 7.2 and 8.2 before 8.2(5.58), 8.3 and 8.4 before 8.4(7.29), 8.5 through 8.7 before 8.7(1.17), 9.0 before 9.0(4.37), 9.1 before 9.1(6.4), 9.2 before 9.2(4), 9.3 before 9.3(3.1), and 9.4 before 9.4(1.1) allows remote attackers to cause a denial of service (device reload) via a crafted DNS response, aka Bug ID CSCut03495. | |||||
CVE-2015-6324 | 1 Cisco | 1 Adaptive Security Appliance Software | 2024-11-21 | 7.1 HIGH | N/A |
The DHCPv6 relay implementation in Cisco Adaptive Security Appliance (ASA) software 9.0 before 9.0(4.37), 9.1 before 9.1(6.6), 9.2 before 9.2(4), 9.3 before 9.3(3.5), and 9.4 before 9.4(2) allows remote attackers to cause a denial of service (device reload) via crafted DHCPv6 packets, aka Bug IDs CSCus56252 and CSCus57142. | |||||
CVE-2015-4550 | 1 Cisco | 1 Adaptive Security Appliance Software | 2024-11-21 | 4.3 MEDIUM | N/A |
The Cavium cryptographic-module firmware on Cisco Adaptive Security Appliance (ASA) devices with software 9.3(3) and 9.4(1.1) does not verify the AES-GCM Integrity Check Value (ICV) octets, which makes it easier for man-in-the-middle attackers to spoof IPSec and IKEv2 traffic by modifying packet data, aka Bug ID CSCuu66218. | |||||
CVE-2015-4458 | 1 Cisco | 1 Adaptive Security Appliance Software | 2024-11-21 | 4.3 MEDIUM | N/A |
The TLS implementation in the Cavium cryptographic-module firmware, as distributed with Cisco Adaptive Security Appliance (ASA) Software 9.1(5.21) and other products, does not verify the MAC field, which allows man-in-the-middle attackers to spoof TLS content by modifying packets, aka Bug ID CSCuu52976. | |||||
CVE-2015-4321 | 1 Cisco | 1 Adaptive Security Appliance Software | 2024-11-21 | 5.0 MEDIUM | N/A |
The Unicast Reverse Path Forwarding (uRPF) implementation in Cisco Adaptive Security Appliance (ASA) Software 9.3(1.50), 9.3(2.100), 9.3(3), and 9.4(1) mishandles cases where an IP address belongs to an internal interface but is also in the ASA routing table, which allows remote attackers to bypass uRPF validation via spoofed packets, aka Bug ID CSCuv60724. | |||||
CVE-2015-4241 | 1 Cisco | 1 Adaptive Security Appliance Software | 2024-11-21 | 6.1 MEDIUM | N/A |
Cisco Adaptive Security Appliance (ASA) Software 9.3(2) allows remote attackers to cause a denial of service (system reload) by sending crafted OSPFv2 packets on the local network, aka Bug ID CSCut52679. | |||||
CVE-2015-4239 | 1 Cisco | 1 Adaptive Security Appliance Software | 2024-11-21 | 6.1 MEDIUM | N/A |
Cisco Adaptive Security Appliance (ASA) Software 9.3(2.243) and 100.13(0.21) allows remote attackers to cause a denial of service (device reload) by sending crafted OSPFv2 packets on the local network, aka Bug ID CSCus84220. | |||||
CVE-2015-4238 | 1 Cisco | 1 Adaptive Security Appliance Software | 2024-11-21 | 6.8 MEDIUM | N/A |
The SNMP implementation in Cisco Adaptive Security Appliance (ASA) Software 8.4(7) and 8.6(1.2) allows remote authenticated users to cause a denial of service (device reload) by sending many SNMP requests during a time of high network traffic, aka Bug ID CSCul02601. | |||||
CVE-2015-0760 | 1 Cisco | 1 Adaptive Security Appliance Software | 2024-11-21 | 4.0 MEDIUM | N/A |
The IKEv1 implementation in Cisco ASA Software 7.x, 8.0.x, 8.1.x, and 8.2.x before 8.2.2.13 allows remote authenticated users to bypass XAUTH authentication via crafted IKEv1 packets, aka Bug ID CSCus47259. | |||||
CVE-2015-0742 | 1 Cisco | 1 Adaptive Security Appliance Software | 2024-11-21 | 5.0 MEDIUM | N/A |
The Protocol Independent Multicast (PIM) application in Cisco Adaptive Security Appliance (ASA) Software 9.2(0.0), 9.2(0.104), 9.2(3.1), 9.2(3.4), 9.3(1.105), 9.3(2.100), 9.4(0.115), 100.13(0.21), 100.13(20.3), 100.13(21.9), and 100.14(1.1) does not properly implement multicast-forwarding registration, which allows remote attackers to cause a denial of service (forwarding outage) via a crafted multicast packet, aka Bug ID CSCus74398. |