Vulnerabilities > Cisco > Adaptive Security Appliance 5500 > 7.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-12-29 | CVE-2009-4455 | Permissions, Privileges, and Access Controls vulnerability in Cisco Adaptive Security Appliance 5500 The default configuration of Cisco ASA 5500 Series Adaptive Security Appliance (Cisco ASA) 7.0, 7.1, 7.2, 8.0, 8.1, and 8.2 allows portal traffic to access arbitrary backend servers, which might allow remote authenticated users to bypass intended access restrictions and access unauthorized web sites via a crafted URL obfuscated with ROT13 and a certain encoding. | 6.5 |
| 2009-04-09 | CVE-2009-1160 | Permissions, Privileges, and Access Controls vulnerability in Cisco Adaptive Security Appliance 5500 and PIX Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)1, 7.1 before 7.1(2)74, 7.2 before 7.2(4)9, and 8.0 before 8.0(4)5 do not properly implement the implicit deny statement, which might allow remote attackers to successfully send packets that bypass intended access restrictions, aka Bug ID CSCsq91277. | 4.3 |
| 2009-04-09 | CVE-2009-1158 | Unspecified vulnerability in Cisco Adaptive Security Appliance 5500 and PIX Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series devices 7.0 before 7.0(8)6, 7.1 before 7.1(2)82, 7.2 before 7.2(4)26, 8.0 before 8.0(4)24, and 8.1 before 8.1(2)14, when H.323 inspection is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted H.323 packet. | 7.8 |
| 2009-04-09 | CVE-2009-1157 | Unspecified vulnerability in Cisco Adaptive Security Appliance 5500 and PIX Memory leak on Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)6, 7.1 before 7.1(2)82, 7.2 before 7.2(4)30, 8.0 before 8.0(4)28, and 8.1 before 8.1(2)19 allows remote attackers to cause a denial of service (memory consumption or device reload) via a crafted TCP packet. | 7.8 |
| 2009-04-09 | CVE-2009-1155 | Improper Authentication vulnerability in Cisco Adaptive Security Appliance 5500 and PIX Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.1(1) through 7.1(2)82, 7.2 before 7.2(4)27, 8.0 before 8.0(4)25, and 8.1 before 8.1(2)15, when AAA override-account-disable is entered in a general-attributes field, allow remote attackers to bypass authentication and establish a VPN session to an ASA device via unspecified vectors. | 7.8 |