Vulnerabilities > Cisco > Adaptive Security Appliance Software > 7.2.4.25
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-06-04 | CVE-2015-0760 | Improper Input Validation vulnerability in Cisco Adaptive Security Appliance Software The IKEv1 implementation in Cisco ASA Software 7.x, 8.0.x, 8.1.x, and 8.2.x before 8.2.2.13 allows remote authenticated users to bypass XAUTH authentication via crafted IKEv1 packets, aka Bug ID CSCus47259. | 4.0 |
| 2015-02-17 | CVE-2014-8023 | Permissions, Privileges, and Access Controls vulnerability in Cisco Adaptive Security Appliance Software Cisco Adaptive Security Appliance (ASA) Software 9.2(.3) and earlier, when challenge-response authentication is used, does not properly select tunnel groups, which allows remote authenticated users to bypass intended resource-access restrictions via a crafted tunnel-group parameter, aka Bug ID CSCtz48533. | 4.0 |
| 2013-12-07 | CVE-2013-6707 | Missing Release of Resource after Effective Lifetime vulnerability in Cisco Adaptive Security Appliance Software Memory leak in the connection-manager implementation in Cisco Adaptive Security Appliance (ASA) Software 9.1(.3) and earlier allows remote attackers to cause a denial of service (multi-protocol management outage) by making multiple management session requests, aka Bug ID CSCug33233. | 4.3 |