Vulnerabilities > Cisco > Adaptive Security Appliance Software > 8.5
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-05-03 | CVE-2019-1687 | Improper Input Validation vulnerability in Cisco Adaptive Security Appliance Software A vulnerability in the TCP proxy functionality for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. | 7.5 |
2019-05-03 | CVE-2018-15388 | Resource Exhaustion vulnerability in Cisco Adaptive Security Appliance Software A vulnerability in the WebVPN login process of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause increased CPU utilization on an affected device. | 8.6 |
2018-12-24 | CVE-2018-15465 | Incorrect Authorization vulnerability in Cisco Adaptive Security Appliance Software A vulnerability in the authorization subsystem of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, but unprivileged (levels 0 and 1), remote attacker to perform privileged actions by using the web management interface. | 8.1 |
2018-01-29 | CVE-2018-0101 | Double Free vulnerability in Cisco Adaptive Security Appliance Software A vulnerability in the Secure Sockets Layer (SSL) VPN functionality of the Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code. | 10.0 |
2016-08-18 | CVE-2016-6367 | Command Injection vulnerability in Cisco Adaptive Security Appliance Software Cisco Adaptive Security Appliance (ASA) Software before 8.4(1) on ASA 5500, ASA 5500-X, PIX, and FWSM devices allows local users to gain privileges via invalid CLI commands, aka Bug ID CSCtu74257 or EPICBANANA. | 7.8 |
2016-08-18 | CVE-2016-6366 | Classic Buffer Overflow vulnerability in Cisco products Buffer overflow in Cisco Adaptive Security Appliance (ASA) Software through 9.4.2.3 on ASA 5500, ASA 5500-X, ASA Services Module, ASA 1000V, ASAv, Firepower 9300 ASA Security Module, PIX, and FWSM devices allows remote authenticated users to execute arbitrary code via crafted IPv4 SNMP packets, aka Bug ID CSCva92151 or EXTRABACON. | 8.8 |
2016-07-12 | CVE-2016-1445 | Unspecified vulnerability in Cisco Adaptive Security Appliance Software Cisco Adaptive Security Appliance (ASA) Software 8.2 through 9.4.3.3 allows remote attackers to bypass intended ICMP Echo Reply ACLs via vectors related to subtypes. | 5.3 |
2015-02-17 | CVE-2014-8023 | Permissions, Privileges, and Access Controls vulnerability in Cisco Adaptive Security Appliance Software Cisco Adaptive Security Appliance (ASA) Software 9.2(.3) and earlier, when challenge-response authentication is used, does not properly select tunnel groups, which allows remote authenticated users to bypass intended resource-access restrictions via a crafted tunnel-group parameter, aka Bug ID CSCtz48533. | 4.0 |
2013-12-07 | CVE-2013-6707 | Missing Release of Resource after Effective Lifetime vulnerability in Cisco Adaptive Security Appliance Software Memory leak in the connection-manager implementation in Cisco Adaptive Security Appliance (ASA) Software 9.1(.3) and earlier allows remote attackers to cause a denial of service (multi-protocol management outage) by making multiple management session requests, aka Bug ID CSCug33233. | 4.3 |