Vulnerabilities > Cisco > Adaptive Security Appliance Software > 9.1.7.7

DATE CVE VULNERABILITY TITLE RISK
2017-04-20 CVE-2017-3793 Resource Exhaustion vulnerability in Cisco Adaptive Security Appliance Software
A vulnerability in the TCP normalizer of Cisco Adaptive Security Appliance (ASA) Software (8.0 through 8.7 and 9.0 through 9.6) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause Cisco ASA and FTD to drop any further incoming traffic on all interfaces, resulting in a denial of service (DoS) condition.
network
high complexity
cisco CWE-400
4.0
4.0
2017-02-09 CVE-2017-3807 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Adaptive Security Appliance Software
A vulnerability in Common Internet Filesystem (CIFS) code in the Clientless SSL VPN functionality of Cisco ASA Software, Major Releases 9.0-9.6, could allow an authenticated, remote attacker to cause a heap overflow.
network
low complexity
cisco CWE-119
8.8
8.8
2016-11-19 CVE-2016-6461 Improper Input Validation vulnerability in Cisco Adaptive Security Appliance Software
A vulnerability in the HTTP web-based management interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to inject arbitrary XML commands on the affected system.
network
high complexity
cisco CWE-20
5.9
5.9
2016-07-12 CVE-2016-1445 Unspecified vulnerability in Cisco Adaptive Security Appliance Software
Cisco Adaptive Security Appliance (ASA) Software 8.2 through 9.4.3.3 allows remote attackers to bypass intended ICMP Echo Reply ACLs via vectors related to subtypes.
network
low complexity
cisco
5.3
5.3