Vulnerabilities > Cisco > Adaptive Security Appliance Software > 9.2.4.10

DATE CVE VULNERABILITY TITLE RISK
2017-02-09 CVE-2017-3807 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Adaptive Security Appliance Software
A vulnerability in Common Internet Filesystem (CIFS) code in the Clientless SSL VPN functionality of Cisco ASA Software, Major Releases 9.0-9.6, could allow an authenticated, remote attacker to cause a heap overflow.
network
low complexity
cisco CWE-119
8.8
8.8
2016-11-19 CVE-2016-6461 Improper Input Validation vulnerability in Cisco Adaptive Security Appliance Software
A vulnerability in the HTTP web-based management interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to inject arbitrary XML commands on the affected system.
network
high complexity
cisco CWE-20
5.9
5.9
2016-10-27 CVE-2016-6431 Improper Input Validation vulnerability in Cisco Adaptive Security Appliance Software
A vulnerability in the local Certificate Authority (CA) feature of Cisco ASA Software before 9.6(1.5) could allow an unauthenticated, remote attacker to cause a reload of the affected system.
network
low complexity
cisco CWE-20
7.5
7.5
2016-07-12 CVE-2016-1445 Unspecified vulnerability in Cisco Adaptive Security Appliance Software
Cisco Adaptive Security Appliance (ASA) Software 8.2 through 9.4.3.3 allows remote attackers to bypass intended ICMP Echo Reply ACLs via vectors related to subtypes.
network
low complexity
cisco
5.3
5.3