Vulnerabilities > Cisco > Adaptive Security Appliance Software > 9.6.4.42

DATE CVE VULNERABILITY TITLE RISK
2020-10-21 CVE-2020-3581 Cross-site Scripting vulnerability in Cisco products
Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the web services interface of an affected device.
network
low complexity
cisco CWE-79
6.1
6.1
2020-10-21 CVE-2020-3580 Cross-site Scripting vulnerability in Cisco products
Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the web services interface of an affected device.
network
low complexity
cisco CWE-79
6.1
6.1
2020-10-21 CVE-2020-3578 Incorrect Authorization vulnerability in Cisco products
A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access rule and access parts of the WebVPN portal that are supposed to be blocked.
network
low complexity
cisco CWE-863
6.5
6.5