Vulnerabilities > Cisco > Adaptive Security Appliance Software > 9.8.2.21
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-29 | CVE-2021-1501 | Unspecified vulnerability in Cisco Firepower Threat Defense A vulnerability in the SIP inspection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a crash and reload of an affected device, resulting in a denial of service (DoS) condition.The vulnerability is due to a crash that occurs during a hash lookup for a SIP pinhole connection. | 7.5 |
| 2020-10-21 | CVE-2020-3599 | Cross-site Scripting vulnerability in Cisco Adaptive Security Appliance A vulnerability in the web-based management interface of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. | 6.1 |
| 2020-10-21 | CVE-2020-3585 | Information Exposure Through Discrepancy vulnerability in Cisco products A vulnerability in the TLS handler of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 1000 Series firewalls could allow an unauthenticated, remote attacker to gain access to sensitive information. | 3.7 |
| 2020-10-21 | CVE-2020-3583 | Cross-site Scripting vulnerability in Cisco products Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the web services interface of an affected device. | 6.1 |
| 2020-10-21 | CVE-2020-3582 | Cross-site Scripting vulnerability in Cisco products Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the web services interface of an affected device. | 6.1 |
| 2020-10-21 | CVE-2020-3581 | Cross-site Scripting vulnerability in Cisco products Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the web services interface of an affected device. | 6.1 |
| 2020-10-21 | CVE-2020-3580 | Cross-site Scripting vulnerability in Cisco products Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the web services interface of an affected device. | 6.1 |
| 2020-10-21 | CVE-2020-3578 | Incorrect Authorization vulnerability in Cisco products A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access rule and access parts of the WebVPN portal that are supposed to be blocked. | 6.5 |
| 2020-10-21 | CVE-2020-3555 | Improper Resource Shutdown or Release vulnerability in Cisco Firepower Threat Defense A vulnerability in the SIP inspection process of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a crash and reload of an affected device, resulting in a denial of service (DoS) condition. | 7.5 |
| 2020-10-21 | CVE-2020-3457 | OS Command Injection vulnerability in Cisco products A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. | 6.7 |