Vulnerabilities > Cisco > Adaptive Security Appliance Software > 9.8.2.21
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-05-03 | CVE-2019-1714 | Unspecified vulnerability in Cisco products A vulnerability in the implementation of Security Assertion Markup Language (SAML) 2.0 Single Sign-On (SSO) for Clientless SSL VPN (WebVPN) and AnyConnect Remote Access VPN in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to successfully establish a VPN session to an affected device. | 8.6 |
| 2019-05-03 | CVE-2019-1713 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Adaptive Security Appliance Software A vulnerability in the web-based management interface of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. | 8.8 |
| 2019-05-03 | CVE-2019-1708 | Memory Leak vulnerability in Cisco products A vulnerability in the Internet Key Exchange Version 2 Mobility and Multihoming Protocol (MOBIKE) feature for the Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a memory leak or a reload of an affected device that leads to a denial of service (DoS) condition. | 8.6 |
| 2019-05-03 | CVE-2019-1705 | Improper Resource Shutdown or Release vulnerability in Cisco Adaptive Security Appliance Software A vulnerability in the remote access VPN session manager of Cisco Adaptive Security Appliance (ASA) Software could allow a unauthenticated, remote attacker to cause a denial of service (DoS) condition on the remote access VPN services. | 5.9 |
| 2019-05-03 | CVE-2019-1701 | Cross-site Scripting vulnerability in Cisco Adaptive Security Appliance Software Multiple vulnerabilities in the WebVPN service of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the WebVPN portal of an affected device. | 4.8 |
| 2019-05-03 | CVE-2019-1697 | Improper Input Validation vulnerability in Cisco Adaptive Security Appliance Software A vulnerability in the implementation of the Lightweight Directory Access Protocol (LDAP) feature in Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. | 7.5 |
| 2019-05-03 | CVE-2019-1695 | Unspecified vulnerability in Cisco Adaptive Security Appliance Software A vulnerability in the detection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent attacker to send data directly to the kernel of an affected device. low complexity cisco | 6.5 |
| 2019-05-03 | CVE-2019-1694 | Unspecified vulnerability in Cisco Adaptive Security Appliance Software A vulnerability in the TCP processing engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. | 8.6 |
| 2019-05-03 | CVE-2019-1693 | Unspecified vulnerability in Cisco Adaptive Security Appliance Software A vulnerability in the WebVPN service of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 6.5 |
| 2019-05-03 | CVE-2019-1687 | Improper Input Validation vulnerability in Cisco Adaptive Security Appliance Software A vulnerability in the TCP proxy functionality for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. | 7.5 |