Vulnerabilities > Cisco > Adaptive Security Appliance Software > 9.9.2.50
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-02 | CVE-2019-12698 | Unspecified vulnerability in Cisco Adaptive Security Appliance A vulnerability in the WebVPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause increased CPU utilization on an affected device. | 7.5 |
| 2019-10-02 | CVE-2019-12695 | Cross-site Scripting vulnerability in Cisco Adaptive Security Appliance A vulnerability in the Clientless SSL VPN (WebVPN) portal of Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. | 6.1 |
| 2019-10-02 | CVE-2019-12693 | Incorrect Type Conversion or Cast vulnerability in Cisco Adaptive Security Appliance A vulnerability in the Secure Copy (SCP) feature of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition. | 4.9 |
| 2019-10-02 | CVE-2019-12678 | Integer Underflow (Wrap or Wraparound) vulnerability in Cisco products A vulnerability in the Session Initiation Protocol (SIP) inspection module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 7.5 |
| 2019-10-02 | CVE-2019-12676 | Unspecified vulnerability in Cisco Adaptive Security Appliance A vulnerability in the Open Shortest Path First (OSPF) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. low complexity cisco | 7.4 |
| 2019-10-02 | CVE-2019-12673 | Improper Input Validation vulnerability in Cisco Adaptive Security Appliance A vulnerability in the FTP inspection engine of Cisco Adaptive Security (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 7.5 |
| 2019-05-03 | CVE-2019-1714 | Unspecified vulnerability in Cisco products A vulnerability in the implementation of Security Assertion Markup Language (SAML) 2.0 Single Sign-On (SSO) for Clientless SSL VPN (WebVPN) and AnyConnect Remote Access VPN in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to successfully establish a VPN session to an affected device. | 8.6 |
| 2019-05-03 | CVE-2019-1713 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Adaptive Security Appliance Software A vulnerability in the web-based management interface of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. | 8.8 |
| 2019-05-03 | CVE-2019-1708 | Memory Leak vulnerability in Cisco products A vulnerability in the Internet Key Exchange Version 2 Mobility and Multihoming Protocol (MOBIKE) feature for the Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a memory leak or a reload of an affected device that leads to a denial of service (DoS) condition. | 8.6 |
| 2019-05-03 | CVE-2019-1706 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Cisco Adaptive Security Appliance Software A vulnerability in the software cryptography module of the Cisco Adaptive Security Virtual Appliance (ASAv) and Firepower 2100 Series running Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause an unexpected reload of the device that results in a denial of service (DoS) condition. | 8.6 |