Vulnerabilities > Cisco > Adaptive Security Appliance

DATE CVE VULNERABILITY TITLE RISK
2020-05-06 CVE-2020-3306 Resource Exhaustion vulnerability in Cisco Adaptive Security Appliance
A vulnerability in the DHCP module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device.
network
low complexity
cisco CWE-400
7.5
2020-05-06 CVE-2020-3305 Resource Exhaustion vulnerability in Cisco Adaptive Security Appliance
A vulnerability in the implementation of the Border Gateway Protocol (BGP) module in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.
network
low complexity
cisco CWE-400
7.5
2020-05-06 CVE-2020-3303 Resource Exhaustion vulnerability in Cisco Adaptive Security Appliance
A vulnerability in the Internet Key Exchange version 1 (IKEv1) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.
network
low complexity
cisco CWE-400
7.5
2019-10-02 CVE-2019-12698 Unspecified vulnerability in Cisco Adaptive Security Appliance
A vulnerability in the WebVPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause increased CPU utilization on an affected device.
network
low complexity
cisco
7.5
2019-10-02 CVE-2019-12695 Cross-site Scripting vulnerability in Cisco Adaptive Security Appliance
A vulnerability in the Clientless SSL VPN (WebVPN) portal of Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.
network
low complexity
cisco CWE-79
6.1
2019-10-02 CVE-2019-12693 Incorrect Type Conversion or Cast vulnerability in Cisco Adaptive Security Appliance
A vulnerability in the Secure Copy (SCP) feature of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition.
network
low complexity
cisco CWE-704
4.9
2019-10-02 CVE-2019-12678 Integer Underflow (Wrap or Wraparound) vulnerability in Cisco products
A vulnerability in the Session Initiation Protocol (SIP) inspection module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
network
low complexity
cisco CWE-191
7.5
2019-10-02 CVE-2019-12676 Unspecified vulnerability in Cisco Adaptive Security Appliance
A vulnerability in the Open Shortest Path First (OSPF) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition.
low complexity
cisco
7.4
2019-10-02 CVE-2019-12673 Improper Input Validation vulnerability in Cisco Adaptive Security Appliance
A vulnerability in the FTP inspection engine of Cisco Adaptive Security (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
network
low complexity
cisco CWE-20
7.5
2017-10-05 CVE-2017-12265 Cross-site Scripting vulnerability in Cisco Adaptive Security Appliance
A vulnerability in the web-based management interface of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device, aka HREF XSS.
network
low complexity
cisco CWE-79
6.1