Vulnerabilities > Cisco > Application Services Engine

DATE CVE VULNERABILITY TITLE RISK
2021-02-24 CVE-2021-1396 Missing Authentication for Critical Function vulnerability in Cisco products
Multiple vulnerabilities in Cisco Application Services Engine could allow an unauthenticated, remote attacker to gain privileged access to host-level operations or to learn device-specific information, create diagnostic files, and make limited configuration changes.
network
low complexity
cisco CWE-306
6.5
6.5
2021-02-24 CVE-2021-1393 Missing Authentication for Critical Function vulnerability in Cisco products
Multiple vulnerabilities in Cisco Application Services Engine could allow an unauthenticated, remote attacker to gain privileged access to host-level operations or to learn device-specific information, create diagnostic files, and make limited configuration changes.
network
low complexity
cisco CWE-306
critical
 9.8
9.8
2020-06-03 CVE-2020-3335 Incorrect Authorization vulnerability in Cisco products
A vulnerability in the key store of Cisco Application Services Engine Software could allow an authenticated, local attacker to read sensitive information of other users on an affected device.
local
low complexity
cisco CWE-863
5.5
5.5
2020-06-03 CVE-2020-3333 Missing Authentication for Critical Function vulnerability in Cisco products
A vulnerability in the API of Cisco Application Services Engine Software could allow an unauthenticated, remote attacker to update event policies on an affected device.
network
low complexity
cisco CWE-306
5.3
5.3