9.8.3

DATE	CVE	VULNERABILITY TITLE	RISK
2022-06-24	CVE-2022-20829	Insufficient Verification of Data Authenticity vulnerability in Cisco products A vulnerability in the packaging of Cisco Adaptive Security Device Manager (ASDM) images and the validation of those images by Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker with administrative privileges to upload an ASDM image that contains malicious code to a device that is running Cisco ASA Software. network low complexity cisco CWE-345	7.2
2020-05-06	CVE-2020-3188	Insufficient Session Expiration vulnerability in Cisco products A vulnerability in how Cisco Firepower Threat Defense (FTD) Software handles session timeouts for management connections could allow an unauthenticated, remote attacker to cause a buildup of remote management connections to an affected device, which could result in a denial of service (DoS) condition. network low complexity cisco CWE-613	5.0