Vulnerabilities > Cisco > ASA 5545 X Firmware > Critical

DATE CVE VULNERABILITY TITLE RISK
2020-05-06 CVE-2020-3125 Improper Authentication vulnerability in Cisco products
A vulnerability in the Kerberos authentication feature of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to impersonate the Kerberos key distribution center (KDC) and bypass authentication on an affected device that is configured to perform Kerberos authentication for VPN or local device access.
network
low complexity
cisco CWE-287
critical
9.8
2020-05-06 CVE-2020-3187 Path Traversal vulnerability in Cisco products
A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct directory traversal attacks and obtain read and delete access to sensitive files on a targeted system.
network
low complexity
cisco CWE-22
critical
9.1