Vulnerabilities > Cisco > ASA 5580
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2010-06-29 | CVE-2009-4914 | Resource Management Errors vulnerability in Cisco ASA 5580 Memory leak on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to cause a denial of service (memory consumption) via Subject Alternative Name fields in an X.509 certificate, aka Bug ID CSCsq17879. | 7.8 |
2010-06-29 | CVE-2009-4913 | Permissions, Privileges, and Access Controls vulnerability in Cisco ASA 5580 The IPv6 implementation on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) exposes IP services on the "far side of the box," which might allow remote attackers to bypass intended access restrictions via IPv6 packets, aka Bug ID CSCso58622. | 5.0 |
2010-06-29 | CVE-2009-4912 | Permissions, Privileges, and Access Controls vulnerability in Cisco ASA 5580 Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) complete an SSL handshake with an HTTPS client even if this client is unauthorized, which might allow remote attackers to bypass intended access restrictions via an HTTPS session, aka Bug ID CSCso10876. | 10.0 |
2010-06-29 | CVE-2009-4911 | Unspecified vulnerability in Cisco ASA 5580 8.1(1) Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to cause a denial of service (device crash) via vectors involving SSL VPN and PPPoE transactions, aka Bug ID CSCsm77958. | 7.8 |
2010-06-29 | CVE-2009-4910 | Cross-Site Scripting vulnerability in Cisco ASA 5580 Cross-site scripting (XSS) vulnerability in the WebVPN portal on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCsq78418. | 4.3 |
2010-06-29 | CVE-2008-7257 | Improper Input Validation vulnerability in Cisco ASA 5580 8.1(1) CRLF injection vulnerability in +webvpn+/index.html in WebVPN on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to inject arbitrary HTTP headers as demonstrated by a redirect attack involving a %0d%0aLocation%3a sequence in a URI, or conduct HTTP response splitting attacks via unspecified vectors, aka Bug ID CSCsr09163. | 4.3 |