8.4.1

DATE	CVE	VULNERABILITY TITLE	RISK
2022-06-24	CVE-2022-20829	Insufficient Verification of Data Authenticity vulnerability in Cisco products A vulnerability in the packaging of Cisco Adaptive Security Device Manager (ASDM) images and the validation of those images by Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker with administrative privileges to upload an ASDM image that contains malicious code to a device that is running Cisco ASA Software. network low complexity cisco CWE-345	7.2
2020-02-19	CVE-2011-2054	Improper Authentication vulnerability in Cisco products A vulnerability in the Cisco ASA that could allow a remote attacker to successfully authenticate using the Cisco AnyConnect VPN client if the Secondary Authentication type is LDAP and the password is left blank, providing the primary credentials are correct. network high complexity cisco CWE-287	7.5