7.0.6

DATE	CVE	VULNERABILITY TITLE	RISK
2024-04-24	CVE-2024-20353	Infinite Loop vulnerability in Cisco Adaptive Security Appliance Software A vulnerability in the management and VPN web servers for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to incomplete error checking when parsing an HTTP header. network low complexity cisco CWE-835	8.6
2024-04-24	CVE-2024-20359	Code Injection vulnerability in Cisco Adaptive Security Appliance Software A vulnerability in a legacy capability that allowed for the preloading of VPN clients and plug-ins and that has been available in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary code with root-level privileges. local low complexity cisco CWE-94	6.0
2023-12-12	CVE-2023-20275	Unspecified vulnerability in Cisco Adaptive Security Appliance Software A vulnerability in the AnyConnect SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to send packets with another VPN user's source IP address. network low complexity cisco	4.3
2023-11-01	CVE-2023-20246	Multiple Cisco products are affected by a vulnerability in Snort access control policies that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. network low complexity snort cisco	5.3
2023-11-01	CVE-2023-20267	Unspecified vulnerability in Cisco Firepower Threat Defense A vulnerability in the IP geolocation rules of Snort 3 could allow an unauthenticated, remote attacker to potentially bypass IP address restrictions. network low complexity cisco	5.3
2023-10-10	CVE-2023-44487	Resource Exhaustion vulnerability in multiple products The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. network low complexity ietf nghttp2 netty envoyproxy eclipse caddyserver golang f5 apache apple grpc microsoft nodejs dena facebook amazon debian kazu-yamamoto istio varnish-cache-project traefik projectcontour linkerd linecorp redhat fedoraproject netapp akka konghq jenkins openresty cisco CWE-400	7.5
2023-09-06	CVE-2023-20269	Incorrect Authorization vulnerability in Cisco Adaptive Security Appliance Software A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a brute force attack in an attempt to identify valid username and password combinations or an authenticated, remote attacker to establish a clientless SSL VPN session with an unauthorized user. This vulnerability is due to improper separation of authentication, authorization, and accounting (AAA) between the remote access VPN feature and the HTTPS management and site-to-site VPN features. network low complexity cisco CWE-863 critical	9.1