Vulnerabilities (CVE)

Filtered by vendor Cisco Subscribe
Filtered by product Adaptive Security Appliance
Total 64 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-12265 1 Cisco 1 Adaptive Security Appliance 2025-04-20 4.3 MEDIUM 6.1 MEDIUM
A vulnerability in the web-based management interface of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device, aka HREF XSS. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information. The vulnerability exists in the Cisco Adaptive Security Appliance (ASA) Software when the WEBVPN feature is enabled. Cisco Bug IDs: CSCve91068.
CVE-2016-1385 1 Cisco 2 Adaptive Security Appliance, Adaptive Security Appliance Software 2025-04-12 6.8 MEDIUM 6.5 MEDIUM
The XML parser in Cisco Adaptive Security Appliance (ASA) Software through 9.5.2 allows remote authenticated users to cause a denial of service (instability, memory consumption, or device reload) by leveraging (1) administrative access or (2) Clientless SSL VPN access to provide a crafted XML document, aka Bug ID CSCut14209.
CVE-2010-1580 1 Cisco 17 Adaptive Security Appliance, Adaptive Security Appliance Software, Asa 5500 and 14 more 2025-04-11 7.8 HIGH N/A
Unspecified vulnerability in the SunRPC inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.19), 8.1 before 8.1(2.47), and 8.2 before 8.2(2) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via crafted SunRPC UDP packets, aka Bug ID CSCtc85753.
CVE-2010-2815 1 Cisco 17 Adaptive Security Appliance, Adaptive Security Appliance Software, Asa 5500 and 14 more 2025-04-11 7.8 HIGH N/A
Unspecified vulnerability in the Transport Layer Security (TLS) implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.17), and 8.3 before 8.3(1.6) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via a sequence of crafted TLS packets, aka Bug ID CSCtf55259.
CVE-2013-1194 1 Cisco 2 Adaptive Security Appliance, Adaptive Security Appliance Software 2025-04-11 5.0 MEDIUM N/A
The ISAKMP implementation on Cisco Adaptive Security Appliances (ASA) devices generates different responses for IKE aggressive-mode messages depending on whether invalid VPN groups are specified, which allows remote attackers to enumerate groups via a series of messages, aka Bug ID CSCue73708.
CVE-2010-2814 1 Cisco 17 Adaptive Security Appliance, Adaptive Security Appliance Software, Asa 5500 and 14 more 2025-04-11 7.8 HIGH N/A
Unspecified vulnerability in the Transport Layer Security (TLS) implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.17), and 8.3 before 8.3(1.6) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via a sequence of crafted TLS packets, aka Bug ID CSCtf37506.
CVE-2012-5415 1 Cisco 3 5500 Adaptive Security Appliance, 5500 Series Adaptive Security Appliance, Adaptive Security Appliance 2025-04-11 5.4 MEDIUM N/A
Race condition on Cisco Adaptive Security Appliances (ASA) devices allows remote attackers to cause a denial of service (CPU consumption or device reload) by establishing multiple connections, leading to improper handling of hash lookups for secondary flows, aka Bug IDs CSCue31622 and CSCuc71272.
CVE-2013-3382 1 Cisco 1 Adaptive Security Appliance 2025-04-11 7.8 HIGH N/A
The Next-Generation Firewall (aka NGFW, formerly CX Context-Aware Security) module 9.x before 9.1.1.9 and 9.1.2.x before 9.1.2.12 for Cisco Adaptive Security Appliances (ASA) devices allows remote attackers to cause a denial of service (device reload or traffic-processing outage) via fragmented (1) IPv4 or (2) IPv6 traffic, aka Bug ID CSCue88387.
CVE-2013-1152 1 Cisco 2 Adaptive Security Appliance, Adaptive Security Appliance Software 2025-04-11 7.8 HIGH N/A
Cisco Adaptive Security Appliances (ASA) devices with software 9.0 before 9.0(1.2) allow remote attackers to cause a denial of service (device reload) via a crafted field in a DNS message, aka Bug ID CSCuc80080.
CVE-2013-6696 1 Cisco 2 Adaptive Security Appliance, Adaptive Security Appliance Software 2025-04-11 7.1 HIGH N/A
Cisco Adaptive Security Appliance (ASA) Software does not properly handle errors during the processing of DNS responses, which allows remote attackers to cause a denial of service (device reload) via a malformed response, aka Bug ID CSCuj28861.
CVE-2013-1138 1 Cisco 2 Adaptive Security Appliance, Adaptive Security Appliance Software 2025-04-11 5.0 MEDIUM N/A
The NAT process on Cisco Adaptive Security Appliances (ASA) devices allows remote attackers to cause a denial of service (connections-table memory consumption) via crafted packets, aka Bug ID CSCue46386.
CVE-2010-2816 1 Cisco 17 Adaptive Security Appliance, Adaptive Security Appliance Software, Asa 5500 and 14 more 2025-04-11 7.8 HIGH N/A
Unspecified vulnerability in the SIP inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.0 before 8.0(5.17), 8.1 before 8.1(2.45), and 8.2 before 8.2(2.13) allows remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCtd32106.
CVE-2010-1581 1 Cisco 17 Adaptive Security Appliance, Adaptive Security Appliance Software, Asa 5500 and 14 more 2025-04-11 7.8 HIGH N/A
Unspecified vulnerability in the Transport Layer Security (TLS) implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.17), and 8.3 before 8.3(1.6) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via a sequence of crafted TLS packets, aka Bug ID CSCtd32627.
CVE-2011-0396 1 Cisco 17 Adaptive Security Appliance, Adaptive Security Appliance Software, Asa 5500 and 14 more 2025-04-11 7.8 HIGH N/A
Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.0 before 8.0(5.23), 8.1 before 8.1(2.49), 8.2 before 8.2(4.1), and 8.3 before 8.3(2.13), when a Certificate Authority (CA) is configured, allow remote attackers to read arbitrary files via unspecified vectors, aka Bug ID CSCtk12352.
CVE-2014-0655 1 Cisco 1 Adaptive Security Appliance 2025-04-11 4.3 MEDIUM N/A
The Identity Firewall (IDFW) functionality in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to change the user-cache contents via a replay attack involving crafted RADIUS Change of Authorization (CoA) messages, aka Bug ID CSCuj45332.
CVE-2011-0395 1 Cisco 17 Adaptive Security Appliance, Adaptive Security Appliance Software, Asa 5500 and 14 more 2025-04-11 7.8 HIGH N/A
Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.0 before 8.0(5.20), 8.1 before 8.1(2.48), 8.2 before 8.2(3), and 8.3 before 8.3(2.1), when the RIP protocol and the Cisco Phone Proxy functionality are configured, allow remote attackers to cause a denial of service (device reload) via a RIP update, aka Bug ID CSCtg66583.
CVE-2013-3414 1 Cisco 2 Adaptive Security Appliance, Adaptive Security Appliance Software 2025-04-11 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in the WebVPN portal login page on Cisco Adaptive Security Appliances (ASA) devices allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCug83080.
CVE-2014-0653 1 Cisco 1 Adaptive Security Appliance 2025-04-11 4.3 MEDIUM N/A
The Identity Firewall (IDFW) functionality in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to trigger authentication-state modifications via a crafted NetBIOS logout probe response, aka Bug ID CSCuj45340.
CVE-2011-0394 1 Cisco 7 5500 Series Adaptive Security Appliance, Adaptive Security Appliance, Adaptive Security Appliance Software and 4 more 2025-04-11 7.8 HIGH N/A
Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.0 before 7.0(8.11), 7.1 and 7.2 before 7.2(5.1), 8.0 before 8.0(5.19), 8.1 before 8.1(2.47), 8.2 before 8.2(2.19), and 8.3 before 8.3(1.8); Cisco PIX Security Appliances 500 series devices; and Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(20), 3.2 before 3.2(20), 4.0 before 4.0(15), and 4.1 before 4.1(5) allow remote attackers to cause a denial of service (device reload) via a malformed Skinny Client Control Protocol (SCCP) message, aka Bug IDs CSCtg69457 and CSCtl84952.
CVE-2013-3463 1 Cisco 2 Adaptive Security Appliance, Adaptive Security Appliance Software 2025-04-11 4.3 MEDIUM N/A
The protocol-inspection feature on Cisco Adaptive Security Appliances (ASA) devices does not properly implement the idle timeout, which allows remote attackers to cause a denial of service (connection-table exhaustion) via crafted requests that use an inspected protocol, aka Bug ID CSCuh13899.