Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:a:cisco:adaptive_security_appliance_software:7.1\(2.49\):*:*:*:*:*:*:*
There are 63 matching records.
Displaying matches 41 through 60.
Vuln ID Summary CVSS Severity
CVE-2010-4690

The Mobile User Security (MUS) service on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.3(2) does not properly authenticate HTTP requests from a Web Security appliance (WSA), which might allow remote attackers to obtain sensitive information via a HEAD request, aka Bug ID CSCte53635.

Published: January 07, 2011; 6:00:19 PM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2010-4689

Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.3(2) do not properly preserve ACL behavior after a migration, which allows remote attackers to bypass intended access restrictions via an unspecified type of network traffic that had previously been denied, aka Bug ID CSCte46460.

Published: January 07, 2011; 6:00:19 PM -0500
V3.x:(not available)
V2.0: 7.8 HIGH
CVE-2010-4688

Unspecified vulnerability in the SIP inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.3(2) allows remote attackers to cause a denial of service (device crash) by making many SIP calls, aka Bug ID CSCte20030.

Published: January 07, 2011; 6:00:19 PM -0500
V3.x:(not available)
V2.0: 7.8 HIGH
CVE-2010-4682

Memory leak on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) allows remote attackers to cause a denial of service (memory consumption) by making multiple incorrect LDAP authentication attempts, aka Bug ID CSCtf29867.

Published: January 07, 2011; 7:00:50 AM -0500
V3.x:(not available)
V2.0: 7.8 HIGH
CVE-2010-4681

Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) allows remote attackers to bypass SMTP inspection via vectors involving a prepended space character, aka Bug ID CSCte14901.

Published: January 07, 2011; 7:00:50 AM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2010-4680

The WebVPN implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) permits the viewing of CIFS shares even when CIFS file browsing has been disabled, which allows remote authenticated users to bypass intended access restrictions via CIFS requests, aka Bug ID CSCsz80777.

Published: January 07, 2011; 7:00:50 AM -0500
V3.x:(not available)
V2.0: 9.0 HIGH
CVE-2010-4679

Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) do not properly handle Online Certificate Status Protocol (OCSP) connection failures, which allows remote OCSP responders to cause a denial of service (TCP socket exhaustion) by rejecting connection attempts, aka Bug ID CSCsz36816.

Published: January 07, 2011; 7:00:50 AM -0500
V3.x:(not available)
V2.0: 7.8 HIGH
CVE-2010-4678

Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) permit packets to pass before the configuration has been loaded, which might allow remote attackers to bypass intended access restrictions by sending network traffic during device startup, aka Bug ID CSCsy86769.

Published: January 07, 2011; 7:00:50 AM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2010-4677

emWEB on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) allows remote attackers to cause a denial of service (daemon crash) via a request for a document whose name contains space characters, aka Bug ID CSCsy08416.

Published: January 07, 2011; 7:00:50 AM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2010-4676

Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) allows remote authenticated users to cause a denial of service (device crash) via a high volume of IPsec traffic, aka Bug ID CSCsx52748.

Published: January 07, 2011; 7:00:50 AM -0500
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2010-4675

Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) do not properly determine the interfaces for which TELNET connections should be permitted, which allows remote authenticated users to bypass intended access restrictions via vectors involving the "lowest security level interface," aka Bug ID CSCsv40504.

Published: January 07, 2011; 7:00:50 AM -0500
V3.x:(not available)
V2.0: 9.0 HIGH
CVE-2010-4674

Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.2(4) and earlier allows remote attackers to cause a denial of service (block exhaustion) via multicast traffic, aka Bug ID CSCtg63992.

Published: January 07, 2011; 7:00:50 AM -0500
V3.x:(not available)
V2.0: 7.8 HIGH
CVE-2010-4673

Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.2(4) and earlier allow remote attackers to cause a denial of service via a flood of packets, aka Bug ID CSCtg06316.

Published: January 07, 2011; 7:00:49 AM -0500
V3.x:(not available)
V2.0: 7.8 HIGH
CVE-2010-4672

Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.2(3) and earlier allow remote attackers to cause a denial of service (block exhaustion) via EIGRP traffic that triggers an EIGRP multicast storm, aka Bug ID CSCtf20269.

Published: January 07, 2011; 7:00:49 AM -0500
V3.x:(not available)
V2.0: 7.8 HIGH
CVE-2010-4670

The Neighbor Discovery (ND) protocol implementation in the IPv6 stack on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.2(3) and earlier, and Cisco PIX Security Appliances devices, allows remote attackers to cause a denial of service (CPU consumption and device hang) by sending many Router Advertisement (RA) messages with different source addresses, as demonstrated by the flood_router6 program in the thc-ipv6 package, aka Bug ID CSCti24526.

Published: January 07, 2011; 7:00:49 AM -0500
V3.x:(not available)
V2.0: 7.8 HIGH
CVE-2009-5037

Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) allow remote attackers to cause a denial of service (ASDM syslog outage) via a long URL, aka Bug IDs CSCsm11264 and CSCtb92911.

Published: January 07, 2011; 7:00:43 AM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2010-2817

Unspecified vulnerability in the IKE implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.0 before 7.0(8.11), 7.1 and 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.10), and 8.3 before 8.3(1.1) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via a crafted IKE message, aka Bug ID CSCte46507.

Published: August 09, 2010; 7:58:17 AM -0400
V3.x:(not available)
V2.0: 7.8 HIGH
CVE-2008-0028

Unspecified vulnerability in Cisco PIX 500 Series Security Appliance and 5500 Series Adaptive Security Appliance (ASA) before 7.2(3)6 and 8.0(3), when the Time-to-Live (TTL) decrement feature is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted IP packet.

Published: January 23, 2008; 4:00:00 PM -0500
V3.x:(not available)
V2.0: 7.1 HIGH
CVE-2007-5568

Cisco PIX and ASA appliances with 7.0 through 8.0 software, and Cisco Firewall Services Module (FWSM) 3.1(5) and earlier, allow remote attackers to cause a denial of service (device reload) via a crafted MGCP packet, aka CSCsi90468 (appliance) and CSCsi00694 (FWSM).

Published: October 18, 2007; 5:17:00 PM -0400
V3.x:(not available)
V2.0: 7.1 HIGH
CVE-2007-4786

Cisco Adaptive Security Appliance (ASA) running PIX 7.0 before 7.0.7.1, 7.1 before 7.1.2.61, 7.2 before 7.2.2.34, and 8.0 before 8.0.2.11, when AAA is enabled, composes %ASA-5-111008 messages from the "test aaa" command with cleartext passwords and sends them over the network to a remote syslog server or places them in a local logging buffer, which allows context-dependent attackers to obtain sensitive information.

Published: September 10, 2007; 5:17:00 PM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM