Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:a:cisco:adaptive_security_appliance_software:7.1.2.24:*:*:*:*:*:*:*
There are 57 matching records.
Displaying matches 21 through 40.
Vuln ID Summary CVSS Severity
CVE-2014-8023

Cisco Adaptive Security Appliance (ASA) Software 9.2(.3) and earlier, when challenge-response authentication is used, does not properly select tunnel groups, which allows remote authenticated users to bypass intended resource-access restrictions via a crafted tunnel-group parameter, aka Bug ID CSCtz48533.

Published: February 16, 2015; 8:59:02 PM -0500
V3.x:(not available)
V2.0: 4.0 MEDIUM
CVE-2013-5557

The Proxy Bypass Content Rewriter feature in the WebVPN subsystem in Cisco Adaptive Security Appliance (ASA) Software 9.1(.2) and earlier allows remote authenticated users to cause a denial of service (device crash or error-recovery event) via an HTTP request that triggers a rewrite, aka Bug ID CSCug91577.

Published: February 06, 2015; 11:59:00 PM -0500
V3.x:(not available)
V2.0: 6.3 MEDIUM
CVE-2014-3407

The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA) Software 9.3(.2) and earlier does not properly allocate memory blocks during HTTP packet handling, which allows remote attackers to cause a denial of service (memory consumption) via crafted packets, aka Bug ID CSCuq68888.

Published: November 27, 2014; 9:59:00 PM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2014-3399

The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA) Software 9.2(.2.4) and earlier does not properly manage session information during creation of a SharePoint handler, which allows remote authenticated users to overwrite arbitrary RAMFS cache files or inject Lua programs, and consequently cause a denial of service (portal outage or system reload), via crafted HTTP requests, aka Bug ID CSCup54208.

Published: October 07, 2014; 6:55:04 AM -0400
V3.x:(not available)
V2.0: 5.5 MEDIUM
CVE-2013-6691

The WebVPN CIFS implementation in Cisco Adaptive Security Appliance (ASA) Software 9.0(.4.1) and earlier allows remote CIFS servers to cause a denial of service (device reload) via a long share list, aka Bug ID CSCuj83344.

Published: July 14, 2014; 5:55:05 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2013-5567

Cisco Adaptive Security Appliance (ASA) Software 8.4(.6) and earlier, when using an unsupported configuration with overlapping criteria for filtering and inspection, allows remote attackers to cause a denial of service (traffic loop and device crash) via a packet that triggers multiple matches, aka Bug ID CSCui45606.

Published: July 14, 2014; 5:55:05 PM -0400
V3.x:(not available)
V2.0: 5.4 MEDIUM
CVE-2014-2151

The WebVPN portal in Cisco Adaptive Security Appliance (ASA) Software 8.4(.7.15) and earlier allows remote authenticated users to obtain sensitive information via a crafted JavaScript file, aka Bug ID CSCui04520.

Published: June 18, 2014; 12:55:07 PM -0400
V3.x:(not available)
V2.0: 4.0 MEDIUM
CVE-2014-3264

Cisco Adaptive Security Appliance (ASA) Software 9.1(.5) and earlier allows remote authenticated users to cause a denial of service (device reload) via crafted attributes in a RADIUS packet, aka Bug ID CSCun69561.

Published: May 20, 2014; 7:13:37 AM -0400
V3.x:(not available)
V2.0: 6.3 MEDIUM
CVE-2013-6707

Memory leak in the connection-manager implementation in Cisco Adaptive Security Appliance (ASA) Software 9.1(.3) and earlier allows remote attackers to cause a denial of service (multi-protocol management outage) by making multiple management session requests, aka Bug ID CSCug33233.

Published: December 07, 2013; 12:33:32 AM -0500
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2013-6682

The phone-proxy implementation in Cisco Adaptive Security Appliance (ASA) Software 9.0.3.6 and earlier does not properly validate X.509 certificates, which allows remote attackers to cause a denial of service (connection-database corruption) via an invalid entry, aka Bug ID CSCui33299.

Published: November 13, 2013; 10:55:04 AM -0500
V3.x:(not available)
V2.0: 6.4 MEDIUM
CVE-2013-5568

The auto-update implementation in Cisco Adaptive Security Appliance (ASA) Software 9.0.3.6 and earlier allows remote attackers to cause a denial of service (device reload) via crafted update data, aka Bug ID CSCui33308.

Published: November 13, 2013; 10:55:03 AM -0500
V3.x:(not available)
V2.0: 7.1 HIGH
CVE-2013-5560

The IPv6 implementation in Cisco Adaptive Security Appliance (ASA) Software 9.1.3 and earlier, when NAT64 or NAT66 is enabled, does not properly process NAT rules, which allows remote attackers to cause a denial of service (device reload) via crafted packets, aka Bug ID CSCue34342.

Published: November 13, 2013; 10:55:03 AM -0500
V3.x:(not available)
V2.0: 5.4 MEDIUM
CVE-2011-0394

Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.0 before 7.0(8.11), 7.1 and 7.2 before 7.2(5.1), 8.0 before 8.0(5.19), 8.1 before 8.1(2.47), 8.2 before 8.2(2.19), and 8.3 before 8.3(1.8); Cisco PIX Security Appliances 500 series devices; and Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(20), 3.2 before 3.2(20), 4.0 before 4.0(15), and 4.1 before 4.1(5) allow remote attackers to cause a denial of service (device reload) via a malformed Skinny Client Control Protocol (SCCP) message, aka Bug IDs CSCtg69457 and CSCtl84952.

Published: February 25, 2011; 7:00:19 AM -0500
V3.x:(not available)
V2.0: 7.8 HIGH
CVE-2011-0393

Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.0 before 7.0(8.12), 7.1 and 7.2 before 7.2(5.2), 8.0 before 8.0(5.21), 8.1 before 8.1(2.49), 8.2 before 8.2(3.6), and 8.3 before 8.3(2.7) and Cisco PIX Security Appliances 500 series devices, when transparent firewall mode is configured but IPv6 is not configured, allow remote attackers to cause a denial of service (packet buffer exhaustion and device outage) via IPv6 traffic, aka Bug ID CSCtj04707.

Published: February 25, 2011; 7:00:19 AM -0500
V3.x:(not available)
V2.0: 7.8 HIGH
CVE-2010-4692

Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.3(2) allows remote attackers to cause a denial of service (device crash) via a large number of LAN-to-LAN (aka L2L) IPsec sessions, aka Bug ID CSCth36592.

Published: January 07, 2011; 6:00:19 PM -0500
V3.x:(not available)
V2.0: 7.8 HIGH
CVE-2010-4691

Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.3(2) allows remote attackers to cause a denial of service (device crash) via multicast traffic, aka Bug IDs CSCtg61810 and CSCtg69742.

Published: January 07, 2011; 6:00:19 PM -0500
V3.x:(not available)
V2.0: 7.8 HIGH
CVE-2010-4690

The Mobile User Security (MUS) service on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.3(2) does not properly authenticate HTTP requests from a Web Security appliance (WSA), which might allow remote attackers to obtain sensitive information via a HEAD request, aka Bug ID CSCte53635.

Published: January 07, 2011; 6:00:19 PM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2010-4689

Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.3(2) do not properly preserve ACL behavior after a migration, which allows remote attackers to bypass intended access restrictions via an unspecified type of network traffic that had previously been denied, aka Bug ID CSCte46460.

Published: January 07, 2011; 6:00:19 PM -0500
V3.x:(not available)
V2.0: 7.8 HIGH
CVE-2010-4688

Unspecified vulnerability in the SIP inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.3(2) allows remote attackers to cause a denial of service (device crash) by making many SIP calls, aka Bug ID CSCte20030.

Published: January 07, 2011; 6:00:19 PM -0500
V3.x:(not available)
V2.0: 7.8 HIGH
CVE-2010-4682

Memory leak on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) allows remote attackers to cause a denial of service (memory consumption) by making multiple incorrect LDAP authentication attempts, aka Bug ID CSCtf29867.

Published: January 07, 2011; 7:00:50 AM -0500
V3.x:(not available)
V2.0: 7.8 HIGH