Cisco Adaptive Security Appliance Software vulnerabilities

306 known vulnerabilities affecting cisco/adaptive_security_appliance_software.

Total CVEs
306
CISA KEV
12
actively exploited
Public exploits
13
Exploited in wild
11
Severity breakdown
CRITICAL15HIGH177MEDIUM113LOW1

Vulnerabilities

Page 13 of 16
CVE-2012-0335MEDIUMCVSS 5.0v7.2v7.2\(1\)+41 more2012-05-02
CVE-2012-0335 [MEDIUM] CWE-287 CVE-2012-0335: Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 through 8.4 do not pr Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 through 8.4 do not properly perform proxy authentication during attempts to cut through a firewall, which allows remote attackers to obtain sensitive information via a connection attempt, aka Bug ID CSCtx42746.
nvd
CVE-2011-3309MEDIUMCVSS 4.3v8.2\(1\)v8.2\(2\)+18 more2012-05-02
CVE-2011-3309 [MEDIUM] CWE-200 CVE-2011-3309: Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.2 through 8.4 process I Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.2 through 8.4 process IKE requests despite a vpnclient mode configuration, which allows remote attackers to obtain potentially sensitive information by reading IKE responder traffic, aka Bug ID CSCtt07749.
nvd
CVE-2011-3285MEDIUMCVSS 5.0v8.0v8.0\(2\)+28 more2012-05-02
CVE-2011-3285 [MEDIUM] CWE-20 CVE-2011-3285: CRLF injection vulnerability in /+CSCOE+/logon.html on Cisco Adaptive Security Appliances (ASA) 5500 CRLF injection vulnerability in /+CSCOE+/logon.html on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.0 through 8.4 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors, aka Bug ID CSCth63101.
nvd
CVE-2012-0358CRITICALCVSS 9.3v7.0v7.0\(0\)+83 more2012-03-15
CVE-2012-0358 [CRITICAL] CWE-119 CVE-2012-0358: Buffer overflow in the Cisco Port Forwarder ActiveX control in cscopf.ocx, as distributed through th Buffer overflow in the Cisco Port Forwarder ActiveX control in cscopf.ocx, as distributed through the Clientless VPN feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.0 through 7.2 before 7.2(5.6), 8.0 before 8.0(5.26), 8.1 before 8.1(2.53), 8.2 before 8.2(5.18), 8.3 before 8.3(2.28), 8.2 before 8.4(2.16), and 8
nvd
CVE-2012-0356HIGHCVSS 7.8v7.0v7.0\(0\)+83 more2012-03-15
CVE-2012-0356 [HIGH] CWE-20 CVE-2012-0356: Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 7.0 through 7.2 before 7.2(5.7), 8.0 before 8.0(5.27), 8.1 before 8.1(2.53), 8.2 before 8.2(5.8), 8.3 before 8.3(2.25), 8.4 before 8.4(2.5), and 8.5 before 8.5(1.2) and the Firewall Services Module (FWSM)
nvd
CVE-2012-0353HIGHCVSS 7.1v8.0v8.0\(2\)+28 more2012-03-15
CVE-2012-0353 [HIGH] CWE-20 CVE-2012-0353: The UDP inspection engine on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the A The UDP inspection engine on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.0 before 8.0(5.25), 8.1 before 8.1(2.50), 8.2 before 8.2(5.5), 8.3 before 8.3(2.22), 8.4 before 8.4(2.1), and 8.5 before 8.5(1.2) does not properly handle flows, which allows
nvd
CVE-2012-0354HIGHCVSS 7.1v8.0v8.0\(2\)+32 more2012-03-15
CVE-2012-0354 [HIGH] CWE-20 CVE-2012-0354: The Threat Detection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and th The Threat Detection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.0 through 8.2 before 8.2(5.20), 8.3 before 8.3(2.29), 8.4 before 8.4(3), 8.5 before 8.5(1.6), and 8.6 before 8.6(1.1) allows remote attackers to cause a denial of service
nvd
CVE-2012-0355HIGHCVSS 7.8v8.4v8.4\(1\)+6 more2012-03-15
CVE-2012-0355 [HIGH] CWE-20 CVE-2012-0355: Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.4 before 8.4(2.11) and 8.5 before 8.5(1.4) allow remote attackers to cause a denial of service (device reload) via (1) IPv4 or (2) IPv6 packets that trigger syslog message 305006, aka Bug ID CSCts39634.
nvd
CVE-2011-2060MEDIUMCVSS 4.9v7.0v7.0\(0\)+69 more2011-10-22
CVE-2011-2060 [MEDIUM] CWE-399 CVE-2011-2060: The platform-sw component on Cisco Adaptive Security Appliances (ASA) 5500 series devices with softw The platform-sw component on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.2 before 8.2(5.3), 8.3 before 8.3(2.20), and 8.4 before 8.4(2.1) does not properly handle non-ASCII characters in an interface description, which allows local users to cause a denial of service (reload without configuration) via a crafted descript
nvd
CVE-2011-3301HIGHCVSS 7.8v7.0v7.0\(0\)+69 more2011-10-06
CVE-2011-3301 [HIGH] CWE-399 CVE-2011-3301: Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco C Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco Catalyst 6500 series devices, with software 7.0 before 7.0(8.13), 7.1 and 7.2 before 7.2(5.4), 8.0 before 8.0(5.25), 8.1 and 8.2 before 8.2(5.11), 8.3 before 8.3(2.23), 8.4 before 8.4(2.6), and 8.5 before 8.5(1.1) and Cisco Firewall Services Module (aka FW
nvd
CVE-2011-3304HIGHCVSS 7.8v7.0v7.0\(0\)+69 more2011-10-06
CVE-2011-3304 [HIGH] CWE-399 CVE-2011-3304: Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco C Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco Catalyst 6500 series devices, with software 7.2 before 7.2(5.3), 8.0 before 8.0(5.25), 8.1 before 8.1(2.50), 8.2 before 8.2(5.11), 8.3 before 8.3(2.23), 8.4 before 8.4(2), and 8.5 before 8.5(1.1) allow remote attackers to cause a denial of service (device
nvd
CVE-2011-3298HIGHCVSS 7.9v7.0v7.0\(0\)+69 more2011-10-06
CVE-2011-3298 [HIGH] CWE-287 CVE-2011-3298: Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco C Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco Catalyst 6500 series devices, with software 7.0 before 7.0(8.13), 7.1 and 7.2 before 7.2(5.3), 8.0 before 8.0(5.24), 8.1 before 8.1(2.50), 8.2 before 8.2(5), 8.3 before 8.3(2.18), 8.4 before 8.4(1.10), and 8.5 before 8.5(1.1) and Cisco Firewall Services Mo
nvd
CVE-2011-3303HIGHCVSS 7.8v7.0v7.0\(0\)+69 more2011-10-06
CVE-2011-3303 [HIGH] CWE-399 CVE-2011-3303: Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco C Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco Catalyst 6500 series devices, with software 7.0 before 7.0(8.13), 7.1 and 7.2 before 7.2(5.4), 8.0 before 8.0(5.25), 8.1 before 8.1(2.50), 8.2 before 8.2(5.6), 8.3 before 8.3(2.23), 8.4 before 8.4(2.7), and 8.5 before 8.5(1.1) and Cisco Firewall Services M
nvd
CVE-2011-3299HIGHCVSS 7.8v7.0v7.0\(0\)+69 more2011-10-06
CVE-2011-3299 [HIGH] CWE-399 CVE-2011-3299: Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco C Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco Catalyst 6500 series devices, with software 7.0 before 7.0(8.13), 7.1 and 7.2 before 7.2(5.4), 8.0 before 8.0(5.25), 8.1 and 8.2 before 8.2(5.11), 8.3 before 8.3(2.23), 8.4 before 8.4(2.6), and 8.5 before 8.5(1.1) and Cisco Firewall Services Module (aka FW
nvd
CVE-2011-3300HIGHCVSS 7.8v7.0v7.0\(0\)+69 more2011-10-06
CVE-2011-3300 [HIGH] CWE-399 CVE-2011-3300: Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco C Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco Catalyst 6500 series devices, with software 7.0 before 7.0(8.13), 7.1 and 7.2 before 7.2(5.4), 8.0 before 8.0(5.25), 8.1 and 8.2 before 8.2(5.11), 8.3 before 8.3(2.23), 8.4 before 8.4(2.6), and 8.5 before 8.5(1.1) and Cisco Firewall Services Module (aka FW
nvd
CVE-2011-3302HIGHCVSS 7.8v7.0v7.0\(0\)+69 more2011-10-06
CVE-2011-3302 [HIGH] CWE-399 CVE-2011-3302: Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco C Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco Catalyst 6500 series devices, with software 7.0 before 7.0(8.13), 7.1 and 7.2 before 7.2(5.4), 8.0 before 8.0(5.25), 8.1 and 8.2 before 8.2(5.11), 8.3 before 8.3(2.23), 8.4 before 8.4(2.6), and 8.5 before 8.5(1.1) and Cisco Firewall Services Module (aka FW
nvd
CVE-2011-0394HIGHCVSS 7.8≤ 8.3\(1\)v7.0+56 more2011-02-25
CVE-2011-0394 [HIGH] CWE-399 CVE-2011-0394: Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.0 before 7.0(8.11), 7.1 Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.0 before 7.0(8.11), 7.1 and 7.2 before 7.2(5.1), 8.0 before 8.0(5.19), 8.1 before 8.1(2.47), 8.2 before 8.2(2.19), and 8.3 before 8.3(1.8); Cisco PIX Security Appliances 500 series devices; and Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(20), 3.2 before 3.2(20), 4.
nvd
CVE-2011-0379HIGHCVSS 7.9v1.6.02011-02-25
CVE-2011-0379 [HIGH] CWE-119 CVE-2011-0379: Buffer overflow on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 1.6.x; Buffer overflow on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 1.6.x; Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x; Cisco TelePresence endpoint devices with software 1.2.x through 1.6.x; and Cisco TelePresence Manager 1.2.x, 1.3.x, 1.4.x, 1.5.x, and 1.6.2 allows remote at
nvd
CVE-2011-0396HIGHCVSS 7.8v8.0v8.3\(1\)2011-02-25
CVE-2011-0396 [HIGH] CWE-264 CVE-2011-0396: Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.0 before 8.0(5.23), 8.1 Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.0 before 8.0(5.23), 8.1 before 8.1(2.49), 8.2 before 8.2(4.1), and 8.3 before 8.3(2.13), when a Certificate Authority (CA) is configured, allow remote attackers to read arbitrary files via unspecified vectors, aka Bug ID CSCtk12352.
nvd
CVE-2011-0393HIGHCVSS 7.8≤ 8.3\(1\)v7.0+56 more2011-02-25
CVE-2011-0393 [HIGH] CWE-399 CVE-2011-0393: Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.0 before 7.0(8.12), 7.1 Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.0 before 7.0(8.12), 7.1 and 7.2 before 7.2(5.2), 8.0 before 8.0(5.21), 8.1 before 8.1(2.49), 8.2 before 8.2(3.6), and 8.3 before 8.3(2.7) and Cisco PIX Security Appliances 500 series devices, when transparent firewall mode is configured but IPv6 is not configured, allow remote
nvd
← Previous13 / 16Next →
Cisco Adaptive Security Appliance Software vulnerabilities | cvebase