Cisco Adaptive Security Appliance Software vulnerabilities
315 known vulnerabilities affecting cisco/adaptive_security_appliance_software.
Total CVEs
315
CISA KEV
12
actively exploited
Public exploits
13
Exploited in wild
11
Severity breakdown
CRITICAL15HIGH179MEDIUM120LOW1
Vulnerabilities
Page 14 of 16
CVE-2011-3298HIGHCVSS 7.9v7.0v7.0\(0\)+69 more2011-10-06
CVE-2011-3298 [HIGH] CWE-287 CVE-2011-3298: Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco C
Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco Catalyst 6500 series devices, with software 7.0 before 7.0(8.13), 7.1 and 7.2 before 7.2(5.3), 8.0 before 8.0(5.24), 8.1 before 8.1(2.50), 8.2 before 8.2(5), 8.3 before 8.3(2.18), 8.4 before 8.4(1.10), and 8.5 before 8.5(1.1) and Cisco Firewall Services Mo
nvd
CVE-2011-3303HIGHCVSS 7.8v7.0v7.0\(0\)+69 more2011-10-06
CVE-2011-3303 [HIGH] CWE-399 CVE-2011-3303: Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco C
Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco Catalyst 6500 series devices, with software 7.0 before 7.0(8.13), 7.1 and 7.2 before 7.2(5.4), 8.0 before 8.0(5.25), 8.1 before 8.1(2.50), 8.2 before 8.2(5.6), 8.3 before 8.3(2.23), 8.4 before 8.4(2.7), and 8.5 before 8.5(1.1) and Cisco Firewall Services M
nvd
CVE-2011-3299HIGHCVSS 7.8v7.0v7.0\(0\)+69 more2011-10-06
CVE-2011-3299 [HIGH] CWE-399 CVE-2011-3299: Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco C
Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco Catalyst 6500 series devices, with software 7.0 before 7.0(8.13), 7.1 and 7.2 before 7.2(5.4), 8.0 before 8.0(5.25), 8.1 and 8.2 before 8.2(5.11), 8.3 before 8.3(2.23), 8.4 before 8.4(2.6), and 8.5 before 8.5(1.1) and Cisco Firewall Services Module (aka FW
nvd
CVE-2011-3300HIGHCVSS 7.8v7.0v7.0\(0\)+69 more2011-10-06
CVE-2011-3300 [HIGH] CWE-399 CVE-2011-3300: Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco C
Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco Catalyst 6500 series devices, with software 7.0 before 7.0(8.13), 7.1 and 7.2 before 7.2(5.4), 8.0 before 8.0(5.25), 8.1 and 8.2 before 8.2(5.11), 8.3 before 8.3(2.23), 8.4 before 8.4(2.6), and 8.5 before 8.5(1.1) and Cisco Firewall Services Module (aka FW
nvd
CVE-2011-3302HIGHCVSS 7.8v7.0v7.0\(0\)+69 more2011-10-06
CVE-2011-3302 [HIGH] CWE-399 CVE-2011-3302: Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco C
Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco Catalyst 6500 series devices, with software 7.0 before 7.0(8.13), 7.1 and 7.2 before 7.2(5.4), 8.0 before 8.0(5.25), 8.1 and 8.2 before 8.2(5.11), 8.3 before 8.3(2.23), 8.4 before 8.4(2.6), and 8.5 before 8.5(1.1) and Cisco Firewall Services Module (aka FW
nvd
CVE-2011-0394HIGHCVSS 7.8≤ 8.3\(1\)v7.0+56 more2011-02-25
CVE-2011-0394 [HIGH] CWE-399 CVE-2011-0394: Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.0 before 7.0(8.11), 7.1
Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.0 before 7.0(8.11), 7.1 and 7.2 before 7.2(5.1), 8.0 before 8.0(5.19), 8.1 before 8.1(2.47), 8.2 before 8.2(2.19), and 8.3 before 8.3(1.8); Cisco PIX Security Appliances 500 series devices; and Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(20), 3.2 before 3.2(20), 4.
nvd
CVE-2011-0379HIGHCVSS 7.9v1.6.02011-02-25
CVE-2011-0379 [HIGH] CWE-119 CVE-2011-0379: Buffer overflow on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 1.6.x;
Buffer overflow on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 1.6.x; Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x; Cisco TelePresence endpoint devices with software 1.2.x through 1.6.x; and Cisco TelePresence Manager 1.2.x, 1.3.x, 1.4.x, 1.5.x, and 1.6.2 allows remote at
nvd
CVE-2011-0396HIGHCVSS 7.8v8.0v8.3\(1\)2011-02-25
CVE-2011-0396 [HIGH] CWE-264 CVE-2011-0396: Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.0 before 8.0(5.23), 8.1
Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.0 before 8.0(5.23), 8.1 before 8.1(2.49), 8.2 before 8.2(4.1), and 8.3 before 8.3(2.13), when a Certificate Authority (CA) is configured, allow remote attackers to read arbitrary files via unspecified vectors, aka Bug ID CSCtk12352.
nvd
CVE-2011-0393HIGHCVSS 7.8≤ 8.3\(1\)v7.0+56 more2011-02-25
CVE-2011-0393 [HIGH] CWE-399 CVE-2011-0393: Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.0 before 7.0(8.12), 7.1
Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.0 before 7.0(8.12), 7.1 and 7.2 before 7.2(5.2), 8.0 before 8.0(5.21), 8.1 before 8.1(2.49), 8.2 before 8.2(3.6), and 8.3 before 8.3(2.7) and Cisco PIX Security Appliances 500 series devices, when transparent firewall mode is configured but IPv6 is not configured, allow remote
nvd
CVE-2011-0395HIGHCVSS 7.8v8.0v8.3\(1\)2011-02-25
CVE-2011-0395 [HIGH] CWE-399 CVE-2011-0395: Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.0 before 8.0(5.20), 8.1
Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.0 before 8.0(5.20), 8.1 before 8.1(2.48), 8.2 before 8.2(3), and 8.3 before 8.3(2.1), when the RIP protocol and the Cisco Phone Proxy functionality are configured, allow remote attackers to cause a denial of service (device reload) via a RIP update, aka Bug ID CSCtg66583.
nvd
CVE-2010-4680CRITICALCVSS 9.0≤ 8.2\(2\)v7.0+52 more2011-01-07
CVE-2010-4680 [CRITICAL] CWE-264 CVE-2010-4680: The WebVPN implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with softw
The WebVPN implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) permits the viewing of CIFS shares even when CIFS file browsing has been disabled, which allows remote authenticated users to bypass intended access restrictions via CIFS requests, aka Bug ID CSCsz80777.
nvd
CVE-2010-4675CRITICALCVSS 9.0≤ 8.2\(2\)v7.0+52 more2011-01-07
CVE-2010-4675 [CRITICAL] CWE-264 CVE-2010-4675: Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) do not prop
Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) do not properly determine the interfaces for which TELNET connections should be permitted, which allows remote authenticated users to bypass intended access restrictions via vectors involving the "lowest security level interface," aka Bug ID CSCsv40504.
nvd
CVE-2010-4674HIGHCVSS 7.8≤ 8.2\(4\)v7.0+54 more2011-01-07
CVE-2010-4674 [HIGH] CWE-399 CVE-2010-4674: Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 series devices with softw
Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.2(4) and earlier allows remote attackers to cause a denial of service (block exhaustion) via multicast traffic, aka Bug ID CSCtg63992.
nvd
CVE-2010-4692HIGHCVSS 7.8≤ 8.3\(1\)v7.0+56 more2011-01-07
CVE-2010-4692 [HIGH] CVE-2010-4692: Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 series devices with softw
Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.3(2) allows remote attackers to cause a denial of service (device crash) via a large number of LAN-to-LAN (aka L2L) IPsec sessions, aka Bug ID CSCth36592.
nvd
CVE-2010-4679HIGHCVSS 7.8≤ 8.2\(2\)v7.0+52 more2011-01-07
CVE-2010-4679 [HIGH] CWE-20 CVE-2010-4679: Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) do not prop
Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) do not properly handle Online Certificate Status Protocol (OCSP) connection failures, which allows remote OCSP responders to cause a denial of service (TCP socket exhaustion) by rejecting connection attempts, aka Bug ID CSCsz36816.
nvd
CVE-2010-4682HIGHCVSS 7.8≤ 8.2\(2\)v7.0+52 more2011-01-07
CVE-2010-4682 [HIGH] CWE-399 CVE-2010-4682: Memory leak on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2
Memory leak on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) allows remote attackers to cause a denial of service (memory consumption) by making multiple incorrect LDAP authentication attempts, aka Bug ID CSCtf29867.
nvd
CVE-2010-4681HIGHCVSS 7.5≤ 8.2\(2\)v7.0+52 more2011-01-07
CVE-2010-4681 [HIGH] CVE-2010-4681: Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 series devices with softw
Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) allows remote attackers to bypass SMTP inspection via vectors involving a prepended space character, aka Bug ID CSCte14901.
nvd
CVE-2010-4678HIGHCVSS 7.5≤ 8.2\(2\)v7.0+52 more2011-01-07
CVE-2010-4678 [HIGH] CWE-264 CVE-2010-4678: Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) permit pack
Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) permit packets to pass before the configuration has been loaded, which might allow remote attackers to bypass intended access restrictions by sending network traffic during device startup, aka Bug ID CSCsy86769.
nvd
CVE-2010-4689HIGHCVSS 7.8≤ 8.3\(1\)v7.0+56 more2011-01-07
CVE-2010-4689 [HIGH] CWE-264 CVE-2010-4689: Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.3(2) do not prop
Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.3(2) do not properly preserve ACL behavior after a migration, which allows remote attackers to bypass intended access restrictions via an unspecified type of network traffic that had previously been denied, aka Bug ID CSCte46460.
nvd
CVE-2010-4670HIGHCVSS 7.8≤ 8.2\(3\)v7.0+53 more2011-01-07
CVE-2010-4670 [HIGH] CWE-399 CVE-2010-4670: The Neighbor Discovery (ND) protocol implementation in the IPv6 stack on Cisco Adaptive Security App
The Neighbor Discovery (ND) protocol implementation in the IPv6 stack on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.2(3) and earlier, and Cisco PIX Security Appliances devices, allows remote attackers to cause a denial of service (CPU consumption and device hang) by sending many Router Advertisement (RA) messages with d
nvd