Cisco Adaptive Security Appliance Software vulnerabilities
306 known vulnerabilities affecting cisco/adaptive_security_appliance_software.
Total CVEs
306
CISA KEV
12
actively exploited
Public exploits
13
Exploited in wild
11
Severity breakdown
CRITICAL15HIGH177MEDIUM113LOW1
Vulnerabilities
Page 15 of 16
CVE-2010-2814HIGHCVSS 7.8v7.2\(1\)v7.2\(1.22\)+12 more2010-08-09
CVE-2010-2814 [HIGH] CVE-2010-2814: Unspecified vulnerability in the Transport Layer Security (TLS) implementation on Cisco Adaptive Sec
Unspecified vulnerability in the Transport Layer Security (TLS) implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.17), and 8.3 before 8.3(1.6) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of
nvd
CVE-2010-1580HIGHCVSS 7.8v7.2\(1\)v7.2\(1.22\)+12 more2010-08-09
CVE-2010-1580 [HIGH] CVE-2010-1580: Unspecified vulnerability in the SunRPC inspection feature on Cisco Adaptive Security Appliances (AS
Unspecified vulnerability in the SunRPC inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.19), 8.1 before 8.1(2.47), and 8.2 before 8.2(2) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via crafted SunRPC
nvd
CVE-2010-1579HIGHCVSS 7.8v7.2\(1\)v7.2\(1.22\)+12 more2010-08-09
CVE-2010-1579 [HIGH] CVE-2010-1579: Unspecified vulnerability in the SunRPC inspection feature on Cisco Adaptive Security Appliances (AS
Unspecified vulnerability in the SunRPC inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.19), 8.1 before 8.1(2.47), and 8.2 before 8.2(2) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via crafted SunRPC
nvd
CVE-2010-2817HIGHCVSS 7.8v7.0v7.0\(4\)+25 more2010-08-09
CVE-2010-2817 [HIGH] CVE-2010-2817: Unspecified vulnerability in the IKE implementation on Cisco Adaptive Security Appliances (ASA) 5500
Unspecified vulnerability in the IKE implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.0 before 7.0(8.11), 7.1 and 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.10), and 8.3 before 8.3(1.1) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial
nvd
CVE-2010-2815HIGHCVSS 7.8v7.2\(1\)v7.2\(1.22\)+12 more2010-08-09
CVE-2010-2815 [HIGH] CVE-2010-2815: Unspecified vulnerability in the Transport Layer Security (TLS) implementation on Cisco Adaptive Sec
Unspecified vulnerability in the Transport Layer Security (TLS) implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.17), and 8.3 before 8.3(1.6) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of
nvd
CVE-2010-2816HIGHCVSS 7.8v8.02010-08-09
CVE-2010-2816 [HIGH] CVE-2010-2816: Unspecified vulnerability in the SIP inspection feature on Cisco Adaptive Security Appliances (ASA)
Unspecified vulnerability in the SIP inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.0 before 8.0(5.17), 8.1 before 8.1(2.45), and 8.2 before 8.2(2.13) allows remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCtd32106.
nvd
CVE-2010-1578HIGHCVSS 7.8v7.2\(1\)v7.2\(1.22\)+12 more2010-08-09
CVE-2010-1578 [HIGH] CVE-2010-1578: Unspecified vulnerability in the SunRPC inspection feature on Cisco Adaptive Security Appliances (AS
Unspecified vulnerability in the SunRPC inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.19), 8.1 before 8.1(2.47), and 8.2 before 8.2(2) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via crafted SunRPC
nvd
CVE-2010-0440MEDIUMCVSS 4.3PoC≥ 8.1, < 8.1\(2.7\)≥ 8.0, < 8.0\(5\)+1 more2010-02-03
CVE-2010-0440 [MEDIUM] CWE-79 CVE-2010-0440: Cross-site scripting (XSS) vulnerability in +CSCOT+/translation in Cisco Secure Desktop 3.4.2048, an
Cross-site scripting (XSS) vulnerability in +CSCOT+/translation in Cisco Secure Desktop 3.4.2048, and other versions before 3.5; as used in Cisco ASA appliance before 8.2(1), 8.1(2.7), and 8.0(5); allows remote attackers to inject arbitrary web script or HTML via a crafted POST parameter, which is not properly handled by an eval statement in binary/mai
nvd
CVE-2008-2055HIGHCVSS 7.8v7.1v7.2.2+1 more2008-06-04
CVE-2008-2055 [HIGH] CWE-20 CVE-2008-2055: Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 7.1.x before 7.1(2)70, 7.2.
Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 7.1.x before 7.1(2)70, 7.2.x before 7.2(4), and 8.0.x before 8.0(3)10 allows remote attackers to cause a denial of service via a crafted TCP ACK packet to the device interface.
nvd
CVE-2008-2058HIGHCVSS 7.8v7.2.2v8.02008-06-04
CVE-2008-2058 [HIGH] CWE-399 CVE-2008-2058: Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 7.2.x before 7.2(3)2 and 8.
Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 7.2.x before 7.2(3)2 and 8.0.x before 8.0(2)17 allows remote attackers to cause a denial of service (device reload) via a port scan against TCP port 443 on the device.
nvd
CVE-2008-2056HIGHCVSS 7.8v8.02008-06-04
CVE-2008-2056 [HIGH] CWE-20 CVE-2008-2056: Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 8.0.x before 8.0(3)9 and 8.
Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 8.0.x before 8.0(3)9 and 8.1.x before 8.1(1)1 allows remote attackers to cause a denial of service (device reload) via a crafted Transport Layer Security (TLS) packet to the device interface.
nvd
CVE-2008-2059HIGHCVSS 7.8v8.02008-06-04
CVE-2008-2059 [HIGH] CWE-264 CVE-2008-2059: Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 8.0.x before 8.0(3)9 allows
Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 8.0.x before 8.0(3)9 allows remote attackers to bypass control-plane ACLs for the device via unknown vectors.
nvd
CVE-2008-2057MEDIUMCVSS 5.4v7.2.2v8.02008-06-04
CVE-2008-2057 [MEDIUM] CVE-2008-2057: The Instant Messenger (IM) inspection engine in Cisco Adaptive Security Appliance (ASA) and Cisco PI
The Instant Messenger (IM) inspection engine in Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 7.2.x before 7.2(4), 8.0.x before 8.0(3)10, and 8.1.x before 8.1(1)2 allows remote attackers to cause a denial of service via a crafted packet.
nvd
CVE-2008-0028HIGHCVSS 7.1fixed in 7.2\(3\)6v8.0\(3\)2008-01-23
CVE-2008-0028 [HIGH] CVE-2008-0028: Unspecified vulnerability in Cisco PIX 500 Series Security Appliance and 5500 Series Adaptive Securi
Unspecified vulnerability in Cisco PIX 500 Series Security Appliance and 5500 Series Adaptive Security Appliance (ASA) before 7.2(3)6 and 8.0(3), when the Time-to-Live (TTL) decrement feature is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted IP packet.
nvd
CVE-2007-5568HIGHCVSS 7.1v7.0v7.0\(4\)+22 more2007-10-18
CVE-2007-5568 [HIGH] CWE-20 CVE-2007-5568: Cisco PIX and ASA appliances with 7.0 through 8.0 software, and Cisco Firewall Services Module (FWSM
Cisco PIX and ASA appliances with 7.0 through 8.0 software, and Cisco Firewall Services Module (FWSM) 3.1(5) and earlier, allow remote attackers to cause a denial of service (device reload) via a crafted MGCP packet, aka CSCsi90468 (appliance) and CSCsi00694 (FWSM).
nvd
CVE-2007-5569HIGHCVSS 7.1v7.12007-10-18
CVE-2007-5569 [HIGH] CWE-20 CVE-2007-5569: Cisco PIX and ASA appliances with 7.1 and 7.2 software, when configured for TLS sessions to the devi
Cisco PIX and ASA appliances with 7.1 and 7.2 software, when configured for TLS sessions to the device, allow remote attackers to cause a denial of service (device reload) via a crafted TLS packet, aka CSCsg43276 and CSCsh97120.
nvd
CVE-2007-4786MEDIUMCVSS 5.3≥ 7.0, < 7.0.7.1≥ 7.1, < 7.1.2.61+2 more2007-09-10
CVE-2007-4786 [MEDIUM] CWE-319 CVE-2007-4786: Cisco Adaptive Security Appliance (ASA) running PIX 7.0 before 7.0.7.1, 7.1 before 7.1.2.61, 7.2 bef
Cisco Adaptive Security Appliance (ASA) running PIX 7.0 before 7.0.7.1, 7.1 before 7.1.2.61, 7.2 before 7.2.2.34, and 8.0 before 8.0.2.11, when AAA is enabled, composes %ASA-5-111008 messages from the "test aaa" command with cleartext passwords and sends them over the network to a remote syslog server or places them in a local logging buffer, which al
nvd
CVE-2007-2462CRITICALCVSS 10.0≤ 7.2.2v7.12007-05-02
CVE-2007-2462 [CRITICAL] CVE-2007-2462: Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) and PIX 7.2 before 7.2(2)8, whe
Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) and PIX 7.2 before 7.2(2)8, when using Layer 2 Tunneling Protocol (L2TP) or Remote Management Access, allows remote attackers to bypass LDAP authentication and gain privileges via unknown vectors.
nvd
CVE-2007-2464HIGHCVSS 7.1≤ 7.2.2v7.12007-05-02
CVE-2007-2464 [HIGH] CVE-2007-2464: Race condition in Cisco Adaptive Security Appliance (ASA) and PIX 7.1 before 7.1(2)49 and 7.2 before
Race condition in Cisco Adaptive Security Appliance (ASA) and PIX 7.1 before 7.1(2)49 and 7.2 before 7.2(2)19, when using "clientless SSL VPNs," allows remote attackers to cause a denial of service (device reload) via "non-standard SSL sessions."
nvd
CVE-2007-2463HIGHCVSS 7.8≤ 7.2.2v7.12007-05-02
CVE-2007-2463 [HIGH] CVE-2007-2463: Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) and PIX 7.1 before 7.1(2)49 and
Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) and PIX 7.1 before 7.1(2)49 and 7.2 before 7.2(2)17 allows remote attackers to cause a denial of service (device reload) via unknown vectors related to VPN connection termination and password expiry.
nvd