Cisco Adaptive Security Appliance Software vulnerabilities
315 known vulnerabilities affecting cisco/adaptive_security_appliance_software.
Total CVEs
315
CISA KEV
12
actively exploited
Public exploits
13
Exploited in wild
11
Severity breakdown
CRITICAL15HIGH179MEDIUM120LOW1
Vulnerabilities
Page 15 of 16
CVE-2010-4672HIGHCVSS 7.8≤ 8.2\(3\)v7.0+53 more2011-01-07
CVE-2010-4672 [HIGH] CWE-399 CVE-2010-4672: Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.2(3) and earlier allow
Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.2(3) and earlier allow remote attackers to cause a denial of service (block exhaustion) via EIGRP traffic that triggers an EIGRP multicast storm, aka Bug ID CSCtf20269.
nvd
CVE-2010-4673HIGHCVSS 7.8≤ 8.2\(4\)v7.0+54 more2011-01-07
CVE-2010-4673 [HIGH] CWE-399 CVE-2010-4673: Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.2(4) and earlier allow
Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.2(4) and earlier allow remote attackers to cause a denial of service via a flood of packets, aka Bug ID CSCtg06316.
nvd
CVE-2010-4691HIGHCVSS 7.8≤ 8.3\(1\)v7.0+56 more2011-01-07
CVE-2010-4691 [HIGH] CVE-2010-4691: Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 series devices with softw
Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.3(2) allows remote attackers to cause a denial of service (device crash) via multicast traffic, aka Bug IDs CSCtg61810 and CSCtg69742.
nvd
CVE-2010-4688HIGHCVSS 7.8≤ 8.3\(1\)v7.0+56 more2011-01-07
CVE-2010-4688 [HIGH] CVE-2010-4688: Unspecified vulnerability in the SIP inspection feature on Cisco Adaptive Security Appliances (ASA)
Unspecified vulnerability in the SIP inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.3(2) allows remote attackers to cause a denial of service (device crash) by making many SIP calls, aka Bug ID CSCte20030.
nvd
CVE-2010-4676MEDIUMCVSS 6.8≤ 8.2\(2\)v7.0+52 more2011-01-07
CVE-2010-4676 [MEDIUM] CWE-399 CVE-2010-4676: Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 series devices with softw
Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) allows remote authenticated users to cause a denial of service (device crash) via a high volume of IPsec traffic, aka Bug ID CSCsx52748.
nvd
CVE-2009-5037MEDIUMCVSS 5.0≤ 8.2\(2\)v7.0+52 more2011-01-07
CVE-2009-5037 [MEDIUM] CWE-399 CVE-2009-5037: Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) allow remot
Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) allow remote attackers to cause a denial of service (ASDM syslog outage) via a long URL, aka Bug IDs CSCsm11264 and CSCtb92911.
nvd
CVE-2010-4690MEDIUMCVSS 5.0≤ 8.3\(1\)v7.0+56 more2011-01-07
CVE-2010-4690 [MEDIUM] CWE-287 CVE-2010-4690: The Mobile User Security (MUS) service on Cisco Adaptive Security Appliances (ASA) 5500 series devic
The Mobile User Security (MUS) service on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.3(2) does not properly authenticate HTTP requests from a Web Security appliance (WSA), which might allow remote attackers to obtain sensitive information via a HEAD request, aka Bug ID CSCte53635.
nvd
CVE-2010-4677MEDIUMCVSS 5.0≤ 8.2\(2\)v7.0+52 more2011-01-07
CVE-2010-4677 [MEDIUM] CWE-399 CVE-2010-4677: emWEB on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) al
emWEB on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) allows remote attackers to cause a denial of service (daemon crash) via a request for a document whose name contains space characters, aka Bug ID CSCsy08416.
nvd
CVE-2010-1581HIGHCVSS 7.8v7.2\(1\)v7.2\(1.22\)+12 more2010-08-09
CVE-2010-1581 [HIGH] CVE-2010-1581: Unspecified vulnerability in the Transport Layer Security (TLS) implementation on Cisco Adaptive Sec
Unspecified vulnerability in the Transport Layer Security (TLS) implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.17), and 8.3 before 8.3(1.6) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of
nvd
CVE-2010-2814HIGHCVSS 7.8v7.2\(1\)v7.2\(1.22\)+12 more2010-08-09
CVE-2010-2814 [HIGH] CVE-2010-2814: Unspecified vulnerability in the Transport Layer Security (TLS) implementation on Cisco Adaptive Sec
Unspecified vulnerability in the Transport Layer Security (TLS) implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.17), and 8.3 before 8.3(1.6) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of
nvd
CVE-2010-1580HIGHCVSS 7.8v7.2\(1\)v7.2\(1.22\)+12 more2010-08-09
CVE-2010-1580 [HIGH] CVE-2010-1580: Unspecified vulnerability in the SunRPC inspection feature on Cisco Adaptive Security Appliances (AS
Unspecified vulnerability in the SunRPC inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.19), 8.1 before 8.1(2.47), and 8.2 before 8.2(2) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via crafted SunRPC
nvd
CVE-2010-1579HIGHCVSS 7.8v7.2\(1\)v7.2\(1.22\)+12 more2010-08-09
CVE-2010-1579 [HIGH] CVE-2010-1579: Unspecified vulnerability in the SunRPC inspection feature on Cisco Adaptive Security Appliances (AS
Unspecified vulnerability in the SunRPC inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.19), 8.1 before 8.1(2.47), and 8.2 before 8.2(2) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via crafted SunRPC
nvd
CVE-2010-2817HIGHCVSS 7.8v7.0v7.0\(4\)+25 more2010-08-09
CVE-2010-2817 [HIGH] CVE-2010-2817: Unspecified vulnerability in the IKE implementation on Cisco Adaptive Security Appliances (ASA) 5500
Unspecified vulnerability in the IKE implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.0 before 7.0(8.11), 7.1 and 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.10), and 8.3 before 8.3(1.1) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial
nvd
CVE-2010-2815HIGHCVSS 7.8v7.2\(1\)v7.2\(1.22\)+12 more2010-08-09
CVE-2010-2815 [HIGH] CVE-2010-2815: Unspecified vulnerability in the Transport Layer Security (TLS) implementation on Cisco Adaptive Sec
Unspecified vulnerability in the Transport Layer Security (TLS) implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.17), and 8.3 before 8.3(1.6) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of
nvd
CVE-2010-2816HIGHCVSS 7.8v8.02010-08-09
CVE-2010-2816 [HIGH] CVE-2010-2816: Unspecified vulnerability in the SIP inspection feature on Cisco Adaptive Security Appliances (ASA)
Unspecified vulnerability in the SIP inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.0 before 8.0(5.17), 8.1 before 8.1(2.45), and 8.2 before 8.2(2.13) allows remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCtd32106.
nvd
CVE-2010-1578HIGHCVSS 7.8v7.2\(1\)v7.2\(1.22\)+12 more2010-08-09
CVE-2010-1578 [HIGH] CVE-2010-1578: Unspecified vulnerability in the SunRPC inspection feature on Cisco Adaptive Security Appliances (AS
Unspecified vulnerability in the SunRPC inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.19), 8.1 before 8.1(2.47), and 8.2 before 8.2(2) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via crafted SunRPC
nvd
CVE-2010-0440MEDIUMCVSS 4.3PoC≥ 8.1, < 8.1\(2.7\)≥ 8.0, < 8.0\(5\)+1 more2010-02-03
CVE-2010-0440 [MEDIUM] CWE-79 CVE-2010-0440: Cross-site scripting (XSS) vulnerability in +CSCOT+/translation in Cisco Secure Desktop 3.4.2048, an
Cross-site scripting (XSS) vulnerability in +CSCOT+/translation in Cisco Secure Desktop 3.4.2048, and other versions before 3.5; as used in Cisco ASA appliance before 8.2(1), 8.1(2.7), and 8.0(5); allows remote attackers to inject arbitrary web script or HTML via a crafted POST parameter, which is not properly handled by an eval statement in binary/mai
nvd
CVE-2008-2055HIGHCVSS 7.8v7.1v7.2.2+1 more2008-06-04
CVE-2008-2055 [HIGH] CWE-20 CVE-2008-2055: Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 7.1.x before 7.1(2)70, 7.2.
Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 7.1.x before 7.1(2)70, 7.2.x before 7.2(4), and 8.0.x before 8.0(3)10 allows remote attackers to cause a denial of service via a crafted TCP ACK packet to the device interface.
nvd
CVE-2008-2058HIGHCVSS 7.8v7.2.2v8.02008-06-04
CVE-2008-2058 [HIGH] CWE-399 CVE-2008-2058: Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 7.2.x before 7.2(3)2 and 8.
Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 7.2.x before 7.2(3)2 and 8.0.x before 8.0(2)17 allows remote attackers to cause a denial of service (device reload) via a port scan against TCP port 443 on the device.
nvd
CVE-2008-2056HIGHCVSS 7.8v8.02008-06-04
CVE-2008-2056 [HIGH] CWE-20 CVE-2008-2056: Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 8.0.x before 8.0(3)9 and 8.
Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 8.0.x before 8.0(3)9 and 8.1.x before 8.1(1)1 allows remote attackers to cause a denial of service (device reload) via a crafted Transport Layer Security (TLS) packet to the device interface.
nvd