Cisco Adaptive Security Appliance Software vulnerabilities

CVE-2024-20426 [HIGH] CWE-476 CVE-2024-20426: A vulnerability in the Internet Key Exchange version 2 (IKEv2) protocol for VPN termination of Cisco A vulnerability in the Internet Key Exchange version 2 (IKEv2) protocol for VPN termination of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient i

CVE-2024-20402 [HIGH] CWE-788 CVE-2024-20402: A vulnerability in the SSL VPN feature for Cisco Adaptive Security Appliance (ASA) Software and Cisc A vulnerability in the SSL VPN feature for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to a logic error in memory manageme

CVE-2024-20341 [MEDIUM] CWE-80 CVE-2024-20341: A vulnerability in the VPN web client services feature of Cisco Adaptive Security Appliance (ASA) So A vulnerability in the VPN web client services feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a browser that is accessing an affected device. This vulnerability is due to improper valida

CVE-2024-20384 [MEDIUM] CWE-290 CVE-2024-20384: A vulnerability in the Network Service Group (NSG) feature of Cisco Adaptive Security Appliance (ASA A vulnerability in the Network Service Group (NSG) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should be denied to flow through an affected device. This vulnerabilit

CVE-2024-20493 [MEDIUM] CWE-772 CVE-2024-20493: A vulnerability in the login authentication functionality of the Remote Access SSL VPN feature of Ci A vulnerability in the login authentication functionality of the Remote Access SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to deny further VPN user authentications for several minutes, resulting in a temporary denial of service (

CVE-2024-20526 [MEDIUM] CWE-400 CVE-2024-20526: A vulnerability in the SSH server of Cisco Adaptive Security Appliance (ASA) Software could allow an A vulnerability in the SSH server of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition for the SSH server of an affected device. This vulnerability is due to a logic error when an SSH session is established. An attacker could exploit this vulnerability by sen

CVE-2024-20382 [MEDIUM] CWE-80 CVE-2024-20382: A vulnerability in the VPN web client services feature of Cisco Adaptive Security Appliance (ASA) So A vulnerability in the VPN web client services feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a browser that is accessing an affected device. This vulnerability is due to improper valida

CVE-2024-20485 [MEDIUM] CWE-94 CVE-2024-20485: A vulnerability in the VPN web server of Cisco Adaptive Security Appliance (ASA) Software and Cisco A vulnerability in the VPN web server of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary code with root-level privileges. Administrator-level privileges are required to exploit this vulnerability. This vulnerability is due to improper v

CVE-2024-20481 [MEDIUM] CWE-772 CVE-2024-20481: A vulnerability in the Remote Access VPN (RAVPN) service of Cisco Adaptive Security Appliance (ASA) A vulnerability in the Remote Access VPN (RAVPN) service of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) of the RAVPN service. This vulnerability is due to resource exhaustion. An attacker could exploit this vulnera

CVE-2024-20299 [MEDIUM] CWE-290 CVE-2024-20299: A vulnerability in the AnyConnect firewall for Cisco Adaptive Security Appliance (ASA) Software and A vulnerability in the AnyConnect firewall for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should have been denied to flow through an affected device. This vulnerability is due

CVE-2024-20297 [MEDIUM] CWE-290 CVE-2024-20297: A vulnerability in the AnyConnect firewall for Cisco Adaptive Security Appliance (ASA) Software and A vulnerability in the AnyConnect firewall for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should have been denied to flow through an affected device. This vulnerability is due

CVE-2024-20331 [MEDIUM] CWE-330 CVE-2024-20331: A vulnerability in the session authentication functionality of the Remote Access SSL VPN feature of A vulnerability in the session authentication functionality of the Remote Access SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to prevent users from authenticating. This vulnerability is due to insufficient entropy in the authentic

CVE-2024-20293 [MEDIUM] CWE-436 CVE-2024-20293: A vulnerability in the activation of an access control list (ACL) on Cisco Adaptive Security Applian A vulnerability in the activation of an access control list (ACL) on Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the protection that is offered by a configured ACL on an affected device. This vulnerability is due to a logic error that occ

CVE-2024-20355 [MEDIUM] CWE-862 CVE-2024-20355: A vulnerability in the implementation of SAML 2.0 single sign-on (SSO) for remote access VPN service A vulnerability in the implementation of SAML 2.0 single sign-on (SSO) for remote access VPN services in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to successfully establish a VPN session on an affected device. This vulnerability is due to improper

CVE-2024-20353 [HIGH] CWE-835 CVE-2024-20353: A vulnerability in the management and VPN web servers for Cisco Adaptive Security Appliance (ASA) So A vulnerability in the management and VPN web servers for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to incomplete error checking

CVE-2024-20359 [MEDIUM] CWE-94 CVE-2024-20359: A vulnerability in a legacy capability that allowed for the preloading of VPN clients and plug-ins a A vulnerability in a legacy capability that allowed for the preloading of VPN clients and plug-ins and that has been available in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary code with root-level privileges. Administrator-level priv

CVE-2024-20358 [MEDIUM] CWE-78 CVE-2024-20358: A vulnerability in the Cisco Adaptive Security Appliance (ASA) restore functionality that is availab A vulnerability in the Cisco Adaptive Security Appliance (ASA) restore functionality that is available in Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system with root-level privileges. Administrator-level privileges are requ

CVE-2023-20275 [MEDIUM] CWE-346 CVE-2023-20275: A vulnerability in the AnyConnect SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Softwar A vulnerability in the AnyConnect SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to send packets with another VPN user's source IP address. This vulnerability is due to improper validation of the packet's inner source IP address after

CVE-2023-20095 [HIGH] CWE-772 CVE-2023-20095: A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA) Software A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of HTTPS requests. An attacker could ex

CVE-2023-20086 [HIGH] CWE-248 CVE-2023-20086: A vulnerability in ICMPv6 processing of Cisco Adaptive Security Appliance (ASA) Software and Cisco F A vulnerability in ICMPv6 processing of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to improper processing of ICMPv6 messages. An attacker could exploit this vulnerability by sen