Cisco Adaptive Security Appliance Software vulnerabilities

CVE-2023-20042 [HIGH] CWE-404 CVE-2023-20042: A vulnerability in the AnyConnect SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Softwar A vulnerability in the AnyConnect SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to an implementation error within the SSL/TLS session handl

CVE-2023-20247 [MEDIUM] CWE-288 CVE-2023-20247: A vulnerability in the remote access SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Soft A vulnerability in the remote access SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to bypass a configured multiple certificate authentication policy and connect using only a valid username and password. This vulnerability is due to i

CVE-2023-20245 [MEDIUM] CWE-290 CVE-2023-20245: Multiple vulnerabilities in the per-user-override feature of Cisco Adaptive Security Appliance (ASA) Multiple vulnerabilities in the per-user-override feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should be denied to flow through an affected device. These vulnerabilit

CVE-2023-20264 [MEDIUM] CWE-601 CVE-2023-20264: A vulnerability in the implementation of Security Assertion Markup Language (SAML) 2.0 single sign-o A vulnerability in the implementation of Security Assertion Markup Language (SAML) 2.0 single sign-on (SSO) for remote access VPN in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to intercept the SAML assertion of a user who is authenticating to a re

CVE-2023-20256 [MEDIUM] CWE-290 CVE-2023-20256: Multiple vulnerabilities in the per-user-override feature of Cisco Adaptive Security Appliance (ASA) Multiple vulnerabilities in the per-user-override feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should be denied to flow through an affected device. These vulnerabilit

CVE-2023-20269 [CRITICAL] CWE-288 CVE-2023-20269: A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA) Software A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a brute force attack in an attempt to identify valid username and password combinations or an authenticated, remote attacker to establish a

CVE-2023-20006 [HIGH] CWE-681 CVE-2023-20006: A vulnerability in the hardware-based SSL/TLS cryptography functionality of Cisco Adaptive Security A vulnerability in the hardware-based SSL/TLS cryptography functionality of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Appliances could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (Do

CVE-2023-20081 [MEDIUM] CWE-122 CVE-2023-20081: A vulnerability in the IPv6 DHCP (DHCPv6) client module of Cisco Adaptive Security Appliance (ASA) S A vulnerability in the IPv6 DHCP (DHCPv6) client module of Cisco Adaptive Security Appliance (ASA) Software, Cisco Firepower Threat Defense (FTD) Software, Cisco IOS Software, and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insu

CVE-2022-20947 [HIGH] CWE-119 CVE-2022-20947: A vulnerability in dynamic access policies (DAP) functionality of Cisco Adaptive Security Appliance A vulnerability in dynamic access policies (DAP) functionality of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. This vulnerability is due to improper processing of HostSc

CVE-2022-20924 [MEDIUM] CWE-703 CVE-2022-20924: A vulnerability in the Simple Network Management Protocol (SNMP) feature of Cisco Adaptive Security A vulnerability in the Simple Network Management Protocol (SNMP) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation. An

CVE-2022-20928 [MEDIUM] CWE-863 CVE-2022-20928: A vulnerability in the authentication and authorization flows for VPN connections in Cisco Adaptive A vulnerability in the authentication and authorization flows for VPN connections in Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to establish a connection as a different user. This vulnerability is due to a flaw in the authorization verifications during t

CVE-2022-20826 [MEDIUM] CWE-501 CVE-2022-20826: A vulnerability in the secure boot implementation of Cisco Secure Firewalls 3100 Series that are run A vulnerability in the secure boot implementation of Cisco Secure Firewalls 3100 Series that are running Cisco Adaptive Security Appliance (ASA) Software or Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated attacker with physical access to the device to bypass the secure boot functionality. This vulnerability is due to a l

CVE-2022-20927 [MEDIUM] CWE-120 CVE-2022-20927: A vulnerability in the SSL/TLS client of Cisco Adaptive Security Appliance (ASA) Software and Cisco A vulnerability in the SSL/TLS client of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper memory management when a device initiates SSL/TLS connection

CVE-2022-20866 [HIGH] CWE-203 CVE-2022-20866: A vulnerability in the handling of RSA keys on devices running Cisco Adaptive Security Appliance (AS A vulnerability in the handling of RSA keys on devices running Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to retrieve an RSA private key. This vulnerability is due to a logic error when the RSA key is stored in memory on a hardware platform that per

CVE-2022-20713 [MEDIUM] CWE-444 CVE-2022-20713: A vulnerability in the VPN web client services component of Cisco Adaptive Security Appliance (ASA) A vulnerability in the VPN web client services component of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct browser-based attacks against users of an affected device. This vulnerability is due to improper validation of input that is passed to

CVE-2022-20742 [HIGH] CWE-325 CVE-2022-20742: A vulnerability in an IPsec VPN library of Cisco Adaptive Security Appliance (ASA) Software and Cisc A vulnerability in an IPsec VPN library of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to read or modify data within an IPsec IKEv2 VPN tunnel. This vulnerability is due to an improper implementation of Galois/Counter Mode (GCM) ciphers. An attacker

CVE-2022-20759 [HIGH] CWE-266 CVE-2022-20759: A vulnerability in the web services interface for remote access VPN features of Cisco Adaptive Secur A vulnerability in the web services interface for remote access VPN features of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, but unprivileged, remote attacker to elevate privileges to level 15. This vulnerability is due to improper separation of authentication and auth

CVE-2022-20760 [HIGH] CWE-400 CVE-2022-20760: A vulnerability in the DNS inspection handler of Cisco Adaptive Security Appliance (ASA) Software an A vulnerability in the DNS inspection handler of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service condition (DoS) on an affected device. This vulnerability is due to a lack of proper processing of incoming requests. An attacker coul

CVE-2022-20745 [HIGH] CWE-20 CVE-2022-20745: A vulnerability in the web services interface for remote access VPN features of Cisco Adaptive Secur A vulnerability in the web services interface for remote access VPN features of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to improper input validation when parsing HTTPS request

CVE-2022-20715 [HIGH] CWE-399 CVE-2022-20715: A vulnerability in the remote access SSL VPN features of Cisco Adaptive Security Appliance (ASA) Sof A vulnerability in the remote access SSL VPN features of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper validation of errors that are logged as a r