Cisco Adaptive Security Appliance Software vulnerabilities

CVE-2019-12698 [HIGH] CWE-400 CVE-2019-12698: A vulnerability in the WebVPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco A vulnerability in the WebVPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause increased CPU utilization on an affected device. The vulnerability is due to excessive processing load for a specific WebVPN HTTP page request. An attacker c

CVE-2019-12695 [MEDIUM] CWE-79 CVE-2019-12695: A vulnerability in the Clientless SSL VPN (WebVPN) portal of Cisco Adaptive Security Appliance (ASA) A vulnerability in the Clientless SSL VPN (WebVPN) portal of Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulnerability is due to in

CVE-2019-12677 [MEDIUM] CWE-172 CVE-2019-12677: A vulnerability in the Secure Sockets Layer (SSL) VPN feature of Cisco Adaptive Security Appliance ( A vulnerability in the Secure Sockets Layer (SSL) VPN feature of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition that prevents the creation of new SSL/Transport Layer Security (TLS) connections to an affected device. The vulnerability is due to incorrect hand

CVE-2019-12693 [MEDIUM] CWE-704 CVE-2019-12693: A vulnerability in the Secure Copy (SCP) feature of Cisco Adaptive Security Appliance (ASA) Software A vulnerability in the Secure Copy (SCP) feature of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to the use of an incorrect data type for a length variable. An attacker could exploit this vulnerability by initiating the transfer o

CVE-2019-1934 [HIGH] CWE-285 CVE-2019-1934: A vulnerability in the web-based management interface of Cisco Adaptive Security Appliance (ASA) Sof A vulnerability in the web-based management interface of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker to elevate privileges and execute administrative functions on an affected device. The vulnerability is due to insufficient authorization validation. An attacker could exploit this vulnerability by loggin

CVE-2019-1944 [HIGH] CWE-20 CVE-2019-1944: Multiple vulnerabilities in the smart tunnel functionality of Cisco Adaptive Security Appliance (ASA Multiple vulnerabilities in the smart tunnel functionality of Cisco Adaptive Security Appliance (ASA) could allow an authenticated, local attacker to elevate privileges to the root user or load a malicious library file while the tunnel is being established. For more information about these vulnerabilities, see the Details section of this security advisor

CVE-2019-1945 [HIGH] CWE-20 CVE-2019-1945: Multiple vulnerabilities in the smart tunnel functionality of Cisco Adaptive Security Appliance (ASA Multiple vulnerabilities in the smart tunnel functionality of Cisco Adaptive Security Appliance (ASA) could allow an authenticated, local attacker to elevate privileges to the root user or load a malicious library file while the tunnel is being established. For more information about these vulnerabilities, see the Details section of this security advisor

CVE-2019-1706 [HIGH] CWE-404 CVE-2019-1706: A vulnerability in the software cryptography module of the Cisco Adaptive Security Virtual Appliance A vulnerability in the software cryptography module of the Cisco Adaptive Security Virtual Appliance (ASAv) and Firepower 2100 Series running Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause an unexpected reload of the device that results in a denial of service (DoS) condition. The vulnerability i

CVE-2019-1687 [HIGH] CWE-20 CVE-2019-1687: A vulnerability in the TCP proxy functionality for Cisco Adaptive Security Appliance (ASA) Software A vulnerability in the TCP proxy functionality for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to an error in TCP-based packet inspect

CVE-2018-15388 [HIGH] CWE-400 CVE-2018-15388: A vulnerability in the WebVPN login process of Cisco Adaptive Security Appliance (ASA) Software and A vulnerability in the WebVPN login process of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause increased CPU utilization on an affected device. The vulnerability is due to excessive processing load for existing WebVPN login operations. An attacke

CVE-2019-1694 [HIGH] CWE-20 CVE-2019-1694: A vulnerability in the TCP processing engine of Cisco Adaptive Security Appliance (ASA) Software and A vulnerability in the TCP processing engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to the improper handling of TCP traffic. An att

CVE-2019-1708 [HIGH] CWE-404 CVE-2019-1708: A vulnerability in the Internet Key Exchange Version 2 Mobility and Multihoming Protocol (MOBIKE) fe A vulnerability in the Internet Key Exchange Version 2 Mobility and Multihoming Protocol (MOBIKE) feature for the Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a memory leak or a reload of an affected device that leads to a denial of service (Do

CVE-2019-1697 [HIGH] CWE-20 CVE-2019-1697: A vulnerability in the implementation of the Lightweight Directory Access Protocol (LDAP) feature in A vulnerability in the implementation of the Lightweight Directory Access Protocol (LDAP) feature in Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerabilities are d

CVE-2019-1713 [HIGH] CWE-352 CVE-2019-1713: A vulnerability in the web-based management interface of Cisco Adaptive Security Appliance (ASA) Sof A vulnerability in the web-based management interface of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. The vulnerability is due to insufficient CSRF protections for the web-based management interface on an affected device. An a

CVE-2019-1714 [HIGH] CWE-255 CVE-2019-1714: A vulnerability in the implementation of Security Assertion Markup Language (SAML) 2.0 Single Sign-O A vulnerability in the implementation of Security Assertion Markup Language (SAML) 2.0 Single Sign-On (SSO) for Clientless SSL VPN (WebVPN) and AnyConnect Remote Access VPN in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to successfully establish a VPN

CVE-2019-1695 [MEDIUM] CWE-284 CVE-2019-1695: A vulnerability in the detection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisc A vulnerability in the detection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent attacker to send data directly to the kernel of an affected device. The vulnerability exists because the software improperly filters Ethernet frames sent to an affected d

CVE-2019-1693 [MEDIUM] CWE-399 CVE-2019-1693: A vulnerability in the WebVPN service of Cisco Adaptive Security Appliance (ASA) Software and Cisco A vulnerability in the WebVPN service of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper management of authenticated sessions in the WebVPN portal. An a

CVE-2019-1705 [MEDIUM] CWE-404 CVE-2019-1705: A vulnerability in the remote access VPN session manager of Cisco Adaptive Security Appliance (ASA) A vulnerability in the remote access VPN session manager of Cisco Adaptive Security Appliance (ASA) Software could allow a unauthenticated, remote attacker to cause a denial of service (DoS) condition on the remote access VPN services. The vulnerability is due to an issue with the remote access VPN session manager. An attacker could exploit this vulner

CVE-2019-1701 [MEDIUM] CWE-79 CVE-2019-1701: Multiple vulnerabilities in the WebVPN service of Cisco Adaptive Security Appliance (ASA) Software a Multiple vulnerabilities in the WebVPN service of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the WebVPN portal of an affected device. The vulnerabilities exist because the software insuff

CVE-2018-15465 [HIGH] CWE-285 CVE-2018-15465: A vulnerability in the authorization subsystem of Cisco Adaptive Security Appliance (ASA) Software c A vulnerability in the authorization subsystem of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, but unprivileged (levels 0 and 1), remote attacker to perform privileged actions by using the web management interface. The vulnerability is due to improper validation of user privileges when using the web management interfa