Cisco Adaptive Security Device Manager vulnerabilities

CVE-2022-20829 [HIGH] CWE-345 CVE-2022-20829: A vulnerability in the packaging of Cisco Adaptive Security Device Manager (ASDM) images and the val A vulnerability in the packaging of Cisco Adaptive Security Device Manager (ASDM) images and the validation of those images by Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker with administrative privileges to upload an ASDM image that contains malicious code to a device that is running Cisco ASA Software.

CVE-2022-20651 [MEDIUM] CWE-532 CVE-2022-20651: A vulnerability in the logging component of Cisco Adaptive Security Device Manager (ASDM) could allo A vulnerability in the logging component of Cisco Adaptive Security Device Manager (ASDM) could allow an authenticated, local attacker to view sensitive information in clear text on an affected system. Cisco ADSM must be deployed in a shared workstation environment for this issue to be exploited. This vulnerability is due to the storage of unencrypt

CVE-2021-1585 [HIGH] CWE-94 CVE-2021-1585: A vulnerability in the Cisco Adaptive Security Device Manager (ASDM) Launcher could allow an unauthe A vulnerability in the Cisco Adaptive Security Device Manager (ASDM) Launcher could allow an unauthenticated, remote attacker to execute arbitrary code on a user's operating system. This vulnerability is due to a lack of proper signature verification for specific code exchanged between the ASDM and the Launcher. An attacker could exploit this vulnerabili