Cisco Adaptive Security Appliance Software vulnerabilities

CVE-2020-27124 [HIGH] CWE-457 CVE-2020-27124: A vulnerability in the SSL/TLS handler of Cisco Adaptive Security Appliance (ASA) Software coul A vulnerability in the SSL/TLS handler of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause the affected device to reload unexpectedly, leading to a denial of service (DoS) condition. The vulnerability is due to improper error handling on established SSL/TLS connections. An attacker could exploit

CVE-2021-1444 [MEDIUM] CWE-79 CVE-2021-1444: A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Softwa A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input by

CVE-2024-20329 [CRITICAL] CWE-146 CVE-2024-20329: A vulnerability in the SSH subsystem of Cisco Adaptive Security Appliance (ASA) Software could allow A vulnerability in the SSH subsystem of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker to execute operating system commands as root. This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by submitting crafted input when executing remote CLI

CVE-2024-20268 [HIGH] CWE-231 CVE-2024-20268: A vulnerability in the Simple Network Management Protocol (SNMP) feature of Cisco Adaptive Security A vulnerability in the Simple Network Management Protocol (SNMP) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause an unexpected reload of the device. This vulnerability is due to insufficient input validation of SNMP packets. An attacker

CVE-2024-20408 [HIGH] CWE-1287 CVE-2024-20408: A vulnerability in the Dynamic Access Policies (DAP) feature of Cisco Adaptive Security Appliance (A A vulnerability in the Dynamic Access Policies (DAP) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause an affected device to reload unexpectedly. To exploit this vulnerability, an attacker would need valid remote access VPN user credenti

CVE-2024-20495 [HIGH] CWE-20 CVE-2024-20495: A vulnerability in the Remote Access VPN feature of Cisco Adaptive Security Appliance (ASA) Software A vulnerability in the Remote Access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition on an affected device. This vulnerability is due to improper v

CVE-2024-20494 [HIGH] CWE-1287 CVE-2024-20494: A vulnerability in the TLS cryptography functionality of Cisco Adaptive Security Appliance (ASA) Sof A vulnerability in the TLS cryptography functionality of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to improper data validation

CVE-2024-20426 [HIGH] CWE-476 CVE-2024-20426: A vulnerability in the Internet Key Exchange version 2 (IKEv2) protocol for VPN termination of Cisco A vulnerability in the Internet Key Exchange version 2 (IKEv2) protocol for VPN termination of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient i

CVE-2024-20260 [HIGH] CWE-789 CVE-2024-20260: A vulnerability in the VPN and management web servers of the Cisco Adaptive Security Virtual Applian A vulnerability in the VPN and management web servers of the Cisco Adaptive Security Virtual Appliance (ASAv) and Cisco Secure Firewall Threat Defense Virtual (FTDv), formerly Cisco Firepower Threat Defense Virtual, platforms could allow an unauthenticated, remote attacker to cause the virtual devices to run out of system memory, which could cause SSL

CVE-2024-20402 [HIGH] CWE-788 CVE-2024-20402: A vulnerability in the SSL VPN feature for Cisco Adaptive Security Appliance (ASA) Software and Cisc A vulnerability in the SSL VPN feature for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to a logic error in memory manageme

CVE-2024-20341 [MEDIUM] CWE-80 CVE-2024-20341: A vulnerability in the VPN web client services feature of Cisco Adaptive Security Appliance (ASA) So A vulnerability in the VPN web client services feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a browser that is accessing an affected device. This vulnerability is due to improper valida

CVE-2024-20331 [MEDIUM] CWE-330 CVE-2024-20331: A vulnerability in the session authentication functionality of the Remote Access SSL VPN feature of A vulnerability in the session authentication functionality of the Remote Access SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to prevent users from authenticating. This vulnerability is due to insufficient entropy in the authentic

CVE-2024-20526 [MEDIUM] CWE-400 CVE-2024-20526: A vulnerability in the SSH server of Cisco Adaptive Security Appliance (ASA) Software could allow an A vulnerability in the SSH server of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition for the SSH server of an affected device. This vulnerability is due to a logic error when an SSH session is established. An attacker could exploit this vulnerability by sen

CVE-2024-20384 [MEDIUM] CWE-290 CVE-2024-20384: A vulnerability in the Network Service Group (NSG) feature of Cisco Adaptive Security Appliance (ASA A vulnerability in the Network Service Group (NSG) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should be denied to flow through an affected device. This vulnerabilit

CVE-2024-20493 [MEDIUM] CWE-772 CVE-2024-20493: A vulnerability in the login authentication functionality of the Remote Access SSL VPN feature of Ci A vulnerability in the login authentication functionality of the Remote Access SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to deny further VPN user authentications for several minutes, resulting in a temporary denial of service (

CVE-2024-20370 [MEDIUM] CWE-264 CVE-2024-20370: A vulnerability in the Cisco FXOS CLI feature on specific hardware platforms for Cisco Adaptive Secu A vulnerability in the Cisco FXOS CLI feature on specific hardware platforms for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to elevate their administrative privileges to root. The attacker would need valid administrative credentials on the device to

CVE-2024-20485 [MEDIUM] CWE-94 CVE-2024-20485: A vulnerability in the VPN web server of Cisco Adaptive Security Appliance (ASA) Software and Cisco A vulnerability in the VPN web server of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary code with root-level privileges. Administrator-level privileges are required to exploit this vulnerability. This vulnerability is due to improper v

CVE-2024-20382 [MEDIUM] CWE-80 CVE-2024-20382: A vulnerability in the VPN web client services feature of Cisco Adaptive Security Appliance (ASA) So A vulnerability in the VPN web client services feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a browser that is accessing an affected device. This vulnerability is due to improper valida

CVE-2024-20481 [MEDIUM] CWE-772 CVE-2024-20481: A vulnerability in the Remote Access VPN (RAVPN) service of Cisco Adaptive Security Appliance (ASA) A vulnerability in the Remote Access VPN (RAVPN) service of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) of the RAVPN service. This vulnerability is due to resource exhaustion. An attacker could exploit this vulnera

CVE-2024-20299 [MEDIUM] CWE-290 CVE-2024-20299: A vulnerability in the AnyConnect firewall for Cisco Adaptive Security Appliance (ASA) Software and A vulnerability in the AnyConnect firewall for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should have been denied to flow through an affected device. This vulnerability is due