Cisco Adaptive Security Appliance Software vulnerabilities

CVE-2024-20297 [MEDIUM] CWE-290 CVE-2024-20297: A vulnerability in the AnyConnect firewall for Cisco Adaptive Security Appliance (ASA) Software and A vulnerability in the AnyConnect firewall for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should have been denied to flow through an affected device. This vulnerability is due

CVE-2024-20443 [MEDIUM] CWE-79 CVE-2024-20443: A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, rem A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to conduct an XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attacker could exploit this vulnerabilit

CVE-2024-20293 [MEDIUM] CWE-436 CVE-2024-20293: A vulnerability in the activation of an access control list (ACL) on Cisco Adaptive Security Applian A vulnerability in the activation of an access control list (ACL) on Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the protection that is offered by a configured ACL on an affected device. This vulnerability is due to a logic error that occ

CVE-2024-20355 [MEDIUM] CWE-862 CVE-2024-20355: A vulnerability in the implementation of SAML 2.0 single sign-on (SSO) for remote access VPN service A vulnerability in the implementation of SAML 2.0 single sign-on (SSO) for remote access VPN services in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to successfully establish a VPN session on an affected device. This vulnerability is due to improper

CVE-2024-20353 [HIGH] CWE-835 CVE-2024-20353: A vulnerability in the management and VPN web servers for Cisco Adaptive Security Appliance (ASA) So A vulnerability in the management and VPN web servers for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to incomplete error checking

CVE-2024-20359 [MEDIUM] CWE-94 CVE-2024-20359: A vulnerability in a legacy capability that allowed for the preloading of VPN clients and plug-ins a A vulnerability in a legacy capability that allowed for the preloading of VPN clients and plug-ins and that has been available in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary code with root-level privileges. Administrator-level priv

CVE-2023-20275 [MEDIUM] CWE-346 CVE-2023-20275: A vulnerability in the AnyConnect SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Softwar A vulnerability in the AnyConnect SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to send packets with another VPN user's source IP address. This vulnerability is due to improper validation of the packet's inner source IP address after

CVE-2023-20095 [HIGH] CWE-772 CVE-2023-20095: A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA) Software A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of HTTPS requests. An attacker could ex

CVE-2023-20042 [HIGH] CWE-404 CVE-2023-20042: A vulnerability in the AnyConnect SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Softwar A vulnerability in the AnyConnect SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to an implementation error within the SSL/TLS session handl

CVE-2023-20086 [HIGH] CWE-248 CVE-2023-20086: A vulnerability in ICMPv6 processing of Cisco Adaptive Security Appliance (ASA) Software and Cisco F A vulnerability in ICMPv6 processing of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to improper processing of ICMPv6 messages. An attacker could exploit this vulnerability by sen

CVE-2023-20264 [MEDIUM] CWE-601 CVE-2023-20264: A vulnerability in the implementation of Security Assertion Markup Language (SAML) 2.0 single sign-o A vulnerability in the implementation of Security Assertion Markup Language (SAML) 2.0 single sign-on (SSO) for remote access VPN in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to intercept the SAML assertion of a user who is authenticating to a re

CVE-2023-20247 [MEDIUM] CWE-288 CVE-2023-20247: A vulnerability in the remote access SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Soft A vulnerability in the remote access SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to bypass a configured multiple certificate authentication policy and connect using only a valid username and password. This vulnerability is due to i

CVE-2023-20245 [MEDIUM] CWE-290 CVE-2023-20245: Multiple vulnerabilities in the per-user-override feature of Cisco Adaptive Security Appliance (ASA) Multiple vulnerabilities in the per-user-override feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should be denied to flow through an affected device. These vulnerabilit

CVE-2023-20256 [MEDIUM] CWE-290 CVE-2023-20256: Multiple vulnerabilities in the per-user-override feature of Cisco Adaptive Security Appliance (ASA) Multiple vulnerabilities in the per-user-override feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should be denied to flow through an affected device. These vulnerabilit

CVE-2023-20269 [CRITICAL] CWE-288 CVE-2023-20269: A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA) Software A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a brute force attack in an attempt to identify valid username and password combinations or an authenticated, remote attacker to establish a

CVE-2023-20234 [MEDIUM] CWE-73 CVE-2023-20234: A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to cr A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to create a file or overwrite any file on the filesystem of an affected device, including system files. The vulnerability occurs because there is no validation of parameters when a specific CLI command is used. An attacker could exploit this vulnerability b

CVE-2023-20006 [HIGH] CWE-681 CVE-2023-20006: A vulnerability in the hardware-based SSL/TLS cryptography functionality of Cisco Adaptive Security A vulnerability in the hardware-based SSL/TLS cryptography functionality of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Appliances could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (Do

CVE-2023-20107 [HIGH] CWE-332 CVE-2023-20107: A vulnerability in the deterministic random bit generator (DRBG), also known as pseudorandom number A vulnerability in the deterministic random bit generator (DRBG), also known as pseudorandom number generator (PRNG), in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software for Cisco ASA 5506-X, ASA 5508-X, and ASA 5516-X Firewalls could allow an unauthenticated, remote attacker to cause a cryptographic co

CVE-2022-20947 [HIGH] CWE-119 CVE-2022-20947: A vulnerability in dynamic access policies (DAP) functionality of Cisco Adaptive Security Appliance A vulnerability in dynamic access policies (DAP) functionality of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. This vulnerability is due to improper processing of HostSc

CVE-2022-20924 [MEDIUM] CWE-703 CVE-2022-20924: A vulnerability in the Simple Network Management Protocol (SNMP) feature of Cisco Adaptive Security A vulnerability in the Simple Network Management Protocol (SNMP) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation. An