Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Adaptive_security_appliance_software
(Cisco)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 309 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2005-11-18 | CVE-2005-3669 | Multiple unspecified vulnerabilities in the Internet Key Exchange version 1 (IKEv1) implementation in multiple Cisco products allow remote attackers to cause a denial of service (device reset) via certain malformed IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the Cisco advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to. | Adaptive_security_appliance_software, Firewall_services_module, Ios, Mds_9000, Mds_9000_san\-Os, Pix_firewall, Pix_firewall_software, Vpn_3000_concentrator_series_software | N/A | ||
| 2006-07-27 | CVE-2006-3906 | Internet Key Exchange (IKE) version 1 protocol, as implemented on Cisco IOS, VPN 3000 Concentrators, and PIX firewalls, allows remote attackers to cause a denial of service (resource exhaustion) via a flood of IKE Phase-1 packets that exceed the session expiration rate. NOTE: it has been argued that this is due to a design weakness of the IKE version 1 protocol, in which case other vendors and implementations would also be affected. | Adaptive_security_appliance_software, Ios, Pix_asa_ids, Pix_firewall, Pix_firewall_501, Pix_firewall_506, Pix_firewall_515, Pix_firewall_515e, Pix_firewall_520, Pix_firewall_525, Pix_firewall_535, Pix_firewall_software, Secure_pix_firewall, Vpn_3000_concentrator_series_software, Vpn_3001_concentrator, Vpn_3005_concentrator_software, Vpn_3015_concentrator, Vpn_3020_concentrator, Vpn_3030_concentator, Vpn_3060_concentrator, Vpn_3080_concentrator | N/A | ||
| 2005-12-22 | CVE-2005-4499 | The Downloadable RADIUS ACLs feature in Cisco PIX and VPN 3000 concentrators, when creating an ACL on the Cisco Secure Access Control Server (CS ACS), generates a random internal name for an ACL that is also used as a hidden user name and password, which allows remote attackers to gain privileges by sniffing the username from the cleartext portion of a RADIUS session, then using the password to log in to another device that uses CS ACS. | Adaptive_security_appliance_software, Pix_asa_ids, Pix_firewall, Pix_firewall_501, Pix_firewall_506, Pix_firewall_515, Pix_firewall_515e, Pix_firewall_520, Pix_firewall_525, Pix_firewall_535, Pix_firewall_software, Secure_access_control_server, Vpn_3000_concentrator_series_software, Vpn_3001_concentrator, Vpn_3002_hardware_client, Vpn_3005_concentrator_software, Vpn_3015_concentrator, Vpn_3020_concentrator, Vpn_3030_concentator, Vpn_3060_concentrator, Vpn_3080_concentrator | N/A | ||
| 2006-05-09 | CVE-2006-0515 | Cisco PIX/ASA 7.1.x before 7.1(2) and 7.0.x before 7.0(5), PIX 6.3.x before 6.3.5(112), and FWSM 2.3.x before 2.3(4) and 3.x before 3.1(7), when used with Websense/N2H2, allows remote attackers to bypass HTTP access restrictions by splitting the GET method of an HTTP request into multiple packets, which prevents the request from being sent to Websense for inspection, aka bugs CSCsc67612, CSCsc68472, and CSCsd81734. | Adaptive_security_appliance_software, Firewall_services_module, Pix_firewall, Pix_firewall_software | N/A | ||
| 2019-10-02 | CVE-2019-12693 | A vulnerability in the Secure Copy (SCP) feature of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to the use of an incorrect data type for a length variable. An attacker could exploit this vulnerability by initiating the transfer of a large file to an affected device via SCP. To exploit this vulnerability, the attacker would need to have valid privilege level 15 credentials... | Adaptive_security_appliance, Adaptive_security_appliance_software | 4.9 | ||
| 2019-10-02 | CVE-2019-12673 | A vulnerability in the FTP inspection engine of Cisco Adaptive Security (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient validation of FTP data. An attacker could exploit this vulnerability by sending malicious FTP traffic through an affected device. A successful exploit could allow the attacker to cause a DoS condition... | Adaptive_security_appliance, Adaptive_security_appliance_software, Firepower_threat_defense | 7.5 | ||
| 2019-10-02 | CVE-2019-12676 | A vulnerability in the Open Shortest Path First (OSPF) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability exists because the affected software improperly parses certain options in OSPF link-state advertisement (LSA) type 11 packets. An attacker could exploit this... | Adaptive_security_appliance, Adaptive_security_appliance_software, Firepower_threat_defense | 7.4 | ||
| 2019-10-02 | CVE-2019-12677 | A vulnerability in the Secure Sockets Layer (SSL) VPN feature of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition that prevents the creation of new SSL/Transport Layer Security (TLS) connections to an affected device. The vulnerability is due to incorrect handling of Base64-encoded strings. An attacker could exploit this vulnerability by opening many SSL VPN sessions to an affected device. The attacker... | Adaptive_security_appliance_software | 6.5 | ||
| 2019-10-02 | CVE-2019-12678 | A vulnerability in the Session Initiation Protocol (SIP) inspection module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper parsing of SIP messages. An attacker could exploit this vulnerability by sending a malicious SIP packet through an affected device. A successful exploit could allow... | Adaptive_security_appliance, Adaptive_security_appliance_software, Firepower_threat_defense | 7.5 | ||
| 2019-10-02 | CVE-2019-12695 | A vulnerability in the Clientless SSL VPN (WebVPN) portal of Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this... | Adaptive_security_appliance, Adaptive_security_appliance_software, Firepower_threat_defense | 6.1 |