Cisco: >> Adaptive Security Appliance Software >> 8.4.3.9 Security Vulnerabilities
Cisco Adaptive Security Appliance (ASA) Software 8.2 through 9.4.3.3 allows remote attackers to bypass intended ICMP Echo Reply ACLs via vectors related to subtypes.
CVSS Score
5.3
EPSS Score
0.002
Published
2016-07-12
The XML parser in Cisco Adaptive Security Appliance (ASA) Software through 9.5.2 allows remote authenticated users to cause a denial of service (instability, memory consumption, or device reload) by leveraging (1) administrative access or (2) Clientless SSL VPN access to provide a crafted XML document, aka Bug ID CSCut14209.
CVSS Score
6.5
EPSS Score
0.005
Published
2016-05-26
The encryption-processing feature in Cisco libSRTP before 1.5.3 allows remote attackers to cause a denial of service via crafted fields in SRTP packets, aka Bug ID CSCux00686.
CVSS Score
7.5
EPSS Score
0.179
Published
2016-04-21
Buffer overflow in the IKEv1 and IKEv2 implementations in Cisco ASA Software before 8.4(7.30), 8.7 before 8.7(1.18), 9.0 before 9.0(4.38), 9.1 before 9.1(7), 9.2 before 9.2(4.5), 9.3 before 9.3(3.7), 9.4 before 9.4(2.4), and 9.5 before 9.5(2.2) on ASA 5500 devices, ASA 5500-X devices, ASA Services Module for Cisco Catalyst 6500 and Cisco 7600 devices, ASA 1000V devices, Adaptive Security Virtual Appliance (aka ASAv), Firepower 9300 ASA Security Module, and ISA 3000 devices allows remote attackers to execute arbitrary code or cause a denial of service (device reload) via crafted UDP packets, aka Bug IDs CSCux29978 and CSCux42019.
CVSS Score
9.8
EPSS Score
0.898
Published
2016-02-11
Cisco Adaptive Security Appliance (ASA) Software 8.4 allows remote attackers to obtain sensitive information via an AnyConnect authentication attempt, aka Bug ID CSCuo65775.
CVSS Score
5.3
EPSS Score
0.006
Published
2016-01-16
The IKEv1 implementation in Cisco Adaptive Security Appliance (ASA) software 7.2 and 8.2 before 8.2(5.58), 8.3 and 8.4 before 8.4(7.29), 8.5 through 8.7 before 8.7(1.17), 9.0 before 9.0(4.37), 9.1 before 9.1(6.8), 9.2 before 9.2(4), and 9.3 before 9.3(3) allows remote attackers to cause a denial of service (device reload) via crafted ISAKMP UDP packets, aka Bug ID CSCus94026.
CVSS Score
7.8
EPSS Score
0.004
Published
2015-10-25
Cisco Adaptive Security Appliance (ASA) software 7.2 and 8.2 before 8.2(5.58), 8.3 and 8.4 before 8.4(7.29), 8.5 through 8.7 before 8.7(1.17), 9.0 before 9.0(4.37), 9.1 before 9.1(6.6), 9.2 before 9.2(4), 9.3 before 9.3(3.5), and 9.4 before 9.4(1.5) allows remote attackers to cause a denial of service (device reload) via a crafted DNS response, aka Bug ID CSCuu07799.
CVSS Score
7.8
EPSS Score
0.004
Published
2015-10-25
Cisco Adaptive Security Appliance (ASA) software 7.2 and 8.2 before 8.2(5.58), 8.3 and 8.4 before 8.4(7.29), 8.5 through 8.7 before 8.7(1.17), 9.0 before 9.0(4.37), 9.1 before 9.1(6.4), 9.2 before 9.2(4), 9.3 before 9.3(3.1), and 9.4 before 9.4(1.1) allows remote attackers to cause a denial of service (device reload) via a crafted DNS response, aka Bug ID CSCut03495.
CVSS Score
7.1
EPSS Score
0.007
Published
2015-10-25
The XML parser in Cisco Adaptive Security Appliance (ASA) Software 8.4 before 8.4(7.28), 8.6 before 8.6(1.17), 9.0 before 9.0(4.33), 9.1 before 9.1(6), 9.2 before 9.2(3.4), and 9.3 before 9.3(3), when Clientless SSL VPN, AnyConnect SSL VPN, or AnyConnect IKEv2 VPN is used, allows remote attackers to cause a denial of service (VPN outage or device reload) via a crafted XML document, aka Bug ID CSCus95290.
CVSS Score
7.8
EPSS Score
0.011
Published
2015-04-13
The DNS implementation in Cisco Adaptive Security Appliance (ASA) Software 7.2 before 7.2(5.16), 8.2 before 8.2(5.57), 8.3 before 8.3(2.44), 8.4 before 8.4(7.28), 8.5 before 8.5(1.24), 8.6 before 8.6(1.17), 8.7 before 8.7(1.16), 9.0 before 9.0(4.33), 9.1 before 9.1(6.1), 9.2 before 9.2(3.4), and 9.3 before 9.3(3) allows man-in-the-middle attackers to cause a denial of service (memory consumption or device outage) by triggering outbound DNS queries and then sending crafted responses to these queries, aka Bug ID CSCuq77655.
CVSS Score
7.1
EPSS Score
0.003
Published
2015-04-13