CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Cisco: >> Adaptive Security Appliance Software >> 9.2(3.1) Security Vulnerabilities

CVE-2014-8023

Cisco Adaptive Security Appliance (ASA) Software 9.2(.3) and earlier, when challenge-response authentication is used, does not properly select tunnel groups, which allows remote authenticated users to bypass intended resource-access restrictions via a crafted tunnel-group parameter, aka Bug ID CSCtz48533.

CVSS Score

4.0

EPSS Score

0.004

Published

2015-02-17

CVE-2014-3407

The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA) Software 9.3(.2) and earlier does not properly allocate memory blocks during HTTP packet handling, which allows remote attackers to cause a denial of service (memory consumption) via crafted packets, aka Bug ID CSCuq68888.

CVSS Score

5.0

EPSS Score

0.004

Published

2014-11-28

Page 5

Vulnerabilities

Vulnerable Software

Cisco: >> Adaptive Security Appliance Software >> 9.2(3.1) Security Vulnerabilities

Products

Pricing

Contact Us