Shodan
Vulnerabilities
Vulnerable Software
Cisco:  >> Adaptive Security Appliance Software  >> 8.1  Security Vulnerabilities
CVE-2010-4682
Memory leak on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) allows remote attackers to cause a denial of service (memory consumption) by making multiple incorrect LDAP authentication attempts, aka Bug ID CSCtf29867.
CVSS Score
7.8
EPSS Score
0.015
Published
2011-01-07
CVE-2010-4670
The Neighbor Discovery (ND) protocol implementation in the IPv6 stack on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.2(3) and earlier, and Cisco PIX Security Appliances devices, allows remote attackers to cause a denial of service (CPU consumption and device hang) by sending many Router Advertisement (RA) messages with different source addresses, as demonstrated by the flood_router6 program in the thc-ipv6 package, aka Bug ID CSCti24526.
CVSS Score
7.8
EPSS Score
0.014
Published
2011-01-07
CVE-2010-4672
Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.2(3) and earlier allow remote attackers to cause a denial of service (block exhaustion) via EIGRP traffic that triggers an EIGRP multicast storm, aka Bug ID CSCtf20269.
CVSS Score
7.8
EPSS Score
0.011
Published
2011-01-07
CVE-2010-4673
Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.2(4) and earlier allow remote attackers to cause a denial of service via a flood of packets, aka Bug ID CSCtg06316.
CVSS Score
7.8
EPSS Score
0.011
Published
2011-01-07
CVE-2009-5037
Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) allow remote attackers to cause a denial of service (ASDM syslog outage) via a long URL, aka Bug IDs CSCsm11264 and CSCtb92911.
CVSS Score
5.0
EPSS Score
0.011
Published
2011-01-07
CVE-2010-0440
Cross-site scripting (XSS) vulnerability in +CSCOT+/translation in Cisco Secure Desktop 3.4.2048, and other versions before 3.5; as used in Cisco ASA appliance before 8.2(1), 8.1(2.7), and 8.0(5); allows remote attackers to inject arbitrary web script or HTML via a crafted POST parameter, which is not properly handled by an eval statement in binary/mainv.js that writes to start.html.
CVSS Score
4.3
EPSS Score
0.393
Published
2010-02-03


Products
Pricing
Contact Us

Shodan ® - All rights reserved