This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Cisco First view 2005-11-24
Product Adaptive Security Appliance Software Last view 2020-02-26
Version Type Application
Update  
Edition  
Language  
Sofware Edition  
Target Software  
Target Hardware  
Other  

Activity : Overall

COMMON PLATFORM ENUMERATION: Repartition per Version

CPE Name Affected CVE
cpe:2.3:a:cisco:adaptive_security_appliance_software:8.0:*:*:*:*:*:*:* 98
cpe:2.3:a:cisco:adaptive_security_appliance_software:8.2.2:*:*:*:*:*:*:* 98
cpe:2.3:a:cisco:adaptive_security_appliance_software:8.2.1:*:*:*:*:*:*:* 97
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.2.2:*:*:*:*:*:*:* 91
cpe:2.3:a:cisco:adaptive_security_appliance_software:8.2(1):*:*:*:*:*:*:* 90
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.0.1.4:*:*:*:*:*:*:* 89
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.2(1):*:*:*:*:*:*:* 88
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.2(1.22):*:*:*:*:*:*:* 88
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.2(2):*:*:*:*:*:*:* 88
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.2(2.7):*:*:*:*:*:*:* 88
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.2(2.8):*:*:*:*:*:*:* 88
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.2(2.10):*:*:*:*:*:*:* 88
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.2(2.14):*:*:*:*:*:*:* 88
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.2(2.15):*:*:*:*:*:*:* 88
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.2(2.16):*:*:*:*:*:*:* 88
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.2(2.17):*:*:*:*:*:*:* 88
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.2(2.19):*:*:*:*:*:*:* 88
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.2.1:*:*:*:*:*:*:* 87
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.2(2.5):*:*:*:*:*:*:* 87
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.2(2.48):*:*:*:*:*:*:* 87
cpe:2.3:a:cisco:adaptive_security_appliance_software:8.0.5:*:*:*:*:*:*:* 86
cpe:2.3:a:cisco:adaptive_security_appliance_software:8.0.2:*:*:*:*:*:*:* 86
cpe:2.3:a:cisco:adaptive_security_appliance_software:8.0.3:*:*:*:*:*:*:* 86
cpe:2.3:a:cisco:adaptive_security_appliance_software:8.0.4:*:*:*:*:*:*:* 86
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.0:*:*:*:*:*:*:* 85
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.0(4):*:*:*:*:*:*:* 85
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.0.8:*:*:*:*:*:*:* 84
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.0.5:*:*:*:*:*:*:* 84
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.0.1:*:*:*:*:*:*:* 84
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.2.4:*:*:*:*:*:*:* 84
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.0.4:*:*:*:*:*:*:* 84
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.2.3:*:*:*:*:*:*:* 84
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.0.4.3:*:*:*:*:*:*:* 84
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.0.2:*:*:*:*:*:*:* 84
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.2.5:*:*:*:*:*:*:* 84
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.0.7:*:*:*:*:*:*:* 84
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.0.6:*:*:*:*:*:*:* 84
cpe:2.3:a:cisco:adaptive_security_appliance_software:-:*:*:*:*:*:*:* 84
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.1:*:*:*:*:*:*:* 82
cpe:2.3:a:cisco:adaptive_security_appliance_software:8.1:*:*:*:*:*:*:* 82
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.0(5):*:*:*:*:*:*:* 82
cpe:2.3:a:cisco:adaptive_security_appliance_software:8.0(3):*:*:*:*:*:*:* 82
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.2:*:*:*:*:*:*:* 81
cpe:2.3:a:cisco:adaptive_security_appliance_software:8.2.2:interim:*:*:*:*:*:* 81
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.0(5.2):*:*:*:*:*:*:* 81
cpe:2.3:a:cisco:adaptive_security_appliance_software:8.2(2):*:*:*:*:*:*:* 81
cpe:2.3:a:cisco:adaptive_security_appliance_software:8.0(2):*:*:*:*:*:*:* 81
cpe:2.3:a:cisco:adaptive_security_appliance_software:8.0(4):*:*:*:*:*:*:* 81
cpe:2.3:a:cisco:adaptive_security_appliance_software:8.0(5):*:*:*:*:*:*:* 81
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.0(0):*:*:*:*:*:*:* 80

Related : CVE

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
7.8 2020-02-26 CVE-2020-3167

A vulnerability in the CLI of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system (OS). The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by including crafted arguments to specific commands. A successful exploit could allow the attacker to execute arbitrary commands on the underlying OS with the privileges of the currently logged-in user for all affected platforms excluding Cisco UCS 6400 Series Fabric Interconnects. On Cisco UCS 6400 Series Fabric Interconnects, the injected commands are executed with root privileges.

6.7 2020-02-26 CVE-2020-3166

A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to read or write arbitrary files on the underlying operating system (OS). The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by including crafted arguments to a specific CLI command. A successful exploit could allow the attacker to read or write to arbitrary files on the underlying OS.

8.6 2019-10-02 CVE-2019-15256

A vulnerability in the Internet Key Exchange version 1 (IKEv1) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper management of system memory. An attacker could exploit this vulnerability by sending malicious IKEv1 traffic to an affected device. The attacker does not need valid credentials to authenticate the VPN session, nor does the attacker's source address need to match a peer statement in the crypto map applied to the ingress interface of the affected device. An exploit could allow the attacker to exhaust system memory resources, leading to a reload of an affected device.

7.8 2019-08-07 CVE-2019-1945

Multiple vulnerabilities in the smart tunnel functionality of Cisco Adaptive Security Appliance (ASA) could allow an authenticated, local attacker to elevate privileges to the root user or load a malicious library file while the tunnel is being established. For more information about these vulnerabilities, see the Details section of this security advisory.

7.3 2019-08-07 CVE-2019-1944

Multiple vulnerabilities in the smart tunnel functionality of Cisco Adaptive Security Appliance (ASA) could allow an authenticated, local attacker to elevate privileges to the root user or load a malicious library file while the tunnel is being established. For more information about these vulnerabilities, see the Details section of this security advisory.

8.8 2019-08-07 CVE-2019-1934

A vulnerability in the web-based management interface of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker to elevate privileges and execute administrative functions on an affected device. The vulnerability is due to insufficient authorization validation. An attacker could exploit this vulnerability by logging in to an affected device as a low-privileged user and then sending specific HTTPS requests to execute administrative functions using the information retrieved during initial login.

8.6 2019-05-03 CVE-2019-1714

A vulnerability in the implementation of Security Assertion Markup Language (SAML) 2.0 Single Sign-On (SSO) for Clientless SSL VPN (WebVPN) and AnyConnect Remote Access VPN in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to successfully establish a VPN session to an affected device. The vulnerability is due to improper credential management when using NT LAN Manager (NTLM) or basic authentication. An attacker could exploit this vulnerability by opening a VPN session to an affected device after another VPN user has successfully authenticated to the affected device via SAML SSO. A successful exploit could allow the attacker to connect to secured networks behind the affected device.

8.8 2019-05-03 CVE-2019-1713

A vulnerability in the web-based management interface of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. The vulnerability is due to insufficient CSRF protections for the web-based management interface on an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to follow a malicious link. A successful exploit could allow the attacker to perform arbitrary actions with the privilege level of the affected user. If the user has administrative privileges, the attacker could alter the configuration of, extract information from, or reload an affected device.

8.6 2019-05-03 CVE-2019-1708

A vulnerability in the Internet Key Exchange Version 2 Mobility and Multihoming Protocol (MOBIKE) feature for the Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a memory leak or a reload of an affected device that leads to a denial of service (DoS) condition. The vulnerability is due to the incorrect processing of certain MOBIKE packets. An attacker could exploit this vulnerability by sending crafted MOBIKE packets to an affected device to be processed. A successful exploit could cause an affected device to continuously consume memory and eventually reload, resulting in a DoS condition. The MOBIKE feature is supported only for IPv4 addresses.

8.6 2019-05-03 CVE-2019-1706

A vulnerability in the software cryptography module of the Cisco Adaptive Security Virtual Appliance (ASAv) and Firepower 2100 Series running Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause an unexpected reload of the device that results in a denial of service (DoS) condition. The vulnerability is due to a logic error with how the software cryptography module handles IPsec sessions. An attacker could exploit this vulnerability by creating and sending traffic in a high number of IPsec sessions through the targeted device. A successful exploit could cause the device to reload and result in a DoS condition.

5.9 2019-05-03 CVE-2019-1705

A vulnerability in the remote access VPN session manager of Cisco Adaptive Security Appliance (ASA) Software could allow a unauthenticated, remote attacker to cause a denial of service (DoS) condition on the remote access VPN services. The vulnerability is due to an issue with the remote access VPN session manager. An attacker could exploit this vulnerability by requesting an excessive number of remote access VPN sessions. An exploit could allow the attacker to cause a DoS condition.

4.8 2019-05-03 CVE-2019-1701

Multiple vulnerabilities in the WebVPN service of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the WebVPN portal of an affected device. The vulnerabilities exist because the software insufficiently validates user-supplied input on an affected device. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive browser-based information. An attacker would need administrator privileges on the device to exploit these vulnerabilities.

7.5 2019-05-03 CVE-2019-1697

A vulnerability in the implementation of the Lightweight Directory Access Protocol (LDAP) feature in Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerabilities are due to the improper parsing of LDAP packets sent to an affected device. An attacker could exploit these vulnerabilities by sending a crafted LDAP packet, using Basic Encoding Rules (BER), to be processed by an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition.

8.6 2019-05-03 CVE-2019-1694

A vulnerability in the TCP processing engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to the improper handling of TCP traffic. An attacker could exploit this vulnerability by sending a specific sequence of packets at a high rate through an affected device. A successful exploit could allow the attacker to temporarily disrupt traffic through the device while it reboots.

6.5 2019-05-03 CVE-2019-1693

A vulnerability in the WebVPN service of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper management of authenticated sessions in the WebVPN portal. An attacker could exploit this vulnerability by authenticating with valid credentials and accessing a specific URL in the WebVPN portal. A successful exploit could allow the attacker to cause the device to reload, resulting in a temporary DoS condition.

7.5 2019-05-03 CVE-2019-1687

A vulnerability in the TCP proxy functionality for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to an error in TCP-based packet inspection, which could cause the TCP packet to have an invalid Layer 2 (L2)-formatted header. An attacker could exploit this vulnerability by sending a crafted TCP packet sequence to the targeted device. A successful exploit could allow the attacker to cause a DoS condition.

8.6 2019-05-03 CVE-2018-15388

A vulnerability in the WebVPN login process of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause increased CPU utilization on an affected device. The vulnerability is due to excessive processing load for existing WebVPN login operations. An attacker could exploit this vulnerability by sending multiple WebVPN login requests to the device. A successful exploit could allow the attacker to increase CPU load on the device, resulting in a denial of service (DoS) condition.

8.1 2018-12-24 CVE-2018-15465

A vulnerability in the authorization subsystem of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, but unprivileged (levels 0 and 1), remote attacker to perform privileged actions by using the web management interface. The vulnerability is due to improper validation of user privileges when using the web management interface. An attacker could exploit this vulnerability by sending specific HTTP requests via HTTPS to an affected device as an unprivileged user. An exploit could allow the attacker to retrieve files (including the running configuration) from the device or to upload and replace software images on the device.

8.6 2018-11-01 CVE-2018-15454

A vulnerability in the Session Initiation Protocol (SIP) inspection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload or trigger high CPU, resulting in a denial of service (DoS) condition. The vulnerability is due to improper handling of SIP traffic. An attacker could exploit this vulnerability by sending SIP requests designed to specifically trigger this issue at a high rate across an affected device. Software updates that address this vulnerability are not yet available.

6.8 2018-10-05 CVE-2018-15399

A vulnerability in the TCP syslog module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to exhaust the 1550-byte buffers on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to a missing boundary check in an internal function. An attacker could exploit this vulnerability by establishing a man-in-the-middle position between an affected device and its configured TCP syslog server and then maliciously modifying the TCP header in segments that are sent from the syslog server to the affected device. A successful exploit could allow the attacker to exhaust buffer on the affected device and cause all TCP-based features to stop functioning, resulting in a DoS condition. The affected TCP-based features include AnyConnect SSL VPN, clientless SSL VPN, and management connections such as Secure Shell (SSH), Telnet, and HTTPS.

4 2018-10-05 CVE-2018-15398

A vulnerability in the per-user-override feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass an access control list (ACL) that is configured for an interface of an affected device. The vulnerability is due to errors that could occur when the affected software constructs and applies per-user-override rules. An attacker could exploit this vulnerability by connecting to a network through an affected device that has a vulnerable configuration. A successful exploit could allow the attacker to access resources that are behind the affected device and would typically be protected by the interface ACL.

6.8 2018-10-05 CVE-2018-15397

A vulnerability in the implementation of Traffic Flow Confidentiality (TFC) over IPsec functionality in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to restart unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to an error that may occur if the affected software renegotiates the encryption key for an IPsec tunnel when certain TFC traffic is in flight. An attacker could exploit this vulnerability by sending a malicious stream of TFC traffic through an established IPsec tunnel on an affected device. A successful exploit could allow the attacker to cause a daemon process on the affected device to crash, which could cause the device to crash and result in a DoS condition.

7.5 2018-10-05 CVE-2018-15383

A vulnerability in the cryptographic hardware accelerator driver of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a temporary denial of service (DoS) condition. The vulnerability exists because the affected devices have a limited amount of Direct Memory Access (DMA) memory and the affected software improperly handles resources in low-memory conditions. An attacker could exploit this vulnerability by sending a sustained, high rate of malicious traffic to an affected device to exhaust memory on the device. A successful exploit could allow the attacker to exhaust DMA memory on the affected device, which could cause the device to reload and result in a temporary DoS condition.

7.5 2018-06-07 CVE-2018-0296

A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. It is also possible on certain software releases that the ASA will not reload, but an attacker could view sensitive system information without authentication by using directory traversal techniques. The vulnerability is due to lack of proper input validation of the HTTP URL. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. An exploit could allow the attacker to cause a DoS condition or unauthenticated disclosure of information. This vulnerability applies to IPv4 and IPv6 HTTP traffic. This vulnerability affects Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software that is running on the following Cisco products: 3000 Series Industrial Security Appliance (ISA), ASA 1000V Cloud Firewall, ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4100 Series Security Appliance, Firepower 9300 ASA Security Module, FTD Virtual (FTDv). Cisco Bug IDs: CSCvi16029.

6.1 2018-04-19 CVE-2018-0251

A vulnerability in the Web Server Authentication Required screen of the Clientless Secure Sockets Layer (SSL) VPN portal of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of that portal on an affected device. The vulnerability is due to insufficient validation of user-supplied input by the web-based interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the portal or allow the attacker to access sensitive browser-based information. This vulnerability affects the following Cisco products if they are running a vulnerable release of Cisco ASA Software: 3000 Series Industrial Security Appliances, Adaptive Security Virtual Appliance (ASAv), ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches, ASA Services Module for Cisco 7600 Series Routers. Cisco Bug IDs: CSCvh20742.

CWE : Common Weakness Enumeration

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
%idName
24% (45) CWE-399 Resource Management Errors
24% (44) CWE-20 Improper Input Validation
10% (19) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
8% (15) CWE-264 Permissions, Privileges, and Access Controls
6% (12) CWE-287 Improper Authentication
4% (8) CWE-200 Information Exposure
4% (8) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')
3% (6) CWE-400 Uncontrolled Resource Consumption ('Resource Exhaustion')
1% (3) CWE-404 Improper Resource Shutdown or Release
1% (3) CWE-310 Cryptographic Issues
1% (2) CWE-362 Race Condition
1% (2) CWE-255 Credentials Management
1% (2) CWE-94 Failure to Control Generation of Code ('Code Injection')
0% (1) CWE-787 Out-of-bounds Write
0% (1) CWE-415 Double Free
0% (1) CWE-384 Session Fixation
0% (1) CWE-352 Cross-Site Request Forgery (CSRF)
0% (1) CWE-320 Key Management Errors
0% (1) CWE-295 Certificate Issues
0% (1) CWE-285 Improper Access Control (Authorization)
0% (1) CWE-284 Access Control (Authorization) Issues
0% (1) CWE-254 Security Features
0% (1) CWE-189 Numeric Errors
0% (1) CWE-78 Improper Sanitization of Special Elements used in an OS Command ('O...
0% (1) CWE-17 Code

CAPEC : Common Attack Pattern Enumeration & Classification

id Name
CAPEC-31 Accessing/Intercepting/Modifying HTTP Cookies
CAPEC-37 Lifting Data Embedded in Client Distributions
CAPEC-65 Passively Sniff and Capture Application Code Bound for Authorized Client
CAPEC-102 Session Sidejacking
CAPEC-117 Data Interception Attacks
CAPEC-155 Screen Temporary Files for Sensitive Information
CAPEC-157 Sniffing Attacks
CAPEC-167 Lifting Sensitive Data from the Client
CAPEC-204 Lifting cached, sensitive data embedded in client distributions (thick or thin)
CAPEC-205 Lifting credential(s)/key material embedded in client distributions (thick or...
CAPEC-258 Passively Sniffing and Capturing Application Code Bound for an Authorized Cli...
CAPEC-259 Passively Sniffing and Capturing Application Code Bound for an Authorized Cli...
CAPEC-260 Passively Sniffing and Capturing Application Code Bound for an Authorized Cli...

Oval Markup Language : Definitions

OvalID Name
oval:org.mitre.oval:def:5299 Cisco Multiple Products IKE Packet DoS

Open Source Vulnerability Database (OSVDB)

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
76819 Cisco Adaptive Security Appliances (ASA) 5500 Series Interface Description No...
76091 Cisco Multiple Product MSN IM Inspection Feature Packet Parsing Remote DoS
76090 Cisco Multiple Product ILS Message Packet Parsing Remote DoS
76089 Cisco Multiple Product SunRPC Message Packet Parsing Remote DoS (2011-3302)
76088 Cisco Multiple Product SunRPC Message Packet Parsing Remote DoS (2011-3301)
76087 Cisco Multiple Product SunRPC Message Packet Parsing Remote DoS (2011-3300)
76086 Cisco Multiple Product SunRPC Message Packet Parsing Remote DoS (2011-3299)
76085 Cisco Multiple Product TACACS+ Reply Parsing Authentication Bypass
72594 Cisco Multiple Products Crafted Cisco Discovery Protocol (CDP) Packet Handlin...
72586 Cisco Adaptive Security Appliances (ASA) 5500 Series Certificate Authority (C...
72585 Cisco Adaptive Security Appliances (ASA) 5500 Series RIP Update Handling Remo...
72584 Cisco Multiple Products Transparent Firewall Mode IPv6 Traffic Handling Exhau...
72582 Cisco Multiple Products Malformed Skinny Client Control Protocol (SCCP) Messa...
70364 Cisco Adaptive Security Appliances (ASA) IPv6 Stack Neighbor Discovery Router...
70362 Cisco Adaptive Security Appliances (ASA) EIGRP Multicast Storm Remote DoS
70361 Cisco Adaptive Security Appliances (ASA) Packet Saturation Remote DoS
70360 Cisco Adaptive Security Appliances (ASA) Multicast Traffic Unspecified Remote...
70359 Cisco Adaptive Security Appliances (ASA) TELNET Connection Interface Remote A...
70358 Cisco Adaptive Security Appliances (ASA) IPsec Traffic Saturation Remote DoS
70357 Cisco Adaptive Security Appliances (ASA) emWEB Document Name Space Character ...
70356 Cisco Adaptive Security Appliances (ASA) Configuration Pre-load Network Packe...
70355 Cisco Adaptive Security Appliances (ASA) OCSP Responder Connection Rejection ...
70354 Cisco Adaptive Security Appliances (ASA) WebVPN CIFS Share Access Restriction...
70353 Cisco Adaptive Security Appliances (ASA) Space Character SMTP Inspection Bypass
70352 Cisco Adaptive Security Appliances (ASA) Incorrect LDAP Authentication Attemp...

Information Assurance Vulnerability Management (IAVM)

id Description
2015-A-0072 Multiple Vulnerabilities in Cisco Adaptive Security Appliance (ASA) Software
Severity: Category I - VMSKEY: V0059859
2014-A-0052 Multiple Vulnerabilities in Cisco ASA
Severity: Category I - VMSKEY: V0049581
2013-A-0192 Multiple Vulnerabilities in Cisco ASA
Severity: Category I - VMSKEY: V0040780
2013-A-0193 Multiple Vulnerabilities in Cisco Firewall Services Module (FWSM)
Severity: Category I - VMSKEY: V0040790
2013-A-0023 Cisco ASA 1000V Cloud Firewall Denial of Service Vulnerability
Severity: Category I - VMSKEY: V0036643
2012-A-0174 Multiple Vulnerabilities in Cisco Firewall Services Module
Severity: Category I - VMSKEY: V0034343

Snort® IPS/IDS

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Date Description
2019-01-15 SIP over SCTP wildcard VIA address attempt
RuleID : 48593 - Type : PROTOCOL-VOIP - Revision : 1
2018-12-04 SIP wildcard VIA address flood attempt
RuleID : 48265 - Type : PROTOCOL-VOIP - Revision : 2
2018-12-04 SIP wildcard VIA address flood attempt
RuleID : 48264 - Type : PROTOCOL-VOIP - Revision : 2
2018-02-03 Cisco ASA alloc_ch connection string
RuleID : 45597 - Type : INDICATOR-SHELLCODE - Revision : 1
2018-02-03 Cisco ASA VPN aggregateAuthDataHandler double free attempt
RuleID : 45596 - Type : SERVER-OTHER - Revision : 2
2018-02-01 Cisco ASA VPN aggregateAuthDataHandler double free attempt
RuleID : 45575 - Type : SERVER-OTHER - Revision : 4
2017-10-05 Cisco Adaptive Security Appliance direct authentication denial of service att...
RuleID : 44503 - Type : SERVER-WEBAPP - Revision : 1
2017-02-10 Cisco ASA WebVPN memory corruption attempt
RuleID : 41538 - Type : SERVER-WEBAPP - Revision : 2
2016-10-20 Cisco ASA NBSTAT response stack buffer overflow attempt
RuleID : 40499 - Type : SERVER-OTHER - Revision : 1
2016-10-18 Cisco ASA WebVPN auth_handle cross site scripting attempt
RuleID : 40231 - Type : SERVER-WEBAPP - Revision : 2
2016-10-18 Cisco ASA WebVPN auth_handle cross site scripting attempt
RuleID : 40230 - Type : SERVER-WEBAPP - Revision : 2
2016-10-18 Cisco ASA WebVPN auth_handle cross site scripting attempt
RuleID : 40229 - Type : SERVER-WEBAPP - Revision : 2
2016-10-18 Cisco ASA WebVPN auth_handle cross site scripting attempt
RuleID : 40228 - Type : SERVER-WEBAPP - Revision : 2
2016-10-18 Cisco ASA WebVPN auth_handle cross site scripting attempt
RuleID : 40227 - Type : SERVER-WEBAPP - Revision : 2
2016-10-18 Cisco ASA WebVPN auth_handle cross site scripting attempt
RuleID : 40226 - Type : SERVER-WEBAPP - Revision : 2
2016-10-18 Cisco ASA WebVPN auth_handle cross site scripting attempt
RuleID : 40225 - Type : SERVER-WEBAPP - Revision : 2
2016-10-18 Cisco ASA WebVPN auth_handle cross site scripting attempt
RuleID : 40224 - Type : SERVER-WEBAPP - Revision : 2
2016-10-01 Cisco IOS commandline overflow attempt.
RuleID : 39987 - Type : INDICATOR-COMPROMISE - Revision : 2
2016-10-01 Cisco IOS commandline overflow attempt
RuleID : 39986 - Type : INDICATOR-COMPROMISE - Revision : 2
2016-10-01 Cisco IOS commandline overflow attempt.
RuleID : 39985 - Type : INDICATOR-COMPROMISE - Revision : 2
2016-10-01 Cisco IOS commandline overflow attempt.
RuleID : 39984 - Type : INDICATOR-COMPROMISE - Revision : 2
2016-10-01 Cisco IOS commandline overflow attempt
RuleID : 39983 - Type : INDICATOR-COMPROMISE - Revision : 2
2016-08-17 Cisco ASA SNMP OID parsing stack buffer overflow attempt
RuleID : 39885 - Type : PROTOCOL-SNMP - Revision : 4
2016-03-14 Cisco ASA IKEv2 invalid fragment length heap buffer overflow attempt
RuleID : 37676 - Type : SERVER-OTHER - Revision : 2
2016-03-14 Cisco IOS invalid IKE fragment length memory corruption or exhaustion attempt
RuleID : 37675 - Type : SERVER-OTHER - Revision : 3

Nessus® Vulnerability Scanner

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2018-12-21 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-sa-20181219-asa-privesc.nasl - Type: ACT_GATHER_INFO
2018-11-08 Name: The packet inspection software installed on the remote host is affected by a ...
File: cisco-sa-20181031-asaftd-sip-dos-ftd.nasl - Type: ACT_GATHER_INFO
2018-11-08 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-sa-20181031-asaftd-sip-dos-asa.nasl - Type: ACT_GATHER_INFO
2018-10-04 Name: The remote device is missing a vendor-supplied security patches.
File: cisco-sa-20181003-ftd-inspect-dos.nasl - Type: ACT_GATHER_INFO
2018-06-25 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-sa-20180606-asa.nasl - Type: ACT_GATHER_INFO
2018-04-27 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-sa-20180418-asa1.nasl - Type: ACT_GATHER_INFO
2018-02-26 Name: The remote device is missing a vendor-supplied security patch.
File: cisco_asa_cve-2018-0101_dos.nasl - Type: ACT_KILL_HOST
2018-02-06 Name: The packet inspection software installed on the remote host is affected by a ...
File: cisco-sa-20180129-asa1-ftd.nasl - Type: ACT_GATHER_INFO
2018-01-30 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-sa-20180129-asa1.nasl - Type: ACT_GATHER_INFO
2017-10-12 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-sa-20171004-asa-adaptive_security_appliance.nasl - Type: ACT_GATHER_INFO
2017-08-15 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-sa-20170802-asa2.nasl - Type: ACT_GATHER_INFO
2017-08-15 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-sa-20170802-asa1.nasl - Type: ACT_GATHER_INFO
2017-08-15 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-sa-20170802-asa.nasl - Type: ACT_GATHER_INFO
2017-04-25 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-sa-20170419-asa-xauth.nasl - Type: ACT_GATHER_INFO
2017-04-25 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-sa-20170419-asa-tls.nasl - Type: ACT_GATHER_INFO
2017-04-25 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-sa-20170419-asa-ipsec.nasl - Type: ACT_GATHER_INFO
2017-04-25 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-sa-20170419-asa-dns.nasl - Type: ACT_GATHER_INFO
2017-02-16 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-sa-20170208-asa.nasl - Type: ACT_GATHER_INFO
2016-12-21 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-sa-20161116-asa.nasl - Type: ACT_GATHER_INFO
2016-10-26 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-sa-20161019-asa-ca.nasl - Type: ACT_GATHER_INFO
2016-09-15 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-sa-20151021-asa-ike.nasl - Type: ACT_GATHER_INFO
2016-09-15 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-sa-20151021-asa-dns2.nasl - Type: ACT_GATHER_INFO
2016-09-15 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-sa-20151021-asa-dns1.nasl - Type: ACT_GATHER_INFO
2016-09-15 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-sa-20151021-asa-dhcp1.nasl - Type: ACT_GATHER_INFO
2016-09-09 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2016-1063.nasl - Type: ACT_GATHER_INFO