The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of ASA

vulnerability announce CVE-2019-1714

Cisco ASA: privilege escalation via VPN SAML Authentication Bypass

Synthesis of the vulnerability

An attacker can bypass restrictions via VPN SAML Authentication Bypass of Cisco ASA, in order to escalate his privileges.
Impacted products: ASA.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights, user access/rights.
Provenance: user account.
Creation date: 02/05/2019.
Identifiers: CERTFR-2019-AVI-193, cisco-sa-20190501-asaftd-saml-vpn, CSCvn72570, CVE-2019-1714, VIGILANCE-VUL-29202.

Description of the vulnerability

An attacker can bypass restrictions via VPN SAML Authentication Bypass of Cisco ASA, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

vulnerability alert CVE-2019-1705

Cisco ASA: denial of service via VPN Session Manager

Synthesis of the vulnerability

An attacker can trigger a fatal error via VPN Session Manager of Cisco ASA, in order to trigger a denial of service.
Impacted products: ASA.
Severity: 2/4.
Consequences: denial of service on server, denial of service on service.
Provenance: internet client.
Creation date: 02/05/2019.
Identifiers: cisco-sa-20190501-asa-vpn-dos, CSCvk13637, CVE-2019-1705, VIGILANCE-VUL-29201.

Description of the vulnerability

An attacker can trigger a fatal error via VPN Session Manager of Cisco ASA, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2019-1706

Cisco ASA: denial of service via IPsec

Synthesis of the vulnerability

An attacker can trigger a fatal error via IPsec of Cisco ASA, in order to trigger a denial of service.
Impacted products: ASA.
Severity: 2/4.
Consequences: denial of service on server, denial of service on service.
Provenance: internet client.
Creation date: 02/05/2019.
Identifiers: CERTFR-2019-AVI-193, cisco-sa-20190501-asa-ipsec-dos, CSCvk66732, CVE-2019-1706, VIGILANCE-VUL-29200.

Description of the vulnerability

An attacker can trigger a fatal error via IPsec of Cisco ASA, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note CVE-2019-1687

Cisco ASA: denial of service via TCP Proxy

Synthesis of the vulnerability

An attacker can trigger a fatal error via TCP Proxy of Cisco ASA, in order to trigger a denial of service.
Impacted products: ASA.
Severity: 2/4.
Consequences: denial of service on server, denial of service on service.
Provenance: LAN.
Creation date: 02/05/2019.
Identifiers: cisco-sa-20190501-asa-ftdtcp-dos, CSCvk44166, CVE-2019-1687, VIGILANCE-VUL-29199.

Description of the vulnerability

An attacker can trigger a fatal error via TCP Proxy of Cisco ASA, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2019-1697

Cisco ASA: denial of service via LDAP BER

Synthesis of the vulnerability

An attacker can trigger a fatal error via LDAP BER of Cisco ASA, in order to trigger a denial of service.
Impacted products: ASA.
Severity: 2/4.
Consequences: denial of service on service, denial of service on client.
Provenance: intranet client.
Creation date: 02/05/2019.
Identifiers: cisco-sa-20190501-asa-ftds-ldapdos, CSCvn20985, CVE-2019-1697, VIGILANCE-VUL-29198.

Description of the vulnerability

An attacker can trigger a fatal error via LDAP BER of Cisco ASA, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce CVE-2019-1701

Cisco ASA: Cross Site Scripting via WebVPN

Synthesis of the vulnerability

An attacker can trigger a Cross Site Scripting via WebVPN of Cisco ASA, in order to run JavaScript code in the context of the web site.
Impacted products: ASA.
Severity: 2/4.
Consequences: client access/rights.
Provenance: document.
Creation date: 02/05/2019.
Identifiers: cisco-sa-20190501-asa-ftd-xss, CSCvn78674, CSCvo11406, CSCvo11416, CSCvo17033, CVE-2019-1701, VIGILANCE-VUL-29197.

Description of the vulnerability

An attacker can trigger a Cross Site Scripting via WebVPN of Cisco ASA, in order to run JavaScript code in the context of the web site.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2019-1715

Cisco ASA: privilege escalation via DRBG Low-Entropy Keys

Synthesis of the vulnerability

An attacker can bypass restrictions via DRBG Low-Entropy Keys of Cisco ASA, in order to escalate his privileges.
Impacted products: ASA.
Severity: 2/4.
Consequences: privileged access/rights, user access/rights.
Provenance: intranet client.
Creation date: 02/05/2019.
Identifiers: CERTFR-2019-AVI-193, cisco-sa-20190501-asa-ftd-entropy, CSCvj52266, CVE-2019-1715, VIGILANCE-VUL-29195.

Description of the vulnerability

An attacker can bypass restrictions via DRBG Low-Entropy Keys of Cisco ASA, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2019-1695

Cisco ASA: privilege escalation via Layer 2 Filtering Bypass

Synthesis of the vulnerability

An attacker can bypass restrictions via Layer 2 Filtering Bypass of Cisco ASA, in order to escalate his privileges.
Impacted products: ASA.
Severity: 2/4.
Consequences: data reading, data flow.
Provenance: LAN.
Creation date: 02/05/2019.
Identifiers: cisco-sa-20190501-asa-ftd-bypass, CSCvm75358, CVE-2019-1695, VIGILANCE-VUL-29194.

Description of the vulnerability

An attacker can bypass restrictions via Layer 2 Filtering Bypass of Cisco ASA, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

vulnerability announce CVE-2019-1713

Cisco ASA: Cross Site Request Forgery

Synthesis of the vulnerability

An attacker can trigger a Cross Site Request Forgery of Cisco ASA, in order to force the victim to perform operations.
Impacted products: ASA.
Severity: 2/4.
Consequences: user access/rights.
Provenance: internet client.
Creation date: 02/05/2019.
Identifiers: CERTFR-2019-AVI-193, cisco-sa-20190501-asa-csrf, CSCvj34599, CVE-2019-1713, VIGILANCE-VUL-29192.

Description of the vulnerability

The Cisco ASA product offers a web service.

However, the origin of queries is not checked. They can for example originate from an image included in an HTML document.

An attacker can therefore trigger a Cross Site Request Forgery of Cisco ASA, in order to force the victim to perform operations.
Full Vigil@nce bulletin... (Free trial)

vulnerability alert CVE-2018-15465

Cisco ASA: privilege escalation via Web Management Interface

Synthesis of the vulnerability

An attacker can bypass restrictions via Web Management Interface of Cisco ASA, in order to escalate his privileges.
Impacted products: ASA.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights, data reading, data creation/edition.
Provenance: user account.
Creation date: 20/12/2018.
Identifiers: CERTFR-2018-AVI-605, cisco-sa-20181219-asa-privesc, CSCvm53531, CSCvn65527, CVE-2018-15465, VIGILANCE-VUL-28061.

Description of the vulnerability

An attacker can bypass restrictions via Web Management Interface of Cisco ASA, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about ASA: