The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of ASA

weakness bulletin CVE-2019-1934

Cisco ASA: privilege escalation via Web-based Management Interface

Synthesis of the vulnerability

An attacker can bypass restrictions via Web-based Management Interface of Cisco ASA, in order to escalate his privileges.
Severity: 2/4.
Creation date: 08/08/2019.
Identifiers: CERTFR-2019-AVI-377, cisco-sa-20190807-asa-privescala, CSCvp09150, CVE-2019-1934, VIGILANCE-VUL-29978.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can bypass restrictions via Web-based Management Interface of Cisco ASA, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

threat announce CVE-2019-1944 CVE-2019-1945

Cisco ASA: privilege escalation via Smart Tunnel

Synthesis of the vulnerability

An attacker can bypass restrictions via Smart Tunnel of Cisco ASA, in order to escalate his privileges.
Severity: 2/4.
Number of vulnerabilities in this bulletin: 2.
Creation date: 08/08/2019.
Identifiers: CERTFR-2019-AVI-377, cisco-sa-20190807-asa-multi, CSCvo78789, CVE-2019-1944, CVE-2019-1945, VIGILANCE-VUL-29977.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can bypass restrictions via Smart Tunnel of Cisco ASA, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

security bulletin CVE-2019-1873

Cisco ASA: denial of service via TLS/SSL Driver

Synthesis of the vulnerability

An attacker can trigger a fatal error via TLS/SSL Driver of Cisco ASA, in order to trigger a denial of service.
Severity: 2/4.
Creation date: 11/07/2019.
Identifiers: CERTFR-2019-AVI-327, cisco-sa-20190710-asa-ftd-dos, CSCvp36425, CVE-2019-1873, VIGILANCE-VUL-29739.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can trigger a fatal error via TLS/SSL Driver of Cisco ASA, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer threat bulletin CVE-2019-1714

Cisco ASA: privilege escalation via VPN SAML Authentication Bypass

Synthesis of the vulnerability

An attacker can bypass restrictions via VPN SAML Authentication Bypass of Cisco ASA, in order to escalate his privileges.
Severity: 2/4.
Creation date: 02/05/2019.
Identifiers: CERTFR-2019-AVI-193, cisco-sa-20190501-asaftd-saml-vpn, CSCvn72570, CVE-2019-1714, VIGILANCE-VUL-29202.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can bypass restrictions via VPN SAML Authentication Bypass of Cisco ASA, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

security announce CVE-2019-1705

Cisco ASA: denial of service via VPN Session Manager

Synthesis of the vulnerability

An attacker can trigger a fatal error via VPN Session Manager of Cisco ASA, in order to trigger a denial of service.
Severity: 2/4.
Creation date: 02/05/2019.
Identifiers: cisco-sa-20190501-asa-vpn-dos, CSCvk13637, CVE-2019-1705, VIGILANCE-VUL-29201.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can trigger a fatal error via VPN Session Manager of Cisco ASA, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer threat note CVE-2019-1706

Cisco ASA: denial of service via IPsec

Synthesis of the vulnerability

An attacker can trigger a fatal error via IPsec of Cisco ASA, in order to trigger a denial of service.
Severity: 2/4.
Creation date: 02/05/2019.
Identifiers: CERTFR-2019-AVI-193, cisco-sa-20190501-asa-ipsec-dos, CSCvk66732, CVE-2019-1706, VIGILANCE-VUL-29200.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can trigger a fatal error via IPsec of Cisco ASA, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

threat bulletin CVE-2019-1687

Cisco ASA: denial of service via TCP Proxy

Synthesis of the vulnerability

An attacker can trigger a fatal error via TCP Proxy of Cisco ASA, in order to trigger a denial of service.
Severity: 2/4.
Creation date: 02/05/2019.
Identifiers: cisco-sa-20190501-asa-ftdtcp-dos, CSCvk44166, CVE-2019-1687, VIGILANCE-VUL-29199.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can trigger a fatal error via TCP Proxy of Cisco ASA, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2019-1697

Cisco ASA: denial of service via LDAP BER

Synthesis of the vulnerability

An attacker can trigger a fatal error via LDAP BER of Cisco ASA, in order to trigger a denial of service.
Severity: 2/4.
Creation date: 02/05/2019.
Identifiers: cisco-sa-20190501-asa-ftds-ldapdos, CSCvn20985, CVE-2019-1697, VIGILANCE-VUL-29198.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can trigger a fatal error via LDAP BER of Cisco ASA, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

cybersecurity threat CVE-2019-1701

Cisco ASA: Cross Site Scripting via WebVPN

Synthesis of the vulnerability

An attacker can trigger a Cross Site Scripting via WebVPN of Cisco ASA, in order to run JavaScript code in the context of the web site.
Severity: 2/4.
Creation date: 02/05/2019.
Identifiers: cisco-sa-20190501-asa-ftd-xss, CSCvn78674, CSCvo11406, CSCvo11416, CSCvo17033, CVE-2019-1701, VIGILANCE-VUL-29197.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can trigger a Cross Site Scripting via WebVPN of Cisco ASA, in order to run JavaScript code in the context of the web site.
Full Vigil@nce bulletin... (Free trial)

cybersecurity vulnerability CVE-2019-1715

Cisco ASA: privilege escalation via DRBG Low-Entropy Keys

Synthesis of the vulnerability

An attacker can bypass restrictions via DRBG Low-Entropy Keys of Cisco ASA, in order to escalate his privileges.
Severity: 2/4.
Creation date: 02/05/2019.
Identifiers: CERTFR-2019-AVI-193, cisco-sa-20190501-asa-ftd-entropy, CSCvj52266, CVE-2019-1715, VIGILANCE-VUL-29195.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can bypass restrictions via DRBG Low-Entropy Keys of Cisco ASA, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about ASA: