The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Cisco ASA

Cisco ASA: use after free via webvpn
An attacker can force a double memory free in the TLS server of the webvpn feature of Cisco ASA, in order to trigger a denial of service, or to run machine code with root privileges...
CERTFR-2018-ALE-002, CERTFR-2018-AVI-063, cisco-sa-20180129-asa1, CVE-2018-0101, VIGILANCE-VUL-25173
Cisco ACE/ASA: information disclosure via ROBOT Attack
An attacker can bypass access restrictions to data via ROBOT Attack (VIGILANCE-VUL-24749) of Cisco ACE/ASA, in order to obtain sensitive information...
cisco-sa-20171212-bleichenbacher, CSCvg74693, CSCvg97652, CSCvh10981, CSCvh25064, CVE-2017-12373, CVE-2017-17428, VIGILANCE-VUL-24747
Cisco ASA Next-Generation Firewall Services: privilege escalation via Local Management Filtering
An attacker can bypass restrictions via Local Management Filtering of Cisco ASA Next-Generation Firewall Services, in order to escalate his privileges...
cisco-sa-20171115-firepower1, CSCvd97962, CVE-2017-12299, VIGILANCE-VUL-24476
WPA2: information disclosure via Key Reinstallation Attacks
An attacker can bypass access restrictions to data via Key Reinstallation Attacks of WPA2, in order to obtain sensitive information...
ARUBA-PSA-2017-007, CERTFR-2017-ALE-014, CERTFR-2017-AVI-357, CERTFR-2017-AVI-358, CERTFR-2017-AVI-359, CERTFR-2017-AVI-360, CERTFR-2017-AVI-361, CERTFR-2017-AVI-363, CERTFR-2017-AVI-373, CERTFR-2017-AVI-379, CERTFR-2017-AVI-383, CERTFR-2017-AVI-390, CERTFR-2017-AVI-441, CERTFR-2017-AVI-478, CERTFR-2018-AVI-014, CERTFR-2018-AVI-048, cisco-sa-20171016-wpa, CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13084, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088, DLA-1150-1, DLA-1200-1, DLA-1573-1, DSA-3999-1, FEDORA-2017-12e76e8364, FEDORA-2017-45044b6b33, FEDORA-2017-60bfb576b7, FEDORA-2017-cfb950d8f4, FEDORA-2017-fc21e3856b, FG-IR-17-196, FreeBSD-SA-17:07.wpa, HT208221, HT208222, HT208334, HT208394, JSA10827, K-511282, KRACK Attacks, openSUSE-SU-2017:2755-1, openSUSE-SU-2017:2846-1, openSUSE-SU-2017:2896-1, openSUSE-SU-2017:2905-1, openSUSE-SU-2017:3144-1, openSUSE-SU-2020:0222-1, openSUSE-SU-2020:2053-1, openSUSE-SU-2020:2059-1, RHSA-2017:2907-01, RHSA-2017:2911-01, SSA:2017-291-02, SSA-418456, SSA-901333, STORM-2017-005, SUSE-SU-2017:2745-1, SUSE-SU-2017:2752-1, SUSE-SU-2017:2847-1, SUSE-SU-2017:2869-1, SUSE-SU-2017:2908-1, SUSE-SU-2017:2920-1, SUSE-SU-2017:3106-1, SUSE-SU-2017:3165-1, SUSE-SU-2017:3265-1, SUSE-SU-2017:3267-1, SUSE-SU-2018:0040-1, SUSE-SU-2018:0171-1, SUSE-SU-2020:3380-1, SUSE-SU-2020:3424-1, Synology-SA-17:60, Synology-SA-17:60 KRACK, USN-3455-1, USN-3505-1, VIGILANCE-VUL-24144, VU#228519
Cisco ASA: memory leak via Firepower SSL Decryption
An attacker can create a memory leak via Firepower SSL Decryption of Cisco ASA, in order to trigger a denial of service...
CERTFR-2017-AVI-333, cisco-sa-20171004-ftd, CSCve02069, CVE-2017-12245, VIGILANCE-VUL-24034
Cisco ASA: denial of service via Firepower IPv6
An attacker can generate a fatal error via Firepower IPv6 of Cisco ASA, in order to trigger a denial of service...
CERTFR-2017-AVI-333, cisco-sa-20171004-fpsnort, CSCvd34776, CVE-2017-12244, VIGILANCE-VUL-24033
Cisco ASA: denial of service via Direct Authentication
An attacker can generate a fatal error via Direct Authentication of Cisco ASA, in order to trigger a denial of service...
CERTFR-2017-AVI-333, cisco-sa-20171004-asa, CSCvd59063, CVE-2017-12246, VIGILANCE-VUL-24032
Cisco ASA: Cross Site Scripting via HREF
An attacker can trigger a Cross Site Scripting via HREF of Cisco ASA, in order to run JavaScript code in the context of the web site...
CERTFR-2017-AVI-333, cisco-sa-20171004-asa1, CSCve91068, CVE-2017-12265, VIGILANCE-VUL-24031
Cisco ASA: information disclosure via Username Enumeration
An attacker can bypass access restrictions to data via Username Enumeration of Cisco ASA, in order to obtain sensitive information...
cisco-sa-20170802-asa2, CSCvd47888, CVE-2017-6752, VIGILANCE-VUL-23444
Cisco ASA: Cross Site Scripting via WebVPN
An attacker can trigger a Cross Site Scripting via WebVPN of Cisco ASA, in order to run JavaScript code in the context of the web site...
cisco-sa-20170802-asa1, CSCve19179, CVE-2017-6765, VIGILANCE-VUL-23443
Our database contains other pages. You can request a free trial to read them.

Display information about Cisco ASA: