Alex Lumsden

**Name of the Vulnerable Software and Affected Versions** Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Secure Firewall Threat Defense (FTD) Software (affected versions not specified) **Description** A flaw exists in the Remote Access SSL VPN functionality that could allow a remote, unauthenticated attacker to cause a denial of service (DoS) condition affecting new Remote Access SSL VPN connections by exhausting device memory. This issue stems from a failure to validate user-supplied input. An attacker could exploit this by sending specially crafted packets to the Remote Access SSL VPN server, potentially causing the device web interface to become unresponsive. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco Secure Firewall ASA Software and Cisco Secure Firewall Threat Defense (FTD) Software (affected versions not specified) **Description** A flaw exists in the SAML 2.0 single sign-on (SSO) feature that could permit an unauthenticated, remote attacker to perform a cross-site scripting (XSS) attack against the SAML feature and obtain sensitive, browser-based information. This is caused by inadequate validation of multiple HTTP parameters. An attacker could exploit this by convincing a user to access a malicious link, potentially leading to a reflected XSS attack through an affected device. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco SD-WAN vManage Software (affected versions not specified) **Description** A vulnerability in the web-based management interface could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. This is due to insufficient CSRF protections for the web-based management interface. An attacker could exploit this by persuading a user to click a malicious link, allowing them to perform arbitrary actions with the privilege level of the affected user, including modifying system configuration and deleting accounts. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco SD-WAN vManage Software (affected versions not specified) **Description** The issue is related to multiple vulnerabilities in the Cisco SD-WAN vManage Software, which could allow an unauthenticated, remote attacker to execute arbitrary code or gain access to sensitive information. It could also allow an authenticated, local attacker to gain escalated privileges or gain unauthorized access to the application. The vulnerability is associated with privilege management errors in the vManage web interface. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco SD-WAN vManage Software (affected versions not specified) **Description** The issue is related to multiple vulnerabilities in the Cisco SD-WAN vManage Software, which could allow an unauthenticated, remote attacker to execute arbitrary code or gain access to sensitive information. Additionally, an authenticated, local attacker could gain escalated privileges or unauthorized access to the application. The vulnerability is also associated with inadequate access control in the vManage web interface, allowing a remote attacker to potentially elevate their privileges. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco SD-WAN products (affected versions not specified) **Description** The issue is related to multiple vulnerabilities in Cisco SD-WAN products that could allow an authenticated attacker to perform command injection attacks against an affected device. This could enable the attacker to take certain actions with root privileges on the device. The vulnerability in the vManage web interface is associated with insufficient input validation, which could allow a remote attacker to execute arbitrary commands with elevated privileges. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.