Vulnerability Details CVE-2014-2120
Cross-site scripting (XSS) vulnerability in the WebVPN login page in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCun19025.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.801
EPSS Ranking 99.1%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
Proposed Action
Cisco Adaptive Security Appliance (ASA) contains a cross-site scripting (XSS) vulnerability in the WebVPN login page. This vulnerability allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter.
Ransomware Campaign
Unknown
References
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2120
- http://www.securityfocus.com/bid/66290
- http://www.securitytracker.com/id/1029935
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2120
- http://www.securityfocus.com/bid/66290
- http://www.securitytracker.com/id/1029935
Products affected by CVE-2014-2120
-
cpe:2.3:o:cisco:adaptive_security_appliance_software:-