CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-2128

The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA) Software 8.2 before 8.2(5.47, 8.3 before 8.3(2.40), 8.4 before 8.4(7.3), 8.6 before 8.6(1.13), 9.0 before 9.0(3.8), and 9.1 before 9.1(3.2) allows remote attackers to bypass authentication via (1) a crafted cookie value within modified HTTP POST data or (2) a crafted URL, aka Bug ID CSCua85555.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 48.0%

CVSS Severity

CVSS v2 Score 5.0

References

Products affected by CVE-2014-2128

Cisco » Adaptive Security Appliance Software » Version: 8.2

cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2
Cisco » Adaptive Security Appliance Software » Version: 8.3(1)

cpe:2.3:o:cisco:adaptive_security_appliance_software:8.3(1)
Cisco » Adaptive Security Appliance Software » Version: 8.4

cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4
Cisco » Adaptive Security Appliance Software » Version: 8.6

cpe:2.3:o:cisco:adaptive_security_appliance_software:8.6
Cisco » Adaptive Security Appliance Software » Version: 9.0

cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0
Cisco » Adaptive Security Appliance Software » Version: 9.1

cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-2128

Products

Pricing

Contact Us