Published: 10/04/2014 Updated: 15/08/2023

CVSS v2 Base Score: 8.5 | Impact Score: 10 | Exploitability Score: 6.8

VMScore: 880

Vector: AV:N/AC:M/Au:S/C:C/I:C/A:C

Cisco Adaptive Security Appliance (ASA) Software 8.x prior to 8.2(5.48), 8.3 prior to 8.3(2.40), 8.4 prior to 8.4(7.9), 8.6 prior to 8.6(1.13), 9.0 prior to 9.0(4.1), and 9.1 prior to 9.1(4.3) does not properly process management-session information during privilege validation for SSL VPN portal connections, which allows remote authenticated users to gain privileges by establishing a Clientless SSL VPN session and entering crafted URLs, aka Bug ID CSCul70099.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco adaptive security appliance software 8.1
cisco adaptive security appliance software 8.0
cisco adaptive security appliance software 8.2
cisco adaptive security appliance software 8.3\\(1\\)
cisco adaptive security appliance software 8.4
cisco adaptive security appliance software 8.6
cisco adaptive security appliance software 9.0
cisco adaptive security appliance software 9.1

Cisco Adaptive Security Appliance (ASA) Software is affected by the following vulnerabilities: Cisco ASA ASDM Privilege Escalation Vulnerability Cisco ASA SSL VPN Privilege Escalation Vulnerability Cisco ASA SSL VPN Authentication Bypass Vulnerability Cisco ASA SIP Denial of Service Vulnerability These vulnerabilities are indepen ...

Detects whether the Cisco ASA appliance is vulnerable to the Cisco ASA SSL VPN Privilege Escalation Vulnerability (CVE-2014-2127).

nmap -p 443 --script http-vuln-cve2014-2127 <target>

PORT    STATE SERVICE
443/tcp open  https
| http-vuln-cve2014-2127:
|   VULNERABLE:
|   Cisco ASA SSL VPN Privilege Escalation Vulnerability
|     State: VULNERABLE
|     Risk factor: High  CVSSv2: 8.5 (HIGH) (AV:N/AC:M/AU:S/C:C/I:C/A:C)
|     Description:
|       Cisco Adaptive Security Appliance (ASA) Software 8.x before 8.2(5.48), 8.3 before 8.3(2.40), 8.4 before 8.4(7.9), 8.6 before 8.6(1.13), 9.0 before 9.0(4.1), and 9.1 before 9.1(4.3) does not properly process management-session information during privilege validation for SSL VPN portal connections, which allows remote authenticated users to gain privileges by establishing a Clientless SSL VPN session and entering crafted URLs, aka Bug ID CSCul70099.
|
|     References:
|       http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-asa
|_      http://cvedetails.com/cve/2014-2127/

Detects whether the Cisco ASA appliance is vulnerable to the Cisco ASA SSL VPN Privilege Escalation Vulnerability (CVE-2014-2127).

nmap -p 443 --script http-vuln-cve2014-2127 <target>

PORT    STATE SERVICE
443/tcp open  https
| http-vuln-cve2014-2127:
|   VULNERABLE:
|   Cisco ASA SSL VPN Privilege Escalation Vulnerability
|     State: VULNERABLE
|     Risk factor: High  CVSSv2: 8.5 (HIGH) (AV:N/AC:M/AU:S/C:C/I:C/A:C)
|     Description:
|       Cisco Adaptive Security Appliance (ASA) Software 8.x before 8.2(5.48), 8.3 before 8.3(2.40), 8.4 before 8.4(7.9), 8.6 before 8.6(1.13), 9.0 before 9.0(4.1), and 9.1 before 9.1(4.3) does not properly process management-session information during privilege validation for SSL VPN portal connections, which allows remote authenticated users to gain privileges by establishing a Clientless SSL VPN session and entering crafted URLs, aka Bug ID CSCul70099.
|
|     References:
|       http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-asa
|_      http://cvedetails.com/cve/2014-2127/

CWE-20 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-asa https://nvd.nist.gov http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-asa https://nmap.org/nsedoc/scripts/../scripts/http-vuln-cve2014-2127.html

CVE-2014-2127

Vulnerability Summary

Vendor Advisories

Nmap Scripts

References

Vulmon Search

About

Products

Connect