Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 18/12/2014 Updated: 11/08/2023

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Subscribe to Adaptive Security Appliance Software

Cross-site scripting (XSS) vulnerability in the WebVPN Portal Login page in Cisco Adaptive Security Appliance (ASA) Software allows remote malicious users to inject arbitrary web script or HTML via crafted attributes in a cookie, aka Bug ID CSCuh24695.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco adaptive security appliance software -

Cisco Adaptive Security Appliance (ASA) devices configured for WebVPN contain a DOM-based cross-site scripting vulnerability (XSS) within the Portal Login page An unauthenticated, remote attacker who can convince a user to take a malicious action, could perform a XSS attack on the user The vulnerability exists due to mishandling of certain attri ...

CWE-79 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-8012 http://www.securitytracker.com/id/1031395 https://nvd.nist.gov http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/Cisco-SA-20141218-CVE-2014-8012

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2014-8012

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect