Cross-site scripting (XSS) vulnerability in the WebVPN login page in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCun19025.
References
Link | Resource |
---|---|
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2120 | Broken Link Vendor Advisory |
http://www.securityfocus.com/bid/66290 | Broken Link Third Party Advisory VDB Entry |
http://www.securitytracker.com/id/1029935 | Broken Link Third Party Advisory VDB Entry |
Configurations
History
14 Nov 2024, 21:42
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 4.3
v3 : 6.1 |
References | () http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2120 - Broken Link, Vendor Advisory | |
References | () http://www.securityfocus.com/bid/66290 - Broken Link, Third Party Advisory, VDB Entry | |
References | () http://www.securitytracker.com/id/1029935 - Broken Link, Third Party Advisory, VDB Entry |
13 Nov 2024, 15:35
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 4.3
v3 : 5.4 |
11 Aug 2023, 18:54
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:cisco:adaptive_security_appliance_software:-:*:*:*:*:*:*:* |
Information
Published : 2014-03-19 01:15
Updated : 2024-11-14 21:42
NVD link : CVE-2014-2120
Mitre link : CVE-2014-2120
CVE.ORG link : CVE-2014-2120
JSON object : View
Products Affected
cisco
- adaptive_security_appliance_software
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')