Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-8012

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2014-8012
Last Modified 18 Dec 2014 02:42:08
Published 18 Dec 2014 11:59:15
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2014-8012

Summary

Cross-site scripting (XSS) vulnerability in the WebVPN Portal Login page in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to inject arbitrary web script or HTML via crafted attributes in a cookie, aka Bug ID CSCuh24695.

Vulnerable Systems

Application

  • Cisco Adaptive Security Appliance Software -


References

CISCO - 20141217 Cisco Adaptive Security Appliance DOM Cross-Site Scripting Vulnerability in WebVPN Portal


Last Updated: 27 May 2016 11:07:18