Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-8012


Vulnerability Score 4.3 4.3
CVE Id CVE-2014-8012
Last Modified 18 Dec 2014 02:42:08
Published 18 Dec 2014 11:59:15
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE



Cross-site scripting (XSS) vulnerability in the WebVPN Portal Login page in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to inject arbitrary web script or HTML via crafted attributes in a cookie, aka Bug ID CSCuh24695.

Vulnerable Systems


  • Cisco Adaptive Security Appliance Software -


CISCO - 20141217 Cisco Adaptive Security Appliance DOM Cross-Site Scripting Vulnerability in WebVPN Portal

Last Updated: 27 May 2016 11:07:18