CVE-2014-2120 | THREATINT

Description

Cross-site scripting (XSS) vulnerability in the WebVPN login page in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCun19025.

Reserved 2014-02-25 | Published 2014-03-19 | Updated 2024-11-13 | Assigner cisco

CISA Known Exploited Vulnerability

Date added 2024-11-12 | Due date 2024-12-03

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

References

www.securitytracker.com/id/1029935 (1029935) vdb-entry

tools.cisco.com/...content/CiscoSecurityNotice/CVE-2014-2120 (20140318 Cisco Adaptive Security Appliance WebVPN Login Page Cross-Site Scripting Vulnerability) vendor-advisory

www.securityfocus.com/bid/66290 (66290) vdb-entry

cve.org (CVE-2014-2120)

nvd.nist.gov (CVE-2014-2120)

Download JSON

Support options

Helpdesk Chat, Email, Knowledgebase
Telegram Chat

Subscribe to our newsletter to learn more about our work.