2024/11 : Internal-CISA - Cisco Adaptive Security Appliance (ASA) - CVE-2014-2120 #156

ums91 · 2024-11-13T01:42:47Z

Summary

Confirm if Cisco Adaptive Security Appliance (ASA) vulnerability below is applicable to any systems.

Reference

From CISA Known Exploited Vulnerabilities Catalog: https://www.cisa.gov/known-exploited-vulnerabilities-catalog

CVE-2014-2120

Severity

MEDIUM - CVSS v2 - (AV:N/AC:M/Au:N/C:N/I:P/A:N)

Detailed description of the vulnerability

Cross-site scripting (XSS) vulnerability in the WebVPN login page in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCun19025.

Reporter

CISA

ums91 · 2024-11-13T01:45:48Z

This vulnerability is not applicable to any systems.

ums91 added CISA-Alert security-issue-source::internally-reported-cisa Reported by CISA security-issue-type::vulnerability security-issue-severity::medium labels Nov 13, 2024

ums91 added this to the 2024Q2 milestone Nov 13, 2024

ums91 added the Remediated_Fixed_Patched label Nov 13, 2024

ums91 closed this as completed Nov 13, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

2024/11 : Internal-CISA - Cisco Adaptive Security Appliance (ASA) - CVE-2014-2120 #156

2024/11 : Internal-CISA - Cisco Adaptive Security Appliance (ASA) - CVE-2014-2120 #156

ums91 commented Nov 13, 2024

ums91 commented Nov 13, 2024

2024/11 : Internal-CISA - Cisco Adaptive Security Appliance (ASA) - CVE-2014-2120 #156

2024/11 : Internal-CISA - Cisco Adaptive Security Appliance (ASA) - CVE-2014-2120 #156

Comments

ums91 commented Nov 13, 2024

Summary

Reference

Severity

Detailed description of the vulnerability

Reporter

ums91 commented Nov 13, 2024