CyberSec.Space Logo
Back to CVE Browser

CVE-2014-2120

Known Exploited (CISA KEV)MEDIUM
6.1
CVSS Severity Score
EPSS Score57.5300%
EPSS Percentile88.99th
PublishedMar 19, 2014
Last ModifiedApr 21, 2026

Vulnerability Description

Cross-site scripting (XSS) vulnerability in the WebVPN login page in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCun19025.

Affected Platforms (CPE)

πŸ’»
Cisco

Adaptive Security Appliance Software

All versions

References & Advisories

πŸ”— http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2120
πŸ”— http://www.securityfocus.com/bid/66290
πŸ”— http://www.securitytracker.com/id/1029935
πŸ”— http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2120
πŸ”— http://www.securityfocus.com/bid/66290
πŸ”— http://www.securitytracker.com/id/1029935
πŸ”— https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2014-2120

Related Vulnerabilities

CVE-2013-550910.0

The SSL implementation in Cisco Adaptive Security Appliance (ASA) Software 9.0 before 9.0(2.6) and 9.1 before 9.1(2) allows remote...

CVE-2009-491910.0

Buffer overflow on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attacker...

CVE-2009-491210.0

Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) complete an SSL handshake with an HTTPS c...

CVE-2013-551110.0

The Adaptive Security Device Management (ASDM) remote-management feature in Cisco Adaptive Security Appliance (ASA) Software 8.2.x...