返回 CVE 瀏覽器

CVE-2014-2120

Known Exploited (CISA KEV)MEDIUM

6.1

CVSS Severity Score

EPSS Score57.5300%

EPSS Percentile88.99th

Published2014年3月19日

Last Modified2026年4月21日

Vulnerability Description

Cross-site scripting (XSS) vulnerability in the WebVPN login page in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCun19025.

Affected Platforms (CPE)

💻

Cisco

Adaptive Security Appliance Software

All versions

References & Advisories

🔗 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2120

🔗 http://www.securityfocus.com/bid/66290

🔗 http://www.securitytracker.com/id/1029935

🔗 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2120

🔗 http://www.securityfocus.com/bid/66290

🔗 http://www.securitytracker.com/id/1029935

🔗 https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2014-2120

相關漏洞威脅

CVE-2013-550910.0

The SSL implementation in Cisco Adaptive Security Appliance (ASA) Software 9.0 before 9.0(2.6) and 9.1 before 9.1(2) allows remote...

CVE-2009-491910.0

Buffer overflow on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attacker...

CVE-2009-491210.0

Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) complete an SSL handshake with an HTTPS c...

CVE-2013-551110.0

The Adaptive Security Device Management (ASDM) remote-management feature in Cisco Adaptive Security Appliance (ASA) Software 8.2.x...