CVE-2014-3393

Common vulnerabilities & exposures (CVE)

CVE database CVE database blogpost Release & EoL database

Published at: - 10-10-2014 12:55

Last modified: - 23-05-2022 06:51

Total changes: - 2

Description

The Clientless SSL VPN portal customization framework in Cisco ASA Software 8.2 before 8.2(5.51), 8.3 before 8.3(2.42), 8.4 before 8.4(7.23), 8.6 before 8.6(1.14), 9.0 before 9.0(4.24), 9.1 before 9.1(5.12), and 9.2 before 9.2(2.4) does not properly implement authentication, which allows remote attackers to modify RAMFS customization objects via unspecified vectors, as demonstrated by inserting XSS sequences or capturing credentials, aka Bug ID CSCup36829.

Common Vulnerability Scoring System (CVSS)

AV:N/AC:M/Au:N/C:N/I:P/A:N

Low

Attack complexity

Network

Attack vector

None

Availability

None

Confidentiality

Low

Integrity

Privileges required

Scope

User interaction

4.3

Base score

8.6

2.9

Exploitability score

Impact score

Verification logic

vendor=cisco AND product=adaptive_security_appliance_software AND version=9.1.5.15

vendor=cisco AND product=adaptive_security_appliance_software AND version=8.4.4.5

vendor=cisco AND product=adaptive_security_appliance_software AND version=9.0.4.7

vendor=cisco AND product=adaptive_security_appliance_software AND version=8.6.1.1

vendor=cisco AND product=adaptive_security_appliance_software AND version=8.3.2.34

vendor=cisco AND product=adaptive_security_appliance_software AND version=8.4.3

vendor=cisco AND product=adaptive_security_appliance_software AND version=8.4.3.8

vendor=cisco AND product=adaptive_security_appliance_software AND version=8.4.4.9

vendor=cisco AND product=adaptive_security_appliance_software AND version=8.3.2.40

vendor=cisco AND product=adaptive_security_appliance_software AND version=8.3.2.39

vendor=cisco AND product=adaptive_security_appliance_software AND version=8.3.1

vendor=cisco AND product=adaptive_security_appliance_software AND version=8.6.1.14

vendor=cisco AND product=adaptive_security_appliance_software AND version=8.6.1.2

vendor=cisco AND product=adaptive_security_appliance_software AND version=8.4.4

vendor=cisco AND product=adaptive_security_appliance_software AND version=8.2.5.50

vendor=cisco AND product=adaptive_security_appliance_software AND version=9.1.2.8

vendor=cisco AND product=adaptive_security_appliance_software AND version=8.2.2

vendor=cisco AND product=adaptive_security_appliance_software AND version=9.0.3.6

vendor=cisco AND product=adaptive_security_appliance_software AND version=8.3.1.1

vendor=cisco AND product=adaptive_security_appliance_software AND version=9.1.4

vendor=cisco AND product=adaptive_security_appliance_software AND version=8.2.2.17

vendor=cisco AND product=adaptive_security_appliance_software AND version=8.2.5

vendor=cisco AND product=adaptive_security_appliance_software AND version=8.4.4.3

vendor=cisco AND product=adaptive_security_appliance_software AND version=8.2.5.26

vendor=cisco AND product=adaptive_security_appliance_software AND version=8.3.2

vendor=cisco AND product=adaptive_security_appliance_software AND version=8.2.1.1

vendor=cisco AND product=adaptive_security_appliance_software AND version=8.4.1.11

vendor=cisco AND product=adaptive_security_appliance_software AND version=8.2

vendor=cisco AND product=adaptive_security_appliance_software AND version=9.2.1

vendor=cisco AND product=adaptive_security_appliance_software AND version=9.2.3

vendor=cisco AND product=adaptive_security_appliance_software AND version=8.3.2.13

vendor=cisco AND product=adaptive_security_appliance_software AND version=8.6.1

vendor=cisco AND product=adaptive_security_appliance_software AND version=8.3.2.33

vendor=cisco AND product=adaptive_security_appliance_software AND version=8.4.2.8

vendor=cisco AND product=adaptive_security_appliance_software AND version=8.4.7.22

vendor=cisco AND product=adaptive_security_appliance_software AND version=8.4.2.1

vendor=cisco AND product=adaptive_security_appliance_software AND version=8.2.5.13

vendor=cisco AND product=adaptive_security_appliance_software AND version=9.0.3

vendor=cisco AND product=adaptive_security_appliance_software AND version=9.0.2.10

vendor=cisco AND product=adaptive_security_appliance_software AND version=8.2.4

vendor=cisco AND product=adaptive_security_appliance_software AND version=8.6.1.12

vendor=cisco AND product=adaptive_security_appliance_software AND version=8.2.2.16

vendor=cisco AND product=adaptive_security_appliance_software AND version=9.0.3.8

vendor=cisco AND product=adaptive_security_appliance_software AND version=9.1.3

vendor=cisco AND product=adaptive_security_appliance_software AND version=8.3.2.23

vendor=cisco AND product=adaptive_security_appliance_software AND version=8.3.1.6

vendor=cisco AND product=adaptive_security_appliance_software AND version=9.0.1

vendor=cisco AND product=adaptive_security_appliance_software AND version=8.2.5.40

vendor=cisco AND product=adaptive_security_appliance_software AND version=9.0.4.1

vendor=cisco AND product=adaptive_security_appliance_software AND version=8.4.3.9

vendor=cisco AND product=adaptive_security_appliance_software AND version=8.3.2.25

vendor=cisco AND product=adaptive_security_appliance_software AND version=9.1.1.4

vendor=cisco AND product=adaptive_security_appliance_software AND version=8.4.1

vendor=cisco AND product=adaptive_security_appliance_software AND version=8.4.4.1

vendor=cisco AND product=adaptive_security_appliance_software AND version=8.4.6

vendor=cisco AND product=adaptive_security_appliance_software AND version=9.1.2

vendor=cisco AND product=adaptive_security_appliance_software AND version=8.4.1.3

vendor=cisco AND product=adaptive_security_appliance_software AND version=8.3.2.41

vendor=cisco AND product=adaptive_security_appliance_software AND version=9.1.5.10

vendor=cisco AND product=adaptive_security_appliance_software AND version=8.2.5.46

vendor=cisco AND product=adaptive_security_appliance_software AND version=8.2.1

vendor=cisco AND product=adaptive_security_appliance_software AND version=8.2.4.1

vendor=cisco AND product=adaptive_security_appliance_software AND version=9.0.4

vendor=cisco AND product=adaptive_security_appliance_software AND version=8.2.2.12

vendor=cisco AND product=adaptive_security_appliance_software AND version=8.2.3

vendor=cisco AND product=adaptive_security_appliance_software AND version=8.3.2.31

vendor=cisco AND product=adaptive_security_appliance_software AND version=9.1.5

vendor=cisco AND product=adaptive_security_appliance_software AND version=9.0

vendor=cisco AND product=adaptive_security_appliance_software AND version=9.2.2

vendor=cisco AND product=adaptive_security_appliance_software AND version=9.0.4.24

vendor=cisco AND product=adaptive_security_appliance_software AND version=9.1.1

vendor=cisco AND product=adaptive_security_appliance_software AND version=9.0.4.5

vendor=cisco AND product=adaptive_security_appliance_software AND version=9.0.2

vendor=cisco AND product=adaptive_security_appliance_software AND version=8.6.1.10

vendor=cisco AND product=adaptive_security_appliance_software AND version=9.1.3.2

vendor=cisco AND product=adaptive_security_appliance_software AND version=8.4.7

vendor=cisco AND product=adaptive_security_appliance_software AND version=8.2.5.22

vendor=cisco AND product=adaptive_security_appliance_software AND version=8.4.5

vendor=cisco AND product=adaptive_security_appliance_software AND version=8.6.1.5

vendor=cisco AND product=adaptive_security_appliance_software AND version=8.2.5.48

vendor=cisco AND product=adaptive_security_appliance_software AND version=8.4.5.6

vendor=cisco AND product=adaptive_security_appliance_software AND version=8.3.1.4

vendor=cisco AND product=adaptive_security_appliance_software AND version=8.2.5.33

vendor=cisco AND product=adaptive_security_appliance_software AND version=8.2.5.41

vendor=cisco AND product=adaptive_security_appliance_software AND version=9.0.4.20

vendor=cisco AND product=adaptive_security_appliance_software AND version=9.0.4.17

vendor=cisco AND product=adaptive_security_appliance_software AND version=8.2.4.4

vendor=cisco AND product=adaptive_security_appliance_software AND version=8.4.2

vendor=cisco AND product=adaptive_security_appliance_software AND version=8.2.2.10

vendor=cisco AND product=adaptive_security_appliance_software AND version=8.3.2.37

vendor=cisco AND product=adaptive_security_appliance_software AND version=8.4.7.3

vendor=cisco AND product=adaptive_security_appliance_software AND version=8.3.2.4

vendor=cisco AND product=adaptive_security_appliance_software AND version=8.6.1.13

vendor=cisco AND product=adaptive_security_appliance_software AND version=8.4.7.15

vendor=cisco AND product=adaptive_security_appliance_software AND version=8.2.0.45

vendor=cisco AND product=adaptive_security_appliance_software AND version=8.3

vendor=cisco AND product=adaptive_security_appliance_software AND version=8.4

vendor=cisco AND product=adaptive_security_appliance_software AND version=8.6

vendor=cisco AND product=adaptive_security_appliance_software AND version=9.1

vendor=cisco AND product=adaptive_security_appliance_software AND version=9.2.0

vendor=cisco AND product=adaptive_security_appliance_software AND version=9.2.2.4

vendor=cisco AND product=adaptive_security_appliance_software AND version=9.1.5.12

Reference

20141008 Multiple Vulnerabilities in Cisco ASA Software-Vendor Advisory

Keywords

CVE-2014-3393

Common vulnerabilities & exposures (CVE)

Description

Common Vulnerability Scoring System (CVSS)

Verification logic

Reference

NVD

CVE-2014-3393

CVE

Common vulnerabilities & exposures

CVSS

Common vulnerability scoring system

Security

Vulnerabilities

Exposures