Update from October 22nd, 2020: Cisco has become aware of a new Cisco Adaptive Security Appliance vulnerability that could affect the fixed releases recommended for code trains 9.13 and 9.14 in the Fixed Software [“#fs”] section of this advisory. See the Cisco Adaptive Security Appliance Software SSL/TLS Denial of Service Vulnerability [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ssl-dos-7uZWwSEy”] for additional information.
A vulnerability in the web-based management interface of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.
This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-rxss-L54Htxp [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-rxss-L54Htxp”]
Vendor | Product | Version | CPE |
---|---|---|---|
cisco | cisco_adaptive_security_appliance_\(asa\)_software | 9.8 | cpe:2.3:a:cisco:cisco_adaptive_security_appliance_\(asa\)_software:9.8:*:*:*:*:*:*:* |
cisco | cisco_adaptive_security_appliance_\(asa\)_software | 9.12 | cpe:2.3:a:cisco:cisco_adaptive_security_appliance_\(asa\)_software:9.12:*:*:*:*:*:*:* |
cisco | firepower_2100_firmware | any | cpe:2.3:o:cisco:firepower_2100_firmware:any:*:*:*:*:*:*:* |
cisco | firepower_4100_next-generation_firewall_firmware | any | cpe:2.3:o:cisco:firepower_4100_next-generation_firewall_firmware:any:*:*:*:*:*:*:* |
cisco | cisco_adaptive_security_appliance_\(asa\)_software | 9.8.2.24 | cpe:2.3:a:cisco:cisco_adaptive_security_appliance_\(asa\)_software:9.8.2.24:*:*:*:*:*:*:* |
cisco | cisco_adaptive_security_appliance_\(asa\)_software | 9.8.4.7 | cpe:2.3:a:cisco:cisco_adaptive_security_appliance_\(asa\)_software:9.8.4.7:*:*:*:*:*:*:* |
cisco | cisco_adaptive_security_appliance_\(asa\)_software | 9.12.2.4 | cpe:2.3:a:cisco:cisco_adaptive_security_appliance_\(asa\)_software:9.12.2.4:*:*:*:*:*:*:* |
cisco | adaptive_security_appliance_software | 2100_series | cpe:2.3:o:cisco:adaptive_security_appliance_software:2100_series:*:*:*:*:*:*:* |
cisco | adaptive_security_appliance_software | 4100_series | cpe:2.3:o:cisco:adaptive_security_appliance_software:4100_series:*:*:*:*:*:*:* |