Lucene search
HistoryDec 18, 2014 - 4:59 p.m.
CVE-2014-8012
cve-2014-8012
cisco
asa software
xss vulnerability
webvpn portal
remote attackers
security
bug id cscuh24695
nvd
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.8 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
49.2%
Cross-site scripting (XSS) vulnerability in the WebVPN Portal Login page in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to inject arbitrary web script or HTML via crafted attributes in a cookie, aka Bug ID CSCuh24695.
Affected configurations
Node
ciscoadaptive_security_appliance_softwareMatch-
| CPE | Name | Operator | Version |
|---|---|---|---|
| cisco:adaptive_security_appliance_software | cisco adaptive security appliance software | eq | - |
Related
nvd
nvd
CVE-2014-8012
2014-12-18 16:59:15
cisco
cisco
prion
prion
Cross site scripting
2014-12-18 16:59:00
cvelist
cvelist
CVE-2014-8012
2014-12-18 16:00:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.8 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
49.2%
Related for CVE-2014-8012