3 matches found
Authentication flaw
The Clientless SSL VPN portal customization framework in Cisco ASA Software 8.2 before 8.25.51, 8.3 before 8.32.42, 8.4 before 8.47.23, 8.6 before 8.61.14, 9.0 before 9.04.24, 9.1 before 9.15.12, and 9.2 before 9.22.4 does not properly implement authentication, which allows remote attackers to...
CVE-2014-3393
The CVE-2014-3393 issue affects Cisco ASA Software’s Clientless SSL VPN Portal Customization framework. The vulnerability arises from improper authentication checks in the portal customization framework, allowing an unauthenticated, remote attacker to modify RAMFS customization objects and potent...
CVE-2014-3393
The Clientless SSL VPN portal customization framework in Cisco ASA Software 8.2 before 8.25.51, 8.3 before 8.32.42, 8.4 before 8.47.23, 8.6 before 8.61.14, 9.0 before 9.04.24, 9.1 before 9.15.12, and 9.2 before 9.22.4 does not properly implement authentication, which allows remote attackers to...