CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

A vulnerability in the web services interface of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to bypass a configured access rule and access parts of the WebVPN portal that are supposed to be blocked...

5.8CVSS6.5AI score0.00183EPSS

Exploits0References1Affected Software2

Positive Technologies•added 2019/05/01 12:0 a.m.•1 views

PT-2019-2087 · Cisco · Cisco Ftd +1

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA Software affected versions not specified Cisco Firepower Threat Defense FTD Software affected versions not specified Description: The issue exists due to insufficient validation of user-supplied input,...

5.5CVSS4.9AI score0.00155EPSS

Exploits0References7

CNVD•added 2016/03/10 12:0 a.m.•2 views

Cisco Adaptive Security Appliance WebVPN Portal Cross-Site Scripting Vulnerability

Cisco Adaptive Security Appliances ASA, Adaptive Security Appliances Software is a set of firewall appliances from Cisco USA. The device also includes IPS Intrusion Prevention System, SSL VPN, IPSec VPN, anti-spam and other features. A cross-site scripting vulnerability exists in the Cisco Adapti...

6.7AI score

Exploits0References1

CVE•added 2014/12/18 4:0 p.m.•44 views

CVE-2014-8012

Cisco ASA WebVPN Portal is affected by a DOM-based XSS in the Portal Login page (CVE-2014-8012). The vulnerability arises from mishandling of certain cookie attributes, allowing an unauthenticated, remote attacker to craft a link or action that executes arbitrary script/HTML in the user’s browser...

4.3CVSS5.8AI score0.00296EPSS

Exploits0References2Affected Software1

Cvelist•added 2014/12/18 4:0 p.m.•16 views

CVE-2014-8012

Cross-site scripting XSS vulnerability in the WebVPN Portal Login page in Cisco Adaptive Security Appliance ASA Software allows remote attackers to inject arbitrary web script or HTML via crafted attributes in a cookie, aka Bug ID CSCuh24695...

5.7AI score0.00296EPSS

Exploits0References2

Positive Technologies•added 2014/12/18 12:0 a.m.•1 views

PT-2014-8382 · Cisco · Cisco Asa

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA Software affected versions not specified Description: The issue is related to a cross-site scripting XSS vulnerability in the WebVPN Portal Login page, which allows remote attackers to inject arbitrary we...

4.3CVSS5AI score0.00296EPSS

Exploits0References4

CVE•added 2013/07/25 3:0 p.m.•52 views

CVE-2013-3414

CVE-2013-3414 affects Cisco ASA devices’ WebVPN portal login page. The vulnerability is an XSS flaw in the WebVPN login page caused by insufficient input validation, enabling remote attackers to inject arbitrary script/HTML via a crafted URL. Multiple sources (Cisco advisory, Nessus, CVE records)...

4.3CVSS5.8AI score0.00521EPSS

Exploits0References5Affected Software2

NVD•added 2010/06/29 6:30 p.m.•14 views

CVE-2009-4910

Cross-site scripting XSS vulnerability in the WebVPN portal on Cisco Adaptive Security Appliances ASA 5580 series devices with software before 8.12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCsq78418...

4.3CVSS5.8AI score0.00296EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by