Логотип exploitDog
bind:CVE-2014-2127
Консоль
Логотип exploitDog

exploitDog

bind:CVE-2014-2127

Количество 3

Количество 3

nvd логотип

CVE-2014-2127

больше 11 лет назад

Cisco Adaptive Security Appliance (ASA) Software 8.x before 8.2(5.48), 8.3 before 8.3(2.40), 8.4 before 8.4(7.9), 8.6 before 8.6(1.13), 9.0 before 9.0(4.1), and 9.1 before 9.1(4.3) does not properly process management-session information during privilege validation for SSL VPN portal connections, which allows remote authenticated users to gain privileges by establishing a Clientless SSL VPN session and entering crafted URLs, aka Bug ID CSCul70099.

CVSS2: 8.5
EPSS: Средний
github логотип

GHSA-9pjc-88j6-6ww4

около 3 лет назад

Cisco Adaptive Security Appliance (ASA) Software 8.x before 8.2(5.48), 8.3 before 8.3(2.40), 8.4 before 8.4(7.9), 8.6 before 8.6(1.13), 9.0 before 9.0(4.1), and 9.1 before 9.1(4.3) does not properly process management-session information during privilege validation for SSL VPN portal connections, which allows remote authenticated users to gain privileges by establishing a Clientless SSL VPN session and entering crafted URLs, aka Bug ID CSCul70099.

EPSS: Средний
fstec логотип

BDU:2015-00129

больше 11 лет назад

Уязвимость программного обеспечения Cisco ASA, позволяющая злоумышленнику повысить свои привилегии

CVSS2: 8.5
EPSS: Средний

Уязвимостей на страницу

Уязвимость
CVSS
EPSS
Опубликовано
nvd логотип
CVE-2014-2127

Cisco Adaptive Security Appliance (ASA) Software 8.x before 8.2(5.48), 8.3 before 8.3(2.40), 8.4 before 8.4(7.9), 8.6 before 8.6(1.13), 9.0 before 9.0(4.1), and 9.1 before 9.1(4.3) does not properly process management-session information during privilege validation for SSL VPN portal connections, which allows remote authenticated users to gain privileges by establishing a Clientless SSL VPN session and entering crafted URLs, aka Bug ID CSCul70099.

CVSS2: 8.5
31%
Средний
больше 11 лет назад
github логотип
GHSA-9pjc-88j6-6ww4

Cisco Adaptive Security Appliance (ASA) Software 8.x before 8.2(5.48), 8.3 before 8.3(2.40), 8.4 before 8.4(7.9), 8.6 before 8.6(1.13), 9.0 before 9.0(4.1), and 9.1 before 9.1(4.3) does not properly process management-session information during privilege validation for SSL VPN portal connections, which allows remote authenticated users to gain privileges by establishing a Clientless SSL VPN session and entering crafted URLs, aka Bug ID CSCul70099.

31%
Средний
около 3 лет назад
fstec логотип
BDU:2015-00129

Уязвимость программного обеспечения Cisco ASA, позволяющая злоумышленнику повысить свои привилегии

CVSS2: 8.5
31%
Средний
больше 11 лет назад

Уязвимостей на страницу