Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ciscoCiscoCISCO-SA-20130725-CVE-2013-3414
HistoryJul 25, 2013 - 1:23 p.m.

Cisco ASA Software Cross-Site Scripting Vulnerability

2013-07-2513:23:54
tools.cisco.com
12

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

EPSS

0.002

Percentile

57.7%

JSON

A vulnerability in the WebVPN portal login page of the Cisco ASA could
allow an unauthenticated, remote attacker to execute cross-site
scripting (XSS) attacks or hijack user sessions.

The vulnerability is
due to a failure to properly validate user-supplied input in the WebVPN
portal login page. An attacker could exploit this vulnerability by
convincing a user to click a crafted URL.

Cisco has confirmed this vulnerability in a security notice and software updates are available.

To exploit the vulnerability, the attacker may provide a link that directs a user to a malicious site and use misleading language or instructions to persuade the user to follow the provided link.

Cisco indicates through the CVSS score that functional exploit code exists; however, the code is not known to be publicly available.

Affected configurations

Vulners
Node
ciscoadaptive_security_appliance_softwareMatch7.0
OR
ciscoadaptive_security_appliance_softwareMatch7.1
OR
ciscoadaptive_security_appliance_softwareMatch7.2
OR
ciscoadaptive_security_appliance_softwareMatch8.0
OR
ciscoadaptive_security_appliance_softwareMatch8.2
OR
ciscoadaptive_security_appliance_softwareMatch8.1
OR
ciscoadaptive_security_appliance_softwareMatch8.3
OR
ciscoadaptive_security_appliance_softwareMatch8.4
OR
ciscoadaptive_security_appliance_softwareMatch8.5
OR
ciscoadaptive_security_appliance_softwareMatch8.6
OR
ciscoadaptive_security_appliance_softwareMatch8.7
OR
ciscoadaptive_security_appliance_softwareMatch9.0
OR
ciscoadaptive_security_appliance_softwareMatch9.1
OR
ciscoadaptive_security_appliance_softwareMatch7.0.1
OR
ciscoadaptive_security_appliance_softwareMatch7.0.1.4
OR
ciscoadaptive_security_appliance_softwareMatch7.0.4
OR
ciscoadaptive_security_appliance_softwareMatch7.0.4.2
OR
ciscoadaptive_security_appliance_softwareMatch7.0.2
OR
ciscoadaptive_security_appliance_softwareMatch7.0.3
OR
ciscoadaptive_security_appliance_softwareMatch7.0.7.1
OR
ciscoadaptive_security_appliance_softwareMatch7.0.8
OR
ciscoadaptive_security_appliance_softwareMatch7.0.7
OR
ciscoadaptive_security_appliance_softwareMatch7.0.6
OR
ciscoadaptive_security_appliance_softwareMatch7.0.5
OR
ciscoadaptive_security_appliance_softwareMatch7.0.5.12
OR
ciscoadaptive_security_appliance_softwareMatch7.0.6.4
OR
ciscoadaptive_security_appliance_softwareMatch7.0.6.8
OR
ciscoadaptive_security_appliance_softwareMatch7.0.6.18
OR
ciscoadaptive_security_appliance_softwareMatch7.0.6.22
OR
ciscoadaptive_security_appliance_softwareMatch7.0.6.26
OR
ciscoadaptive_security_appliance_softwareMatch7.0.6.29
OR
ciscoadaptive_security_appliance_softwareMatch7.0.6.32
OR
ciscoadaptive_security_appliance_softwareMatch7.0.7.4
OR
ciscoadaptive_security_appliance_softwareMatch7.0.7.9
OR
ciscoadaptive_security_appliance_softwareMatch7.0.7.12
OR
ciscoadaptive_security_appliance_softwareMatch7.0.8.2
OR
ciscoadaptive_security_appliance_softwareMatch7.0.8.8
OR
ciscoadaptive_security_appliance_softwareMatch7.0.8.12
OR
ciscoadaptive_security_appliance_softwareMatch7.0.8.13
OR
ciscoadaptive_security_appliance_softwareMatch7.1.2.61
OR
ciscoadaptive_security_appliance_softwareMatch7.1.2
OR
ciscoadaptive_security_appliance_softwareMatch7.1.2.81
OR
ciscoadaptive_security_appliance_softwareMatch7.1.2.64
OR
ciscoadaptive_security_appliance_softwareMatch7.1.2.72
OR
ciscoadaptive_security_appliance_softwareMatch7.1.2.16
OR
ciscoadaptive_security_appliance_softwareMatch7.1.2.20
OR
ciscoadaptive_security_appliance_softwareMatch7.1.2.24
OR
ciscoadaptive_security_appliance_softwareMatch7.1.2.28
OR
ciscoadaptive_security_appliance_softwareMatch7.1.2.38
OR
ciscoadaptive_security_appliance_softwareMatch7.1.2.42
OR
ciscoadaptive_security_appliance_softwareMatch7.1.2.46
OR
ciscoadaptive_security_appliance_softwareMatch7.1.2.49
OR
ciscoadaptive_security_appliance_softwareMatch7.1.2.53
OR
ciscoadaptive_security_appliance_softwareMatch7.2.2.34
OR
ciscoadaptive_security_appliance_softwareMatch7.2.3.1
OR
ciscoadaptive_security_appliance_softwareMatch7.2.2
OR
ciscoadaptive_security_appliance_softwareMatch7.2.4
OR
ciscoadaptive_security_appliance_softwareMatch7.2.3
OR
ciscoadaptive_security_appliance_softwareMatch7.2.1
OR
ciscoadaptive_security_appliance_softwareMatch7.2.4.27
OR
ciscoadaptive_security_appliance_softwareMatch7.2.4.30
OR
ciscoadaptive_security_appliance_softwareMatch7.2.5
OR
ciscoadaptive_security_appliance_softwareMatch7.2.4.33
OR
ciscoadaptive_security_appliance_softwareMatch7.2.1.9
OR
ciscoadaptive_security_appliance_softwareMatch7.2.1.13
OR
ciscoadaptive_security_appliance_softwareMatch7.2.1.19
OR
ciscoadaptive_security_appliance_softwareMatch7.2.1.24
OR
ciscoadaptive_security_appliance_softwareMatch7.2.2.6
OR
ciscoadaptive_security_appliance_softwareMatch7.2.2.10
OR
ciscoadaptive_security_appliance_softwareMatch7.2.2.14
OR
ciscoadaptive_security_appliance_softwareMatch7.2.2.18
OR
ciscoadaptive_security_appliance_softwareMatch7.2.2.19
OR
ciscoadaptive_security_appliance_softwareMatch7.2.2.22
OR
ciscoadaptive_security_appliance_softwareMatch7.2.3.12
OR
ciscoadaptive_security_appliance_softwareMatch7.2.3.16
OR
ciscoadaptive_security_appliance_softwareMatch7.2.4.6
OR
ciscoadaptive_security_appliance_softwareMatch7.2.4.9
OR
ciscoadaptive_security_appliance_softwareMatch7.2.4.18
OR
ciscoadaptive_security_appliance_softwareMatch7.2.4.25
OR
ciscoadaptive_security_appliance_softwareMatch7.2.5.2
OR
ciscoadaptive_security_appliance_softwareMatch7.2.5.4
OR
ciscoadaptive_security_appliance_softwareMatch7.2.5.7
OR
ciscoadaptive_security_appliance_softwareMatch7.2.5.8
OR
ciscoadaptive_security_appliance_softwareMatch7.2.5.10
OR
ciscoadaptive_security_appliance_softwareMatch8.0.2.11
OR
ciscoadaptive_security_appliance_softwareMatch8.0.4
OR
ciscoadaptive_security_appliance_softwareMatch8.0.3
OR
ciscoadaptive_security_appliance_softwareMatch8.0.2
OR
ciscoadaptive_security_appliance_softwareMatch8.0.1.2
OR
ciscoadaptive_security_appliance_softwareMatch8.0.4.25
OR
ciscoadaptive_security_appliance_softwareMatch8.0.4.28
OR
ciscoadaptive_security_appliance_softwareMatch8.0.4.33
OR
ciscoadaptive_security_appliance_softwareMatch8.0.4.32
OR
ciscoadaptive_security_appliance_softwareMatch8.0.5
OR
ciscoadaptive_security_appliance_softwareMatch8.0.2.15
OR
ciscoadaptive_security_appliance_softwareMatch8.0.3.6
OR
ciscoadaptive_security_appliance_softwareMatch8.0.3.12
OR
ciscoadaptive_security_appliance_softwareMatch8.0.3.19
OR
ciscoadaptive_security_appliance_softwareMatch8.0.4.3
OR
ciscoadaptive_security_appliance_softwareMatch8.0.4.9
OR
ciscoadaptive_security_appliance_softwareMatch8.0.4.16
OR
ciscoadaptive_security_appliance_softwareMatch8.0.4.23
OR
ciscoadaptive_security_appliance_softwareMatch8.0.4.31
OR
ciscoadaptive_security_appliance_softwareMatch8.0.5.20
OR
ciscoadaptive_security_appliance_softwareMatch8.0.5.23
OR
ciscoadaptive_security_appliance_softwareMatch8.0.5.25
OR
ciscoadaptive_security_appliance_softwareMatch8.0.5.27
OR
ciscoadaptive_security_appliance_softwareMatch8.0.5.28
OR
ciscoadaptive_security_appliance_softwareMatch8.0.5.31
OR
ciscoadaptive_security_appliance_softwareMatch8.2.0.45
OR
ciscoadaptive_security_appliance_softwareMatch8.2.1
OR
ciscoadaptive_security_appliance_softwareMatch8.2.2
OR
ciscoadaptive_security_appliance_softwareMatch8.2.2.10
OR
ciscoadaptive_security_appliance_softwareMatch8.2.3
OR
ciscoadaptive_security_appliance_softwareMatch8.2.4
OR
ciscoadaptive_security_appliance_softwareMatch8.2.1.11
OR
ciscoadaptive_security_appliance_softwareMatch8.2.2.9
OR
ciscoadaptive_security_appliance_softwareMatch8.2.2.12
OR
ciscoadaptive_security_appliance_softwareMatch8.2.2.16
OR
ciscoadaptive_security_appliance_softwareMatch8.2.4.1
OR
ciscoadaptive_security_appliance_softwareMatch8.2.4.4
OR
ciscoadaptive_security_appliance_softwareMatch8.2.5
OR
ciscoadaptive_security_appliance_softwareMatch8.2.5.13
OR
ciscoadaptive_security_appliance_softwareMatch8.2.5.22
OR
ciscoadaptive_security_appliance_softwareMatch8.2.5.26
OR
ciscoadaptive_security_appliance_softwareMatch8.2.2.17
OR
ciscoadaptive_security_appliance_softwareMatch8.2.5.33
OR
ciscoadaptive_security_appliance_softwareMatch8.2.5.40
OR
ciscoadaptive_security_appliance_softwareMatch8.2.5.41
OR
ciscoadaptive_security_appliance_softwareMatch8.1.1
OR
ciscoadaptive_security_appliance_softwareMatch8.1.2
OR
ciscoadaptive_security_appliance_softwareMatch8.1.2.15
OR
ciscoadaptive_security_appliance_softwareMatch8.1.2.16
OR
ciscoadaptive_security_appliance_softwareMatch8.1.2.19
OR
ciscoadaptive_security_appliance_softwareMatch8.1.2.23
OR
ciscoadaptive_security_appliance_softwareMatch8.1.2.24
OR
ciscoadaptive_security_appliance_softwareMatch8.1.2.50
OR
ciscoadaptive_security_appliance_softwareMatch8.1.1.6
OR
ciscoadaptive_security_appliance_softwareMatch8.1.2.13
OR
ciscoadaptive_security_appliance_softwareMatch8.1.2.49
OR
ciscoadaptive_security_appliance_softwareMatch8.1.2.55
OR
ciscoadaptive_security_appliance_softwareMatch8.1.2.56
OR
ciscoadaptive_security_appliance_softwareMatch8.3.1.1
OR
ciscoadaptive_security_appliance_softwareMatch8.3.1
OR
ciscoadaptive_security_appliance_softwareMatch8.3.2
OR
ciscoadaptive_security_appliance_softwareMatch8.3.2.23
OR
ciscoadaptive_security_appliance_softwareMatch8.3.2.25
OR
ciscoadaptive_security_appliance_softwareMatch8.3.1.4
OR
ciscoadaptive_security_appliance_softwareMatch8.3.1.6
OR
ciscoadaptive_security_appliance_softwareMatch8.3.2.4
OR
ciscoadaptive_security_appliance_softwareMatch8.3.2.13
OR
ciscoadaptive_security_appliance_softwareMatch8.3.2.31
OR
ciscoadaptive_security_appliance_softwareMatch8.3.2.33
OR
ciscoadaptive_security_appliance_softwareMatch8.3.2.34
OR
ciscoadaptive_security_appliance_softwareMatch8.3.2.37
OR
ciscoadaptive_security_appliance_softwareMatch8.4.1
OR
ciscoadaptive_security_appliance_softwareMatch8.4.2
OR
ciscoadaptive_security_appliance_softwareMatch8.4.1.3
OR
ciscoadaptive_security_appliance_softwareMatch8.4.1.11
OR
ciscoadaptive_security_appliance_softwareMatch8.4.2.8
OR
ciscoadaptive_security_appliance_softwareMatch8.4.3
OR
ciscoadaptive_security_appliance_softwareMatch8.4.3.8
OR
ciscoadaptive_security_appliance_softwareMatch8.4.3.9
OR
ciscoadaptive_security_appliance_softwareMatch8.4.4
OR
ciscoadaptive_security_appliance_softwareMatch8.4.4.1
OR
ciscoadaptive_security_appliance_softwareMatch8.4.4.3
OR
ciscoadaptive_security_appliance_softwareMatch8.4.4.5
OR
ciscoadaptive_security_appliance_softwareMatch8.4.4.9
OR
ciscoadaptive_security_appliance_softwareMatch8.4.5
OR
ciscoadaptive_security_appliance_softwareMatch8.4.5.6
OR
ciscoadaptive_security_appliance_softwareMatch8.4.6
OR
ciscoadaptive_security_appliance_softwareMatch8.4.2.1
OR
ciscoadaptive_security_appliance_softwareMatch8.5.1
OR
ciscoadaptive_security_appliance_softwareMatch8.5.1.1
OR
ciscoadaptive_security_appliance_softwareMatch8.5.1.6
OR
ciscoadaptive_security_appliance_softwareMatch8.5.1.7
OR
ciscoadaptive_security_appliance_softwareMatch8.5.1.14
OR
ciscoadaptive_security_appliance_softwareMatch8.5.1.17
OR
ciscoadaptive_security_appliance_softwareMatch8.6.1.1
OR
ciscoadaptive_security_appliance_softwareMatch8.6.1
OR
ciscoadaptive_security_appliance_softwareMatch8.6.1.2
OR
ciscoadaptive_security_appliance_softwareMatch8.6.1.5
OR
ciscoadaptive_security_appliance_softwareMatch8.6.1.10
OR
ciscoadaptive_security_appliance_softwareMatch8.7.1
OR
ciscoadaptive_security_appliance_softwareMatch8.7.1.1
OR
ciscoadaptive_security_appliance_softwareMatch8.7.1.3
OR
ciscoadaptive_security_appliance_softwareMatch8.7.1.4
OR
ciscoadaptive_security_appliance_softwareMatch9.0.1
OR
ciscoadaptive_security_appliance_softwareMatch9.0.2
OR
ciscoadaptive_security_appliance_softwareMatch9.1.1
OR
ciscoadaptive_security_appliance_softwareMatch9.1.1.4
OR
ciscoadaptive_security_appliance_softwareMatch9.1.2
VendorProductVersionCPE
ciscoadaptive_security_appliance_software7.0cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0:*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software7.1cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1:*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software7.2cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2:*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software8.0cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0:*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software8.2cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2:*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software8.1cpe:2.3:o:cisco:adaptive_security_appliance_software:8.1:*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software8.3cpe:2.3:o:cisco:adaptive_security_appliance_software:8.3:*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software8.4cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4:*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software8.5cpe:2.3:o:cisco:adaptive_security_appliance_software:8.5:*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software8.6cpe:2.3:o:cisco:adaptive_security_appliance_software:8.6:*:*:*:*:*:*:*
Rows per page:
1-10 of 1921

Related

cvelist 1
cve 1
prion 1
nessus 1
nvd 1
cvelist
cvelist
CVE-2013-3414
2013-07-25 15:00:00
cve
cve
CVE-2013-3414
2013-07-25 15:53:16
prion
prion
Cross site scripting
2013-07-25 15:53:00
nessus
nessus
Cisco ASA WebVPN XSS
2013-07-30 00:00:00
nvd
nvd
CVE-2013-3414
2013-07-25 15:53:16

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

EPSS

0.002

Percentile

57.7%

JSON
Related for CISCO-SA-20130725-CVE-2013-3414
cvelist1cve1prion1nessus1nvd1