Lucene search
CiscoCVELIST:CVE-2014-3393HistoryOct 10, 2014 - 10:00 a.m.
CVE-2014-3393
2014-10-1010:00:00
cisco
www.cve.org
4
The Clientless SSL VPN portal customization framework in Cisco ASA Software 8.2 before 8.2(5.51), 8.3 before 8.3(2.42), 8.4 before 8.4(7.23), 8.6 before 8.6(1.14), 9.0 before 9.0(4.24), 9.1 before 9.1(5.12), and 9.2 before 9.2(2.4) does not properly implement authentication, which allows remote attackers to modify RAMFS customization objects via unspecified vectors, as demonstrated by inserting XSS sequences or capturing credentials, aka Bug ID CSCup36829.
Related
threatpost
threatpost
DHS Urges Vigilance in Protecting Networking Gear
2016-09-08 11:09:20
thn
thn
Hackers Backdooring Cisco WebVPN To Steal Customersβ Passwords
2015-10-08 20:53:00
fireeye
fireeye
99 Problems but Two-Factor Ainβt One
2016-03-23 08:00:00
cisco
cisco
Cisco ASA Clientless SSL VPN Portal Customization Integrity Vulnerability
2014-10-08 16:22:26
Multiple Vulnerabilities in Cisco ASA Software
2014-10-08 16:00:00
prion
prion
Authentication flaw
2014-10-10 10:55:00
nvd
nvd
CVE-2014-3393
2014-10-10 10:55:06
openvas
openvas
cve
cve
CVE-2014-3393
2014-10-10 10:55:06
securityvulns
securityvulns
Cisco ASA multiple DoS vulnerabilities
2014-10-13 00:00:00
Cisco ASA multiple security vulnerabilities
2015-07-14 00:00:00
nessus
nessus
Cisco ASA Software Multiple Vulnerabilities (cisco-sa-20141008-asa)
2014-10-10 00:00:00